Skip to content
Avanet
Central Orchestration – what features does the new license offer?

Central Orchestration – what features does the new license offer?

1. DECEMBER 2021

When the new licensing model for SFOS was introduced, Central Orchestration was mentioned for the first time. Back then (in April 2021), it was not yet finished, but it is now available with SFOS 18.5 MR1. A Central Orchestration license is already included in the Xstream Protection bundle, but you can also purchase the license separately.

In general, Central Orchestration does not make much sense if there is only a single firewall. In the next section, you will see why.

SD-WAN

One of the two new features in Central Orchestration is SD-WAN. Setting up a site-to-site VPN connection is not difficult and, in most cases, is done in less than 10 minutes. It becomes tedious when four or more firewalls need to be connected with each other. Central Orchestration creates the required connections and firewall rules for you in just a few seconds and with only a few clicks.

Requirements on all firewalls

The following requirements must be met on all firewalls if you want to use the SD-WAN feature:

  • SFOS v18.5 MR1 or higher
  • Central Management enabled
  • Central Orchestration license

Central Firewall Reporting Advanced

The new Central Orchestration license also includes all the features of the Central Firewall Reporting Advanced license. The only difference is that the data in Sophos Central is stored not for 365 days, but only for 30 days. If you still need 365 days, you have to order the Central Firewall Reporting Advanced license separately.

Because firewall logs are stored in Central, you can generate online reports for one or more firewalls at the same time. With the XDR/MTR connector, firewall data is also stored in the data lake and can be queried in the Threat Analysis Center with Live Discover if there is a valid XDR license. For customers with an active Managed Threat Response Advanced license, this data is also available to the MTR team, further increasing visibility in the network.

Which Sophos Central Firewall features are coming next?

In the coming months, Central Orchestration will be extended by two additional features:

  • Support for multiple WAN connections: this allows a redundant VPN connection over two WAN links.
  • Extended support for NAT’d firewalls: if the firewall is behind another NAT device, SD-WAN setup does not yet work. This is also planned for the near future.

The Central Firewall Manager will also receive further improvements:

  • Pinning firewall rules
  • Improvements to backups and alerts
  • Management APIs
  • Support for AWS regions
  • Usability improvements
Patrizio

Patrizio

Patrizio is an experienced network specialist focused on Sophos firewalls, switches, and access points. He supports customers and IT teams with configuration, migration, and clean network segmentation.