Sophos rarely releases updates before the holidays, but v18 MR4 was released on December 15 after all. You get new firewall functions and 73 bugs were fixed.
After updating to SFOS v18 MR3 , one was prompted to create a Secure Storage Master Key (SSMK) right after login. After updating to v18 MR4, the admin user will be prompted to change their password. Sophos has implemented a stronger password hash.
We have received questions from customers about whether a password change is really necessary. The password was already secure or had been changed only recently after the last security breach. Our recommendation is, “Yes, change the password.”
For a better world
If the web filter is active on the firewall, websites in which the “Internet Watch Foundation (IWF)” identifies content with child sexual abuse are automatically blocked.
Improvements for HA Cluster
Finally, with MR4, Sophos has taken care of an issue that worked up to and with MR3, but was cumbersome to set up. Also, the previous representation of HA clusters was rather unattractive in my opinion.
If you have an HA cluster, it is now possible to register both firewalls with Central from one appliance without having to change the appliance each time.
On the Central Firewall Manager, a cluster is now also displayed better. Previously, you had two individual appliances, with one always offline in an Active/Passive cluster.
So you always had a little shock at first sight so far and wondered why a firewall is down. 😅
If the firewall now has release v18 MR4 installed, the cluster will appear as one entry in the overview. By clicking on the green HA icon, you can see more information about the cluster.
MR4 is now the first update that can be installed time-controlled with a v18 MR3 version. We have tested this of course and it works wonderfully. 👌
- We haven’t looked much at Sophos’s Cloud Optix product yet. But XG Firewall has now received an integration for Cloud Optix so the two solutions work together – at least the firewalls that are hosted on AWS.
- Synchronized Application Control has received a function that now cleans all applications older than 30 days on the list.
- RADIUS authentication: Users can now be created for RADIUS in UPN format (username@domain).
- The bugfixes mentioned at the beginning can be found in the article: Sophos v18 MR4 Release Notes