Skip to content
Avanet
Sophos SFOS update – new features in v18.0.4

Sophos SFOS update – new features in v18.0.4

Sophos rarely releases updates before the holidays, but v18 MR4 was released on December 15. It introduces new firewall features and includes fixes for 73 bugs.

Change Password

After updating to SFOS v18 MR3, you were prompted to create a Secure Storage Master Key (SSMK) immediately after logging in. After updating to v18 MR4, the admin user is prompted to change their password. Sophos has implemented a stronger password hash.

We have received questions from customers asking if a password change is really necessary. They argue that the password is already secure or was changed only recently after the last security vulnerability. Our recommendation is: “Yes, change the password.”

For a better world

If the web filter is active on the firewall, websites where the “Internet Watch Foundation (IWF)” identifies content involving sexual abuse of children are automatically blocked.

Improvements for HA Clusters

Finally, with MR4, Sophos has addressed a topic that worked up to and including MR3, but was cumbersome to set up. In my opinion, the previous display of HA clusters was also rather unattractive.

If you have an HA cluster, it is now possible to register both firewalls with Central from one appliance without having to switch appliances.

Firewall Central registration

A cluster is now also displayed better in Central Firewall Manager. Previously, you had two individual appliances, where in an Active/Passive cluster, one was always offline.

Central Firewall Manager – HA cluster view improvements

So at first glance, you always had a small shock and wondered why a firewall is down. 😅

If release v18 MR4 is now installed on the firewall, the cluster is displayed as one entry in the overview. By clicking on the green HA icon, you can see more information about the cluster.

Central Firewall Manager – HA cluster mouseover

Scheduled updates

MR4 is now the first update that can be installed on a v18 MR3 system using scheduled updates. We tested this ourselves, of course, and it works perfectly. 👌

Further improvements

  • We have not worked much with the Sophos product “Cloud Optix” yet. However, the XG Firewall now includes an integration for Cloud Optix so that the two solutions can work together, at least for firewalls hosted on AWS.
  • Synchronized Application Control now includes a function that cleans up all applications older than 30 days from the list.
  • RADIUS authentication: users can now be created for RADIUS in UPN format (username@domain).
  • The bug fixes mentioned at the beginning can be found in the post Sophos v18 MR4 Release Notes.
Patrizio

Patrizio

Patrizio is an experienced network specialist focused on Sophos firewalls, switches, and access points. He supports customers and IT teams with configuration, migration, and clean network segmentation.