Sophos Firewall OS (SFOS) Update v17.5 - MR8 released
Sophos Firewall

Sophos Firewall OS (SFOS) Update v17.5 - MR8 released

Patrizio - 12. August 2019

Sophos has released version 17.5 MR8 for the Sophos Firewall OS (SFOS).

Note: For more information on upgrading, please take a look at the following post: SFOS Firmware auf Sophos Firewall aktualisieren.

FQDN in Quarantine Digest

Sophos has secretly listed a new feature among the 'Issues Resolved' which in my opinion definitely deserves a little more attention! I am talking about:

  • NC-39749 [Email] Use FQDN in Quarantine Digest

If you check emails for viruses and spam through the XG Firewall, emails will be quarantined from time to time. In order to relieve the admin, you can configure that the users receive a quarantine report by email. This allows the user to decide for himself which email was incorrectly blocked and to have it moved to the inbox with a single click.

But clicking on the link to move the email from quarantine to the inbox caused problems so far! Behind this link was not an FQDN, but an IP address. Thus a certificate error message was always displayed, which was not necessarily trustworthy.

Of course, our customers were very disturbed by this and so we asked Sophos for a solution as early as March 2018. At that time it was said that the solution comes with v17.0, then 17.5 and finally in an MR release. With v17.5.8 this problem is finally solved. Thank you Sophos, we had almost given up hope. 😅

Now you can define a DNS name in the quarantine settings and also set the size of the quarantine.

Added support for the Sandstorm data center in Frankfurt

Sophos has launched a new data centre opened in Frankfurt for the analysis of files transferred to Sandstorm. This is certainly a wise move in terms of compliance with the DSGVO or further Brexit development. After updating to MR8 you can change the Sandstorm settings to Europe (Frankfurt). The selection on the XG Firewall look like this:

Issues Resolved

  • NC-47055 [Authentication] Support >48 characters password length for Radius Server
  • NC-46680 [Certificates] Completing CSR with certificate breaks SSL VPN
  • NC-48512 [Dynamic Routing (PIM)] Multicast traffic getting stopped after update of interface
  • NC-39749 [Email] Use FQDN in Quarantine Digest
  • NC-40831 [Email] Add capability to increase size of Mail Quarantine area in UI
  • NC-45305 [Email] SPX related reports not being displayed on the GUI
  • NC-48542 [Email] Potential RCE via arbitrary file creation vulnerability
  • NC-49003 [Email] Custom ports for SMTP proxy stopped working after 17.5
  • NC-46938 [FQDN] FQDNd doesn't update/create ipset
  • NC-46401 [Import-Export Framework] "/conf" partition is at 100%
  • NC-47095 [Interface Management] TSO changes are not permanent in HA
  • NC-48031 [Interface Management] Wifi client did not get gateway and other config after reboot until enable and re-enable the wifi on client
  • NC-48487 [IPS Engine] Postgres taking high CPU
  • NC-48956 [IPS Engine] Modify IPS TCP Anomaly Detection setting to disabled in default setting
  • NC-46079 [Logging Framework] Garner coredump on aux node following upgrade to 17.5 MR3
  • NC-46780 [Logging Framework] Reports not being generated when Email Notification feature is enabled
  • NC-46879 [Sandstorm] Add support for Sandstorm's Frankfurt data centre
  • NC-48718 [Service Object] Unable to edit service object that is assigned to a firewall rule
  • NC-43625 [UI Framework] Adding VLAN interface fails in IE in HA Active-Active mode
  • NC-45371 [UI Framework] Incorrect UI behavior for Web User Activities
  • NC-45495 [Web] Policy Tester UI and overlay issues
  • NC-45724 [Web] Full file download retry failure after 416 (Range Not Satisfiable) being returned by proxy
  • NC-47626 [Web] Web category "Hacking" should be classified as "Objectionable" instead "Acceptable"
  • NC-47075 [Wireless] Export of the WirelessAccessPoint does not contain the Group
  • NC-47115 [Wireless] WirelessAccessPoint includes the wrong value for DynChan5GHz
  • NC-47738 [Wireless] XML import is failing for wireless config failing when RADIUS Server and Pending Access Points data is present in import file

Send Your Feedback

Share your thoughts about this article, your private queries are always welcome and greatly appreciated.

Send Feedback
All information are confidential

On our blog we regularly publish articles on various topics related to Sophos. To make sure you don't miss any articles, you can subscribe to our newsletter, and once a month you will receive an email with a summary of all articles published in the last 30 days.

Knowledge base

Do you need help with a Sophos product? Then maybe our free knowledge base can help you. We try to document most support requests in an article so that we can help as many people as possible.