Sophos UTM Update v9.700 released
Sophos has completed UTM version 9.700. This version will be available in small stages. The first step is to download it from the FTP server. Later, the update will also be distributed via the Up2Date server.
Important: Who uses RED site-to-site connections should keep their fingers off this version for the time being. There was already some feedback that after the update to version 9.7, problems with site-to-site connections appeared. If you have already updated to 9.7, there is a workaround here: Sophos UTM - RED site-to-site tunnel issues after upgrading to v9.7
Important: Note that when this version is installed, the system restarts. Then the configuration will be updated and all connected access points and REDs will be firmware upgraded.
APX Access Points Support
Sophos’s “new” access points, the APX series, could previously only be managed using Sophos Central or firewalls with SFOS. Initially, Sophos stated that the UTM would not receive support for the new APX series. This statement has been completely ignored and v9.7 now supports all APX access points on the UTM. What is “new” about these APX access points is explained in the following blog post: New APX series with Wave 2.0
For friends of UTM this is certainly great news. Now you can start planning the replacement of the old AP series. Many of those who were still using the first generation (AP30/AP50) did not find an investment in the second generation (AP55/AP100) very attractive, as these access points have been sold since 2015. Nobody likes to buy hardware that is that old. Here you can find the direct links to our product pages:
Certificate Chain support for WebAdmin, UserPortal and WebProxy
The UTM now also supports the use of certificates from sub-CA’s for the UTM.
New protocol for RED Site to Site connections
As mentioned in the note box at the beginning, this new protocol seems to cause problems, so you should wait for the update. The UTM now uses the same protocol as the XG firewall used for site-to-site connections. So the Legacy RED site-to-site connection is no longer necessary.
UTM Endpoint Management
Sophos has not sold any new licenses for UTM Endpoint Protection since the end of 2018. For the past 2 years, this menu item has also strongly pointed out that Central should be used after all. Existing customers could also switch to Central for free if an active license was still available.
Support will now be discontinued from the end of 2019 and with the new version some buttons will disappear. What remains is the possibility to deactivate the Tamper Protection so that the endpoint can be uninstalled from the client.
If someone is still using this Antivirus, it is best to switch to Sophos Central immediately:
For Client Operating Systems
For Server Operating Systems
I’m sorry if I gave you hope with this title. No, in v9.7 there is still no IKEv2 support. But currently the feature is still on the roadmap and will be released in v9.8. According to Sophos, the schedules in the roadmap are without guarantee!
- NUTM-10804 [Access & Identity] strongSwan vulnerability fix (CVE-2010-2628, CVE-2018-17540)
- NUTM-10485 [Email] POP3 E-Mail blocked message won’t be displayed properly in some MS Outlook versions
- NUTM-10745 [Email] Quarantine mail older than 14 days are not getting removed
- NUTM-10958 [Email] Quarantined SPX Mails which are released are still available on UTM
- NUTM-10192 [RED] Patch OpenSSL (CVE-2018-0732)
- NUTM-11141 [Sandstorm] Add support for Sandstorm’s Frankfurt data centre
- NUTM-10454 [WAF] SAVI integration doesn’t support scanning files larger than 2GB
- NUTM-10873 [WAF] Underscore in DNS-Hostname makes WAF unusable
- NUTM-11162 [WAF] Authentication through WAF with URL hardening enabled and umlaut in password fails
- NUTM-11202 [Web] Conform to Apple’s new certificate requirements introduced in iOS13 and macOS10.15