Skip to content
Avanet

Create or restore Sophos Firewall backup

Sophos Firewall

This article explains how to back up and restore a Sophos Firewall running Sophos Firewall OS.

Note: In any case, we recommend that you regularly back up the Sophos Firewall. With a backup, you can easily import the configuration onto new hardware in an emergency and be up and running again in no time. However, a backup can also help you to go back to an earlier version in case you might have made a mistake during configuration.

Create backup

Log in to your Sophos Firewall and select Backup & Firmware from the left navigation.

Create backup of SFOS configuration

Manual backup

If you just want to make a quick and easy backup of your firewall, just click Backup Now. You can then download the backup to your computer.

Automatic backup

So that you do not always have to perform these backups manually, you can set the firewall to create a daily, weekly or monthly backup of the config. Select your desired option at Frequency and then click Apply to save the settings.

The automatically generated backups can be stored either locally on the firewall or on an FTP. The third option is to send the backups by e-mail. Unfortunately, unlike the UTM, it is not possible to encrypt the backups here, which is why we do not recommend this method at this time.

Update: As of SFOS version 17.5.4, backups can also be encrypted on Sophos Firewall. In our view, there is no reason not to have your backups sent to you by email.

Restore backup

Log in to your Sophos Firewall and select Backup & Firmware from the left navigation.

Import older version

Under the Backup & Restore section you can simply select the file on your computer and click the Upload and Restore button.

Restore backup to Sophos Firewall

When you first start up a Sophos Firewall running SFOS, it has the default IP address 172.16.16.16. Connect your computer to the Sophos Firewall via LAN-Port and give your computer the IP address 172.16.16.12, for example. You can then access your Sophos Firewall using the browser of your choice at https://172.16.16.16:4444.

Once you have completed the wizard and are logged in to the new firewall, all you need to do is follow the steps under Restore older version.

Video Tutorial

Sophos Firewall backup and restore video tutorial
Sophos Firewall backup and restore video tutorial

In this video, Jay from Sophos Support walks through the backup and restore process for Sophos Firewall, version 19, explaining backup encryption and the various ways backups can be stored, such as on the firewall itself, on FTP servers, or via email. He emphasizes the importance of the Secure Storage Master Key (SSMK) for protecting sensitive data and as a prerequisite for restoring backups.

Jay also shares best practices for Sophos Firewall backup and restore, such as setting up automatic backups, creating manual backups before significant configuration changes or firmware upgrades, and storing backups safely. He recommends checking the compatibility of restore devices and provides step-by-step instructions for creating a backup from the Sophos Firewall Web Admin console.

It guides the user through the restore process, pointing out that the restore overwrites the current configuration. Therefore, it is recommended to create a backup before the restore process. He also emphasizes the importance of verifying the restored configuration to ensure that it is correct and up-to-date.

Source: https://techvids.sophos.com/share/watch/AMktmUJbvMvEZzxzyZpV5w

More documentation