Skip to content
Avanet

Sophos Firewall - Check the health status of the SSD

Sophos Firewall

A Sophos Firewall uses an SSD in the background to store logs, reports, quarantine data and system data. Like every SSD, this disk has a limited number of write cycles. Especially on firewalls with heavy logging, it is worth checking the health status of the SSD from time to time.

The SMART value for SSD endurance can be read from the Advanced Shell. This value indicates how much of the expected SSD lifetime has already been used.

Read SSD endurance via SSH

Log in to the Sophos Firewall via SSH and open the Advanced Shell. Then run the following command:

smartctl -x /dev/sda | grep Endurance

The command reads the SMART information from the SSD and filters the output for the endurance value.

Sophos Firewall Advanced Shell showing smartctl output for the SSD endurance value
Sophos Firewall - check SSD endurance with smartctl

In the output, the value before Percentage Used Endurance Indicator is the important part. In the screenshot, this value is 1. That is not critical and means that the SSD has barely been used.

Interpret the value correctly

A low value is generally good. If the value rises significantly, you should monitor the appliance more closely and plan a replacement in good time. At the latest when the value approaches 80 or higher, we recommend opening a support ticket and having the hardware checked.

Important: SMART values are not always standardised in the same way by every SSD manufacturer. The value is therefore not an absolute guarantee that a disk will fail soon, but it is a useful early indicator. If an SSD fails, this can lead to data loss, for example local logs, reports, mail queue or quarantine data.

Check HA clusters

If the Sophos Firewall runs in an HA cluster, the command must be executed on both nodes. Each node has its own SSD, and the disk health is not synchronised between the appliances.

If the command returns no output

If the command does not return a line containing Endurance, first display the SMART output without the filter:

smartctl -x /dev/sda

Look for entries such as Endurance or Percentage Used in the output. If you are unsure how to interpret the value, the output should be checked with Sophos Support.

Do not replace the SSD without support

Even if it may technically be possible to replace a defective SSD and reinstall the appliance, you should not do this without consulting Sophos. Opening or modifying the hardware can affect support and warranty.

A Sophos Firewall includes a standard one-year manufacturer warranty from the date of purchase. With a suitable Enhanced Support licence, the warranty can be extended to a maximum of 5 years. We explain this in more detail in the article How long is my Sophos hardware warranty?.