Sophos Firewall Sizing Guide - Choose the right XGS Firewall
Guide to Sophos Firewall Sizing Guide: Choose the right XGS Firewall: key steps, requirements and practical notes for Sophos administrators in daily …
Sophos Firewall
Here you will find useful articles about Sophos Firewall.
Table of contents
Sophos Firewall topic overview
The articles are organised so you can work through Sophos Firewall topics systematically, from selection and setup to troubleshooting.
Getting started, selection and licensing
Basics for purchasing, renewal, licensing, sizing and product selection.
What Sophos Firewall bundles are available?
Guide to What Sophos Firewall bundles are available?: key steps, requirements and practical notes for Sophos administrators in daily operations.
Sophos Firewall - Base License
Guide to Sophos Firewall: Base License: key steps, requirements and practical notes for Sophos administrators in daily operations.
Activate Sophos Firewall license key
Guide to Activate Sophos Firewall license key: key steps, requirements and practical notes for Sophos administrators in daily operations.
Understanding Sophos Firewall performance data correctly
Guide to Understanding Sophos Firewall performance data correctly: key steps, requirements and practical notes for Sophos administrators in daily …
Sophos Firewall - hardware or virtual appliance?
This article explains when a Sophos Firewall should be deployed as an XGS hardware appliance and when a virtual appliance is the better fit.
What is the difference between an XG and XGS firewall?
This article explains the technical and operational differences between XG and XGS, why XG hardware has been End of Life since 31 March 2025, why that …
Sophos Product Lifecycle Calendar - End-of-Sale / End-of-Life
Guide to Sophos Product Lifecycle Calendar: End-of-Sale / End-of-Life: key steps, requirements and practical notes for Sophos administrators.
What are the main Sophos portals?
Guide to What are the main Sophos portals?: key steps, requirements and practical notes for Sophos administrators in daily operations.
Where can I find the serial number of my Sophos Firewall?
Guide to Where can I find the serial number of my Sophos Firewall?: key steps, requirements and practical notes for Sophos administrators in daily …
Transfer Sophos Firewall to another account
Guide to Transfer Sophos Firewall to another account: key steps, requirements and practical notes for Sophos administrators in daily operations.
Setup and basic configuration
Everything that should be completed properly after unpacking the firewall or finishing the Setup Wizard.
Configure Sophos Firewall after the Setup Wizard
After the Setup Wizard, Sophos Firewall is reachable and registered. This article shows which points should be checked and finished cleanly.
Connect Sophos Firewall to Sophos Central
Sophos Firewall can be managed locally, but Sophos Central adds useful options for management, backups, reporting and Synchronized Security.
Add Active Directory to Sophos Firewall (SFOS)
Guide to Add Active Directory to Sophos Firewall SFOS: key steps, requirements and practical notes for Sophos administrators in daily operations.
Set up STAS on a Sophos Firewall (SFOS)
This guide shows how to set up STAS on a Sophos Firewall, when the agent and collector should be separated, which best practices matter and where …
Secure Sophos Firewall access: configure Device Access
Device Access controls access to local Sophos Firewall services. This article explains zone access, ACL Exception Rules, common mistakes and …
Setting up Avanet support access to Sophos Firewall
Guide to Setting up Avanet support access to Sophos Firewall: key steps, requirements and practical notes for Sophos administrators in daily …
Sophos Firewall - Set up support access for Avanet
Guide to Sophos Firewall: Set up support access for Avanet: key steps, requirements and practical notes for Sophos administrators in daily operations.
Firewall rules, NAT and network design
Rules, zones, routing, NAT, DNS, DHCP and typical network design topics.
Configure Sophos Firewall zones and interfaces
Zones and interfaces are the foundation for clean firewall rules. This guide explains planning, configuration and common Sophos Firewall mistakes.
Understand and configure Sophos Firewall Rules
Firewall Rules are the core of Sophos Firewall. This guide explains every rule option and shows a complete practical example.
How to document a Sophos Firewall rule easily
Guide to How to document Sophos Firewall rule easily: key steps, requirements and practical notes for Sophos administrators in daily operations.
Sophos Firewall rule not matching: check causes
If a Sophos Firewall rule does not match, the cause is usually rule order, match criteria, NAT, routing or missing logging. This checklist helps with …
Test Sophos Firewall rules with Log Viewer and Packet Capture
A firewall rule should be tested deliberately after it has been saved. This guide shows the workflow with Log Viewer, Policy tester and Packet …
Understand NAT on Sophos Firewall: SNAT, DNAT, MASQ, PAT
NAT translates addresses or ports, but does not allow traffic. This guide explains SNAT, DNAT, MASQ, PAT, loopback, reflexive rules and …
Publish a Server with DNAT on Sophos Firewall
DNAT makes an internal service reachable through a public IP address. This guide shows a secure setup on Sophos Firewall.
Configure DNS Request Routes on Sophos Firewall
DNS Request Routes make Sophos Firewall forward specific DNS queries to defined DNS servers. This is especially helpful for internal domains, Active …
Sophos Firewall DHCP Options (SFOS)
This guide shows how to configure DHCP options on a Sophos Firewall, what option code, data type and value mean, when WebAdmin is enough and when CLI …
Change the Sophos Firewall routing priority
This guide shows how to check, adjust and test Sophos Firewall route precedence from the Device Console.
Sophos Firewall - SD-WAN Routing Reply-Packet & System Traffic
Guide to Sophos Firewall: SD-WAN Routing Reply-Packet & System Traffic: key steps, requirements and practical notes for Sophos administrators.
Configure VLAN on Sophos Firewall and UniFi Switch
Guide to Configure VLAN on Sophos Firewall and UniFi Switch: key steps, requirements and practical notes for Sophos administrators in daily …
Set up Sophos Firewall as an NTP server
Guide to Set up Sophos Firewall as NTP server: key steps, requirements and practical notes for Sophos administrators in daily operations.
Create an IPsec route on Sophos Firewall
This guide explains when a manual IPsec route is useful and how to assign host or network routes to a specific IPsec tunnel.
Configure Application Traffic Shaping on Sophos Firewall
Application Traffic Shaping prioritises important applications and limits less critical traffic. This guide explains planning, configuration and …
Sophos Firewall VoIP settings optimization
Guide to Sophos Firewall VoIP settings optimization: key steps, requirements and practical notes for Sophos administrators in daily operations.
VPN, RED and Remote Access
Set up and check remote access for users, branch offices and VPN tunnels.
Configure Sophos Connect Client on the Sophos Firewall (SFOS)
Guide to Configure Sophos Connect Client on the Sophos Firewall SFOS: key steps, requirements and practical notes for Sophos administrators in daily …
Install Sophos Connect Client on Windows
In this guide, we show how to download the Sophos Connect client from a Sophos Firewall, install it on Windows and import the connection file.
Install Sophos Connect Client on macOS
Guide to Install Sophos Connect Client on macOS: key steps, requirements and practical notes for Sophos administrators in daily operations.
Install Sophos SSL VPN Client (Windows) – SFOS
Guide to Install Sophos SSL VPN Client (Windows) – SFOS: key steps, requirements and practical notes for Sophos administrators in daily operations.
Set up Sophos SSL VPN on macOS
Guide to Set up Sophos SSL VPN on macOS: key steps, requirements and practical notes for Sophos administrators in daily operations.
Set up Sophos SSL VPN on iOS
Guide to Set up Sophos SSL VPN on iOS: key steps, requirements and practical notes for Sophos administrators in daily operations and management.
Start the Sophos SSL VPN client automatically with auto-login
Guide to Sophos SSL VPN client in autostart with auto login: key steps, requirements and practical notes for Sophos administrators in daily …
Comparison: Sophos Connect Client or SSL VPN Client?
Guide to Comparison: Sophos Connect Client or SSL VPN Client?: key steps, requirements and practical notes for Sophos administrators in daily …
Sophos Firewall - IPsec remote access timeout after 4 hours
Guide to Sophos Firewall: IPsec remote access timeout after 4 hours: key steps, requirements and practical notes for Sophos administrators in daily …
Sophos Firewall IPsec VPN troubleshooting
This guide shows how to analyze IPsec site-to-site VPNs on Sophos Firewall systematically: from tunnel setup and StrongSwan logs to routing, NAT and …
Set up Sophos SD-RED and troubleshoot issues
This guide shows how to connect a Sophos SD-RED to Sophos Firewall, what the LED states mean and how to troubleshoot common RED issues.
Security features and Inspection
Protection features, authentication, Inspection and security-relevant policies.
Enable MFA for Sophos Firewall WebAdmin and VPN
MFA protects administrative access and VPN sign-ins on Sophos Firewall. This guide covers the key preparation, settings and tests.
Roll Out Sophos Firewall TLS Inspection Properly
TLS Inspection increases visibility into encrypted connections, but should be rolled out in a planned way. This guide shows a practical rollout for IT …
Install Sophos Firewall CA certificate for HTTPS scanning (SFOS)
Guide to Install Sophos Firewall CA certificate for HTTPS scanning SFOS: key steps, requirements and practical notes for Sophos administrators.
How to create a Sophos Firewall bypass rule
Guide to How to create Sophos Firewall Bypass Rule: key steps, requirements and practical notes for Sophos administrators in daily operations.
Sophos Firewall Threat Feeds
Guide to Sophos Firewall Threat Feeds: key steps, requirements and practical notes for Sophos administrators in daily operations and management.
Sophos Firewall Black Hole DNAT: Block Bad IPs
This guide explains when to block countries with a Firewall Rule, when a Black Hole DNAT Rule makes sense and why Threat Feeds add useful protection.
Sophos Firewall - How does Zero-Day Protection work?
Guide to Sophos Firewall: How does Zero-Day Protection work?: key steps, requirements and practical notes for Sophos administrators in daily …
Clean up the Sophos Firewall Secure Heartbeat database
If the Secure Heartbeat database on Sophos Firewall uses too much disk space, database maintenance from Advanced Shell can help. This guide shows the …
Sophos Firewall and the QUIC protocol
Guide to Sophos Firewall and the QUIC protocol: key steps, requirements and practical notes for Sophos administrators in daily operations.
How to disable Captcha for Web Admin and User Portal on Sophos Firewall
How to disable Captcha for Web Admin and User Portal on Sophos Firewall: key steps, requirements and practical notes for Sophos, SFOS or Central …
Analysis, logs and troubleshooting
When something does not work: logs, CLI, Packet Capture, tcpdump and analysis tools.
Sophos Firewall troubleshooting: services and logs
For troubleshooting, it is important to know which Sophos Firewall service belongs to which module and which log file matches it.
Save Sophos Firewall logs for support and analysis
For outages, VPN issues or unclear firewall events, Sophos Firewall log files are often required for proper analysis. This guide explains how to …
Connect to Sophos Firewall via SSH
Many support and troubleshooting tasks require SSH access to Sophos Firewall. This guide explains how to allow SSH, connect from macOS, Linux or …
Sophos Firewall Troubleshooting - Tips & Tricks for the CLI
Guide to Sophos Firewall Troubleshooting: Tips & Tricks for the CLI: key steps, requirements and practical notes for Sophos administrators in …
Use Sophos Firewall Packet Capture in WebAdmin
Packet Capture shows whether packets arrive, are forwarded or are dropped. This guide explains filters, analysis and common pitfalls.
Sophos Firewall - Collect logs with TCPDump for analysis
Guide to Sophos Firewall: Collect logs with TCPDump for analysis: key steps, requirements and practical notes for Sophos administrators in daily …
Sophos Firewall - Detecting dropped packets
Guide to Sophos Firewall: Detecting dropped packets: key steps, requirements and practical notes for Sophos administrators in daily operations.
Sophos Firewall - Resolving ARP problem after firewall migration
Guide to Sophos Firewall: Resolving ARP problem after firewall migration: key steps, requirements and practical notes for Sophos administrators.
Sophos Firewall Troubleshooting - iPerf Speedtest
Guide to Sophos Firewall Troubleshooting: iPerf Speedtest: key steps, requirements and practical notes for Sophos administrators in daily operations.
How to test the internet speed on a Sophos Firewall
Guide to How to test the internet speed on a Sophos Firewall: key steps, requirements and practical notes for Sophos administrators in daily …
Enable Central Firewall Reporting on Sophos Firewall
Central Firewall Reporting collects firewall log data in Sophos Central and makes it available for reports and analysis.
Operations, maintenance and recovery
Firmware, backups, services, recovery, hardware health and day-to-day operations.
Updating firmware on Sophos Firewall
This guide explains how to prepare and install firmware updates on Sophos Firewall, why a backup is required before upgrading, and why SFOS 21.x no …
Sophos Firewall firmware update preparation and best practices
Firmware updates keep Sophos Firewall secure, stable and current. This guide covers preparation, downtime reduction and rollback planning.
Create or restore Sophos Firewall backups
This guide explains how to create and restore Sophos Firewall backups, why the Secure Storage Master Key matters, and when to check restore …
How to restart services on Sophos Firewall
Guide to How to restart Services on Sophos Firewall: key steps, requirements and practical notes for Sophos administrators in daily operations.
How to restart Sophos Firewall Web Admin GUI
Guide to How to restart Sophos Firewall Web Admin GUI: key steps, requirements and practical notes for Sophos administrators in daily operations.
Reinstall Sophos Firewall OS
This article explains how to perform an SFOS reimage on a Sophos Firewall. Requirements - Sophos Firewall Appliance - USB flash drive 4 GB or …
Sophos Firewall - Check the health status of the SSD
This article shows how to check the endurance value of a Sophos Firewall SSD via SSH and when you should plan to replace the appliance.
Sophos Firewall - Determine disk space and manage reports
Guide to Sophos Firewall: Determine disk space and manage reports: key steps, requirements and practical notes for Sophos administrators in daily …
Which Sophos Firewall HA cluster types are available?
Guide to What are the variants for a Sophos Firewall HA cluster?: key steps, requirements and practical notes for Sophos administrators in daily …
Sophos Firewall - Run script without cronjob
Guide to Sophos Firewall: Run script without cronjob: key steps, requirements and practical notes for Sophos administrators in daily operations.
Other and legacy topics
Special cases, older clients and topics that do not fit neatly into the main areas.
Sophos Firewall and endpoint protection for home users
Guide to Sophos Firewall and Endpoint for the home: key steps, requirements and practical notes for Sophos administrators in daily operations.
Install Sophos SSL VPN Client (Windows) - UTM
Guide to Install Sophos SSL VPN Client (Windows): UTM: key steps, requirements and practical notes for Sophos administrators in daily operations.