{"id":161716,"date":"2024-10-17T12:00:59","date_gmt":"2024-10-17T11:00:59","guid":{"rendered":"https:\/\/www.avanet.com\/blog\/sophos-firewall-v21-0\/"},"modified":"2026-04-17T13:07:49","modified_gmt":"2026-04-17T12:07:49","slug":"sophos-firewall-v21-0","status":"publish","type":"post","link":"https:\/\/www.avanet.com\/en\/blog\/sophos-firewall-v21-0\/","title":{"rendered":"Sophos Firewall v21: New functions and improvements"},"content":{"rendered":"\n<p>The Sophos Firewall v21 is officially available since October 17th and in this article we describe the new features of this version.<\/p>\n\n<blockquote class=\"wp-block-quote is-style-default is-layout-flow wp-block-quote-is-layout-flow\">\n<p><br\/>\u26a0\ufe0f Update auf Sophos Firewall v21<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>XGS Appliances<\/li>\n\n\n\n<li>\u2705 Install Sophos Firewall VMs or software<\/li>\n\n\n\n<li>\u274c XG Appliances<a href=\"https:\/\/www.avanet.com\/en\/kb\/sophos-product-lifecycle-calendar-end-of-sale-end-of-life\/\" data-type=\"link\" data-id=\"https:\/\/www.avanet.com\/kb\/sophos-product-lifecycle-kalender-end-of-sale-end-of-life\/\">(End of Life<\/a>)<\/li>\n\n\n\n<li>SG appliances with Sophos Firewall OS<a href=\"https:\/\/www.avanet.com\/en\/kb\/sophos-product-lifecycle-calendar-end-of-sale-end-of-life\/\" data-type=\"link\" data-id=\"https:\/\/www.avanet.com\/kb\/sophos-product-lifecycle-kalender-end-of-sale-end-of-life\/\">(End of Life<\/a>)<\/li>\n<\/ul>\n\n\n\n<p>The update to Sophos Firewall v21 is only available for XGS appliances as well as VM and software firewalls.XG appliances and SG appliances with SFOS will <strong>no<\/strong> longer receive this update and will reach <a href=\"https:\/\/www.avanet.com\/en\/blog\/sophos-utm-end-of-life-2026\/\">End-of-Life (EOL)<\/a> on March 31, 2025.All those affected by End-of-Life will be informed about all details in the <a href=\"https:\/\/www.avanet.com\/en\/blog\/the-time-to-switch-to-the-xgs-firewall-hardware-is-coming-soon\/\">XG End-of-Life article<\/a>.  <\/p>\n<\/blockquote>\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Sophos Firewall v21: What&#039;s New\" width=\"1290\" height=\"726\" src=\"https:\/\/www.youtube.com\/embed\/VR_abxYdLEQ?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><figcaption class=\"wp-element-caption\">Sophos Firewall v21 &#8211; Overview of updates<\/figcaption><\/figure>\n\n<div class=\"wp-block-rank-math-toc-block\" id=\"rank-math-toc\"><h2>Topics<\/h2><nav><ul><li class=\"\"><a href=\"#lets-engrpyt\">Let&#8217;s Encrypt<\/a><ul><li class=\"\"><a href=\"#automatische-zertifikatserstellung\">Automatic certificate creation<\/a><\/li><li class=\"\"><a href=\"#unterstutzte-schnittstellen\">Supported interfaces<\/a><\/li><li class=\"\"><a href=\"#http-basierte-domainvalidierung\">Domain validation via HTTP<\/a><\/li><li class=\"\"><a href=\"#domainverwaltung\">Domain management<\/a><\/li><li class=\"\"><a href=\"#vorgehensweise-und-nutzung-der-lets-encrypt-zertifikate\">Use Let&#8217;s Encrypt certificates<\/a><\/li><\/ul><\/li><li class=\"\"><a href=\"#fakt-1\">UX and UI improvements<\/a><ul><li class=\"\"><a href=\"#ui-refresh\">Central UI now on firewall<\/a><\/li><li class=\"\"><a href=\"#object-refercence-features\">Object referencing<\/a><\/li><\/ul><\/li><li class=\"\"><a href=\"#third-party-threat-feeds\">Third-party threat feeds<\/a><ul><li class=\"\"><a href=\"#automatisierte-blockierung\">Automated blocking<\/a><\/li><li class=\"\"><a href=\"#polling-intervall\">Polling interval<\/a><\/li><li class=\"\"><a href=\"#unterstutzung-mehrerer-feeds\">Support for multiple feeds<\/a><\/li><li class=\"\"><a href=\"#authentifizierung-und-sicherheit\">Authentication and security<\/a><\/li><li class=\"\"><a href=\"#third-party-threat-feeds-1\">Threat Feeds Provider<\/a><\/li><li class=\"\"><a href=\"#avanet\">Cybora<\/a><\/li><\/ul><\/li><li class=\"\"><a href=\"#access-io-c-from-endpoints\">Endpoint threat indicators<\/a><ul><li class=\"\"><a href=\"#synchronisierte-telemetrie\">Synchronized telemetry<\/a><\/li><li class=\"\"><a href=\"#automatische-blockierung-von-bedrohungen\">Automatic blocking of threats<\/a><\/li><\/ul><\/li><li class=\"\"><a href=\"#lateral-movement-protection\">Lateral Movement Protection<\/a><ul><li class=\"\"><a href=\"#mac-adressen-blockierung\">MAC address blocking<\/a><\/li><li class=\"\"><a href=\"#heartbeat-status\">Heartbeat status<\/a><\/li><\/ul><\/li><li class=\"\"><a href=\"#reporting\">Threats and IoC reporting<\/a><\/li><li class=\"\"><a href=\"#static-route-and-vpn-enhancements\">Static route and VPN improvements<\/a><ul><li class=\"\"><a href=\"#vpn-ux-enhancements\">VPN UX improvements<\/a><\/li><li class=\"\"><a href=\"#site-to-site-vpn\">Site-to-Site VPN<\/a><\/li><\/ul><\/li><li class=\"\"><a href=\"#route-management\">Route Management<\/a><ul><li class=\"\"><a href=\"#statische-routen\">Static routes<\/a><\/li><li class=\"\"><a href=\"#dynamische-routen\">Dynamic routes<\/a><\/li><\/ul><\/li><li class=\"\"><a href=\"#google-authentication\">Google Authentication<\/a><ul><li class=\"\"><a href=\"#ldap-basierte-integration\">LDAP-based integration<\/a><\/li><li class=\"\"><a href=\"#chromebook-sso-unterstutzung\">Chromebook SSO support<\/a><\/li><li class=\"\"><a href=\"#verbesserte-sso-leistung\">Improved SSO performance<\/a><\/li><\/ul><\/li><li class=\"\"><a href=\"#letzte-wortw\">Last words<\/a><\/li><\/ul><\/nav><\/div>\n\n<h2 class=\"wp-block-heading\" id=\"lets-engrpyt\">Let&#8217;s Encrypt<\/h2>\n\n<p>With version 21 of Sophos Firewall, you can use Let&#8217;s Encrypt to obtain, renew and manage SSL\/TLS certificates automatically and free of charge.The integration of Let&#8217;s Encrypt into Sophos Firewall v21 makes it easier to manage certificates and ensures that they are automatically renewed in good time before they expire. <\/p>\n\n<p>FINALLY! This has probably been one of the most requested features for years and Sophos has taken a really long time here, although FortiGate has also been able to do this for over a year \ud83e\udee3.<\/p>\n\n<h3 class=\"wp-block-heading\" id=\"automatische-zertifikatserstellung\">Automatic certificate creation<\/h3>\n\n<p>The Let&#8217;s Encrypt certificates are valid for 90 days and are automatically renewed by Sophos Firewall 30 days before they expire.This significantly reduces the manual effort required for certificate management and ensures that the firewall always works with valid certificates. <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"unterstutzte-schnittstellen\">Supported interfaces<\/h3>\n\n<p>Let&#8217;s Encrypt certificates can be used in the firewall for various web services:<\/p>\n\n<ul class=\"wp-block-list\">\n<li>Web Admin Console<\/li>\n\n\n\n<li>User portal<\/li>\n\n\n\n<li>Captive Portal<\/li>\n\n\n\n<li>VPN Portal<\/li>\n\n\n\n<li>SPX portal<\/li>\n\n\n\n<li>WAF (Web Application Firewall)<\/li>\n<\/ul>\n\n<p>However, Let&#8217;s Encrypt is not supported for the following services:<\/p>\n\n<ul class=\"wp-block-list\">\n<li>Remote Access VPN<\/li>\n\n\n\n<li>Site-to-Site VPN<\/li>\n\n\n\n<li>Chromebook SSO<\/li>\n<\/ul>\n\n<h3 class=\"wp-block-heading\" id=\"http-basierte-domainvalidierung\">Domain validation via HTTP<\/h3>\n\n<div class=\"wp-block-stackable-image stk-block-image stk-block stk-f7923c6\" data-block-id=\"f7923c6\"><style>.stk-f7923c6 .stk-img-figcaption{text-align:center !important;color:#abb7c2 !important;}<\/style><figure><span class=\"stk-img-wrapper stk-image--shape-stretch stk--has-lightbox\"><img loading=\"lazy\" decoding=\"async\" class=\"stk-img wp-image-161675\" src=\"https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-firewall-rule-scaled.jpg\" width=\"2560\" height=\"1600\" alt=\"Sophos Firewall v21 vs. v20 Dashboard\" srcset=\"https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-firewall-rule-scaled.jpg 2560w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-firewall-rule-300x188.jpg 300w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-firewall-rule-1024x640.jpg 1024w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-firewall-rule-768x480.jpg 768w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-firewall-rule-1536x960.jpg 1536w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-firewall-rule-2048x1280.jpg 2048w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-firewall-rule-600x375.jpg 600w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-firewall-rule-64x40.jpg 64w\" sizes=\"auto, (max-width: 2560px) 100vw, 2560px\" \/><\/span><figcaption class=\"has-text-color stk-img-figcaption\">Sophos Firewall v21 &#8211; Let&#8217;s Encrypt automatische Firewall Regel<\/figcaption><\/figure><\/div>\n\n<p>The certificates are validated via the HTTP challenge-response mechanism.The firewall creates a temporary web server configuration and a WAF policy to handle the challenge and validate the domain.The temporary firewall rules and the virtual web server are automatically removed again once the certificate has been successfully issued.  <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"domainverwaltung\">Domain management<\/h3>\n\n<p>You can request certificates for up to 50 domains, whereby only fully qualified domain names (FQDNs) are supported.Wildcard domains and IP addresses are not permitted. <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"vorgehensweise-und-nutzung-der-lets-encrypt-zertifikate\">Use Let&#8217;s Encrypt certificates<\/h3>\n\n<p>To create a Let&#8217;s Encrypt certificate, register an account with Let&#8217;s Encrypt in the firewall, add the desired domains and configure the WAN interface for HTTP domain validation via port 80. It is important that the DNS entries point to the public IP of the firewall.<\/p>\n<div class=\"gb-grid-wrapper gb-grid-wrapper-272e9cfe\">\n<div class=\"gb-grid-column gb-grid-column-07ee04f9\"><div class=\"gb-container gb-container-07ee04f9\">\n\n<div class=\"wp-block-stackable-image stk-block-image stk-block stk-430ebb7\" data-block-id=\"430ebb7\"><style>.stk-430ebb7 .stk-img-figcaption{text-align:center !important;color:#abb7c2 !important;}<\/style><figure><span class=\"stk-img-wrapper stk-image--shape-stretch stk--has-lightbox\"><img loading=\"lazy\" decoding=\"async\" class=\"stk-img wp-image-161665\" src=\"https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-account-scaled.jpg\" width=\"2560\" height=\"1600\" alt=\"Sophos Firewall v21 vs. v20 Dashboard\" srcset=\"https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-account-scaled.jpg 2560w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-account-300x188.jpg 300w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-account-1024x640.jpg 1024w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-account-768x480.jpg 768w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-account-1536x960.jpg 1536w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-account-2048x1280.jpg 2048w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-account-600x375.jpg 600w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-account-64x40.jpg 64w\" sizes=\"auto, (max-width: 2560px) 100vw, 2560px\" \/><\/span><figcaption class=\"has-text-color stk-img-figcaption\">Sophos Firewall v21 &#8211; Let&#8217;s Encrypt Account<\/figcaption><\/figure><\/div>\n\n<\/div><\/div>\n\n<div class=\"gb-grid-column gb-grid-column-fb825ffa\"><div class=\"gb-container gb-container-fb825ffa\">\n\n<div class=\"wp-block-stackable-image stk-block-image stk-block stk-0e4f134\" data-block-id=\"0e4f134\"><style>.stk-0e4f134 .stk-img-figcaption{text-align:center !important;color:#abb7c2 !important;}<\/style><figure><span class=\"stk-img-wrapper stk-image--shape-stretch stk--has-lightbox\"><img loading=\"lazy\" decoding=\"async\" class=\"stk-img wp-image-161670\" src=\"https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-create-certificate-scaled.jpg\" width=\"2560\" height=\"1600\" alt=\"Sophos Firewall v21 vs. v20 Dashboard\" srcset=\"https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-create-certificate-scaled.jpg 2560w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-create-certificate-300x188.jpg 300w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-create-certificate-1024x640.jpg 1024w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-create-certificate-768x480.jpg 768w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-create-certificate-1536x960.jpg 1536w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-create-certificate-2048x1280.jpg 2048w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-create-certificate-600x375.jpg 600w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-lets-encrypt-create-certificate-64x40.jpg 64w\" sizes=\"auto, (max-width: 2560px) 100vw, 2560px\" \/><\/span><figcaption class=\"has-text-color stk-img-figcaption\">Sophos Firewall v21 &#8211; Let&#8217;s Encrypt Zertifikat erstellen<\/figcaption><\/figure><\/div>\n\n<\/div><\/div>\n<\/div>\n<p>The issued certificates can then be used for the WebAdmin console, user portals and the Web Application Firewall (WAF) to ensure secure HTTPS connections.<\/p>\n\n<p>Detailed instructions can be found in this video:<\/p>\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Sophos Firewall v21: Let\u2019s Encrypt\u2122 Certificates\" width=\"1290\" height=\"726\" src=\"https:\/\/www.youtube.com\/embed\/t2XH2LoN0Ac?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><figcaption class=\"wp-element-caption\">Sophos Firewall v21 &#8211; Let&#8217;s Encrypt<\/figcaption><\/figure>\n\n<h2 class=\"wp-block-heading\" id=\"fakt-1\">UX and UI improvements<\/h2>\n\n<h3 class=\"wp-block-heading\" id=\"ui-refresh\">Central UI now on firewall<\/h3>\n\n<p>With the update to Sophos Firewall v21, the user interface has been redesigned to improve navigation and data overview.The new sidebar and the adjusted color scheme provide a clearer structure.The dashboard now makes better use of the available screen space by scaling to a width of up to 1920 pixels.This allows more information to be displayed at the same time, making it easier to get an overview.   <\/p>\n\n<div class=\"wp-block-stackable-image stk-block-image stk-block stk-4cc0ce7\" data-block-id=\"4cc0ce7\"><style>.stk-4cc0ce7 .stk-img-figcaption{text-align:center !important;color:#abb7c2 !important;}<\/style><figure><span class=\"stk-img-wrapper stk-image--shape-stretch stk--has-lightbox\"><img loading=\"lazy\" decoding=\"async\" class=\"stk-img wp-image-161648\" src=\"https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-v20-dashboard-scaled.jpg\" width=\"2560\" height=\"685\" alt=\"Sophos Firewall v21 vs. v20 Dashboard\" srcset=\"https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-v20-dashboard-scaled.jpg 2560w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-v20-dashboard-300x80.jpg 300w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-v20-dashboard-1024x274.jpg 1024w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-v20-dashboard-768x206.jpg 768w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-v20-dashboard-1536x411.jpg 1536w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-v20-dashboard-2048x548.jpg 2048w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-v20-dashboard-600x161.jpg 600w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-v20-dashboard-64x17.jpg 64w\" sizes=\"auto, (max-width: 2560px) 100vw, 2560px\" \/><\/span><figcaption class=\"has-text-color stk-img-figcaption\">Sophos Firewall v21 vs. v20 Dashboard<\/figcaption><\/figure><\/div>\n\n<p>The widgets have also been adapted to make more information accessible at a glance.The map display simplifies the separation of the various data categories.These changes make it possible to access safety-relevant information and system status messages more quickly.  <\/p>\n\n<div class=\"wp-block-stackable-image stk-block-image stk-block stk-5c05228\" data-block-id=\"5c05228\"><style>.stk-5c05228 .stk-img-figcaption{text-align:center !important;color:#abb7c2 !important;}<\/style><figure><span class=\"stk-img-wrapper stk-image--shape-stretch stk--has-lightbox\"><img loading=\"lazy\" decoding=\"async\" class=\"stk-img wp-image-161643\" src=\"https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-rules-and-policies-overview-scaled.jpg\" width=\"2560\" height=\"1600\" alt=\"Sophos Firewall v21 - Rules and Policies Overview\" srcset=\"https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-rules-and-policies-overview-scaled.jpg 2560w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-rules-and-policies-overview-300x188.jpg 300w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-rules-and-policies-overview-1024x640.jpg 1024w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-rules-and-policies-overview-768x480.jpg 768w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-rules-and-policies-overview-1536x960.jpg 1536w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-rules-and-policies-overview-2048x1280.jpg 2048w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-rules-and-policies-overview-600x375.jpg 600w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-rules-and-policies-overview-64x40.jpg 64w\" sizes=\"auto, (max-width: 2560px) 100vw, 2560px\" \/><\/span><figcaption class=\"has-text-color stk-img-figcaption\">Sophos Firewall v21 &#8211; Rules and Policies Overview<\/figcaption><\/figure><\/div>\n\n<p>Overall, the revised interface aims to make interaction with the firewall more efficient and it is of course nice to see that Sophos is finally doing something in this area again.I hope the issues of <a href=\"https:\/\/www.avanet.com\/en\/blog\/sophos-firewall-feature-request\/#warnmeldungen-im-dashboard-ausblenden\">hiding warning messages in the dashboard<\/a> and <a href=\"https:\/\/www.avanet.com\/en\/blog\/sophos-firewall-feature-request\/#backend-performance\">backend performance<\/a> will also be addressed soon. <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"object-refercence-features\">Object referencing<\/h3>\n\n<p>The <a href=\"https:\/\/www.avanet.com\/en\/blog\/sophos-firewall-v20-0\/#objekt-referenzierung\">object referencing feature<\/a> has been added to Sophos Firewall with v20.<\/p>\n\n<p>Sophos Firewall v21 provides a way to track the use of objects such as interfaces, zones, gateways or SD-WAN profiles in the configuration.Changes to an object can be made in a targeted manner thanks to the transparency of the usage locations.It is also easier to clean up objects that are no longer in use, as you can quickly see whether they are still in use or can be removed.  <\/p>\n\n<h4 class=\"wp-block-heading\" id=\"api\">Object Reference API<\/h4>\n\n<p>The <strong>Object Reference API<\/strong> introduced in Sophos Firewall v21 makes it possible to automatically retrieve the usage count of configuration objects.The API can be used to quickly get an overview of how often an object is used in the configuration.This is particularly useful if you have to manage a large number of hosts or interfaces.  <\/p>\n\n<p>The API enables a programmatic query of the reference count and supports filter options to search for specific objects.This functionality provides an efficient way to identify and, if necessary, remove unused objects.The API can also be integrated into automation processes, which saves time for recurring tasks such as system cleanup.  <\/p>\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Sophos Firewall v21: Quality of Life Enhancements\" width=\"1290\" height=\"726\" src=\"https:\/\/www.youtube.com\/embed\/fCT-BoHQ73M?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><figcaption class=\"wp-element-caption\">Sophos Firewall v21 &#8211; Quality of Life Enhancements<\/figcaption><\/figure>\n\n<h2 class=\"wp-block-heading\" id=\"third-party-threat-feeds\">Third-party threat feeds<\/h2>\n\n<p>Sophos Firewall v21 supports the integration of third-party threat feeds for automated threat defense.This feature extends the existing threat intelligence integration of Sophos X-Ops and Sophos MDR with external threat data sources.Sophos Firewall can now automatically process threat indicators from third-party vendors, managed service providers (MSPs) or industry-specific consortia and block threats in various subsystems.  <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"automatisierte-blockierung\">Automated blocking<\/h3>\n\n<p>As soon as threat indicators are provided by a third-party feed, they are automatically integrated into the firewall rules.Threats such as malicious IP addresses, domains and URLs are immediately blocked on all relevant security modules &#8211; including the firewall itself, IPS (Intrusion Prevention System), DNS blocklists, web filters and Deep Packet Inspection (DPI). <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"polling-intervall\">Polling interval<\/h3>\n\n<p>The frequency at which the firewall updates the feeds can be set flexibly.Administrators can set the interval between one hour and up to 30 days.This makes it possible to control the updating of threat data as required.  <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"unterstutzung-mehrerer-feeds\">Support for multiple feeds<\/h3>\n\n<p>Sophos Firewall can manage up to 50 different threat feed sources. These feeds must be in a specific format &#8211; each Indicator of Compromise (IOC) is transmitted as a single line in a .txt file over HTTPS.<\/p>\n\n<h3 class=\"wp-block-heading\" id=\"authentifizierung-und-sicherheit\">Authentication and security<\/h3>\n\n<p>The integration of external threat feeds usually requires authentication.Sophos Firewall supports various authentication methods, including basic authentication and token-based authentication.This ensures that only authorized threat data sources are used.  <\/p>\n\n<p>Support for external feeds significantly improves the firewall&#8217;s defensive capabilities.Threats from industry-specific or regional feeds can be detected and blocked without the need to manually create additional firewall rules. <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"third-party-threat-feeds-1\">Threat Feeds Provider<\/h3>\n\n<p>Here is a small selection of other providers that make threat feeds available.<\/p>\n\n<h3 class=\"wp-block-heading\" id=\"avanet\">Cybora<\/h3>\n\n<p><a href=\"https:\/\/cybora.io\/\" target=\"_blank\" rel=\"noopener\">Cybora<\/a> provides a curated threat intelligence feed that combines data from hundreds of firewalls worldwide, community sources, and commercial feeds.<\/p>\n\n<p>The focus is on active and high-risk indicators such as command-and-control servers, botnet scanning, brute-force attacks, and phishing infrastructure. Through scoring, deduplication, and a short expiration policy, the lists remain up-to-date, clean, and practical. <\/p>\n\n<p>The data is provided as simple IP and domain lists via HTTPS and is updated several times a day. Cybora is compatible with Sophos Third-party Threat Feeds, Fortinet, Palo Alto Networks, and other platforms. <\/p>\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>Cybora specializes in firewall solutions and, in our view, offers excellent value for money. It is the solution we prefer to use for our customers. (Avanet \u2764\ufe0f Cybora)  <\/p>\n<\/blockquote>\n\n<ul class=\"wp-block-list\">\n<li>Details about the solution: <a href=\"https:\/\/cybora.io\/integrations\/sophos\/\" target=\"_blank\" rel=\"noopener\">Sophos Firewall Threat Feeds<\/a><\/li>\n<\/ul>\n\n<h4 class=\"wp-block-heading\" id=\"crowd-sec-https-www-crowdsec-net\">CrowdSec<\/h4>\n\n<p>CrowdSec is an open source cyber threat defense solution powered by crowd intelligence.It provides automated blocklists and threat feeds collected from a global community.CrowdSec helps to identify and block threats in real time by aggregating threat intelligence from many participants.  <\/p>\n\n<h4 class=\"wp-block-heading\" id=\"grey-noise-https-www-greynoise-io\">GreyNoise<\/h4>\n\n<p>GreyNoise focuses on analyzing &#8220;internet noise&#8221; by examining global network traffic to identify which activities are likely to be malicious.It filters out malicious network traffic that is not a direct attack on your infrastructure, helping to reduce false positives and prioritize real threats. <\/p>\n\n<h4 class=\"wp-block-heading\" id=\"cisco-talos\">Cisco Talos<\/h4>\n\n<p>Talos is Cisco&#8217;s threat research unit and provides one of the largest commercial threat intelligence feeds in the world.It includes detailed information on global threats, vulnerabilities and attackers.Talos supports the detection and defense of cyber attacks with up-to-date threat data.  <\/p>\n\n<h4 class=\"wp-block-heading\" id=\"abuse-ch-ur-lhaus\">Abuse.ch \/ URLhaus<\/h4>\n\n<p>Abuse.ch is a platform that specializes in detecting and blocking malicious domains and IP addresses, especially malware and botnets.URLhaus is an Abuse.ch project that focuses on reporting and blocking URLs that spread malware. <\/p>\n\n<h4 class=\"wp-block-heading\" id=\"hakk-solutions\">Hakk Solutions<\/h4>\n\n<p>Hakk Solutions is a security intelligence and services provider specializing in threat intelligence and security monitoring.The services include threat data that can be used to identify and defend against cyber attacks. <\/p>\n\n<h4 class=\"wp-block-heading\" id=\"osint-open-source-intelligence-digital-side\">OSINT (Open-source Intelligence) \/ DigitalSide<\/h4>\n\n<p>DigitalSide provides open source intelligence feeds (OSINT) based on publicly available information.These feeds contain data on malicious IP addresses, URLs and domains collected from various publicly available sources. <\/p>\n\n<h4 class=\"wp-block-heading\" id=\"cins-score-cin-sscore-com\">CINS Score (CINSscore.com)<\/h4>\n\n<p>CINS Score provides threat intelligence based on network traffic analysis to help identify malicious hosts and networks.It uses machine learning and heuristic algorithms to evaluate potentially dangerous IP addresses. <\/p>\n\n<h4 class=\"wp-block-heading\" id=\"eclectic-iq\">EclecticIQ<\/h4>\n\n<p>EclecticIQ provides threat intelligence and analytics for organizations and security operations.The provider offers comprehensive threat intelligence services that make it possible to detect and respond to threats. <\/p>\n\n<h4 class=\"wp-block-heading\" id=\"feodo-tracker\">Feodo Tracker<\/h4>\n\n<p>Feodo Tracker is another Abuse.ch project that specializes in tracking botnets, particularly Feodo, Dridex and Emotet.It provides information about the servers that these botnets use to control them, helping to identify and block malicious activity. <\/p>\n\n<h4 class=\"wp-block-heading\" id=\"digital-slide-threat-intel\">DigitalSlide Threat Intel<\/h4>\n\n<p>DigitalSide provides threat intelligence feeds with a focus on open source intelligence (OSINT).It collects publicly available information on malicious IP addresses, domains and URLs.These feeds are particularly useful for identifying threats at an early stage as they are based on a wide range of publicly available data sources and are updated regularly.  <\/p>\n\n<h4 class=\"wp-block-heading\" id=\"proofepoint-emerging-threat-intelligence\">Proofepoint &#8211; Emerging Threat Intelligence<\/h4>\n\n<p>Proofpoint provides comprehensive threat intelligence through its Emerging Threats Intelligence Feed.This service focuses on providing real-time updates on emerging threats, including new attack techniques and vulnerabilities.Proofpoint uses machine learning and expert analysis to provide detailed insights into global threats that help organizations respond to cyberattacks in a targeted manner.  <\/p>\n\n<h2 class=\"wp-block-heading\" id=\"access-io-c-from-endpoints\">Endpoint threat indicators<\/h2>\n\n<p>Sophos Firewall v21 provides the ability to integrate and analyze threat indicators <strong>Indicators of Compromise (IoCs)<\/strong> from endpoints.Both managed and unmanaged endpoints are supported.As soon as an endpoint detects malicious activity, this information is transmitted to the firewall.The firewall analyzes these IoCs and blocks suspicious activity.   <\/p>\n\n<p>This function is particularly useful for improving synchronization between endpoints and the firewall.Threat attempts detected on the endpoints can thus be stopped directly across the entire network.This real-time analysis contributes to a rapid response to threats and the containment of attacks.  <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"synchronisierte-telemetrie\">Synchronized telemetry<\/h3>\n\n<p>The firewall is able to correlate threat attempts from endpoints by including details such as running processes and applications.This improves threat detection and analysis.As soon as an endpoint detects suspicious activity, this information is automatically transmitted to the firewall to block the threat across different network layers.  <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"automatische-blockierung-von-bedrohungen\">Automatic blocking of threats<\/h3>\n\n<p>If a malicious process is detected on a managed endpoint, the firewall automatically blocks the associated IP address, domain or URL.This applies to subsystems such as the firewall, DNS blocklists, web filters and deep packet inspection.This seamless integration between the firewall and endpoints significantly reduces the response time to threats.  <\/p>\n\n<p>An example would be an unmanaged endpoint attempting to access a malicious URL.The firewall would immediately intervene and block access without the endpoint itself requiring any special configurations.This also protects devices that are not directly managed by Sophos Endpoint Security.  <\/p>\n\n<p>The ability to process IoCs from endpoints provides administrators with an additional layer of defense, as the firewall responds not only to network traffic, but also to detailed threat information from the endpoints themselves.<\/p>\n\n<h2 class=\"wp-block-heading\" id=\"lateral-movement-protection\">Lateral Movement Protection<\/h2>\n\n<p>Lateral Movement Protection is mentioned again in Sophos Firewall v21, as significant improvements and optimizations have been made in this version.In v21, integration and coordination with other security features such as <strong>Synchronized Security<\/strong> and <strong>Active Threat Response (ATR)<\/strong> has been improved.The firewall can now respond faster and more efficiently to threats by automatically isolating compromised devices and blocking the spread of threats across the network.  <\/p>\n\n<p>Lateral Movement Protection prevents threats from spreading across the network by isolating compromised devices.As soon as an endpoint is detected as compromised, communication with other devices in the network is blocked.The firewall also shares this information with other endpoints, which then also block network access to the compromised device.  <\/p>\n\n<p>This feature increases security across the network by preventing threats from moving horizontally from one device to the next.It is particularly useful in large networks where the rapid isolation of infected devices can be crucial in preventing an incident. <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"mac-adressen-blockierung\">MAC address blocking<\/h3>\n\n<p>If an endpoint is detected as compromised, the firewall shares the MAC address of this device with all other endpoints in the network.The endpoints then block network access to the infected device.This ensures that threats cannot spread further in the network.  <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"heartbeat-status\">Heartbeat status<\/h3>\n\n<p>The firewall continuously monitors the heartbeat status of the endpoints.As soon as an endpoint is identified as compromised, the heartbeat status changes to red, which triggers an immediate blocking mechanism.The communication of the compromised endpoint is immediately interrupted, enabling effective containment of the threat.  <\/p>\n\n<p>A typical scenario would be an endpoint that attempts to move laterally in the network after it has been compromised.With Lateral Movement Protection enabled, this endpoint is immediately isolated and its communication blocked.This prevents the spread of malware, such as ransomware, which could attempt to infect other devices.  <\/p>\n\n<p>A prerequisite for this function is that the firewall and the Sophos endpoints are connected via Sophos Central.This enables synchronization between the security solutions and ensures that threats can be detected and isolated quickly. <\/p>\n\n<h2 class=\"wp-block-heading\" id=\"reporting\">Threats and IoC reporting<\/h2>\n\n<p>Sophos Firewall v21, like previous versions, offers reporting capabilities that are available both on the device (OnBox) and in the cloud via Sophos Central.These reports make it possible to analyze threats and network activities in detail and provide valuable insights into the security situation of the network. <\/p>\n\n<p>In Sophos Firewall v21, reporting capabilities have been enhanced with the integration of <strong>Threat Sources<\/strong> and <strong>Threat Events<\/strong> and support for <strong>Synchronized Indicators of Compromise (IoC)<\/strong>.What is new is that reports now provide detailed information on the sources of threats and their specific events.You can now accurately track threat attempts by seeing which devices, IP addresses or users were involved and which firewall modules blocked the threat.  <\/p>\n\n<p>Particularly noteworthy is the support for <strong>Synchronized IoCs<\/strong>.This synchronizes threat data from Sophos Central and Sophos Managed Detection and Response (MDR) as well as third-party feeds.This extension makes it possible to gain deeper insights into threats by analyzing the affected processes and endpoints in more detail.This allows administrators to see not only where threats have occurred, but also how they affect endpoints and network components.   <\/p>\n\n<p>In this video, we explain the topic of third-party threat feeds in detail:<\/p>\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Sophos Firewall v21: Third-Party Threat Feeds\" width=\"1290\" height=\"726\" src=\"https:\/\/www.youtube.com\/embed\/LXICxO65C1M?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><figcaption class=\"wp-element-caption\">Sophos Firewall v21 &#8211; Third-party threat feeds<\/figcaption><\/figure>\n\n<h2 class=\"wp-block-heading\" id=\"static-route-and-vpn-enhancements\">Static route and VPN improvements<\/h2>\n\n<h3 class=\"wp-block-heading\" id=\"vpn-ux-enhancements\">VPN UX improvements<\/h3>\n\n<p>Version 21 of Sophos Firewall introduces several improvements to the user interface (UX) for managing VPN connections to make it more efficient to use.<\/p>\n\n<h4 class=\"wp-block-heading\" id=\"bulk-aktivierung-und-deaktivierung\">Bulk activation and deactivation<\/h4>\n\n<p>Administrators can now activate or deactivate several VPN connections at the same time.<\/p>\n\n<div class=\"wp-block-stackable-image stk-block-image stk-block stk-806c2ed\" data-block-id=\"806c2ed\"><style>.stk-806c2ed .stk-img-figcaption{text-align:center !important;color:#abb7c2 !important;}<\/style><figure><span class=\"stk-img-wrapper stk-image--shape-stretch stk--has-lightbox\"><img loading=\"lazy\" decoding=\"async\" class=\"stk-img wp-image-161700\" src=\"https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-bulk-vpn-status-scaled.jpg\" width=\"2560\" height=\"983\" alt=\"Sophos Firewall v21 - S2S Bulk Edit\" srcset=\"https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-bulk-vpn-status-scaled.jpg 2560w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-bulk-vpn-status-300x115.jpg 300w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-bulk-vpn-status-1024x393.jpg 1024w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-bulk-vpn-status-768x295.jpg 768w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-bulk-vpn-status-1536x590.jpg 1536w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-bulk-vpn-status-2048x786.jpg 2048w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-bulk-vpn-status-600x230.jpg 600w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-bulk-vpn-status-64x25.jpg 64w\" sizes=\"auto, (max-width: 2560px) 100vw, 2560px\" \/><\/span><figcaption class=\"has-text-color stk-img-figcaption\">Sophos Firewall v21 &#8211; S2S Bulk Edit<\/figcaption><\/figure><\/div>\n\n<p>This saves a considerable amount of time, especially when managing large networks with many VPN tunnels.Deactivation is done quickly via a central button in the VPN management area. <\/p>\n\n<h4 class=\"wp-block-heading\" id=\"erweiterte-filtermoglichkeiten\">Extended filter options<\/h4>\n\n<p>The VPN connections overview page now has improved filtering capabilities that make it easier to navigate through multiple pages of VPN configurations.These filters include both free text entry and value-based search options, making it easier to manage and search for specific networks, subnets or users for remote access and site-to-site VPNs. <\/p>\n\n<h4 class=\"wp-block-heading\" id=\"xfrm-interface-filter\">XFRM interface filter<\/h4>\n\n<p>An additional filter option for XFRM interfaces has been added.XFRM interfaces that are often used in VPN configurations can now be identified and managed more easily.This is particularly useful when VPNs are set up via VLANs and WAN interfaces.  <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"site-to-site-vpn\">Site-to-Site VPN<\/h3>\n\n<p>Sophos Firewall v21 introduces several improvements for site-to-site VPNs, focusing on both usability and performance.<\/p>\n\n<p><strong>DHCP relay via XFRM tunnel<\/strong>: One of the key new features is the support of DHCP relays via XFRM tunnels.This makes it possible to reach DHCP servers behind remote firewalls, which was previously only possible via policy-based VPNs.This is particularly useful in SD-WAN environments where dynamic IP addresses need to be provided via tunnels.  <\/p>\n\n<p><strong>Improved FQDN support<\/strong>: When configuring remote gateways in IPsec VPNs, both FQDNs (Fully Qualified Domain Names) and their resolved IP addresses can now be used.This improves scalability, especially in environments with high DNS latency, where FQDN resolutions could affect the performance of VPN connections.Administrators can choose whether to use FQDNs or resolved IP addresses in the configuration.  <\/p>\n\n<p>The new functions in the site-to-site VPN area provide more flexibility and improve scalability in larger, distributed networks.The optimization of the interface recovery time, which is up to 20 times faster, also drastically reduces downtime in the event of tunnel failures, restarts or HA failover scenarios. <\/p>\n\n<h2 class=\"wp-block-heading\" id=\"route-management\">Route Management<\/h2>\n\n<p>Routing management in Sophos Firewall v21 has been enhanced with new features and improvements to simplify the management of static and dynamic routes and increase network stability.<\/p>\n\n<h3 class=\"wp-block-heading\" id=\"statische-routen\">Static routes<\/h3>\n\n<div class=\"wp-block-stackable-image stk-block-image stk-block stk-4628763\" data-block-id=\"4628763\"><style>.stk-4628763 .stk-img-figcaption{text-align:center !important;color:#abb7c2 !important;}<\/style><figure><span class=\"stk-img-wrapper stk-image--shape-stretch stk--has-lightbox\"><img loading=\"lazy\" decoding=\"async\" class=\"stk-img wp-image-161705\" src=\"https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-static-route-scaled.jpg\" width=\"2560\" height=\"949\" alt=\"Sophos Firewall v21 - Static Route\" srcset=\"https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-static-route-scaled.jpg 2560w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-static-route-300x111.jpg 300w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-static-route-1024x380.jpg 1024w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-static-route-768x285.jpg 768w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-static-route-1536x570.jpg 1536w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-static-route-2048x759.jpg 2048w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-static-route-600x222.jpg 600w, https:\/\/www.avanet.com\/assets\/sophos-firewall-v21-static-route-64x24.jpg 64w\" sizes=\"auto, (max-width: 2560px) 100vw, 2560px\" \/><\/span><figcaption class=\"has-text-color stk-img-figcaption\">Sophos Firewall v21 &#8211; Static Route<\/figcaption><\/figure><\/div>\n\n<h4 class=\"wp-block-heading\" id=\"aktivierung-deaktivierung-von-routen\">Activation\/deactivation of routes<\/h4>\n\n<p>Administrators can now activate or deactivate individual routes directly, which makes troubleshooting and managing network connections much easier.This enables precise control over routing behavior in real time. <\/p>\n\n<h4 class=\"wp-block-heading\" id=\"routen-klonen\">Route cloning<\/h4>\n\n<p>With the new route cloning function, existing routes can be easily duplicated and adapted.This saves time during configuration and ensures consistency across different network interfaces.In addition, each route can be provided with a description to increase clarity.  <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"dynamische-routen\">Dynamic routes<\/h3>\n\n<h4 class=\"wp-block-heading\" id=\"erweiterte-unterstutzung-fur-ospf-und-bgp\">Extended support for OSPF and BGP<\/h4>\n\n<p>The firewall now supports forwarding BGP routes to OSPF v3, which improves interoperability between different routing protocols.This is particularly useful in complex networks with multiple locations and protocols. <\/p>\n\n<h4 class=\"wp-block-heading\" id=\"ha-verbesserungen\">HA improvements<\/h4>\n\n<p>In high-availability (HA) failover scenarios, the stability of dynamic routes has been significantly improved.Whereas in previous versions there could be several connection failures during failover, this now only occurs once, which increases the reliability of the network connections. <\/p>\n\n<h2 class=\"wp-block-heading\" id=\"google-authentication\">Google Authentication<\/h2>\n\n<p>Support for Google Authentication has been extended in Sophos Firewall v21 to facilitate the integration of Google Workspace and Chromebooks.<\/p>\n\n<h3 class=\"wp-block-heading\" id=\"ldap-basierte-integration\">LDAP-based integration<\/h3>\n\n<p>Sophos Firewall now supports the integration of Google Workspace via a regular LDAP client.This extension makes it easier for organizations that rely on Google Workspace to authenticate their users via Sophos Firewall without having to rely on Active Directory.Support for Google Workspace SSO (Single Sign-On) will also follow in future versions.  <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"chromebook-sso-unterstutzung\">Chromebook SSO support<\/h3>\n\n<p>The firewall now offers SSO (single sign-on) functionality for Google Chromebooks connected to LDAP servers.This functionality was previously limited to Active Directory.This allows Google users to access secured resources without additional login steps.  <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"verbesserte-sso-leistung\">Improved SSO performance<\/h3>\n\n<p>Authentication has been improved so that the firewall can process requests from multiple SSO mechanisms (e.g. STAS, RADIUS SSO, Synchronized User ID) more efficiently.In environments with a high number of concurrent requests, the Server can now respond up to four times faster to authentication requests and discard duplicate requests once a user is authenticated. <\/p>\n\n<h2 class=\"wp-block-heading\" id=\"letzte-wortw\">Last words<\/h2>\n\n<p>Overall, Sophos Firewall v21 is a solid annual update that brings small but important improvements to the UX and UI, as well as new features that further enhance network security.<\/p>\n\n<p>We are happy to continue collecting your feedback on which features you currently miss.We have already summarized many of your suggestions in the <a href=\"https:\/\/www.avanet.com\/en\/blog\/sophos-firewall-feature-request\/\">Sophos Firewall Feature Request 2024<\/a> post and are already working on the list for 2025.You are welcome to send us further requests and suggestions via the contact form.  <\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Sophos Firewall v21 is officially available since October 17th and in this article we describe the new features of this version. Let&#8217;s Encrypt With version 21 of Sophos Firewall, you can use Let&#8217;s Encrypt to obtain, renew and manage SSL\/TLS certificates automatically and free of charge.The integration of Let&#8217;s Encrypt into Sophos Firewall v21 [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":161689,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[277],"tags":[],"class_list":["post-161716","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"blocksy_meta":[],"acf":[],"_links":{"self":[{"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/posts\/161716","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/comments?post=161716"}],"version-history":[{"count":0,"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/posts\/161716\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/media\/161689"}],"wp:attachment":[{"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/media?parent=161716"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/categories?post=161716"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/tags?post=161716"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}