You can monitor and configure Windows Firewall (and monitor other registered firewalls) on your computers and servers using a Windows Firewall policy.
You can apply a Windows Firewall policy to individual devices (computers or servers) or to groups of devices.
Sophos Central is a force multiplier for your team, enabling you to manage your firewall, endpoint, server, mobile and other Sophos Products through a single console while also taking advantage of Synchronized Security integration. Security Heartbeat™ shares endpoint health status with your firewall in real-time.
- Sophos Central Firewall Manager v1701. Sophos Central Firewall Manager Help. Guide for Customers - Sophos Central Firewall Manager. Sophos Central Firewall Manager Administration Guide. Group Level Web Interface Reference and Admin Guide. Sophos Central Firewall Manager v17.
- May 13 2020 By Scott Grebe Earlier this year Sophos launched Central Firewall Reporting (CFR) as our new cloud-based platform to help customers gain deeper insight into activity on their network. Having that knowledge helps them be more efficient, enhance.
We advise that you test any firewall rules you create (locally or via Group Policy) to make sure that communication with Sophos is allowed.
Go to Endpoint Protection > Policies to manage Windows Firewall.
To set up a policy, do as follows:
- Create a Windows Firewall policy.
- Open the policy's Settings tab and configure it as described below. Make sure the policy is turned on.
In Monitor Type, select the level of monitoring you want:
- Monitor Only. Devices will report their firewall status to Sophos Central. This is the default option.
- Monitor & Configure Network Profiles. Devices will report their firewall status to Sophos Central. You can also choose whether to block or allow inbound connections on Domain Networks, Private Networks, and Public Networks.
- Block All
- Block (with exceptions). You must set up the exceptions locally on the computer or server. If you don't set up exceptions all inbound connections are blocked.
- Allow All
You can manage firewalls and assign them to Sophos Central customers.
You can manage virtual and hardware firewalls.
Request a new virtual firewall
If you're a Flex Partner, you can request a new virtual Sophos XG Firewall that is registered with Sophos Central and available to customers under a monthly subscription.
To request a virtual firewall, do as follows:
Sophos Central Firewall Ports
- Click Request Virtual Firewall.
- In Request New MSP XG Virtual Firewall, enter the following information:
- Registrant: The email address to which the firewall is registered. You can use any of the Sophos Central Partner administrator email addresses, ideally an administrator with firewall privileges.
- Size: The number of cores on the firewall’s CPU and its memory. For example, 16C24 means 16 cores and 24 GB RAM.
- Subscription: The firewall features that you want to make available. Select None if you aren't sure which subscription to choose right now.
- Assigned To: The customer to whom the firewall is assigned.
- Click Create Firewall
- Confirm your request.The firewall is added to the table. Your chosen subscription is shown in the Pending column until the request is complete. After this, it moves to the Subscription column. Subscription requests are performed automatically within a few minutes.
If a request is still pending after 20 minutes, contact your channel account manager with the following details:
Sophos Central Firewall Groups
- Firewall serial number
- Subscription name
- Date and time of the request
Sophos Central Firewall Reporting
Ask your account manager to ensure that the subscription is active.