Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 2 answers
  • Subscribers 8 subscribers
  • Views 2666 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to monitor MAC firewalls from Sophos Central

rehan tahir

Hi 

I want to manage ( monitor & enforce ) MAC OS native firewalls on the MAC machines that are being managed by Sophos Endpoint Protection and Sophos Mobile. 

How can I do this ?  I want to at-least monitor whether the native MAC firewall is turned on

Thanks for the kind help in this regards in advance. 

rehan



This thread was automatically locked due to age.
Parents
  • 0

    Hello rehan,

    at the moment only the Windows Firewall can be monitored in Central. Can't say if and when it might come - don't think it's high priority (but this is my personal opinion).

    Christian 

  • 0 in reply to QC

    Hi Christian

    Thanks for your answer.  I can set firewall policies for MAC OS on Sophos Mobile which I think enforces the policies to the native firewalls on MAC. Am I correct in assuming this? 

    Can the MAC OS native firewalls be monitored and enforced using Sophos Mobile ?

     

    Thanks again and kind regards

    rehan

Reply
  • 0 in reply to QC

    Hi Christian

    Thanks for your answer.  I can set firewall policies for MAC OS on Sophos Mobile which I think enforces the policies to the native firewalls on MAC. Am I correct in assuming this? 

    Can the MAC OS native firewalls be monitored and enforced using Sophos Mobile ?

     

    Thanks again and kind regards

    rehan

Children
  • 0 in reply to rehan tahir

    Hi  

    Yes, it is possible to configure the inbuilt application firewall of your Mac device from Sophos Mobile. You will need to go to Profiles and Policies > macOS > Device Policy > Add Configuration > Firewall. For more clarity on the settings available for configuring the firewall settings, please visit the following link: https://docs.sophos.com/central/Mobile/help/en-us/esg/Sophos-Mobile/references/ConfigurationFirewallMacOSD.html

  • 0 in reply to Yashraj S

    thanks Yashraj - have a good day

  • 0 in reply to Yashraj S

    Hi

    I have enabled the firewall natively in MAC by going to System Preferences -> Security & Privacy ( and also disabled all incoming connections). However in the "Device properties" under "Devices", UI in the Sopho Moblie UI, "FirewallEnabled" property is set to "0" instead of "1". 

    Please let me know why is there a discrepancy on the status of the firewall as being reported under Sophos Mobile

    Thanks and kind regards

    rehan

  • 0 in reply to rehan tahir

    Hi  

    I tried to reproduce the issue with my account and Mac device. In my test policy for my Mac device (I named it "Test Mac OS Device Policy"), I have disabled the firewall and allowed Sophos Kernel extensions. Checking the device properties on Sophos Central, I can see that the firewall has been disabled. 

    I went on to the device and noticed that even after unlocking the settings for the firewall, I cannot enable it natively and is grayed out. The policy which I received shows that the firewall option is set to disable. This means that once the policy is received on the device and is implemented, settings cannot be changed by the user natively.

    Now, when you manually enabled the firewall on your device before Sophos Mobile could do it for you, it might have left it in a broken state. Sophos Mobile tried to enable it for you but it was already enabled and hence the command could not be successfully executed on the device. This might be a reason why it still shows the outdated information in device properties.