Hey Community, Certificates generated by Sophos Central are used by the Sophos Firewall to communicate with the Heartbeat function of the Endpoints. These certificates are set to have a default lifetime of two years. A fix is being implemented but some systems on older firmware may be affected. Without the certificate, the endpoint cannot sync it's heartbeat to the firewall and will show up in RED under the Security Heartbeat health status. Excerpt below is from this KB article which further outlines what to do . Who is affected Firewalls that haven’t been active in the last 30 days,Sophos will auto-renew the certificate Firewalls that have been active within the last 30 days need to check their firmware version to ensure a patch has been applied. The firmware versions below have the patch and no further action is required: Firewalls running v15 or below are not supported. Firewalls running v16 must have at least firmware version 16.05.8.320 Firewalls running v17 must have at least firmware version 17.0.0.80 Active firewalls without the correct version will trigger an alert that will advise them to look at this KBA . Best,

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[Sophos Advisory] Sophos Central Heartbeat Certificates expiring

Hey Community,

Certificates generated by Sophos Central are used by the Sophos Firewall to communicate with the Heartbeat function of the Endpoints. These certificates are set to have a default lifetime of two years. A fix is being implemented but some systems on older firmware may be affected. Without the certificate, the endpoint cannot sync it's heartbeat to the firewall and will show up in RED under the Security Heartbeat health status. Excerpt below is from this KB article which further outlines what to do.

Who is affected

Firewalls that haven’t been active in the last 30 days,Sophos will auto-renew the certificate
Firewalls that have been active within the last 30 days need to check their firmware version to ensure a patch has been applied.
The firmware versions below have the patch and no further action is required:

Firewalls running v15 or below are not supported.
Firewalls running v16 must have at least firmware version 16.05.8.320
Firewalls running v17 must have at least firmware version 17.0.0.80

Active firewalls without the correct version will trigger an alert that will advise them to look at this KBA.

Best,

This thread was automatically locked due to age.