Captcha on WAN - User portal

Hi All,

As an additional security measure, a Captcha has been added to the XG Firewall admin and user portals on the WAN and VPN zones. It is enabled for all devices running v17.x and v18.x, except for XG85/XG85w devices. Any Cyberoam device that has upgraded to the XG Firewall firmware will not implement Captcha.

If you are experiencing issues with the Captcha appearing on the admin or user portal on the WAN, please try restarting the tomcat service:

• service tomcat:restart -ds nosync

Hi All,

As an additional security measure, a Captcha has been added to the XG Firewall admin and user portals on the WAN and VPN zones. It is enabled for all devices running v17.x and v18.x, except for XG85/XG85w devices. Any Cyberoam device that has upgraded to the XG Firewall firmware will not implement Captcha.

If you are experiencing issues with the Captcha appearing on the admin or user portal on the WAN, please try restarting the tomcat service:

• service tomcat:restart -ds nosync

Hi Flo,

Adding the Captcha without any prior notification was a pretty dumb move.

Forcing password resets and pre-announcing this was a good move, but unfortunately this wasn't well tested. I've had to reset passwords for the second time on affected units and also on units that weren't affected.

Can you please give the development team a slap for implementing the Captcha without prior notification and for poor QA on the password reset logic? Thanks.

In fact, the 90% of this problem could be avoided if JUST XG would allow to RENAME the admin user to something else, as SG (UTM) does.

Sophos product managers don't seem to put in the place of their solutions from the end customer or partner point of view. They don't with Sophos Central, neihter with XG now. :-(

We work managing Central & Firewalls for 80-100 end customers and honestly, it was a pleasure with SG.. Now with XG and Central, Sophos is converting our business into a problem. Maybe Sophos is not suitable for our cibersecurity services anymore. They don't listen to their customers.

They are just patching their bad design with crappy patches that make life more and more difficult for end users and partners.

And that's only form the design point of view; If we talk about quality issues in the late times.. :-(

I want to see a firm reaction from Sophos management not to start looking at other vendors.

Hello Santiago,

Sophos product managers are people completely detached from the everyday reality of the work of a security administrator. I fully agree with your opinion that SG (UTM) is significantly more user friendy for the administrator.
For almost 5 years, we have been following the vain efforts of Sophos developers to develop a new modern firewall based on the Cyberoam kernel. What surprise is that even after 5 years, this huge effort does not bear the desired fruit?
Isn't it a coincidence that Sophos bet on a lame horse from the beginning? That he most likely had the Indian Cyberoam owner convince himself that Sophos would buy a Cyberoam OS to get a modern foundation for a modern firewall? After more than 5 years, I think it is clear to all of us that betting on this lame horse was a huge mistake.
Subsequently, we were convinced for two years how the new version of v18 will be a major turning point and what huge possibilities will it bring to all users and Sophos partners and the result?
Huge loss of credit across the security community with SQL injection vulnerability. The type of vulnerability of competing manufacturers in at least the last 5 or more years is completely unseen. What was the cause of this total lapsus? At the beginning of the v18 development, an in-depth safety analysis of the entire SFOS system was clearly not performed. As someone else has documented in another thread, problems with SQL injection Cyberoam OS implementation at least since 2014! So how do you want to build a modern firewall on leaky foundations when an attacker is able to send you an entire Linux script to the IP address or FQDN field? And you will find out after almost a month from a partner who reports to you that in the field for the management of firewalls managed by him, there is not an IP address entered there but a linux script?

What could be even more disgraceful for a firewall manufacturer?!?

Regards

alda

SSL VPN rollout with Sophos Connect 2.0 (EAP) stopped working after captchas were enforced.

also, I'm having trouble with some RestAPI scripts, but it is not yet confirmed could be consistent. 

EDIT: RestAPI over WAN still works with captchas.