Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 589 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How / is the built-in 'Support Access' function protected to ensure no-one but Sophos can access?

ptho

Hi All,

I understand that turning Support Access on allows Sophos to connect in for support-related works etc., but is this functionality secured so that only Sophos can make use of this access by way of only accepting connections from known Sophos Support IP addresses, etc.?

Many Thanks



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to Sophos Community.

    Enabling 'Support Access' does not allow WebAdmin access publicly. Only Sophos Support team can access the WebAdmin console(GUI) and shell of the Sophos Firewall device.

    Click here to know more information on 'Support access'.

Reply
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to Sophos Community.

    Enabling 'Support Access' does not allow WebAdmin access publicly. Only Sophos Support team can access the WebAdmin console(GUI) and shell of the Sophos Firewall device.

    Click here to know more information on 'Support access'.

Children
  • 0 in reply to FormerMember

    Thanks Yash. I'm aware that this function is a service available exclusively to Sophos, but I'm interested in understanding how the instance is secured, as there does not seem to be any information out there that explains the process.

    For instance, if a nefarious party knew the IP of the appliance, and was able to convince the XG's owner that they were Sophos and obtain the AccessID from the XG's owner, what stops them from connecting to the appliance - or how does the XG know that a genuine request is being made from Sophos?

  • 0 in reply to ptho

    And what about publishing the exact knowledge about how Support Access is secured? I would consider publishing this as a huge security risk.

  • 0 in reply to Peter-Paul Gras

    Thanks Peter. Fully appreciate this. Not looking for any specifics, just an explanation what secures it - do the engineers use MFA etc., how do we know as users of the XG that only Sophos personnel have access to this functionality.

    For context, I've been asked to provide an explanation to a security partner of what services are externally accessible on the Firewall, and should we ever turn this on, it would qualify as being 'available' externally, i.e. via the ports referred to in the documentation linked to by Yash. Therefore, I need to justify it's use, and we have ensure it is secure.