Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 644 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Assigning a firewall to the group in central will apply a default configuration to the firewall

Alban Khalfe

Hello All,

I am planning to add my all Sophos device to a group for managing them centrally for providing  internet access to employee. I don't want to add same rule on 3 firewall again and again i want to add them one time only.

My doubt are as follows

1.If i add 3 firewall to same group and create a new rule through manage policy option under the group setting will it get synced for all the firewalls.

2.Will adding 3 firewall in same group affect my current local firewall rules for all 3 firewall as they rules are created as per the business need for the particular region.

3 consider if i configure a rule on local firewall 1 will it affect the firewall 2 and 3 or its scope will be local.

4.Do all firewall must be on same OS version. and do all firewall must have same license i got 1 basic license and 2 firewall with Xstream bundle.



I found one article with respect to same but there is no clarity .It would be a great help for any suggestion to this doubts.

community.sophos.com/.../447396



This thread was automatically locked due to age.
Parents
  • +1

    1.) Yes, it will be pushed across that group and will be created under all the FWs in that group.

    2.) Adding multiple FW's to a group will allow us to manage in a better way and it will not affect the local firewall rules unless you create new rules from the cloud with a higher precedence.

    3.) We can create FW rules either to a single FW by logging onto it from the Central and it will be local to that FW alone. If you're creating FW rules to a GROUP in Central then it will affect all the FW's present in the group.

    4.) The firewalls should be on the same version if HA is enabled.
    =====================================================
    Additionally Notes
    > The local admin cannot modify any rules created from the Central.
    > The only setting that can be modified is the objects.
    > The rules can only be placed either at the top or bottom. Drag rule feature is not available in the Web-admin
    > Deregistering/Detaching the firewall from Sophos Central will remove all the FW rules created from Central.
    > There are no default CM rules available

    If a post solves your question please use the 'Verify Answer' button.

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

Reply
  • +1

    1.) Yes, it will be pushed across that group and will be created under all the FWs in that group.

    2.) Adding multiple FW's to a group will allow us to manage in a better way and it will not affect the local firewall rules unless you create new rules from the cloud with a higher precedence.

    3.) We can create FW rules either to a single FW by logging onto it from the Central and it will be local to that FW alone. If you're creating FW rules to a GROUP in Central then it will affect all the FW's present in the group.

    4.) The firewalls should be on the same version if HA is enabled.
    =====================================================
    Additionally Notes
    > The local admin cannot modify any rules created from the Central.
    > The only setting that can be modified is the objects.
    > The rules can only be placed either at the top or bottom. Drag rule feature is not available in the Web-admin
    > Deregistering/Detaching the firewall from Sophos Central will remove all the FW rules created from Central.
    > There are no default CM rules available

    If a post solves your question please use the 'Verify Answer' button.

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?