This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Assistant - Feedback and Experiences

Hello Community,

The team working the Sophos Assistant (whatfix) would like to know your experience with the Sophos Assistant tool.

  • Have you use it?
  • Were you aware of it?
  • What flow have you tried?
  • What flow would you like to see?
  • What changes/improvements would you make?
  • Anything you would like to report (Flow no working, flow stop working, flow no intituive) 

The Sophos Assitant was launched in Sophos Firewall 18.5 MR2, this new tool was created to provide interactive guides (flows) on configuring modules (simple and complex). 

Some of the current and most popular flows are:

  • DNAT and Firewall Rules for Internal Web Server
  • Remote Access SSL VPN
  • site-to-site IPsec VPN

Understanding the icons in the Sophos Assistant

You'll encounter three different icons in the Sophos Assistant.

Icon Description

Group of configuration flows
Click it to expand its content

 Configuration flow
 External link (mainly to online documentation)



This thread was automatically locked due to age.

Top Replies

  • I have never used it because my opinion is such 3rd Party data collections directly on the user front end must not be in a security product. As it tracks many things you do while doing your job on the firewall, I find it most suspicious. Especially when you notice, it sends data to non-Sophos URL - here whatfix and usersnap.

    When ou launched it, it was just there, no information about it, nothing could be adjusted nor could it be disabled.

    So one of the first things was to block it on our firewalls.

    Now with some of the later versions, it can be disabled but I do not trust it. As written, I don't want hard coded 3rd party integrations in a firewall. Sophos now sometimes communicates to do your feature requests with that widget to some anonymous data bucket. Hm, no.

    One of the older threads about it.

    community.sophos.com/.../xg-is-contacting-whatfix-com-when-i-change-firewall-rules

    Jump to answer
Parents
  • Hi,

    I have never used the Assistant, so I cannot comment on its functionality or use. What I can comment on is its annoying presence in the DUI windows. Secondly it does not appear to be part of the back/restore process. I rebuilt my XG115W, performed a restore only to find the Assistant was still functional, it was enabled in the backup.

    There appears to have been considerable effort put into developing what appears to be security risk to your XG/S installation. The development effort would have been more value in building IPv6 functionality or fixing the failure to automatically renew IP addressing after a wan link failure, but marketing obviously had a big say in the development of the Assistant that adds nothing to the security functionality of the XG/S.

    My 10c worth.

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • Ian i would disagree about this one. What do you mean by security risk? Do you see whatfix (external partner) as a vulnerable vendor? Can you backup this theory? 

    And this external integration is something, which is not provided or maintained by the firewall development team. So it actually did not extract development effort what so ever. 

    __________________________________________________________________________________________________________________

  • LuCar,

    you are allowing an external third party source which you have no control over their security policies access to your Network security device, doesn't sound to secure to me. 

    If the firewall development team were not involved how was the functionality imported and QA tested in the XG? Sort of leaves the Dev team support not having a full underetasting of the security risks involved and how to investigate any issues arising?

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • LuCar,

    you are allowing an external third party source which you have no control over their security policies access to your Network security device, doesn't sound to secure to me. 

    If the firewall development team were not involved how was the functionality imported and QA tested in the XG? Sort of leaves the Dev team support not having a full underetasting of the security risks involved and how to investigate any issues arising?

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

Children