Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Replies 170 replies
  • Subscribers 33 subscribers
  • Views 26226 views
  • Users 0 members are here
Options
Suggested

Restricted Advance Shell - examples of challenges

PMParth

Hi Community contributors,

Starting Sophos Firewall v19, with the addition of many comprehensive logging enhancements in the GUI, and in-line with industry best-practices, access to the Advance Shell is restricted to licensed commercial versions of the product.

Partners and certified architect engineers have an option with Not-for-Resale license to set up labs or customer PoC with unrestricted advanced shell. Also, Sophos Support is able access the Advanced Shell via support access channel. Hence, in case of critical issues, support can still can access it.

Sophos Firewall has been incrementally improved since v18 with comprehensive logging enhancements in the GUI (Better search, filtering, configurations, SD-WAN logs, VPN logs, gateway logs etc). However, we acknowledge that Advance Shell restriction might have created challenges in certain database related configurations, especially for home users.

Please help us understand the specific examples of challenges you face due to this restriction - configurations where GUI and console tools are reaching the limits. We will suggest the possible workaround for the specific scenario. We will also plan and gradually improve the product for those scenario.

Sincerely,

Sophos Firewall Product Team

Parents
  • 0

    Hi Community contributors,

    We are going through each example that you have highlighted due to this change (WAF logs, WAF file size limit, SMTP log, IPSec VPN debug, top/ iftop commands, etc).

    Thank you for your feedback. Please continue sharing if you have more such points.

    There is no no commercial or sales reasoning behind this change. Your feedback has been very helpful and we will consider improving those points in the future.

    Sincerely,

    Sophos Firewall Product Team

  • 0 in reply to PMParth

    Hi All,

    Related to what Parth has mentioned above - I'd like to also announce that the Community Team is planning to provide free Sophos XG hardware and software licenses to our top Sophos XG Firewall group contributors as part of an ongoing revamp of our Sophos Community Member Recognition program.

    Please stay tuned to our Community blog for further details of this announcement.

    Florentino
    Director, Global Community & Digital Support
    Are you a Sophos Partner? | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the 'Verify Answer' button.
    The Award-winning Home of Sophos Support Videos! - Visit Sophos Techvids
  • 0 in reply to FloSupport

    Hi Flo,

    thank you. I have been using my XG115W on and off since it arrived. Currently has an active support case. I am finding the XG115W is a little e underpowered for my use, so on my experience I would suggest a slightly more powerful box that an XG115W.

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to FloSupport

    Odd that I advised Sophos to gift XG to best users (2016) and it did not happen until now; odd to see that TABs are back again, while in v15 and v16, I advised Sophos to bring TABs back and make sure the UI is close to UTM as, this was one of the success to UTM fame. Odds to see other things happening with a huge delay! Hurry up guys! You have good ideas on slow legs.  start thinking to change the platform! You are using agile model and changes should be out no more than 30 days and this is not happening; small changes require time of development, so where is the agile model? Community and business users are still waiting for basic features and they have been promised since v15 and still today Flow monitor like UTM is missing, useful logging is still via shell, Control Center is still using fixed resolution, we are not able to change the native vlan ID on physical NIC, NAT cloning rules is missing....I can go ahead until tomorrow with the list. Such things are missing since v15 (release date was August 2015) and you are focusing on disabling CLI access to home users? Nothing against with that, but believe me, you should concentrate efforts elsewhere, on a platform that is dynamic enough to accept fast changes. I am disappointed, as a home user, but I am very disappointed as Computer Engineering person, as I see your lacks but you towards changes you should take.

    For the community: I did not receive any XG gift from Sophos!

  • 0 in reply to lferrara

    In fact, for how the way of XG/UTM of Sohos is evolving... better to remove more pebbles to remove from the shoes?Grimacing

Reply Children
No Data
Cookie Information Banner