Is Sophos STAS available for SG UTM 9 or is this only applicable on the XG UTM

Greetings, I asked the following question today to Sophos tech support and found I was more confused after than before asking. I currently run SG330/UTM9 version 9.355-1, Transparent Mode web filter with Active Directory SSO enabled and Block access on auth.failure. Works perfectly fine.

I read STAS was available and thought perhaps there were additional features/functionality available, something beyond what I currently have at my disposal under the current config. I didn't gain much insight from reading the install guide, so I asked tech support what would I gain, and why would I install STAS given my current config and everything works great?

Tech support could only tell me, "well I asked the guy sitting next to me and we both agree, this should not be working as you've described it." Silence ensued, then I said thank you? All he finally said was have a nice day and hung up.

So, asking here, what would I gain by utilizing STAS given my current config? I don't have a lab available to download test etc. Thank you for any further information on the topic.

todd

Greetings, I asked the following question today to Sophos tech support and found I was more confused after than before asking. I currently run SG330/UTM9 version 9.355-1, Transparent Mode web filter with Active Directory SSO enabled and Block access on auth.failure. Works perfectly fine.

I read STAS was available and thought perhaps there were additional features/functionality available, something beyond what I currently have at my disposal under the current config. I didn't gain much insight from reading the install guide, so I asked tech support what would I gain, and why would I install STAS given my current config and everything works great?

Tech support could only tell me, "well I asked the guy sitting next to me and we both agree, this should not be working as you've described it." Silence ensued, then I said thank you? All he finally said was have a nice day and hung up.

So, asking here, what would I gain by utilizing STAS given my current config? I don't have a lab available to download test etc. Thank you for any further information on the topic.

todd

ToddCooper said:

So, asking here, what would I gain by utilizing STAS given my current config? I don't have a lab available to download test etc. Thank you for any further information on the topic.

Without STAS the only place where you can transparently authenticate users (SSO) with AD is Web Filtering module.

With STAS you can use user objects also in other modules, like in Firewall, QoS, Application control rules etc, which was not possible unless with installing Sophos Authenticator Agent (SAA) on the clients. This feature was ported from Cyberoam UTM, and was known as Layer 8 (user based) filtering.

vilic said:

ToddCooper

So, asking here, what would I gain by utilizing STAS given my current config? I don't have a lab available to download test etc. Thank you for any further information on the topic.

Without STAS the only place where you can transparently authenticate users (SSO) with AD is Web Filtering module.

With STAS you can use user objects also in other modules, like in Firewall, QoS, Application control rules etc, which was not possible unless with installing Sophos Authenticator Agent (SAA) on the clients. This feature was ported from Cyberoam UTM, and was known as Layer 8 (user based) filtering.