Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 3 subscribers
  • Views 955 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What access does the UTM need for Endpoint Protection to work?

scline
Hello, my current setup has the Sophos appliance on our edge performing all NAT/VPN connections for my home. We have several computers that use Endpoint Protection and I would like to place a Juniper SRX at my edge and move the Sophos to filter only web traffic. 

I know before you say leave it at front, I am creating some new rulesets that the Astaro does not appear to support (basing rules on packet TTL for example). I only have 1 public IP so this change will make the UTM behind a NAT, my question is what access from the internet is needed for Endpoint Protection to work with updates?

Does the UTM phone home to allow such clients to update? Or do the clients talk to the UTM directly for it.

Thanks in advance for clearing this up [:)]


This thread was automatically locked due to age.
  • 0
    The clients get their updates from the cloud (directly from Sophos), but there is some kind of reporting of status. I don't know if the report directly to UTM (which seems to make sense to me) or through the cloud.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

  • 0
    The clients talk directly to the cloud via http/s.  The utm polls the cloud for client status, etc. and also pushes commands to the cloud which are picked up by the clients when they poll the cloud.  If you aren't restricting access to http/s on your firewall, you shouldn't have to do anything else.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0
    I am creating some new rulesets that the Astaro does not appear to support (basing rules on packet TTL for example).

    That sounds like it would be a good topic for a thread in the Network Protection forum.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?