Software-update: Sophos Firewall OS 21.5 MR1

Sophos heeft een update uitgebracht van Firewall OS 21.5. Deze software wordt geleverd op fysieke hardware, in een software appliance voor VMware, Hyper-V, Xen en KVM, of via de cloudmarketplaces van AWS, Azure of Nutanix. Naast de betaalde varianten voor bedrijven biedt Sophos deze firewall voor thuisgebruik zonder kosten aan, zoals op deze pagina te lezen is. Voor de verschillende image- en updatebestanden kun je terecht op het MySophos-portaal. De lijst met veranderingen van deze uitgaven ziet er als volgt uit:

Sophos Firewall v21.5 MR1 brings the following enhancements:

• Supports OAuth 2.0 as an additional authentication method for email notifications. We recommend that you move to OAuth 2.0 for Gmail. Gmail may stop supporting password-based authentication very soon.
• Added localization support for scheduled reports. When an admin configures a scheduled report, the firewall now uses the customer’s preferred language (based on the language used to log in to the SFOS interface) for generating PDF reports.
• NDR Essentials Data Center - You can now select the data center region for NDR Essentials flow analysis for regional or data residency requirements. By default, the system will choose the lowest latency region.
• NDR Essentials Threat Score in Logs - The assigned threat score is now included in active threat response logs for enhanced visibility, reporting and analytics.
• Syslog now uses the configured firewall hostname in the device_name field, enabling clearer identification of logs across multiple devices. This helps XDR and Taegis admins differentiate data from different firewalls by device_name and also improves other syslog-based integrations.
• Secured High Availability - Removed automatic passphrase generation, allowing administrators to create stronger passphrases that meet complexity requirements. Added unique SSH host key verification to strengthen HA authentication and prevent man-in-the-middle attacks.
• Resizable table columns for many features, including Local ACL, Neighbours(ARP-NDR), IP tunnels, Gateways, DHCP, DNS, IPv6 Remote Access, Zone, WAN link manager, Network, and Routing tables. Column sizes are retained in the browser memory for the administrator's subsequent visits to the web admin console.
• Hotspot vouchers - Filter or Sort vouchers by creation date. View newly created vouchers appearing on the first page.
• Improved RFC compliance for SNMP MIB files to enhance compatibility with third-party SNMP tools. SNMPv1 complies with RFC 1157; SNMPv2 complies with RFCs 1901, 1905, and 1906; and SNMPv3 complies with RFCs 3411 to 3418.
• Data usage for live users is now shown using the standard unit formats (KB, MB, and GB) for enhanced usability.
• Import of groups from Active Directory and Microsoft Entra ID authentication servers will not turn on L2TP and PPTP by default. You can turn them on in the groups or the corresponding VPN configurations.
• Improved troubleshooting in HA - HA logs include the node name and the current role information.
• Early EoL notification for legacy RED site-to-site tunnels. These tunnels (Legacy Firewall RED server and client configurations) will not be supported in SFOS 22 and later versions. We recommend that you migrate to the supported RED site-to-site or VPN tunnels

Issues resolved:

• Overall v21.5 MR1 resolved 85+ important reliability, stability and security fixes.

Check out the v21.5 MR1 release notes for full details.