Sophos Utm 9.7
Configuration the Sophos UTM is easy in 12 steps. This perform basic setup for a computer in LAN go out internet through UTM.
Important Step noted:
During the last couple of month I was searching for a new hardware platform that could run Sophos UTM 9.7. I found a lot of smaller appliances but neither of them fitted my needs. This was the requirement for the new Sophos UTM hardware: Low power consumption (similar to the UTM and SG if possible) Low price; 4+ Gbit NICs; powerful processor. UTM 9.7 will no longer include the option for Endpoint Management for the UTM Managed Endpoints, Sophos SEC integration is still part of UTM 9.7. Today we’ve released UTM 9.702 The release will be rolled out in phases. In phase 1 you can download the update package from our download server, in phase 2 we will spread it via our Up2Date servers. Up2Date Information News Maintenance Release Remarks System will be rebooted Connected REDs will perform firmware upgrade Issues Resolved NUTM-11688 REDFirmware RED50 flash courruption fixes. How to install Sophos UTM 9.7 on Hyper-V.
Sophos Utm 9.7 Documentation
- Setup WAN interface and Default Gateway (step 6)
- Setup DNS forwarder (step 7)
- Setup Firewall Rule (step 8)
- Setup NAT Masquerading (step 9)
- Option for setup DHCP server
STEP 1: Go to Webadmin by default IP address:
Sophos UTM hardware default IP: https://192.168.0.1:4444
Sophos UTM Software default IP: https://192.168.2.100:4444
In this example: https://192.168.88.254:4444
See more in Sophos UTM Software/hardware Appliance Quick Start Guide
STEP 2: Enter Administrator Contact and Password
Click APPLY and waiting for some second
STEP 3: Go to again Webadmin with new certificate
You will be noticed the Certificate error, and Add Exception for this.
STEP 4: Login to Webadmin with new password
STEP 5: Cancel the Wizard
Click “Cancel” button in bottom of Wizard
You will see the dashboard of Sophos UTM
STEP 6: Add WAN Interface
Go to “Interfaces & Routing” -> “Interfaces” -> click “New Interface”
· Name: WAN
· Type: Ethernet
· Hardware: choose the hardware interface connect to Router/Modem of ISP
· IPv4 Default Gateway: Checked
Click “SAVE” and you will see the new interface which is disabled
Click enable button to enable the WAN Interface
STEP 7: Setup DNS
Add Google or Public DNS to DNS forwarders
STEP 8: Setup Firewall Rule
Go to Network Protection -> Firewall
Default No rule and all traffic is blocked.
Click New Rule Button
· Sources: Internal Network
· Services: ANY (or Some Services)
· Destinations: ANY
· Action: Allow
· Advanced: Log Traffic checked
Enable the new firewall Rule
STEP 9: NAT
Go to Network Protection -> NAT -> Masquerading
· Network: Internal (Network)
· Interface: WAN
· Use address: Primary address
Enable the new Masquerading Rule
STEP 10: Enable Advanced Threat Protection
Go to Network Protection -> Advanced Threat Protection -> Click Enable button (Grey to Green)
STEP 11: Enable Intrusion Prevention System
Go to Network Protection -> Intrusion Prevention -> Click Enable button (Grey button in the right).
Add the Internal (Network) to Local Network box -> Click Apply.
Enable Anti-Portscan
STEP 12: Check the Firewall Live Log
Go to Network Protection -> Firewall
Click “Open Live Log” button
Sophos Utm 9.7 Download
· Green line: traffic allow through firewall
· Red line: traffic deny through firewall
Option STEP: DHCP Server (if needed)
Go to Network Services -> DHCP -> Click “New DHCP Server” button.
Sophos Utm 9.703
· Interface: Internal
Sophos Utm 9.700-5
Done!