Support-Portal

SFOS 18 MR5

Beschreibung

Neuerungen in SFOS 18 MR 5

VPN-Verbesserungen

  • um 50% erhöhte Kapazität für gleichzeitige IPsec-VPN-Tunnel
  • Port 443-Sharing zwischen SSL VPN und Web Appliaction Firewall (WAF)
  • IPsec-Provisionierungsdatei-Support für Fernzugriff via Sophos Connect v2.1

SD-WAN

  • Integration mit Azure Virtual WAN für ein komplettes SD-WAN Overlay Network

Authentifizierung

  • Verbesserungen des Formulars zum Erstellen von Certificate Signing Rechests (CSR) und Zertifikaten
  • Verbessserte Sicherheit für private Schlüssel
  • Upload/Download-Support für Zertifikate im PEM-Format
  • Verbesserter Workflow für das Zertifikatsmanagement

Synchronized Security

  • Verbesserte Registrierung und Deregistrierung in High-Availability (HA) Installationen
  • Verbesserungen zum Reduzieren der Meldungen bei fehlendem Heartbeat für geplante / zu erwartende Änderungen im Endpoint Status

Sophos Central Firewall Reporting

  • Neuer Cloud Application (CASB) Report
  • MSP Flex Pricing für MSP Partner

Bemerkungen

Betroffene Produktgruppen

Bugfixes

  • NC-65239: Authentication SATC users not authenticated sporadically.
  • NC-62902: Authentication, Backup-restore Unable to upload backup from 17.5 MR12 to 17.5 MR14.
  • NC-66124: Bridge VLAN of bridge interface doesn't follow the ZoneID for device access.
  • NC-68732: Central management XG86W_AM01 firewalls are unable to apply configurations received from Sophos Central.
  • NC-69835: Central management Unable to import configuration from XG86W.
  • NC-69683: CROS to SFOS migration Migration issues from CR to XG Firewall.
  • NC-60180: CSC Overrides the specified schedule after failover in active-passive.
  • NC-67759: Diagnostics System graph: In Japanese language, memory usage for one month shows one week in the heading.
  • NC-67605: Email Unable to turn on DKIM verification.
  • NC-65346: Email Unable to see DKIM verification emails on the quarantine page in user portal even with the default setting.
  • NC-63436: Email Legacy mode: Unable to delete spam check exception.
  • NC-51915: Email Selecting a certificate isn't mandatory in notification settings even when SSL/TLS is selected.
  • NC-66977: Firewall Couldn't unload SIP helper in HA mode.
  • NC-64917: Firewall Firewall restarts with bridge deployment in HA mode.
  • NC-64820: Firewall Awarrenhttp proxy blocks inbound connections on port 443.
  • NC-63772: Firewall Policy test for firewall rule doesn't show correct results.
  • NC-63612: Firewall Firewall restarts when load balancing DNAT traffic with an FQDN (dynamic IP addresses).
  • NC-67274: HA Unable to disable HA when there's an SSL/TLS rule specifying source and destination zones.
  • NC-66978: HA HA page doesn't respond after turning on QuickHA.
  • NC-53059: HA HA active-active load balancing interrupts remote printing.
  • NC-66682: IPS engine After migration from version 17.5 to 18.0, IPS Logs for WAF show the LAN interface IP address as the source IP address instead of the public IP address.
  • NC-55213: IPsec IPsec tunnel up or down: Several email notifications are sent when the connection is terminated.
  • NC-64309: Network utilities When ping is set to IPv6, it switches to IPv4 on the web admin console, but IPv6 interfaces are shown.
  • NC-59619: Policy routing Unable to create policy route when Name has an apostrophe (').
  • NC-69693: RED All RED 50 devices disconnect repeatedly.
  • NC-68724: RED Changing the configuration on a RED interface disconnects all RED interfaces.
  • NC-63136: RED Configuration change on one RED tunnel causes all other RED tunnels to reset.
  • NC-64045: RED If RED is configured, the firewall must not allow transparent-split or 3G failover configuration.
  • NC-64010: RED Confirmation message states beta firmware instead of unified firmware.
  • NC-63179: RED RED interfaces show they are connected to an incorrect IP address.
  • NC-70742: Reporting In HA, the newly active XG Firewall device couldn't update information on Sophos Central after changing from passive to active device.
  • NC-66437: Reporting No user reporting statistics after firmware upgrade.
  • NC-66024: Reporting Blocked web report doesn't appear for October 2020.
  • NC-65522: Reporting Time filter shows blank or inaccurrate output in log viewer.
  • NC-60391: Reporting Custom logo stretches in executive reports from the 2nd page onwards.
  • NC-65148: SNMP SNMP shows incorrect license details.
  • NC-64908: SSL VPN SSL VPN disconnects, but status shows it's connected.
  • NC-64773: SSLVPN Packet loss and latency occur on SSL VPN when the tunnel connects or disconnects in version 18.0 MR3.
  • NC-67364: Static routing Country blocking through firewall rule doesn't work.
  • NC-67178: Static routing Country blocking rule blocks URLs.
  • NC-62682: Static routing Netherlands appears in two country groups.
  • NC-62259: Synchronized Application Control SAC menu doesn't load.
  • NC-67365: UI framework Administrator user is unable to sign in to the user portal when the login disclaimer is on in version 18.5 MR4.
  • NC-64984: UI framework Page load issue when refreshing the packet capture page with wrap buffer on.
  • NC-64758: UI framework Users are signed out of the user portal when they click Install under Configuration for IPsec VPN client for Apple iOS.
  • NC-60856: UI framework False positive reported in third-party scan.
  • NC-57742: WAF Incorrect WAF rule ID resolution in syslog.log.
  • NC-63996: WebInSnort Delay in connecting to an SSL/TLS-protected FTP server.
  • NC-66028: WWAN USB doesn't connect after an upgrade from version 17.5 MR12 to 17.5 MR14 or 18.0.
  • NRF-447: RED Unable to connect RED 20 to XG Firewall.
  • NAF-33: Firmware All SSIDs disappear from the AP, and all connected clients disconnnect.
  • NAF-19: Firmware Multiple SSIDs fo AP15 stop broadcasting.