![]() Then UTM can be monitored and administered by the SUM server selected here. Once the connection between both systems is established, the connection status will turn green. UTM will now try to establish a connection to Sophos UTM Manager. Note – Please refer to the Sophos UTM Manager Administration Guide for detailed information. He can, for example, deploy objects (networks, hosts, VPNs) to UTM. Monitoring: If selected, UTM will be displayed on the Monitoring pages and the administrator can use all associated features.Ĭonfiguration: If selected, the administrator can use all features located in the Configuration menu. He can, for example, request reports from UTM. Reporting: If selected, the administrator can use all features located in the Reporting menu. He can, for example, view the inventory, create and restore backups, and schedule actions like firmware updates. The rights listed here correspond to the SUM Gateway Manager main menu and administrative options.Īdministration: If selected, the administrator can use all features located in the Maintenance and Management menus. On SUM, the administrator responsible for this UTM can only administer those areas of your UTM which are explicitly allowed to be administered here. Note that usage of the Up2Date cache functionality is mutually exclusive with using a parent proxy configuration for Up2Dates.ĭefine the rights of the SUM administrator. Please ensure that on your managing SUM server the Up2Date cache functionality is enabled accordingly. If you want to use this functionality for your gateway, select the option Use SUM server as Up2Date cache. Use SUM server as Up2Date cache (optional): Up2Date packages can be fetched from a cache located on the SUM server.Afterwards, you can upload a new certificate. Remove certificate: Select if you want to replace or remove the SUM certificate. You can download it from the SUM WebAdmin under Management > Sophos UTM Manager > Device Security. SUM server certificate: To ensure that the UTM establishes a connection to the correct SUM server, upload the SUM server certificate.Authentication (optional): Enter the same password (shared secret) as configured on the SUM server.If the SUM server requires authentication, activate authentication and make the following settings: How to add a definition is explained on the Definitions & Users > Network Definitions > Network Definitions page. Select or add the SUM server the UTM should connect to. The toggle switch turns amber and the SUM Settings area becomes editable. On the Sophos UTM Manager tab, enable SUM. To prepare Sophos UTM to be monitored by a SUM server, proceed as follows: Note – When using MSP licensing, disabling SUM, changing the SUM host, or modifying the rights of the SUM administrator can only be done by Sophos UTM Manager (SUM). On this tab, you can configure the connection of your Sophos UTM to one or two SUMs. Then backups and up2date installations are still allowed. If for example a Sophos UTM 9.2 connects with a SUM 4.1 it falls into legacy mode. Other Sophos UTM versions will appear in SUM as well and can be monitored. SUM 4.2 supports configuring Sophos UTM 9.2 only. You can connect several Sophos UTM appliances to a SUM where they centrally can be monitored, configured and maintained. It is highly recommended that you obtain training on Sophos Firewall prior to migration, so you are well prepared to administer this very critical component of your network infrastructure.Sophos UTM Manager (SUM) is the central management product of Sophos. The Sophos Migration Desk can be engaged from the Sophos Partner Portal or via If the Sophos Migration Desk deems the migration too complex, they will recommend Sophos Professional Services.Sophos also has a Migration Desk available to all Partners (and subsequently customers) free of charge who will help plan, execute, and verify migrations of your existing firewall or Sophos UTM to Sophos Firewall as well as XG to XGS hardware migrations. Sophos Professional Services engineers have the skills to help you make the transition quickly, efficiently, and without impacting business operations Alternatively, Sophos Professional Services is here to assist.A Sophos accredited partner should plan, execute and test this new installation for you.This is because you should use the opportunity to ensure this new installation is clean of any outdated rules, lists, etc. Sophos’ primary recommendation is a fresh installation which is then manually configured.
0 Comments
Leave a Reply. |