Transcription
Sophos XG Firewall v 15.01.0 – Release NotesSophos XG FirewallCommand ReferenceGuide v16.5For Sophos CustomersDocument Date: April 2017
Copyright NoticeCopyright 2016-2017 Sophos Limited. All rights reserved.Sophos is registered trademarks of Sophos Limited and Sophos Group. All otherproduct and company names mentioned are trademarks or registered trademarks oftheir respective owners.No part of this publication may be reproduced, stored in a retrieval system, ortransmitted, in any form or by any means, electronic, mechanical, photocopying,recording or otherwise unless you are either a valid licensee where thedocumentation can be reproduced in accordance with the license terms or youotherwise have the prior permission in writing of the copyright owner.
Sophos XG Firewall Contents iiContentsIntroduction. 7Flavors. 7Administrative Interfaces.7Administrative Access. 7Using Admin Console. 8Supported Browsers. 10Menus. 10Pages.11List Navigation Controls. 11Monitor and Analyze.11Control Center.11Current Activities.18Live Users. 18Live Connections. 19Live Connections IPv6. 21View Live Connection Details. 23IPsec Connections.27Remote Users. 27Diagnostics. 28Tools. 28System Graphs. 31URL Category Lookup. 37Packet Capture. 37Connection List.43Support Access.47System.48Profiles.48Schedule. 48Access Time.50Surfing Quotas. 53Network Traffic Quota. 56Network Address Translation. 60Device Access.61Hosts and Services.63IP Host. 64IP Host Group.65MAC Host.66FQDN Host. 67FQDN Host Group. 68Country Group. 68Services. 69Service Group. 70Administration.71
Sophos XG Firewall Contents iiiLicensing. 72Device Access.73Admin Settings.76Central Management. 79Time.80Notification Settings. 80SNMP. 82Netflow.84Messages. 84Certificates.84Certificates.84Certificate Authorities.87Certificate Revocation Lists. 88Backup & Firmware. 88Backup & Firmware. 89API.90Import Export.92Firmware. 93Pattern Updates. 95Configure.97Network. 97Interfaces. 97Zones. 126WAN Link Manager. 128DNS. 134DHCP. 139IPv6 Router Advertisement. 145Cellular WAN.149IP Tunnels. 151Neighbors (ARP-NDP). 153Dynamic DNS.156Authentication. 158Servers. 159Services. 168Groups. 176Users.180One-Time Password. 187Captive Portal.190Guest Users. 193Clientless Users.199Guest User Settings. 202Client Downloads.207STAS. 208VPN. 209IPsec Connections.210SSL VPN (Remote Access).232SSL VPN (Site to Site). 234CISCOTM VPN Client. 237L2TP (Remote Access).240Clientless Access. 244Bookmarks.245Bookmark Groups.246PPTP (Remote Access).246IPsec Profiles. 248
Sophos XG Firewall Contents ivSSL VPN.254L2TP.257Routing. 258Static Routing.258Policy Routing. 262Gateways. 264BGP. 265OSPF. 267Information.271Upstream Proxy. 284Multicast (PIM-SIM). 286RIP.288System Services. 291High Availability.292Traffic Shaping Settings. 299RED. 301Log Settings. 303Data Anonymization. 309Traffic Shaping.312Services. 316Protect. 318Firewall.318User / Network Rule.320Business Application Rule.332Intrusion Prevention.387DoS Attacks. 387IPS Policies. 388Custom IPS Signatures. 393DoS & Spoof Prevention.394Web.405Policies. 405User Activities. 408Categories.409URL Groups.411Exceptions. 411Protection.412Advanced.414File Types.415Surfing Quotas. 415User Notifications. 418Applications.418Application List. 418Application Filter. 419Traffic Shaping Default. 422Wireless. 423Wireless Client List. 423Wireless Networks. 424Access Point Overview.428Access Point Groups.434Mesh Networks. 435Hotspots.437Hotspot Voucher Definition.446Rogue AP Scan.447Settings. 449
Sophos XG Firewall Contents vHotspot Settings. 450Email. 452MTA Mode.453Legacy Mode. 480Web Server.507Web Servers. 508Protection Policies. 509Authentication Policies. 513Authentication Templates. 516SlowHTTP Protection. 517Advanced Threat.518Advanced Threat Protection. 518Security Heartbeat.519Sandstorm Activity. 521Sandstorm Settings.522Appendix A - Logs.522Log Viewer.523View List of System Events.524View List of Web Filter Events. 524View List of Application Filter Events. 525View List of Malware Events. 526View List of Email Events. 527View List of Firewall Events. 528View List of IPS Events.529View List of Authentication Events. 530View List of Admin Events.531View List of Web Server Protection (WAF) Events. 531View List of Advanced Threat Protection Events.532View List of Security Heartbeat Events.533Log ID Structure.534Log Type. 534Log Component. 535Log Subtype. 537Priority.538Common Fields for all Logs. 538System Logs.539Firewall Rule Logs. 548Module-specific Fields.549Web Filter Logs. 551Module-specific Fields.551Application Filte
Generation Firewalls/UTMs), virtual Sophos Firewall Manager (SFM) for centralized management, and Sophos iView software for centralized logging and reporting. Administrative Interfaces Device can be accessed and administered through: Admin Console: Admin Console is a web-based application that an Administrator can use to configure, monitor,
