...
Info |
---|
CyberCNS can evaluate the security policy of your Sophos Firewall and flag any potential shortcomings. You can initiate a Firewall Scan from the Integrations menu. |
Navigate to Integrations
In the CyberCNS portal, navigate to Global Settings(⚙) > Integrations and choose Sophos from the integrations listed.
Next, you will add credentials for your Sophos firewall.
...
Sophos XG
Enter Credentials
Info |
---|
|
3. Enter Name: Choose a name of your choice for the credentials to be added.
...
5. In the screen depicted below, grant the API permission to the probe IP address.
...
Add the probe machine IP under the API section and click on Apply.
...
6. Enter Port Number: Enter the web API port number for the credentials to be added. Currently, use port 4444.
...
10. Select Probe/Agent: Select a Probe/Agent of the selected company to be used for the scan. If no agent is installed for the company, an external scan agent can be used to initiate firewall scans from the CyberCNS Server (e.g abc.mycybercns.com). API Key field is not required for Sophos XG.
...
11. Once all the data have been entered, click Save.
Note that multiple credentials can be added by using the '+' sign. Each set of credentials can be attached to a company and then to an agent under that company.
...
Sophos UTM
Enter Credentials
Info |
---|
Before adding the Hostname/ IP address please make sure that the probe IP has API permission. |
Enter Name: Choose a name of your choice for the credentials to be added.
Enter Hostname/IP Address: Enter a hostname/IP address for the credentials to be added.
Enter Port Number: Enter the web API port number for the credentials to be added. Preferably use port 4444.
Enter Username: Enter the username used to log in to the Sophos UTM Firewall. It is recommended that you define a special username to be used exclusively for these scans so that they can be identified in the firewall’s logs.
Enter Password: Enter the password used to log in to the Sophos UTM Firewall.
Enter the API Key.
...
How to fetch the API Key required for Sophos UTM?
Select the WebAdmin Settings and click on New API Token.
Click on the icon as depicted in the below image to drag and drop the user in that section. When the user is added (Preferably the admin user), click on Save.
Once the user is added, API Key will be generated. Use this API Key in the Sophos Integration.
...
Select an associated company: Select an existing company in order to add the firewall as an asset under that company.
Select Probe/Agent: Select a Probe/Agent of the selected company to be used for the scan. If no agent is installed for the company, an external scan agent ( which is a default agent available for all companies) can be used to initiate firewall scans from your CyberCNS instance (e.g abc.mycybercns.com).
...
Once all the data have been entered, click Save.
Note that multiple credentials can be added by using the '+' sign. Each set of credentials can be attached to a company and then to an agent under that company.
...
Sophos XG Firewall Scan
Info |
---|
After the credentials have been successfully added to the company, the Firewalls tab will be added to the Main Menu. |
...
The scan results can be downloaded as a report in the Microsoft Word .docx format by clicking Download Report.
...
Sophos UTM Firewall Scan
Info |
---|
After the credentials have been successfully added to the company, the Firewalls tab will be added to the Main Menu. |
In the Firewalls section, click Firewall Scan to initiate a scan of all the configured firewalls.
...
- When the scan is completed, details of Sophos UTM, Groups, Rules, Interfaces and Networks are populated for the Sophos UTM Firewall.
...
Completed firewall scans are listed with timestamps as shown below. To view the results of a scan, click the scan in the list.
The scan results can be downloaded as a report in the Microsoft Word .docx format by clicking Download Report.
...
This completes the documentation of the Sophos XG and Sophos UTM Firewall Scan.