Skip to content

UTM Up2Date 9.2 Released

I am pleased to inform you that after a extended beta-period and also many thousand of customers already working with the soft-release version, today we have released Sophos UTM 9.2 to our Up2Date servers.

This major update to our UTM line introduces exciting new features like Advanced Threat protection, a new and intuitive Web Policy Management, Two-Factor-Authentication to name only a few and offers increased performance in throughput and reporting. Read on for download information, release notes, and all the details…

Below is the download links for the Up2Date from UTM 9.111. Also, we have started the automatic availability of the update to our Up2Date infrastructure in stages so you will start seeing the update package during the next weeks on WebAdmin. For a list of all the new features and functionality, you can download the official UTM 9.2 Release Notes. If you have a Sophos UTM Smart Installer, the new UTM 9.1 version will show up as a possible download using the provisioning software very soon (if it hasn’t updated already).

Sophos UTM 9.2
Major Features

  • Web: New UI policy model
  • Mail: SPX encryption support
  • Mail: DLP support
  • Network: Botnet/C&C traffic detection and blocking
  • Network: Major IPS performance improvements
  • Authentication: Dual-factor authentication with OATH TOTP
  • WAF: Authentication support

Smaller Features

  • Web: AD SSO in transparent mode
  • Web: Warn action
  • Web: Transparent HTTPS filtering w/o full SSL scanning
  • Web: URL categorization override
  • Web: PUA blocking
  • Web: Enhanced log search
  • Web: Policy tester
  • Web/Endpoint: Web Control for SEC-managed endpoints
  • Endpoint: Proxy support for LiveConnect
  • Wifi: Hotspot: Fully customizable login page
  • Wifi: Hotspot: Fully customizable vouchers
  • Wifi: Hotspot: New hotspot type with authentication against UTM/Backends
  • RED: optional tunnel compression
  • RED: RED50: improve LCD output
  • RED: RED50: VLAN configuration for switch ports
  • WAF: Extended threat filtering
  • WAF: Fallback hosts
  • WAF: HTTP to HTTPS redirection
  • Network: Support more DynDNS providers


  • 17609 User Portal: whitelist is completely ignored if blacklist matches
  • 22646 Bridge: Use the MAC address of the converted interface instead of the smallest one
  • 23810 System & UTM Backups ignore backup limits
  • 23950 Wildcard Domains for SMTP Routing (Regression)
  • 24065 Regression from V8: Recipient Verification against AD not working with LDAP-SSL
  • 24127 Full NAT from internal network to external address dropped on bridge interface
  • 24331 [UBB][9.070] Mail Notification contain antivirus footer
  • 24358 Manual speed settings have no effect on HA link
  • 24652 Wireless: Client is listed on wrong AP in Webadmin “Wireless status”
  • 24739 cluster SMTP distribution not working
  • 25199 Kernel Oops when lowering MTU for USB netcard
  • 25476 Increase default WebAdmin logout time (for new installations)
  • 25676 [UBB][9.100] Executive Report – Wrong charts displayed on Apple Devices
  • 25952 Country blocking exception doesn’t work
  • 26130 DHCP mapping comments gets lost by upgrading to 9.100
  • 26225 Damaged graphic in the wireless reporting in French language
  • 26544 DNS host definitions with non-ascii chars and underscore cause dns-resolver to fail
  • 26640 Not possible to activate more than 62 virtual webserver
  • 27742 Standard mode in deployment helper incorrectly named
  • 28150 Sophos Authentication Agent does not work with MacOS X 10.6
  • 28201 User Portal webpage doesn’t get fully loaded while using Internet Explorer
  • 28383 SSL VPN disconnects when transferring large amounts of data
  • 28439 vpn site2site overwiev is missing ipsec respondOnly connections
  • 28866 Essential Firewall: Not possible to use HA reserved interface eth3
  • 29354 [Update Rule:] SSL VPN routes are not distributed correctly over OSPF
  • 29584 “Department Reports” in Web Sec Reporting does not work for host objects
  • 29843 [BETA] Changing AV Scanners cause memory spikes in http proxy
  • 30016 Mix SSL and WAF and SharePoint 2013 will no longer allow you to save files (file is opened write protected)
  • 30389 [BETA] http cache fills up partition
  • 30478 System & UTM Backups ignore backup limits [9.1]
  • 30509 Uploads via reverse proxy are limited to 128 MB when profile with ‘XSS Filter’ or ‘SQL Injection Filter’ enabled is in use [9.1]
  • 30940 Wireless: Some SSIDs are shown as HASH(…) in WebAdmin

While you do not need to manually download Up2Date packages (they will automatically download and prepare themselves for you to install in several stages during the following weeks), for manual application of Up2Dates or for UTM installations without Internet connections, you can retrieve them using the link below.

Download Link:
MD5 Sum: 9cad96896e5c4525f97043303a376ec5
Size:  ~244MB

Up2Date Installation: Sophos Up2Date technology makes it easy to upgrade your Sophos UTM to the latest version. There are two ways to apply an already-downloaded Up2Date package to the system:

1. Log on to WebAdmin, navigate to Management >> Up2Date >> Overview and use Update to latest version now to install the Firmware Up2Date. Click on the “Watch Up2Date Progress in new window” and an extra browser window will show the progress of the Up2Date installation. (The System administrator will receive a notification email once the Up2Date process has finished.)

2. Download the Up2Date package from our HTTP or FTP Server and install it under Management >> Up2Date >> Advanced:

Sophos UTM Up2Date FTP Mirrors:


  • If you want to provide feedback or want to discuss any of the UTM V9 features you should post it on our User Bulletin Board. Please indicate the version you are using to help us (and everyone helping you).
  • If you have any feedback on our help, manual, or any documentation (Online Help) please send it to
  • You are free to use our new demo server environment without hassle, nags, or registration. Enjoy!

Eric Bégoc
Senior Product Manager

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!