Site icon Sophos News

VPN enhancements in SFOS v19

sophos firewall

Sophos Firewall OS v19 includes several new innovations. In this article, we cover a variety of enhancements that have been made to VPN management and operation to help make orchestrating your SD-WAN overlay networks, site-to-site VPN tunnels, and remote-access VPN much easier.

Central VPN orchestration

Sophos Firewall OS v19 takes full advantage of the recently updated SD-WAN VPN orchestration capabilities in Sophos Central, which provide a quick and easy way to define complex overlay networks with just a few clicks:

  1. You simply select the firewalls you have under management that you wish to participate in the SD-WAN connection group
  2. Then select the network resources you wish every site to have access to
  3. With the flip of a switch, you watch your SD-WAN VPN overlay network come to life as all the necessary firewall access rules and tunnels are created for you automatically

Check out this quick video overview to see how easy it can be to create full mesh, hub-and-spoke, or anything in between – now with full tunnel redundancy and failover options:

On-box VPN management

If you’re managing your VPN overlay networks directly on your firewall, SFOS v19 makes it a lot more intuitive and easier as well.

Remote access and site-to-site VPN now have their own main menu entries, making it easier to find what you’re looking for.

Submenus have been added to IPsec, SSL, and LT2P tabs to provide quick access to settings, client downloads, and the log viewer.

IPsec policies have been renamed to profiles and have been moved to the System > Profiles area of the system but are hyperlinked from the IPsec configuration screen as shown for quick access.

SSL Remote Access now includes a new wizard assistant to greatly streamline and easily configure everything required for remote access.

Clientless polices, bookmarks, and bookmark groups have all been consolidated onto a single tab.

A new tab has been added for easy setup of Amazon Web Services VPC tunnels (which we will cover in the next article in this series).

Watch this video for a detailed look at all the user interface enhancements:

VPN operational enhancements in v19

Several additional enhancements have been made to VPN operations in Sophos Firewall OS v19:

VPN logging enhancements

A new log viewer module selection for VPN is available, making it easy to monitor and troubleshoot VPN connections for both remote access and site to site type tunnels using either IPsec or SSL.

Also, IPsec logging messages are enriched with more details for better understanding.

Other articles in this series

Xstream FastPath in SFOS v19

Xstream SD-WAN in SFOS v19

Exit mobile version