This year, we’re revolutionizing the firewall, giving our award-winning SG Series appliances an all-new operating system that combines the best of both Sophos and Cyberoam technology.
The codename for this new firewall platform is Project Copernicus, and we’re excited to inform you that the beta phase is now underway. This is your invitation to take an early look at the new software and put it to the test.
To get a brief introduction to Project Copernicus and it’s many innovations, watch this short video (password: Copernicus2015!).
Of course, we don’t recommend updating production systems to beta firmware. But if you’re interested in exploring first-hand what Project Copernicus has to offer – and helping us continue to fine-tune it by providing your feedback – we would love to have you participate.
To get started, simply visit sophos.com/copernicusbeta to download the new Sophos Firewall OS for your SG Series, Intel hardware platform, or virtual environment of choice. Then head to the Sophos User Bulletin Board to find documentation and tips, and share your feedback.
Sarahgilbert
Excellent antivirus
xstacy-admin
This is pretty hard than I expected. I’m more knowledgeable on Sophos UTM configuration and know nothing about Cyberoam. I found out that some configuration in cyberoam is more complex than sophos like for example the blocking of websites. Sophos is more easier for me. Can someone leave an explanation how to block websites in this new Copernicus UTM? Everytime I block I will be redirected to Captive Portal, I want to be redirected to the default Block page of Sophos.
Anna Brading
Hi, Sorry to hear you’re having trouble. You can get assistance and share feedback on the forum here: https://ubb.sophos.com/beta-versions/project-copernicus-public-beta/ Thanks.
Anonymous
hi
Go to system – authentication – authentication service scroll down. captive portal setting is there just click on (no access denied message) it getting blocked msg
NOC-fp
WHAT IS THAT????
It seems you create an old Cyberoam firewall in a new design and not the best of Sophos UTM and Cyberoam. Everything is difficult to administrate. Keep it simple is in this version no longer an attribute for a Sophos created firewall. Please, really please change everything…..
Thanks
Anna Brading
Hi, Sorry to hear you didn’t like it. If you’re struggling with certain aspects then you may find assistance here: https://ubb.sophos.com/beta-versions/project-copernicus-public-beta/ You can also leave feedback on your experience at the same link. Thanks.
Anonymous
dont change the interface :( this one sucks!!!
Josh S
Our only concern is that we’ve all used the Copernicus BETA here, and we understand it’s in BETA but it hasn’t been a hit so far. Maybe it’s due to a learning curve, but it almost favors the cosmetic side of it opposed to the functionality, usability, and the actual admins using it. Hopefully that will change by official launch, but I know at this point we’re not on board with the upgrade.
Thanks,
Josh S.
Steven
Looks great so far. I am excited by the possibilities of merging the two platforms – Astaro and Cyberroam. Techs will always complain when an interface changes, but i don’t see how it is more difficult to use – just different.
Chris McCormack
Hey everyone, your feedback has been, and continues to be, very valuable in shaping the product. In fact, a lot of changes in Beta 2 have been the result of feedback from our valued partners and customers like yourselves. As Anna indicates, please head over to the forums to leave your feedback. The product management team is collecting/monitoring feedback closely: https://ubb.sophos.com/beta-versions/project-copernicus-public-beta/
Leif Everdin
How about finally implementing OpenVPN?
James
Whilst the interface is pretty, the web controls are very difficult to implement. If you want to create different policies for different groups of people then things get complicated. I don’t think a lot of customers are going to like this, unless this aspect is addressed. Web controls within the existing UTM are better, even if the interface is getting tired.
Chris McCormack
Hi James, thanks for your feedback. User-based web policies are actually simpler and more powerful in some ways than before. However, please leave some more specific feedback over at the forums as the product teams are monitoring and collecting it there and your feedback is very important.
https://ubb.sophos.com/beta-versions/project-copernicus-public-beta/
James
Chris, I would check with your own sales engineers that differ with your views. This is very difficult to work through, ive had many users experience with checkpoint, utm, websense and this is more difficult. Ive fed this back at all levels, happy to discuss on a call etc. I can offer no more.
Aquiles Marrero
How do we import UTM configurations into SF-OS?
Chris McCormack
Hi Aquiles, Sophos will be offering migration tools to migrate UTM 9 configurations over to SF-OS at some time following launch. We’ll announce the availability here on the blog when they become available.
Josh
So a quick question, When you reference intel platform does that mean my AMD chip is not support AT ALL?
Anonymous
Don’t let Cyberoam die. We don’t want to use Astaro / Sophos UTM-Interfaces.
mcolatosti
I’ve been a home user of Sophos for some time, and to be honest would never have given ait ny serious consideration for use in a corporate environment based on interface design, and more importantly performance and management/reporting capabilities.
Most choices in the new Copernicus beta are a substantial step in the right direction, interface is a dramatic improvement (but of course presents a small but steep learning curve). Reporting and dashboard views present a dramatic improvement, and decision to use zones and location of policy elements superior to previous designs and more inline with larger firewall industry players IMO. An area that I noticed that appears inferior is the log parsing/reviewing. Its very important for troubleshooting and other purposes to have rule/connection details in log views, basic things like source, destination, source/destination ports, policy triggered, etc. This standard data is just missing from the log views. In addition I’ve never understood why an aggregate view of all log types/sources cannot be provided in a more compact view with advanced multiple filtering options…this would be a powerful admin feature. But overall good work and mostly an improvement.
P.S. Can you put a DHCP reservation feature in the onboard DHCP server…trivial grievance but I suspect valuable for home and small office users!
Pravash
Hello,
Does the WAF module in SOPOS OS for cyberoam contains websocket support?
Anna Brading
Hi Pravash, Thanks for your comment. You can get an answer to your question over on the Sophos Community: http://community.sophos.com/
Pravash
Thanks Anna, but unfortunately websocket (ws and wss protocol) is not working with WAF till now as per the community discussion. I have a ticket opened with cyberoam support from last 6 months and they are not able to fix the issue. I have licence upgrade to be done in next few days and I am in a dilemma whether to go for cyberoam-sofhos or change the vendor.
Here are the community links where they are talking about websockets not working with WAF.
https://community.sophos.com/products/unified-threat-management/f/54/p/42187/148996#148996
https://community.sophos.com/products/unified-threat-management/f/57/t/50385
Anonymous
Any Updates??
Anna Brading
Hi, I’ve spoken to our product team and we currently do not offer websocket support in the WAF module. We are looking to add it in the future and will update here if/when that happens. Thanks.
Pravash
Thanks Anna!! Websocket is present and future, and if this is not supported then how do we say that sophos and cyberoam machines are future ready??
Pravash
Hello Anna,
We are having a cyberoam device and recently found out that third party certificates are not working with WAF as cyberoam is stripping off the intermediate certificates and cyberoam WAF is using obsolete cipher AES_128_CBC instead of AES_128_GCM. When I removed the WAF and allowed the request hit directly to my webserver everything worked, the certificate chain was complete and the ciphers were modern, Hence in order to check if this issue is taken care of in SFOF, migrated to 30 days trial and to my utter surprise, WAF in SFOS didnt work. So I involved cyberoam support and they even confirmed the same. There are tickets opened 994041, 999082, 866538. I have escalated to everyone and still I havent got any ETA. Can you please help here??
Anna Brading
Hi Pravash, Sorry to hear you are having trouble. I will talk to Support and see if i can get something sorted for you.