Sophos Central Updates fail behind SonicWall Firewall

Sophos Central AV client gets flagged as a trojan when downloading updates to each client by SonicWall’s Firewalls. Below I will share how to create an exclusion list in your SonicWall to allow this important traffic through the Gatway AV feature.

SophosHowto1

Create address objects for the following domains/sub-domains assigned to the WAN zone:

  1. *.sophos.com
  2. *.sophosupd.com
  3. *.sophosupd.net
  4. *.sophosxl.net
  5. ocsp2.globalsign.com
  6. crl.globalsign.com
  7. dci.sophosupd.com

Next create a group to house these address objects

SophosHowto2

Once that is complete you are ready to add this group to your Gateway Antivirus Exclusion list

SophosHowto3

Now that you have added this to the exclusion list your Sophos Central installs and update will run without error.

Advertisements