We are pleased to announce that a new Up2Date package is available for Sophos UTM.
This update introduces new features for Mobile Protection that will allow integration with Sophos Mobile Control. This will simplify configuration of mobile features as well as enforce policies in order to always stay secure.
Please read on to see the full details of this release.
You may have seen the recent Sophos blog posts about the OpenSSL vulnerability. For more information on patches to address this issue, including soft release dates, read the knowledgebase article. We will announce the GA of these patches via the Up2Date blog as usual.
Sophos UTM 9.202
- Mobile Protection feature release
- Push VPN and Wifi configurations to Sophos Mobile Control
- Disable VPN and Wifi for non-compliant mobile devices
- OTP: allow to define bigger windows of time difference to better support hardware tokens
- System will be rebooted
- Configuration will be upgraded
- Connected Wifi APs will perform firmware upgrade
- Connected RED devices will perform firmware upgrade
- Fix for #31374 can cause issue if using client authentication with more than 170 groups referenced in rules
- 24445 Windows Live-ID Sign In assistant breaks Kerberos authentication
- 24855 Hungarian keyboard layout get lost when starting a HTML5VPN RDP session
- 30127 [BETA] Strict TCP session handling
- 30502 Rev. Auth.: session management with multiple profiles
- 30522 [BETA] Tunnel broker Hurricane Electric broken
- 30736 [BETA] AD SSO Transparent mode conflicts with WAF
- 30792 [BETA] DLP: Incorrect DLP behaviour when no routing domains are configured
- 31077 increase window of allowed OTP tokencodes for the very first authentication
- 31078 implement option for manual and automatic sync of time drift of hardware OTP tokens to UTM
- 31100 Import of Filter Exceptions from UTM to SUM fails
- 31118 httpproxy ‘srcip’ debugging does not contain all auth_transparent.c debug entries [9.2]
- 31121 DHCP mapping comments gets lost by upgrading to 9.100 [9.2]
- 31173 SSL VPN Client crashes on 64 Bit Machines
- 31175 Redirect with port number on backend leads to invalid Location header on frontend [9.2]
- 31236 ‘Force caching for Sophos Endpoint updates’ still doesn’t work correctly everytime
- 31238 mod_proxy_msrpc: segmentation fault on backend connection access [9.2]
- 31374 Correctly account Confd ipsets consumed by user and group networks
- 31386 Regression: Wrong AD SSO backend group matching since 9.200
- 31508 [UBB] DynDNS: Wrong update URL for namecheap.com
- 31527 [CVE-2014-2891] DoS vulnerability in strongSwan
- 31541 “Web Protection Manager” role is missing necessary rights
- 31627 REDs without connection to the provisioning server can’t install the new firmware after up2date to 9.2
While you do not need to manually download Up2Date packages (they will automatically download and prepare themselves for you to install), for manual application of Up2Dates or for UTM installations without Internet connections, you can retrieve them using the link below.
Sophos Up2Date technology makes it easy to upgrade your Sophos UTM to the latest version.
There are two ways to apply an already-downloaded Up2Date package to the system:
- Log on to WebAdmin, navigate to Management >> Up2Date >> Overview and use Update to latest version now to install the Firmware Up2Date. Click on the “Watch Up2Date Progress in new window” and an extra browser window will show the progress of the Up2Date installation. (The System administrator will receive a notification email once the Up2Date process has finished.)
- Download the Up2Date package from our HTTP or FTP Server and install it under Management >> Up2Date >> Advanced:
|Sophos UTM Up2Date FTP Mirrors:|
- If you want to provide feedback or want to discuss any of the UTM V9 features you should post it on our User Bulletin Board. Please indicate the version you are using to help us (and everyone helping you).
- If you have any feedback on our help, manual, or any documentation (Online Help) please send it to email@example.com.
- You are free to use our new demo server environment without hassle, nags, or registration. Enjoy!
Senior Product Manager