Sophos Utm 9.7

Posted on  by



Sophos UTM: UTM 9.7 beta released Martin 0 Comments Sophos has released UTM 9.7 as beta, it is a very small “new” UTM version, with a small number of features, sadly, but their focus is on XG now, and UTM is moving towards EOL, it is not announced yet. Sophos provide a USB installation option called the Smart Installer for UTM hardware appliances, but this is a special USB drive that emulates a CD, essentially working around the issue. This article steps you through the process of preparing and creating your own Sophos UTM bootable USB installation drive.

  1. Sophos Utm 9.7 Pro
  2. Sophos Utm 9.705-3
  3. Sophos Utm 9.703
  4. Sophos Utm 9.7 Free

Sophos has, after a very short EAP (Beta), released 9.7 as GA, this is what it contains and here it how to download it – it will be rolled out in phases:

  • In phase 1 you can download the update package from the download area.
  • In phase 2 we will make it available via our Up2Date servers in several stages.
  • In phase 3 we will make it available via our Up2Date servers to all remaining installations.
  • Support for new APX Access Points
    In addition to the legacy AP series access points, UTM 9.7 brings support for the newer Wave 2 APX series access points which can now also be added and managed with UTM 9. This includes support for APX 120, APX 320, APX 530 and APX 740.
  • Certificate Chain support for WebAdmin and UserPortal
    Full certificate chains that are uploaded to UTM for use with WebAdmin and/or UserPortal will no longer be split but will be delivered in full when accessing WebAdmin and/or UserPortal and web browsers will no longer display warnings for these certificates.
  • Certificate Chain Support for WebProxy
    When using an intermediate certificate to sign HTTPS decryption certificates in WebProxy, WebProxy will now build and return a full certificate chain for the generated certificate to avoid browsers showing a warning when not explicitly trusting the intermediate certificate. The root certificate has to be available within the verification CAs.
  • New RED Site 2 Site Protocol
    RED Site 2 Site connections in UTM will now use the same protocol used within XG Firewall for RED Site 2 Site connections. This removes the need to specify legacy RED site 2 site connections in XG Firewall and provides enhancements to the RED site 2 site implementation in UTM.
  • Retirement of UTM Endpoint Management
    As announced with UTM 9.6, UTM endpoint management will be end of life by the end of this year. UTM 9.7 will no longer include the option for Endpoint Management for the UTM Managed Endpoints, Sophos SEC integration is still part of UTM 9.7.

9.7 EAP1 to 9.7 GA

News

  • Features Release
  • .
  • Support for new APX AccessPoints
  • Certificate Chain support for WebAdmin and UserPortal
  • Certificate Chain Support for WebProxy
  • New RED Site 2 Site Protocol
  • Retirement of UTM Endpoint Management

Remarks

  • System will be rebooted
  • Configuration will be upgraded
Sophos utm 9.7 install.tar not found

Bugfixes

  • NUTM-10485 [Email] POP3 E-Mail blocked message won’t be displayed properly in some MS Outlook versions
  • NUTM-11141 [Sandstorm] Add support for Sandstorm’s Frankfurt data centre
  • NUTM-11162 [WAF] Authentication through WAF with URL hardening enabled and umlaut in password fails
  • NUTM-11202 [Web] Conform to Apple’s new certificate requirements introduced in iOS13 and macOS10.15

9.6 MR5 to 9.7 GA

Sophos Utm 9.7

News

  • Features Release
  • .
  • Support for new APX AccessPoints
  • Certificate Chain support for WebAdmin and UserPortal
  • Certificate Chain Support for WebProxy
  • New RED Site 2 Site Protocol
  • Retirement of UTM Endpoint Management

Remarks

  • System will be rebooted
  • Configuration will be upgraded
  • Connected REDs will perform firmware upgrade
  • Connected Wifi APs will perform firmware upgrade

Bugfixes

  • NUTM-10804 [Access & Identity] strongSwan vulnerability fix (CVE-2010-2628, CVE-2018-17540)
  • NUTM-10485 [Email] POP3 E-Mail blocked message won’t be displayed properly in some MS Outlook versions
  • NUTM-10745 [Email] Quarantine mail older than 14 days are not getting removed
  • NUTM-10958 [Email] Quarantined SPX Mails which are released are still available on UTM
  • NUTM-10192 [RED] Patch OpenSSL (CVE-2018-0732)
  • NUTM-11141 [Sandstorm] Add support for Sandstorm’s Frankfurt data centre
  • NUTM-10454 [WAF] SAVI integration doesn’t support scanning files larger than 2GB
  • NUTM-10873 [WAF] Underscore in DNS-Hostname makes WAF unusable
  • NUTM-11162 [WAF] Authentication through WAF with URL hardening enabled and umlaut in password fails
  • NUTM-11202 [Web] Conform to Apple’s new certificate requirements introduced in iOS13 and macOS10.15
Sophos utm 9.7 install.tar not found

Download

While the release is in soft-release phase, you can find the Up2Date package at:

Sophos Utm 9.7

If you are already running 9.7 EAP1, please use the following package:

Related Posts

Sophos Utm 9.7 Pro

Beschreibung

Das ursprüngliche Release für Sophos UTM 9.03 wurde zurückgezogen und mit einem neuen Build (9.703-3) ersetzt, in dem die Verändeungen, die zu „NUTM-11173 [Basesystem] IPsec doesn’t re-connect on DHCP interface after firmware upgrade“ geführt haben, rückgängig gemacht wurden.

Die neue Version von Sophos UTM 9.703 ist über den Download Server verfügbar.

Sophos Utm 9.705-3

Es gibt zwei verfügbare Pakete: Download the firefox for mac.

Sophos Utm 9.703

  • Eines für Kunden, welche auf Firmwarestand UTM 9.702 sind (u2d-sys-9.702001-703003.tgz.gpg)
  • Eines für Kunden, die auf Firmwarestand UTM 9.703 geupdatet haben (u2d-sys-9.703002-703003.tgz.gpg)

Ms remote desktop for mac. Beide Updates werden über Up2Date verfügbar sein.

Bemerkungen

Sophos Utm 9.7 Free

  • Unterstützung für SD-RED 20 und SD-RED60 hinzugefügt
  • Das System wird neugestartet
  • Die Konfiguration wird geupdatet
  • Verbundene REDs führen ein Firmware-Update durch
  • Verbundene APs führen ein Firmware-Update durch

Bugfixes

  • NUTM-9381: [Access & Identity] WebAdmin user getting an error while browsing 'Sophos Transparent Authentication Status' tab
  • NUTM-11258: [Access & Identity] [SAA] Wrong version of SAA displayed in Windows with MSI installer<br />
  • NUTM-11578: [Access & Identity] Patch strongSwan (CVE-2019-10155)
  • NUTM-11589: [Access & Identity] [SAA] Add TLS 1.2 support for Windows client
  • NUTM-11590: [Access & Identity] [SAA] Add TLS 1.2 support for macOS client
  • NUTM-11675: [Access & Identity] Patch PPTP and L2TP pppd (CVE-2020-8597)
  • NUTM-11109: [Basesystem] Status lights blinking green constantly on SG 1xx and XG 1xx series
  • NUTM-11173: [Basesystem] IPsec doesn't re-connect on DHCP interface after firmware upgrade
  • NUTM-11255: [Basesystem] Fix 'Internet IPv6' binding in case of multiple IPv6 uplinks
  • NUTM-11417: [Basesystem] SG115rev3 HA eth3 interface flapping after update to 9.7
  • NUTM-11645: [Basesystem] Patch libxml2 (CVE-2019-19956, CVE-2020-7595)
  • NUTM-11561: [Configuration Management] Unable to load certificate list in WebAdmin when large number of certificates present
  • NUTM-10803: [Email] S/MIME signed mails have an invalid signature if 3rd party CA is used
  • NUTM-11240: [Email] Recipient verification fails due to incomplete LDAP search query
  • NUTM-11662: [Email] Bad request for release mails out of the quarantine report after update to 9.7 MR1
  • NUTM-11485: [Kernel] Patch Linux Kernel (CVE-2019-18198)
  • NUTM-11288: [Localization] AWS Current Stack link is incorrect
  • NUTM-11081: [Network] Up-link balancing not clearing conntracks when interface goes down
  • NUTM-11218: [Network] ulogd restarting/core-dumps
  • NUTM-11614: [Network] Increase GARP buffer
  • NUTM-11676: [Network] Patch pppd (CVE-2020-8597)
  • NUTM-11573: [RED] RED interface doesn't obtain IP after UTM reboot<br />
  • NUTM-11467: [RED_Firmware] RED15w WPA/WPA2 enterprise cannot connect
  • NUTM-11822: [RED_Firmware] RED15 firmware update might fail if flash has bad blocks
  • NUTM-11378: [Reporting] Top5 Malware won't be displayed in Executive Reports if those are sent as PDF
  • NUTM-11220: [Sandstorm] When opening Sandstorm activity which contains Korean characters for example, you get this error 'cannot decode string with wide characters at encode.pm line 174'
  • NUTM-10202: [UI Framework] [SAA] Live user table doesn't scale with very long names
  • NUTM-11084: [UI Framework] Webadmin Information popup not visible
  • NUTM-11191: [UI Framework] Can't download certificate in WebAdmin when name contains apostrophe
  • NUTM-11584: [UI Framework] Replace FTP Up2date download link in WebAdmin with HTTPs
  • NUTM-11598: [UI Framework] Internal Server Error alert thrown with initial Webadmin request after installation
  • NUTM-11725: [UI Framework] Update prototype
  • NUTM-11130: [Web] Add configuration for savi_scan_timeout
  • NUTM-11346: [Web] Warn page proceed fails due to missing parameters
  • NUTM-10269: [Wireless] SSID stops broadcasting
  • NUTM-11581: [Wireless] User with 'Wireless Protection Manager' rights is unable to change wireless settings if mesh is configured