Use the vSphere client to sign in to the VMware host server using its IP address, username, and password. Go to File and select Deploy OVF Template. Select the file sfvirtual and select Open. When the file path opens in the vSphere client, select Next. Sophos Central is the unified console for managing all your Sophos products. Sign into your account, take a tour, or start a trial from here. As an alternative to the hardware-based version of the Sophos Web Appliance, you can deploy appliances as virtual machines using VMware. These appliances can be grouped with other virtual appliances or with hardware-based appliances. Hey Guys #InfotechPrithviraj Sophos Registration link - https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C1Asignupsignin&clientid=5178.
- Sophos Antivirus For Windows 10
- Sophos Microsoft Problems
- Sophos Microsoft Updates
- Sophos Vmware Template
- Sophos Antivirus For Vmware Vshield
- Sophos Vmware Download
The Sophos XG is a next-generation firewall packed with enterprise-grade features. The team at Sophos have been kind enough to offer a FREE software version of this firewall for home users, which I have managed to install using VMware ESXi.
Having the ability to install the firewall onto an ESXi server meant I could provision multiple VM's on one machine and on the same network. Before setting the Sophos XG firewall up, I searched online to find guides on how to do this and to my surprise, I didn't find much, hence the reason for this post.
If your struggling to configure ESXi to work with the firewall or you just want some guidance then follow these steps to get your Sophos XG firewall up and running.
Example topology: The topology below is that of a small example network which will be referred to throughout this guide to help you set your firewall up.
Let me just explain this topology a little further....
- ISP router is at the edge of the network and is in modem only mode. You can keep it in routing mode but you may suffer from dropped connections, it is also suggested that you have WiFi off as you don't want your internal hosts bypassing the firewall.
- ESXi server will have x2 physical interfaces, one acting as the WAN interface and the other the LAN interface. The topology shows two virtual machines on the ESXi server, one being the XG and the other Server 2012 (optional). The red dotted line is referring to the interface on the XG that will connect to the ISP router whereas the green dotted line refers to the internal interface connecting to the access point. The vSwitches and NICs are explained in more detail later.
- The device named 'AP' is the internal router. This will be put into access point mode only and set with a static IP address and default gateway which will point to the internal interface of the Sophos XG.
Before we begin, let's make sure we have the right hardware and software.
Requirements:
- ISP Router
- Server with at least 500gb to 1TB storage and x2 NICs
- VMware ESXi software (Installed on your server)
- VMware vSphere software (Used to access ESXi and the VM's within)
- Additional router (This is used to connect your LAN clients)
Optional:
- VMware Workstation software (This is a paid software and is similar to vSphere however it does offer additional features)
- Server Operating System such as Server 2012 (Can be used to add devices to a domain and as a DHCP server)
Step 1: Installing and Configuring ESXi
- Install VMware ESXi onto your server. When the install has finished, you should be presented with a screen like the one below. Before we go any further, it is important that you have your server connected via ethernet to the same network as your LAN.
We will now configure ESXi with an IP address so that we can access it via vSphere/Workstation.
- Press F2 and you will and enter 'password' as the password and now that we have access we can change this by clicking on 'configure password'.
- When you have configured your password, click on 'configure management network'.
- Now click on 'Network Adapters' and make a note of the NIC that is being used for your LAN.
- Now click on 'IP Configuration' and assign your management interface IP address. It is recommended that you select the 'static' IP address option and assign an IP address that is not currently being used on your network.
You should now be able to access your ESXi server using vSphere, Workstation or both.
Step 2: Access ESXi via vSphere
- Open vSphere and connect to the ESXi server by inputting the IP address you have just assigned to the management interface in step 1 along with 'root' as the username and the password you previously set in step 1.
- Once you have successfully logged in, navigate to the tab 'Configuration' and select 'Networking' on the left-hand side. You should see that a 'vmnic' is already active for the management network, this will be used for the internal network i.e your LAN.
- Now create another vswitch and VMkernal for the external connection by clicking on 'Add Networking' in the top right-hand corner. First, we will select 'VMkernal' and select your second NIC. If you are unsure which one yours is then connect your ethernet cable from your second server port to the ISP router which should be in modem only mode. The interface should now be up.
- Click next and unless you wish to create VLANs press next again and enter another network IP address before getting to the summary.
- Now click on 'Add networking' again and this time select Virtual Machine and select the NIC you have just chosen in the last step. Follow the settings through and finish off, you should now have another vSwitch with a separate kernel and vmnic.
Step 3: Install Sophos XG
You can use vSphere for this, however, I would highly recommend using Workstation to do the following. (These instructions will now refer to VMware Workstation).
- Sign into your ESXi server just as you did on vSphere.
- On VMware Workstation click 'file' - 'new virtual machine' and select the server IP address as the target.
- Go through the settings you prefer in order to get to the summary section but do not finish.
- Click on 'Customise Settings' and add x2 network adapters and uncheck 'connect on power on'. You will also need to add the Sophos XG image to the virtual hard drive. Once this is done, finalise the settings and start the machine.
- Depending on the size of the drive you have provisioned, the install could take some time.
- When the install has finished you will be asked to remove the installation disk and press 'y' to reboot. Instead of pressing 'y' to reboot, power off the machine and remove the image file from the virtual disk.
- Power up the machine again and wait for it to load. Once loaded you should be presented with a screen similar to the one below once you have signed in. The default username and password is admin - admin.
- Now press '1' for Network Configuration so that we can change the default internal IP address given.
- Press '1' again for Interface Configuration and proceed to press enter twice to get to the configuration of the IPv4 Address. Note: Your WAN interface is set to DHCP automatically and should have an IP address assigned, if not reset your modem only ISP router and repeat the last step along with this one again so you can validate that you have an IP address assigned to the WAN interface.
- When asked if you want to set the IPv4 address for Port 1 (LAN), select 'y' and assign an IP address you have not yet assigned.
- You should now have access to the web-based GUI by typing into your browser: https://IP ADDRESS:4444
- Once you have gained access you will need to confirm your license and this requires an internet connection which you should have through your external interface.
Step 4: Change your Internal Router into an AP
- Before proceeding with the Sophos wizard you should be able to change your internal router into an AP. You will need to give your AP the default gateway of the Sophos internal facing interface. Other clients on your network may lose connection as DHCP isn't configured by default. This interface will be the new gateway for all internal clients.
- Regain connection to the web browser GUI and continue with the Sophos XG wizard.
Step 5: Sophos XG Install Continued...
- When the wizard has completed and applied all the configuration changes you will have to reload the GUI and regain access to the dashboard. The dashboard should look something like the one pictured below.
- Once you have access we need to configure a DHCP server for LAN clients to connect.
- Navigate to the 'System' tab (looks like a cog)
- Click on 'Network' and then 'DHCP' as shown in the image below
Note: If you are using another device as a DHCP server you can also set-up DHCP Relay further down the same page.
- Under the DHCP server section click on 'Add' where you will be taken to another page to enter your DHCP pool settings. Enter your settings accordingly but be mindful of any addresses already issued on your network.
Once these settings have been followed you should have full network connectivity again and your clients should be able to request a new DHCP address from the Firewall. All your internals hosts traffic will now pass through the Sophos XG firewall, giving you that extra layer of security. You can now go ahead and configure the firewall the way you want it.
I hope this has been helpful for you and I hope you have managed to get your firewall up and running. If you have any questions, I will do my best to answer them but otherwise please refer to the Sophos community.
You can also catch me on Twitter: @iwiizkiid
Website: www.synack.co.uk
Sophos for Virtual Environments delivers central security for VMware or Hyper-V virtual machines. Sophos VE provides real-time protection at peak performance by off-loading threat detection to a centralized security virtual machine.
In this walk-through, we will be installing the Sophos Security VM in a VMware environment, deploy the Guest VM agent to protected machines, and test real-time protection.
Install Sophos Security VM
To begin, download the Sophos for Virtual Environments executable from Sophos Central. Run the SVE_ESXi_c_sfx.exe from a machine in your environment.
Sophos Antivirus For Windows 10
Read and Accept the Sophos EULA.
Select the destination for the installer and Install. This can be on your local machine.
Once the installer has completed, the Security VM installation wizard will begin. Click Next to continue.
Check the prerequisites for installation and ensure you have credentials to VMware and the ESXi host where the Security VM will reside. Click Next.
Provide the vCenter address and credentials as well as the Security VM name.
A security warning will appear if an untrusted SSL is installed.
Choose the ESXi host where you want the Security VM installed.
Select the Management Console you will be using to configure security policies and respond to alerts. We are using Sophos Central.
Sophos Microsoft Problems
Enter the Sophos Central Administrator credentials.
Provide a password for access to your Security VM. Note that this password can’t be changed after installation.
Next, create a password for access to the guest agent installer. The guest agent installer will reside in a Public share on the Security VM.
Sophos Microsoft Updates
Select a Timezone the for the Security VM.
Choose the datastore where your Security VM will reside.
Set the network, IP address, subnet mask, and domain suffix for all the networks used by the protected VMs.
Sophos Vmware Template
Enter the default gateway and DNS server(s) information.
Guest VMs can move between Security VMs. If you have already or are going to install additional Security VMs, enter their IP addresses here.
Review the summary and click Install when finished.
The Security VM will now be deployed to your ESXi host.
Once complete, select Finish.
After the Security VM installation, navigate back to Sophos Central and ensure the VM is populated under Server Protection.
Next, we will install the Sophos Guest VM agent on VMs we want to protect. The Guest VM agent communicates with the Security VM to protect workloads and scan accessed files.
Install Sophos Guest VM Agent on Guest VMs
From the Guest VM you would like to protect, browse to the Public folder on the Security VM.
Enter the sophospublic username and password setup during the Security VM installation.
Launch the SVE-Guest-Installer.
Launch the SVE-Guest-Installer.
Sophos Antivirus For Vmware Vshield
The installation for the Guest Agent will begin.
Sophos Vmware Download
Select Finish when completed.
Verify Sophos for Virtual Environments Protection
Lastly, we will check that our Guest VM is protected. The first way to check is from Windows Security and Maintenance Center on the Guest VM. If the guest VM does not have Windows Security Center, we will check the log folder and then test real-time protection.
Utilizing the Sophos credentials, you created during the SVE setup, you can access the logs folder. Browse to the Logs folder on the Sophos Security VM and open the ProtectedGVMs document.
The document should display information for your newly protected Guest VM.
Test Sophos Real-time Scanning
Lastly, we will test real-time scanning. To test, follow the EICAR instructions here for creating an anti-malware test file. Paste the 68-character string into a text document and save the document with an obvious name. Once the file is saved, navigate to the Security VM in Sophos Central. You should see a recent event indicating that Malware has been detected.
For more information read the Sophos for Virtual Environments Startup Guide