Phone call Mail
Now free initial consultation by mail or phone: +49 228 - 33 88 89 0
EnBITCon GmbH

Sophos UTM 9.6 Notifications

July 9, 2019   Marcel Zimmer
Sophos

Sophos UTM has a notification function that informs you immediately of all security-relevant events on the UTM - either by email or SNMP. SNMP-Trap. All events that might be of interest to an administrator have their own error, warning and information codes. Which notifications are sent depends on the settings you have made on the Notifications tab.

On the Management > Notifications > General tab, you can configure the sender address (i.e. the From address) to be used for sending notifications from the UTM. By default, this is do-not-reply@fw-notify.net. If you wish to change this setting, it is advisable to select an e-mail address from your domain, as some mail servers check whether the sender address of a received message actually exists.

In addition, you can specify one or more recipients for the UTM 's notifications. By default, this is the administrator's email address that you specified during the initial setup.

Limit notifications: Some security-related events, such as detected attack attempts, generate a large number of notifications, which can quickly cause recipients' inboxes to literally overflow. For this purpose, the Sophos UTM has appropriate default settings that limit the number of notifications sent per hour. If you disable this option, any security-related event will generate a notification; provided, of course, that event is configured appropriately in the Management > Notifications > Not ifications tab.

Device-specific text

Here you can enter a description of the Sophos UTM, e.g. the location. This will then be displayed in the notifications that are sent.

Notifications

Notifications are divided into three categories:

  • CRIT: Notifications about critical events that threaten the error-free operation of the UTM.
  • WARN: Notifications about potential problems that require your attention, e.g. exceeding threshold values.
  • INFO: Purely informative notifications, e.g. regarding the restart of a system component.

For each individual event, you can determine whether a notification is to be sent as an e-mail or SNMP trap.

Advanced

In case your UTM cannot send e-mails directly, you can set up a smarthost for sending e-mails. Proceed as follows:

  1. Activate External SMTP server status on the Management > Notifications > Advanced tab. Click the slider. The slider turns yellow and the External SMTP Server Status area becomes editable.

  2. Enter your smarthost. You can use drag-and-drop for this. The port is preset to SMTP port 25. Please note that notifications will not be sent if the smarthost TLS is not supported. Note that notifications will not be sent if the smarthost TLS does not support.

  3. Set the authentication settings. If the smart host requires authentication, select the Authentication check box and enter the appropriate user name and password.

  4. Click Apply. Your settings are saved. The slider turns green.

Author: Marcel Zimmer
Technischer Geschäftsführer Herr Zimmer

Marcel Zimmer is the Technical Managing Director of EnBITCon. During his time in the German Armed Forces, the trained IT developer was able to gain numerous project experiences. His interest in IT security was significantly awakened by his service in command support. Even after his service, he is an active reservist in the Bundeswehr.

His first firewall was a Sophos UTM 120, which he had to set up for a customer project. Since then, his interest in IT security has grown steadily. In the course of time, various security and infrastructure topics have come into his focus. His most interesting projects included, for example, WLAN coverage in an explosion-proof area, as well as a multi-site WLAN solution for a large

This website uses cookies to ensure the best experience possible. More information...