Skip to content

Deploy the CloudFormation template

To deploy the CloudFormation template, do as follows:

  1. Go to AWS Marketplace and select Sophos Firewall (PAYG). See AWS Marketplace: Sophos.
  2. Click Continue to Subscribe.
  3. Review the terms, and click Accept Terms.
  4. Click Continue to Configuration.

    Amazon processes your request, and you'll see your subscription details.

  5. Select the Sophos Auto Scaling Firewall for AWS CloudFormation template.

    Select a template.

  6. Enter your Software version and Region.

    Software version and region.

  7. Select Launch CloudFormation from the drop-down list and click Launch.

    AWS Launch.

    This takes you to the Specify stack details page.

  8. Enter your stack name.

    Stack details.

  9. Enter your parameters.

    Parameters are defined in the CloudFormation template. You can enter custom values when you create or edit a stack. Parameters are used to configure the AWS resources and your Sophos Firewalls.


    Under Sophos Firewall Configuration, you must enter the client ID and client secret you copied earlier from Sophos Central.


    When you enter your Sophos Central AS Group name, make sure it's different from any of your existing firewall group names. You can use up to 40 characters. If there's a group name conflict due to an existing firewall group with the same name, we won't register a new firewall to that group, and we'll log the error in the relevant log files on Sophos Firewall.

    Here's an example of some of the Sophos Central parameters:

    AWS stack firewall parameters.

    To enable centralized logging, under Use CloudWatch select yes from the drop-down list.

  10. Click Next. This takes you to the Advanced Options page. You can enter additional configuration options here.

  11. Click Next. This takes you to the summary page.
  12. Confirm that IAM resources may be created and click Create stack.

    Stack Creation time depends on the AWS infrastructure, but it's estimated to take about 20 minutes. This is due to the process required to configure all AWS resources, launch all firewalls, connect them to Sophos Central for management, and stop "warm pool" firewalls.

    When you've created your stack, you're directed to your stack page.

    Here's an example of a stack page:

    AWS stack firewall events.

  13. Click the following tabs to see information about your stack.

    • The Stack info tab displays information about your stack including an overview, tags, stack policy, rollback configuration, and notification options.
    • The Events tab shows the stack creation status. This is automatically updated. When your stack is created, the status changes.
    • The Resources tab shows information about resources that have been created.
    • The Outputs tab shows the DNS name of the Network Load Balancer (NLB) used for inbound connections.
    • The Parameters tab shows the stack's parameters and their values.
    • The Template tab shows the stack's template.
    • The Change sets tab shows a list of the stack's change sets.
  14. Sign into Sophos Central and go to My Products > Firewall Management > Firewalls. When your stack is created, you'll see your active and 'warm' firewalls listed in an automatically created firewall group with the Sophos Central AS Group name you entered during stack creation.

You can now manage your firewalls in your AWS Auto Scaling group from Sophos Central.

You must do configuration updates at group level so that your firewalls are synchronized. To do this, sign in to Sophos Central, go to My Products > Firewall Management > Firewalls, click the three dots next to your firewall group and click Manage Policy.