Firewall information
The information displayed for each firewall includes the following.
Name
Shows your lists of ungrouped and grouped firewalls. To see your firewalls, click the arrow next to the list name.
Click a firewall name to open the firewall's web admin console. This lets you configure the firewall.
To open the firewall's web admin console, you must be an Admin or Super Admin in Sophos Central. This gives you the same permissions as the firewall's local "admin" account. It also lets you change the password for an "admin" account, which is necessary when you deploy firewalls via Zero Touch.
Note
Ungrouped firewalls are in a list named Ungrouped.
Click the high availability (HA) icon 
next to your firewall name to see the following details about your HA cluster:
- Firewall role in the HA cluster. This can be Primary or Auxiliary.
- Firewall node number. Example: "Node1".
- Firewall node information. Example: "Initial primary. Holds license for customer."
-
Last status change. This is the last time the firewall node changed roles. Example: "Friday, April 14, 2023, 11:42 AM".
Note
The time corresponds to the local time on your browser. This may differ slightly from the time on your firewall.
-
Firewall node name: The name you gave to the firewall node.
- High availability mode: The type of HA cluster the firewalls belong to. Example: "High Availability in Active-Passive mode".
Here's an example of HA details for a firewall.
Note
You can also click the HA icon next to the firewall name to see the HA details when you create a new firewall group under Available Firewalls and Assigned Firewalls.
Alerts
Alerts in the last 24 hours.
| Icon | Description |
|---|---|
 | CPU usage alert: Click the icon to see a graph of CPU usage in the last two hours. |
 | Management and reporting alert: for more information, click the icon. |
Sync & Management
| Status | Description |
|---|---|
| Synchronized | The firewall is online and sending regular heartbeats. The firewall's configuration matches the group policy. |
| Connected | If the firewall is ungrouped, this status indicates that the firewall is online and sending regular heartbeats. If the firewall is in a group and this status remains unchanged for more than a minute, the firewall is online and sending regular heartbeats, but it's not starting to synchronize with the group policy. This may be because the synchronization tasks haven't been created or the tasks have been created, but the firewall isn't pulling them. In this case, look in the tasks queue to find out which transactions are pending. |
| Error needs attention | The firewall's configuration doesn't match the group policy. The admin needs to look in the tasks queue to find out which policy can't be applied. |
| Synchronizing | The firewall has just been added to the group. Sophos Central is applying the group policy to the firewall. |
| Last seen x hours ago (for Sophos Firewall 18.0 or later) or Disconnected | The firewall is offline. |
| Approval Pending | The firewall has been registered with Sophos Central by a local admin from the firewall’s web admin console. It's waiting for approval by a Sophos Central admin. When approved, the firewall is ready for group and individual device management. |
| Management Disabled | The firewall is registered with Sophos Central. However, Sophos Central management hasn't been turned on from the firewall’s web admin console. |
If you click a status, more information is displayed:
| Additional information | Description |
|---|---|
| Missing since x hours | The firewall sends a heartbeat message every minute. Sophos Central considers the firewall to be offline if five heartbeat messages are missed. |
| Failed to apply a policy x days ago | A policy couldn't be applied to the firewall. The tasks queue may have more details about the reason for the failure. |
| Firewall is suspended. | The firewall has been offline or out of sync with the group policy for more than 30 days. This means that Sophos Central can't discover its current status. For more information, see Suspended firewalls. |
| Central Reporting is Disabled | You can turn on firewall reporting from the firewall’s web admin console. |
Synchronized Security
| Icon | Description |
|---|---|
 | The number of apps discovered by the firewall. |
 | Reporting is turned off. |
 | Reporting is turned on. |
Version
The firewall's firmware version.
There's an icon next to the version that shows the firewall's upgrade status. Click the icon for more information.
The icons are as follows:
| Icon | Description |
|---|---|
 | Firmware upgrade available. |
 | Firmware upgrade successful. |
 | Firmware upgrade failed. |
 | Firmware upgrade scheduled. |
 | Firmware upgrade in progress. |
Example: If you click the blue arrow icon, you'll see something like this:
