Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/nsg/sophos-firewall/22.0/Help/en-us/webhelp/onlinehelp/index.html?contextId=CLI-system-synchronized-security

synchronized-security

The synchronized-security command lets you change the synchronized security behavior. You can specify whether to send the heartbeat to Sophos Central. At times, synchronized security may stop you from registering or deregistering Sophos Firewall with Sophos Central. To prevent this, you can clear the synchronized security configuration.

Command

system synchronized-security

Syntax

system synchronized-security
central_registration [deregister]
delay-missing-heartbeat-detection [set [seconds] {<30-285 in multiple of 15>}|show]
missing-endpoints delete [days-missing {<1-90>}|name {<text>}]
suppress-missing-heartbeat-to-central [set [seconds] {<0-120>}|show]

Options

central_registration [deregister]

Removes the synchronized security configuration from Sophos Central.

delay-missing-heartbeat-detection [set [seconds] {<30-285 in multiple of 15>}|show]

Set the delay before the firewall marks an endpoint with a missing heartbeat. You can use this setting to prevent false alerts during frequent network adapter changes, such as switching between Wi‑Fi and LAN connections.

Default: 60

Range: 30 to 285 in multiples of 15

missing-endpoints delete [days-missing {<1-90>}|name {<text>}]

Removes the status of endpoints with missing heartbeats from the control center and reports. You can remove the status of specific endpoints using their names or based on the number of days their heartbeats are missing.

If you specify the number of days, endpoints with the missing heartbeat status for that many days or more are removed. For example, if you specify 90 days, endpoints with missing heartbeats for 90 days or more are removed.

Range: 1 to 90

Example

The following command removes the status of endpoints based on the number of days their heartbeats are missing.

system synchronized-security missing-endpoints delete days-missing 7

The following command removes the status of a specific endpoint using its name.

system synchronized-security missing-endpoints delete name endpoint1

suppress-missing-heartbeat-to-central [set [seconds] {<0-120>}|show]

Set the delay before the firewall reports the missing heartbeat status to Sophos Central. We recommend using this option if endpoints are expected to frequently sleep, hibernate, shut down, or wake up.

Default: 0

Range: 0 to 120