Default services
Sophos Firewall communicates with these default hostnames, IP addresses, and ports.
| Component | URL | Ports | Description |
|---|---|---|---|
| Wing | primary.wing.sophosxl.net peak.wing.sophosxl.net | 80 443 6060 6061 | Web proxy categorization. |
| nsxld | 4.sophosxl.net | 443 | Web categorization in version 17 and later. |
| DDNS | checkip.cyberoam.com | 80 | Dynamic DNS check IP service. |
| Up2Date | u2d.sophos.com ap-southeast-1.u2d.sophos.com eu-west-1.u2d.sophos.com eu-central-1.u2d.sophos.com ap-northeast-1.u2d.sophos.com us-west-2.u2d.sophos.com us-east-1.u2d.sophos.com | 443 | Up2Date checks for new updates of SFOS firmware, AP and RED firmware, ATP, Sophos and Avira antivirus, authentication clients, IPS and application signatures, SSL VPN clients, and WAF. |
| Commtouch AS | iprep%d.t.ctmail.com resolver%d.ast.ctmail.com | 80 443 | Anti-spam scanner. |
| Commtouch AV (for Small Boxes) | oem.avdl.ctmail.com | 80 | Additional antivirus scanner. |
| Heartbeat | utm.cloud.sophos.com dzr-utm-amzn-eu-west-1-9af7.upe.p.hmr.sophos.com | 80 443 | For Sophos Security Heartbeat. |
| RED | red.astaro.com red-prov-eu.astaro.com red-prov-as.astaro.com red-prov-us.astaro.com | TCP & UDP 3400 (RED 10) TCP 3400, UDP 3410 (All others) | Provisioning server for RED devices. |
| Licensing | eu-prod-utm.soa.sophos.com/api/device/1/applianceactivation eu-prod-utm.soa.sophos.com/api/device/1/accountregistration eu-prod-utm.soa.sophos.com/api/device/2/license eu-prod-utm.soa.sophos.com/api/device/1/subscription eu-prod-csr.soa.sophos.com/api/certificate/1/signing eu-prod-utm.soa.sophos.com/api/device/1/appliance | 443 | License synchronization and activation. |
| SAR report | sarreport.sophos.com | 443 | SAR (Suspicious Activity Report) server. |
| SCFM | us-e1.cfm.sophos.com/ eu-w1.q.cfm.sophos.com/ eu-w1.d.cfm.sophos.com/ | 443 | Sophos Central Firewall Manager. |
| APU | dispatch.apu.sophos.com eu1.apu.sophos.com eu2.apu.sophos.com | 22 | Support access proxy. |
| Sandbox | sandbox.sophos.com eu.sandbox.sophos.com us.sandbox.sophos.com apac.sandbox.sophos.com | 443 | Sandstorm sandboxing technology. |
| NTP | pool.ntp.org | 123 | Network time protocol. |
| Telemetry | sftelemetry.sophos.com | 443 | Telemetry data. |
| Central synchronization | dzr-utm-amzn-us-west-2-fa88.upe.p.hmr.sophos.com utm.cloud.sophos.com/api/utm | 443 | Synchronized Application Control. Manage your Sophos Firewall devices centrally through Sophos Central. |
| Central management | us-e1.cfm.sophos.com | 443 | Central firewall management. |
| Firewall management in Sophos Central | *.sophos.com | TCP 22, 443 | Allow access to dynamic hostnames matching *.sophos.com. |
More resources