Default services

XG Firewall communicates with these default hostnames, IP addresses, and ports.

Component

URL

Ports

Description

Wing

primary.wing.sophosxl.net

peak.wing.sophosxl.net

80

443

6060

6061

Web proxy categorization.

nsxld

4.sophosxl.net

443

Web categorization in version 17 and later.

DDNS

checkip.cyberoam.com

80

Dynamic DNS check IP service.

Up2Date

u2d.sophos.com

ap-southeast-1.u2d.sophos.com

eu-west-1.u2d.sophos.com

eu-central-1.u2d.sophos.com

ap-northeast-1.u2d.sophos.com

us-west-2.u2d.sophos.com

us-east-1.u2d.sophos.com

443

Up2Date checks for new updates of SFOS firmware, AP and RED firmware, ATP, Sophos and Avira antivirus, authentication clients, IPS and application signatures, SSL VPN clients, and WAF.

Commtouch AS

iprep%d.t.ctmail.com

resolver%d.ast.ctmail.com

80

443

Anti-spam scanner.

Commtouch AV (for Small Boxes)

oem.avdl.ctmail.com

80

Additional antivirus scanner.

Heartbeat

utm.cloud.sophos.com

dzr-utm-amzn-eu-west-1-9af7.upe.p.hmr.sophos.com

80

443

For Sophos Security Heartbeat.

RED

red.astaro.com

red-prov-eu.astaro.com

red-prov-as.astaro.com

red-prov-us.astaro.com

TCP & UDP 3400 (RED10)

TCP 3400, UDP 3410 (All others)

Provisioning server for RED devices.

Licensing

eu-prod-utm.soa.sophos.com/api/device/1/applianceactivation

eu-prod-utm.soa.sophos.com/api/device/1/accountregistration

eu-prod-utm.soa.sophos.com/api/device/2/license

eu-prod-utm.soa.sophos.com/api/device/1/subscription

eu-prod-csr.soa.sophos.com/api/certificate/1/signing

eu-prod-utm.soa.sophos.com/api/device/1/appliance

443

License synchronization and activation.

SAR report

sarreport.sophos.com

443

SAR (Suspicious Activity Report) server.

SCFM

us-e1.cfm.sophos.com/

eu-w1.q.cfm.sophos.com/

eu-w1.d.cfm.sophos.com/

443

Sophos Central Firewall Manager.

APU

eu1.apu.sophos.com

443

Support access proxy.

Sandbox

sandbox.sophos.com

eu.sandbox.sophos.com

us.sandbox.sophos.com

apac.sandbox.sophos.com

443

Sandstorm sandboxing technology.

NTP

pool.ntp.org

123

Network time protocol.

Telemetry

sftelemetry.sophos.com

443

Telemetry data.

Central synchronization

dzr-utm-amzn-us-west-2-fa88.upe.p.hmr.sophos.com

utm.cloud.sophos.com/api/utm

443

Synchronized application control. Manage your XG Firewall devices centrally through Sophos Central.

Central management

us-e1.cfm.sophos.com

443

Central firewall management.

Firewall management in Sophos Central

*.sophos.com

TCP 22, 443

Allow access to dynamic hostnames matching *.sophos.com