Getting started

Follow these recommendations if you are new to Sophos Firewall. You learn how to secure the access to your Sophos Firewall, test and validate it, and finally how to go live once you feel comfortable.

Secure administrator access to Sophos Firewall

  1. Configure a high complexity setting for the administrator password. Change the default administrator password or use public key authentication for the “admin” user. You can find more information on how to set up public key authentication in the knowledge base article 127200.
  2. Configure sign-in security.
    • End inactive administrator sessions: Specify the inactivity period for administrators.
    • Prevent brute force sign-in attacks: Specify the number of unsuccessful attempts to sign in within a time frame from the same IP address. Specify the duration of blocked access.
    • Recommended settings: We’ve specified all our recommendations as default settings, for example, automatic installation of hotfixes, device access to Sophos Firewall.

Test and validate

Whenever possible, test Sophos Firewall offline first, that is, configure the policies on a test network or in a lab and validate that the required access permissions are being implemented as expected.

To simulate the integration of your real network with it, you can deploy Sophos Firewall on the live network but with a different gateway IP address and point the users to the new gateway. This allows a staged approach to integrating Sophos Firewall into your live network, ensuring that the process does not interrupt day-to-day operations.

Additionally, carry out acceptance testing and an iterative process of tuning to finalize the configuration.

Go live

Once you’ve tested and validated Sophos Firewall, you can move to it either by switching IP addresses and removing the old device or by changing the default gateway.

Add new services

Sophos Firewall offers a wide range of new features compared to your previous vendor. Read more about these features in the help. Finally, complete the migration by adding any new feature, service, or function that fits your business need.