Default services
Sophos Firewall communicates with these default hostnames, IP addresses, and ports.
| Component | URL | Ports | Description |
|---|---|---|---|
| nsxld | 4.sophosxl.net | 443 | Web categorization and IP reputation. |
| DDNS | checkip.cyberoam.com | 80 | Dynamic DNS check IP service. |
| Up2Date | u2d.sophos.com ap-southeast-1.u2d.sophos.com eu-west-1.u2d.sophos.com eu-central-1.u2d.sophos.com ap-northeast-1.u2d.sophos.com us-west-2.u2d.sophos.com us-east-1.u2d.sophos.com d30ncyzaneb4q0.cloudfront.net d3tusa5dvomhzy.cloudfront.net xg-up2date-patterns.sophosupd.com xg-up2date-firmwares.sophosupd.com | 443 | Up2Date checks for new updates of SFOS firmware, AP and RED firmware, ATP, Sophos and Avira antivirus, authentication clients, IPS and application signatures, SSL VPN clients, and WAF. |
| Commtouch AV (for Small Boxes) | oem.avdl.ctmail.com | 80 | Additional antivirus scanner. |
| Heartbeat | utm.cloud.sophos.com dzr-utm-amzn-eu-west-1-9af7.upe.p.hmr.sophos.com | 80 443 | For Sophos Security Heartbeat. |
| RED | red.astaro.com red-prov-eu.astaro.com red-prov-as.astaro.com red-prov-us.astaro.com | TCP & UDP 3400 (RED 10) TCP 3400, UDP 3410 (All others) | Provisioning server for RED devices. |
| Licensing | eu-prod-utm.soa.sophos.com/api/device/1/applianceactivation eu-prod-utm.soa.sophos.com/api/device/1/accountregistration eu-prod-utm.soa.sophos.com/api/device/2/license eu-prod-utm.soa.sophos.com/api/device/1/subscription eu-prod-csr.soa.sophos.com/api/certificate/1/signing eu-prod-utm.soa.sophos.com/api/device/1/appliance | 443 | License synchronization and activation. |
| SAR report | sarreport.sophos.com | 443 | SAR (Suspicious Activity Report) server. |
| APU | dispatch.apu.sophos.com eu1.apu.sophos.com eu2.apu.sophos.com | 22 | Support access proxy. |
| Sandbox | sandbox.sophos.com eu.sandbox.sophos.com us.sandbox.sophos.com apac.sandbox.sophos.com | 443 | Zero-day protection sandboxing technology. |
| NTP | pool.ntp.org | 123 | Network time protocol. |
| Telemetry | sftelemetry.sophos.com | 443 | Telemetry data. |
| Sophos Central | dzr-utm-amzn-us-west-2-fa88.upe.p.hmr.sophos.com utm.cloud.sophos.com/api/utm | 443 | Synchronized Application Control. Manage your Sophos Firewall devices centrally through Sophos Central. |
| Firewall management in Sophos Central | *.sophos.com | TCP 22, 443 | Allow access to dynamic hostnames matching *.sophos.com. |
More resources