Skip to content

Firmware upgrade and pattern updates

If you upgrade the Sophos Firewall devices in an HA cluster, there's no downtime throughout the upgrade process.

Firmware upgrade

The following image shows the HA upgrade process:

HA upgrade process.

In HA, a group of two devices works as a single entity known as a cluster. Every HA cluster has one primary device and one secondary (auxiliary) device. The primary device controls how the cluster operates, while the auxiliary device always waits to become the primary device. The roles of the primary and auxiliary devices in the cluster depend on the configuration mode.

When you upgrade an HA device, the process is as follows:

  1. The primary device (device A) upgrades the secondary device (device B).
  2. Device B runs the new firmware and takes control of the network. It's now the primary device, and device A is the secondary.
  3. Device A then upgrades and runs the new firmware. It's still the secondary device, but if you've configured device A as the preferred primary device, a failover occurs, and device A becomes the primary device again.


You can also roll back the firmware version of a HA pair without disabling HA. Rollback follows the same process as the upgrade process.

When you upgrade from SFOS 18 or later, you can upgrade the HA pair using Upload and boot or Boot firmware image.


When you upgrade from SFOS 17.5 or earlier, don't upgrade the HA pair using Boot firmware image.

Pattern updates

You must update the patterns on the primary device. These are automatically synchronized to the auxiliary device.

This also applies to air gap deployments.