Default services

Sophos Firewall communicates with these default hostnames, IP addresses, and ports.

Component	URL	Ports	Description
nsxld	`4.sophosxl.net`	443	Web categorization and IP reputation.
DDNS	`checkip.cyberoam.com`	80	Dynamic DNS check IP service.
Up2Date	`.u2d.sophos.com` `.cloudfront.net` `*.sophosupd.com`	443	Up2Date checks for new updates of SFOS firmware, AP and RED firmware, ATP, Sophos and Avira antivirus, authentication clients, IPS and application signatures, SSL VPN clients, and WAF.
Commtouch AV (for Small Boxes)	`oem.avdl.ctmail.com`	80	Additional antivirus scanner.
Heartbeat	`utm.cloud.sophos.com` `dzr-utm-amzn-eu-west-1-9af7.upe.p.hmr.sophos.com`	80 443	For Sophos Security Heartbeat.
RED	`*.astaro.com`	TCP 3400 UDP 3410	Provisioning server for RED devices.
Licensing	`*.soa.sophos.com`	443	License synchronization and activation.
SAR report	`sarreport.sophos.com`	443	Security Audit Report (SAR) server.
APU	`*.apu.sophos.com`	22	Support access proxy.
Sandbox	`*.sandbox.sophos.com`	443	Zero-day protection sandboxing technology.
NTP	`pool.ntp.org`	123	Network time protocol.
Telemetry	`sftelemetry.sophos.com`	443	Telemetry data.
Sophos Central	`dzr-utm-amzn-us-west-2-fa88.upe.p.hmr.sophos.com` `utm.cloud.sophos.com/api/utm`	443	Synchronized Application Control. Manage your Sophos Firewall devices centrally through Sophos Central.
Firewall management in Sophos Central	`\*.sophos.com`	22 443	Allow access to dynamic hostnames matching `*.sophos.com`.
Central Firewall Reporting (CFR)	`tf-presigned-url--prod-firewall-bucket.s3..amazonaws.com`	443	Send the firewall reports and logs to Sophos Central.
Sophos Central Firewall backup	`-firewall-backup.s3..amazonaws.com`	443	Back up and restore Sophos Firewall configurations from Sophos Central.

More resources