Skip to content

Integrate your firewall with ZTNA

You must have version 19.5 MR3 or later to use this feature.

You can integrate your firewall managed by Sophos Central with Zero Trust Network Access (ZTNA). ZTNA provides a quick and secure way to access resources that are behind the firewall. You configure ZTNA from Sophos Central. For the ZTNA setup guide, see About Zero Trust Network Access.

You can select one of your firewalls managed by Sophos Central as the platform that hosts the gateway managed by Sophos Cloud. The gateway setup process is quick and easy. See Set up a Sophos Cloud gateway: Sophos Firewall.

You can install SFOS as a virtual appliance on various platforms and then set up ZTNA through SFOS. For example, if you have resources on Azure and want to set up ZTNA there, you install a virtual SFOS appliance, manage it through Sophos Central, and then set up ZTNA. For supported platforms, see Cloud, virtual, and software appliances.

We recommend that you don't access your firewall's web admin console through the WAN. Instead, you can add your firewall's web admin console as a ZTNA resource, which means you access it through ZTNA, which is a secure alternative. This also takes less time than accessing your firewall through Sophos Central Firewall Management.

When you have a firewall managed by Sophos Central, you can see the ZTNA status on your firewall's control centre. If you've set up ZTNA, the status is Active. If you haven't set up ZTNA, the status is Not configured.