Default services
Sophos Firewall communicates with these default hostnames, IP addresses, and ports.
| Component | URL | Ports | Description | |
|---|---|---|---|---|
| nsxld | 4.sophosxl.net | 443 | Web categorization and IP reputation. | |
| DDNS | checkip.cyberoam.com | 80 | Dynamic DNS check IP service. | |
| Up2Date |
| 443 | Up2Date checks for new updates of SFOS firmware, AP and RED firmware, ATP, Sophos and Avira antivirus, authentication clients, IPS and application signatures, SSL VPN clients, and WAF. | |
| Commtouch AV (for Small Boxes) | oem.avdl.ctmail.com | 80 | Additional antivirus scanner. | |
| Heartbeat |
| 80 443 | For Sophos Security Heartbeat. | |
| RED | *.astaro.com | TCP 3400 UDP 3410 | Provisioning server for RED devices. | |
| Licensing | *.soa.sophos.com | 443 | License synchronization and activation. | |
| SAR report | sarreport.sophos.com | 443 | Security Audit Report (SAR) server. | |
| APU | *.apu.sophos.com | 22 | Support access proxy. | |
| Zero-day protection | *.sandbox.sophos.com | 443 | Zero-day protection sandboxing technology. | |
| NTP | pool.ntp.org | 123 | Network time protocol. | |
| Telemetry | sftelemetry.sophos.com | 443 | Telemetry data. | |
| Sophos Central |
| 443 | Synchronized Application Control. Manage your Sophos Firewall devices centrally through Sophos Central. | |
| Firewall management in Sophos Central | \*.sophos.com | 22 443 | Allow access to dynamic hostnames matching *.sophos.com. | |
| Central Firewall Reporting (CFR) | United States (Oregon) us-west-2 | tf-presigned-url-us-west-2-prod-firewall-bucket.s3.us-west-2.amazonaws.com | 443 | Send the firewall reports and logs to Sophos Central. |
Europe (Frankfurt) eu-central-1 | tf-presigned-url-eu-central-1-prod-firewall-bucket.s3.eu-central-1.amazonaws.com | |||
Europe (Ireland) eu-west-1 | tf-presigned-url-eu-west-1-prod-firewall-bucket.s3.eu-west-1.amazonaws.com | |||
US East (Ohio) us-east-2 | tf-presigned-url-us-east-2-prod-firewall-bucket.s3.us-east-2.amazonaws.com | |||
Asia Pacific (Mumbai) ap-south-1 | tf-presigned-url-ap-south-1-prod-firewall-bucket.s3.ap-south-1.amazonaws.com | |||
Asia Pacific (Tokyo) ap-northeast-1 | tf-presigned-url-ap-northeast-1-prod-firewall-bucket.s3.ap-northeast-1.amazonaws.com | |||
Canada (Central) ca-central-1 | tf-presigned-url-ca-central-1-prod-firewall-bucket.s3.ca-central-1.amazonaws.com | |||
Asia Pacific (Sydney) ap-southeast-2 | tf-presigned-url-ap-southeast-2-prod-firewall-bucket.s3.ap-southeast-2.amazonaws.com | |||
| Sophos Central Firewall backup | United States (Oregon) | us-west-2-firewall-backup.s3.us-west-2.amazonaws.com | 443 | Back up and restore Sophos Firewall configurations from Sophos Central. |
Europe (Frankfurt) eu-central-1 | eu-central-1-firewall-backup.s3.eu-central-1.amazonaws.com | |||
Europe (Ireland) eu-west-1 | eu-west-1-firewall-backup.s3.eu-west-1.amazonaws.com | |||
US East (Ohio) us-east-2 | us-east-2-firewall-backup.s3.us-east-2.amazonaws.com | |||
Asia Pacific (Mumbai) ap-south-1 | ap-south-1-firewall-backup.s3.ap-south-1.amazonaws.com | |||
Asia Pacific (Sydney) ap-southeast-2 | ap-southeast-2-firewall-backup.s3.ap-southeast-2.amazonaws.com | |||
Asia Pacific (Tokyo) ap-northeast-1 | ap-northeast-1-firewall-backup.s3.ap-northeast-1.amazonaws.com | |||
Canada (Central) ca-central-1 | ca-central-1-firewall-backup.s3.ca-central-1.amazonaws.com | |||
| Zero Trust Network Access (ZTNA) | *.prod.ztna.access.sophos.com | 443 | ZTNA Dataplane to Sophos cloud | |
| 443 | Sophos Central | ||
More resources