Skip to content

Install Sophos Firewall on Nutanix Prism Central

You can install Sophos Firewall QCOW2 disks on the Nutanix Prism Central platform.

Download the image disk

To download the .zip file containing the Sophos Firewall QCOW2 disk for the Nutanix Prism Central platform, do as follows:

  1. Go to Firewall Installers, scroll to Virtual Installers: Firewall OS for KVM, and click Download to download the .zip file containing the following QCOW2 disks:

    • PRIMARY-DISK.qcow2
    • AUXILIARY-DISK.qcow2
  2. Extract the .zip file and save the disks on the device from which you access Nutanix Prism Central.

Upload the image to Nutanix Prism

  1. Sign in to the Nutanix Prism Central console.
  2. From the top-left menu, go to Virtual Infrastructure > Images.

    Nutanix navigation pane.

  3. Click Add Image.

  4. Click Add File.

    Add images dialog.

  5. Select one of the image files you extracted.

    Make sure that the selected Image Type is Disk.

    You can enter a description in the Image Description field.

  6. Repeat the last step for the second image.

    After you've added both images, you should see them in the dialog.

    Dialog shows two disks.

  7. Click Next.

  8. Specify the settings for Placement Method and Select Clusters according to your needs.
  9. Click Save.
  10. Wait a few minutes and then refresh the browser.

    You'll find the newly created images in the images list.

Create the Sophos Firewall virtual machine

  1. From the top-left menu, go to Infrastructure > VMs.

    Nutanix navigation pane.

  2. Click Create VM.

  3. In General Configuration, enter a name for the VM and select a timezone.
  4. In Compute Details, enter your desired number of virtual CPUs and RAM.

    Select a minimum of 4 GB of RAM.

  5. In Disks, delete the CD-ROM that is shown by default.

    You must create a startup disk and a log disk for the VM.

  6. Create a startup disk as follows:

    1. Click Add New Disk.
    2. In Operation, select Clone from Image Service.

      The startup disk will be cloned from the VM image you uploaded.

      Selected option: Clone from Image Service.

    3. In Bus Type, select SCSI.

      Selected option: SCSI.

    4. In Image, select PRIMARY-DISK.qcow2.

      Selected option: PRIMARY-DISK.

    5. Click Add.

      The startup disk is added.

  7. Create a log disk as follows:

    1. Click Add New Disk.
    2. In Operation, select Clone from Image Service.

      The startup disk will be cloned from the VM image you uploaded.

    3. Select the desired Bus Type (for example, SCSI).

    4. In Image, select AUXILIARY-DISK.qcow2.
    5. Click Add.

      The log disk is added.

  8. Add a network interface for the VM:

    1. In Network Adapters (NIC), click Add New NIC.

      Add NIC dialog.

    2. In VLAN Name, select the desired VLAN.

      You can select DHCP first to check connectivity. We recommend that you change the VLAN to a static IP address later.

    3. Click Add.

    4. Repeat these substeps to add a second network interface.

      Sophos Firewall requires two network interfaces.

  9. Pin the VM to a host:

    1. In VM Host Affinity, click Set Affinity.

      Set VM host affinity.

    2. Select the desired host.

    3. Click Save.
  10. Click Save.

    The system shows a success message when the VM has been created with no error.

Configure Sophos Firewall

To power on and configure the virtual firewall, do as follows:

  1. Find your newly created VM in the VM list and power it on.
  2. Click Launch console.

    A window opens and shows the command line interface of Sophos Firewall.

  3. Enter the administrator password admin.

  4. Enter into your web browser to connect to the firewall.
  5. Select Start to open the setup assistant and complete basic setup and registration.


    The setup assistant won't start if you've changed the default password from the CLI console. You can complete the basic setup manually or reset the firewall to default to use the setup assistant.

To manage your Sophos Firewall licenses and subscriptions, see Licensing.