Skip to content

Default services

Sophos Firewall communicates with these default hostnames, IP addresses, and ports.

Component URL Ports Description
nsxld 443 Web categorization and IP reputation.
DDNS 80 Dynamic DNS check IP service.

443 Up2Date checks for new updates of SFOS firmware, AP and RED firmware, ATP, Sophos and Avira antivirus, authentication clients, IPS and application signatures, SSL VPN clients, and WAF.
Commtouch AV (for Small Boxes) 80 Additional antivirus scanner.



For Sophos Security Heartbeat.

TCP 3400, UDP 3410 Provisioning server for RED devices.

443 License synchronization and activation.
SAR report 443 Security Audit Report (SAR) server.

22 Support access proxy.

443 Zero-day protection sandboxing technology.
NTP 123 Network time protocol.
Telemetry 443 Telemetry data.
Sophos Central

443 Synchronized Application Control. Manage your Sophos Firewall devices centrally through Sophos Central.
Firewall management in Sophos Central * TCP 22, 443 Allow access to dynamic hostnames matching *
Central Firewall Reporting (CFR)

443 Send the firewall reports and logs to Sophos Central.
Sophos Central Firewall backup

443 Back up and restore Sophos Firewall configurations from Sophos Central.
Zero Trust Network Access (ZTNA)

443 ZTNA Dataplane to Sophos cloud

443 Sophos Central

More resources