Skip to content
The XG Series hardware appliances will reach end-of-life (EOL) on March 31, 2025. Click here to see the XG to XGS migration documentation.

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/nsg/sophos-firewall/20.0/Help/en-us/webhelp/onlinehelp/index.html?contextId=CLI-system-synchronized-security

synchronized-security

Allows you to change synchronized security behavior. You can specify whether to send the heartbeat to Sophos Central. At times, synchronized security may stop you from registering or deregistering Sophos Firewall with Sophos Central. To prevent this, you can clear the synchronized security configuration.

Command

system synchronized-security

Syntax

system synchronized-security
delay-missing-heartbeat-detection [set | show] [seconds]
suppress-missing-heartbeat-to-central [set | show] [seconds]
central_registration [deregister]
missing-endpoints delete { name <name> | days-missing <1-90> }

Options

delay-missing-heartbeat-detection [set | show] [seconds]

Sets the time to wait before moving the endpoint to missing heartbeat status. Use this when there are frequent adapter changes (for example, when switching between Wi-Fi and LAN connections). Range: 30 to 285, in multiples of 15. Default: 60.

suppress-missing-heartbeat-to-central [set | show] [seconds]

Sets the time to wait before Sophos Firewall reports the missing heartbeat status to Sophos Central. We recommend using this option if endpoints are expected to frequently sleep, hibernate, shut down, or wake up. Range: 0 to 120. Default: 0.

central_registration [deregister]

Clears the synchronized security configuration with Sophos Central.

missing-endpoints delete { name <name> | days-missing <1-90> }

Removes the status of endpoints with missing heartbeats from the control center and reports. You can remove the status of specific endpoints using their names or based on the number of days their heartbeats are missing.

If you specify the number of days, endpoints with the missing heartbeat status for that number of days and more are removed. For example, if you specify 90 days, endpoints with missing heartbeats for 90 days and more are removed. The number of days can be 1 to 90.

Examples:

To remove the status of a specific endpoint using its name, enter the following command:

system synchronized-security missing-endpoints delete name endpoint1

To remove the status of endpoints based on the number of days their heartbeats are missing, enter the following command:

system synchronized-security missing-endpoints delete days-missing 7