Default services
Sophos Firewall communicates with these default hostnames, IP addresses, and ports.
Component | URL | Ports | Description |
---|---|---|---|
nsxld | 4.sophosxl.net | 443 | Web categorization and IP reputation. |
DDNS | checkip.cyberoam.com | 80 | Dynamic DNS check IP service. |
Up2Date |
| 443 | Up2Date checks for new updates of SFOS firmware, AP and RED firmware, ATP, Sophos and Avira antivirus, authentication clients, IPS and application signatures, SSL VPN clients, and WAF. |
Commtouch AV (for Small Boxes) | oem.avdl.ctmail.com | 80 | Additional antivirus scanner. |
Heartbeat |
| 80 443 | For Sophos Security Heartbeat. |
RED | *.astaro.com | TCP 3400 UDP 3410 | Provisioning server for RED devices. |
Licensing | *.soa.sophos.com | 443 | License synchronization and activation. |
SAR report | sarreport.sophos.com | 443 | Security Audit Report (SAR) server. |
APU | *.apu.sophos.com | 22 | Support access proxy. |
Sandbox | *.sandbox.sophos.com | 443 | Zero-day protection sandboxing technology. |
NTP | pool.ntp.org | 123 | Network time protocol. |
Telemetry | sftelemetry.sophos.com | 443 | Telemetry data. |
Sophos Central |
| 443 | Synchronized Application Control. Manage your Sophos Firewall devices centrally through Sophos Central. |
Firewall management in Sophos Central | \*.sophos.com | 22 443 | Allow access to dynamic hostnames matching *.sophos.com . |
Central Firewall Reporting (CFR) | tf-presigned-url-*-prod-firewall-bucket.s3.*.amazonaws.com | 443 | Send the firewall reports and logs to Sophos Central. |
Sophos Central Firewall backup | *-firewall-backup.s3.*.amazonaws.com | 443 | Back up and restore Sophos Firewall configurations from Sophos Central. |
Zero Trust Network Access (ZTNA) | *.prod.ztna.access.sophos.com | 443 | ZTNA Dataplane to Sophos cloud |
| 443 | Sophos Central |
More resources