Firewall health check

The firewall implements network security policies based on recommended configurations, best practices, and regulatory standards, including those outlined by the Center for Internet Security (CIS). The firewall continuously checks configurations, such as firewall rules, password complexity, multi-factor authentication (MFA), and other settings, to ensure they comply with these policies.

The data is updated when any monitored configuration changes.

We recommend ensuring that all configurations are compliant for enhanced network security.

Policy compliance

You can monitor the total number of checked configurations and the number of compliant and noncompliant configurations.

The noncompliant configurations are shown by severity, depending on the network security risk they pose. You can fix them or manually set their status to compliant without fixing them. To fix the noncompliant configurations, you must meet the policy's requirements.

Compliant: The number of configurations that comply with the firewall's network security policies. This is also shown as a percentage of the total number of checked configurations.
Noncompliant: The number of configurations that don't comply with the firewall's network security policies. They're categorized based on severity.

You can search for a specific policy, module, standard, or severity using the search field.

You can sort the policy compliance details by clicking the specific column.

The firewall shows the policy compliance details as follows:

Name	Description
Policies	The firewall's network security policies. Your firewall configurations are checked against these policies for compliance. Based on your configuration, the policy status is shown as follows: : Your configuration complies with the policy. : Your configuration doesn't comply with the policy.
Module	The firewall module that the policy relates to.
Standard	The industry standard or best practice configuration that the policy is based on: CIS: Center for Internet Security standard. See CIS Sophos Benchmarks. Recommended: Recommended configuration for enhanced network security.
Severity	The policy compliance category, depending on the network security risk policies pose. The severity categories are as follows: High: Poses a high network security risk that requires immediate attention. You must comply with these policies. Medium: Poses a moderate network security risk. We recommend that you comply with these policies. Low: Poses a low network security risk. You can ignore these policies and manually set them to compliant. We recommend that you also comply with these policies.
Status	Shows whether your firewall configuration complies with the policy or not. The statuses are as follows: : Your firewall configuration complies with the policy. : Your firewall configuration doesn't comply with the policy. : Your firewall configuration doesn't comply with the policy, but was manually set to compliant. Under the Action column, you can manually set the status of the policy by clicking the three dots and then clicking Override status.
Action	Actions that you can take for policies that your firewall configurations don't comply with. The options are as follows: Fix now: Redirects you to the related firewall page so you can fix your configuration to comply with the policy. Override status: Manually set the policy status to Complies. The status changes to . You can override a policy if it's already enforced through another method. For instance, if your organization uses Microsoft Entra ID SSO with MFA, you can override the MFA should be configured for the default admin policy. Undo override: Manually set an overriden policy status to Doesn't comply. This option only appears for overridden policies.

Firewall health check

Policy compliance

Videos

Firewall health check overview