Dashboard
The Dashboard graphically displays a snapshot of the current operating status of Sophos UTM. With help of the Dashboard Settings icon on the top right you can, amongst others, configure which topic sections are displayed. Further information to the settings you find in Dashboard > Dashboard Settings.
The Dashboard displays by default when you log in to WebAdmin and shows the following information:
- General Information: Hostname, model, license ID, subscriptions, and uptime of the unit. The display color of a subscription switches to orange 30 days before its expiration date. During the last 7 days and after expiration, a subscription is displayed in red.
- Version Information: Information on the currently installed firmware and pattern versions as well as available updates.
-
Resource Usage: Current system utilization, including the following components:
- The CPU utilization in percent
- The RAM utilization in percent. Please note that the total memory displayed is the part that is usable by the operating system. With 32-bit systems, in some cases that does not represent the actual size of the physical memory installed, as part of it is reserved for hardware.
- The amount of hard disk space consumed by the log partition in percent
- The amount of hard disk space consumed by the root partition in percent
- The status of the UPS (uninterruptible power supply) module (if available)
-
Today's Threat Status: A counter for the most relevant security threats detected since midnight:
- The total of dropped and rejected data packets for which logging is enabled
- The total of blocked intrusion attempts
- The total of blocked viruses (all proxies)
- The total of blocked spam messages (SMTP/POP3)
- The total of blocked spyware (all proxies)
- The total of blocked URLs (HTTP/S)
- The total of blocked webserver attacks (WAF)
- The total of blocked endpoint attacks and blocked devices
- Interfaces: Name and status of configured network interface cards. In addition, information on the average bit rate of the last 75 seconds for both incoming and outgoing traffic is shown. The values presented are obtained from bit rate averages based on samples that were taken at intervals of 15 seconds. Clicking a traffic value of an interface opens a Flow Monitor in a new window. The Flow Monitor displays the traffic of the last ten minutes and refreshes automatically at short intervals. For more information, see chapter Flow Monitor.
- Advanced Threat Protection: Status of Advanced Threat Protection. The display shows an alert if Advanced Threat Protection is enabled and it shows a counter of infected hosts. An alert will be automatically deleted after 72 hours. If you want to delete all alerts immediately, click the Reset button.
-
Current System Configuration: Enabled/disabled representation of the most relevant security features. Clicking one of the entries opens the WebAdmin page with the respective settings:
- Firewall: Information about the total of active firewall rules.
- Intrusion Prevention: The intrusion prevention system (IPS) recognizes attacks by means of a signature-based IPS rule set.
- Web Filtering: An application-level gateway for the HTTP/S protocol, featuring a rich set of web filtering techniques for the networks that are allowed to use its services.
- Network Visibility: The layer 7 application control of Sophos allows to categorize and control network traffic.
- SMTP Proxy: An application-level gateway for messages sent via the Simple Mail Transfer Protocol (SMTP).
- POP3 Proxy: An application-level gateway for messages sent via the Post Office Protocol 3 (POP3).
- RED: Configuration of Remote Ethernet Device (RED) appliances for branch office security.
- Wireless Protection: Configuration of wireless networks and access points.
- Endpoint Protection: Management of endpoint devices in your network. Displays the number of connected endpoints and alerts.
- Site-to-Site VPN: Configuration of site-to-site VPN scenarios.
- Remote Access: Configuration of road warrior VPN scenarios.
- Web Application Firewall: An application-level gateway to protect your webservers from attacks like cross-site scripting and SQL injection.
- HA/Cluster: High availability (HA) failover and clustering, that is, the distribution of processing-intensive tasks such as content filtering, virus scanning, intrusion detection, or decryption equally among multiple cluster nodes.
- Sophos UTM Manager: Management of your Sophos UTM appliance via the central management tool Sophos UTM Manager (SUM).
- Sophos Mobile Control: Management of your mobile devices to control content, applications and emails.
- Antivirus: Protection of your network from web traffic that carries harmful and dangerous content such as viruses, worms, or other malware.
- Antispam: Detection of unsolicited spam emails and identification of spam transmissions from known or suspected spam purveyors.
- Antispyware: Protection from spyware infections by means of two different virus scanning engines with constantly updated signature databases and spyware filtering techniques that protects both inbound and outbound traffic.