Log out after: In this field you can specify the period of time (in seconds) how long a WebAdmin session can remain idle before you are forced to log in again. By default, the idle timeout is set to 1,800 seconds. The range is from 60 to 86,400 seconds.
Log out on dashboard: By default, when you have opened the Dashboard page of WebAdmin, the auto logout function is enabled. You can, however, select this option to disable the auto logout function for Dashboard only.
By default, port 4444 is used as WebAdmin TCP port. In the TCP Port box you can enter either 443 or any value between 1024 and 65535. However, certain ports are reserved for other services. In particular, you can never use port 10443, and you cannot use the same port you are using for the User Portal or for SSL remote access. Note that you must add the port number to the IP address (separated by a colon) in the browser's address bar when accessing WebAdmin, for example https://192.168.0.1:4444
You can help improving Sophos UTM by allowing it to transfer anonymous general information of your current configuration as well as information about detected viruses, or anonymous application fingerprints to Sophos. That kind of information cannot and will not be tracked back to you. No user-specific information is collected, i.e., no user or object names, no comments, or other personalized information. However, URLs for which a virus was found will be transmitted if web filter antivirus scanning is enabled.
The information is encrypted and transmitted to SophosLabs using SSL. Once delivered, the data is stored in an aggregated form and made available to the software architects of Sophos for making educated design decisions and thus improve future versions of Sophos UTM.
Send anonymous telemetry data: If enabled, Sophos UTM gathers the following information:
Configuration and usage data: The system will send the following data to the servers of Sophos once a week.
Hardware and license information (not the owner), for example:
processor Intel(R) Core(TM)2 Duo CPU E8200 @ 2.66GHz
memory 512MiB System Memory
eth0 network 82545EM Gigabit Ethernet Controller
The system ID identifies your Sophos UTM only in the way that information of your system is not accidentally collected twice, e.g. after a re-installation.
Features in use (only whether they are turned on or off), for example:
Amount of configured objects, for example:
- Enabled web filtering categories and exceptions
- CPU, memory and swap usage values in percent over the last seven days
Virus data: The system writes the following data into a file that will be uploaded automatically to the servers of Sophos every 15 minutes.
- Information about viruses found by web protection, for example threat name, MIME type, URL of the request, or file size.
Intrusion prevention data: The IPS log will be checked every minute for new alerts. If there is a new alert, the following data will be sent instantly to Sophos:
- Information about the alert, for example snort rule identifier and time stamp.
- Hardware and license information (not the owner), for example CPU total and CPU usage, memory total and memory usage, SWAP total and SWAP usage, system ID, engine version and pattern version.
Advanced Threat Protection data: The system generates and uploads advanced threat protection data every 30 minutes.
Gathered information: system ID, time stamp, Sophos threat name, source IP, destination host, detection component, detection detail, number of threats, rule identifier.
The data is sent every 24 hours.
Send anonymous application accuracy telemetry data: You can help to improve the recognition and classification abilities of network visibility and application control by participating in the Sophos UTM AppAccuracy Program. If enabled, the system will collect data in form of anonymous application fingerprints and will send that to the research team of Sophos. There the fingerprints will be used to identify unclassified applications and to improve and enlarge the network visibility and application control library.