Default services
Sophos Firewall communicates with these default hostnames, IP addresses, and ports.
Component | URL | Ports | Description |
---|---|---|---|
nsxld | 4.sophosxl.net | 443 | Web categorization and IP reputation. |
DDNS | checkip.cyberoam.com | 80 | Dynamic DNS check IP service. |
Up2Date | u2d.sophos.com ap-southeast-1.u2d.sophos.com eu-west-1.u2d.sophos.com eu-central-1.u2d.sophos.com ap-northeast-1.u2d.sophos.com us-west-2.u2d.sophos.com us-east-1.u2d.sophos.com d30ncyzaneb4q0.cloudfront.net d3tusa5dvomhzy.cloudfront.net xg-up2date-patterns.sophosupd.com xg-up2date-firmwares.sophosupd.com | 443 | Up2Date checks for new updates of SFOS firmware, AP and RED firmware, ATP, Sophos and Avira antivirus, authentication clients, IPS and application signatures, SSL VPN clients, and WAF. |
Commtouch AV (for Small Boxes) | oem.avdl.ctmail.com | 80 | Additional antivirus scanner. |
Heartbeat | utm.cloud.sophos.com dzr-utm-amzn-eu-west-1-9af7.upe.p.hmr.sophos.com | 80 443 | For Sophos Security Heartbeat. |
RED | red.astaro.com red-prov-eu.astaro.com red-prov-as.astaro.com red-prov-us.astaro.com | TCP 3400, UDP 3410 | Provisioning server for RED devices. |
Licensing | eu-prod-utm.soa.sophos.com/api/device/1/applianceactivation eu-prod-utm.soa.sophos.com/api/device/1/accountregistration eu-prod-utm.soa.sophos.com/api/device/2/license eu-prod-utm.soa.sophos.com/api/device/1/subscription eu-prod-csr.soa.sophos.com/api/certificate/1/signing eu-prod-utm.soa.sophos.com/api/device/1/appliance | 443 | License synchronization and activation. |
SAR report | sarreport.sophos.com | 443 | Security Audit Report (SAR) server. |
APU | dispatch.apu.sophos.com eu1.apu.sophos.com eu2.apu.sophos.com | 22 | Support access proxy. |
Sandbox | sandbox.sophos.com eu.sandbox.sophos.com us.sandbox.sophos.com apac.sandbox.sophos.com | 443 | Zero-day protection sandboxing technology. |
NTP | pool.ntp.org | 123 | Network time protocol. |
Telemetry | sftelemetry.sophos.com | 443 | Telemetry data. |
Sophos Central | dzr-utm-amzn-us-west-2-fa88.upe.p.hmr.sophos.com utm.cloud.sophos.com/api/utm | 443 | Synchronized Application Control. Manage your Sophos Firewall devices centrally through Sophos Central. |
Firewall management in Sophos Central | *.sophos.com | TCP 22, 443 | Allow access to dynamic hostnames matching *.sophos.com . |
Central Firewall Reporting (CFR) | tf-presigned-url-eu-central-1-prod-firewall-bucket.s3.eu-central-1.amazonaws.com tf-presigned-url-eu-west-1-prod-firewall-bucket.s3.eu-west-1.amazonaws.com tf-presigned-url-us-west-2-prod-firewall-bucket.s3.us-west-2.amazonaws.com tf-presigned-url-us-east-2-prod-firewall-bucket.s3.us-east-2.amazonaws.com tf-presigned-url-ap-south-1-prod-firewall-bucket.s3.ap-south-1.amazonaws.com tf-presigned-url-ap-northeast-1-prod-firewall-bucket.s3.ap-northeast-1.amazonaws.com tf-presigned-url-ca-central-1-prod-firewall-bucket.s3.ca-central-1.amazonaws.com tf-presigned-url-sa-east-1-prod-firewall-bucket.s3.sa-east-1.amazonaws.com tf-presigned-url-ap-southeast-2-prod-firewall-bucket.s3.ap-southeast-2.amazonaws.com | 443 | Send the firewall reports and logs to Sophos Central. |
Sophos Central Firewall backup | cloud-prod-eu-central-1-firewall-backup.s3.eu-central-1.amazonaws.com cloud-prod-eu-west-1-firewall-backup.s3.eu-west-1.amazonaws.com cloud-prod-us-east-2-firewall-backup.s3.us-east-2.amazonaws.com cloud-prod-us-west-2-firewall-backup.s3.us-west-2.amazonaws.com firewall-backup-stn100bom-20220430122926302800000001.s3.ap-south-1.amazonaws.com firewall-backup-stn100gru-20220419140115774600000001.s3.sa-east-1.amazonaws.com firewall-backup-stn100hnd-20220430122814948900000001.s3.ap-northeast-1.amazonaws.com firewall-backup-stn100syd-20220430122831596300000001.s3.ap-southeast-2.amazonaws.com firewall-backup-stn100yul-20220414141327508400000001.s3.ca-central-1.amazonaws.com | 443 | Back up and restore Sophos Firewall configurations from Sophos Central. |
More resources