Sophos Firewall v21.5 MR1 is Now Available

Sophos has released MR1 for SFOS 21.5, read the release notes here:

Not a big update, but it fixes a lot of issues 🙂


Sophos Firewall v21.5 MR1 brings a number of enhancements; as well as reliability, stability and security fixes to your Sophos Firewall.

Sophos Firewall v21.5 MR1 brings the following enhancements:

  • Supports OAuth 2.0 as an additional authentication method for email notifications. We recommend that you move to OAuth 2.0 for Gmail. Gmail may stop supporting password-based authentication very soon.
  • Added localization support for scheduled reports. When an admin configures a scheduled report, the firewall now uses the customer’s preferred language (based on the language used to log in to the SFOS interface) for generating PDF reports.
  • NDR Essentials Data Center – You can now select the data center region for NDR Essentials flow analysis for regional or data residency requirements. By default, the system will choose the lowest latency region.
  • NDR Essentials Threat Score in Logs – The assigned threat score is now included in active threat response logs for enhanced visibility, reporting and analytics.
  • Syslog now uses the configured firewall hostname in the device_name field, enabling clearer identification of logs across multiple devices. This helps XDR and Taegis admins differentiate data from different firewalls by device_name and also improves other syslog-based integrations.
  • Secured High Availability – Removed automatic passphrase generation, allowing administrators to create stronger passphrases that meet complexity requirements. Added unique SSH host key verification to strengthen HA authentication and prevent man-in-the-middle attacks.
  • Resizable table columns for many features, including Local ACL, Neighbours(ARP-NDR), IP tunnels, Gateways, DHCP, DNS, IPv6 Remote Access, Zone, WAN link manager, Network, and Routing tables. Column sizes are retained in the browser memory for the administrator’s subsequent visits to the web admin console.
  • Hotspot vouchers – Filter or Sort vouchers by creation date. View newly created vouchers appearing on the first page.
  • Improved RFC compliance for SNMP MIB files to enhance compatibility with third-party SNMP tools. SNMPv1 complies with RFC 1157; SNMPv2 complies with RFCs 1901, 1905, and 1906; and SNMPv3 complies with RFCs 3411 to 3418.
  • Data usage for live users is now shown using the standard unit formats (KB, MB, and GB) for enhanced usability.
  • Import of groups from Active Directory and Microsoft Entra ID authentication servers will not turn on L2TP and PPTP by default. You can turn them on in the groups or the corresponding VPN configurations.
  • Improved troubleshooting in HA – HA logs include the node name and the current role information.
  • Early EoL notification for legacy RED site-to-site tunnels. These tunnels (Legacy Firewall RED server and client configurations) will not be supported in SFOS 22 and later versions. We recommend that you migrate to the supported RED site-to-site or VPN tunnels

Issues resolved:

  • Overall v21.5 MR1 resolved 85+ important reliability, stability and security fixes.

Check out the v21.5 MR1 release notes for full details.

Link: Sophos Firewall v21.5 MR1 is Now Available – Release Notes & News – Sophos Firewall – Sophos Community – Connect, Learn, and Stay Secure

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close