Sophos XG Firewall Web Interface Reference and Admin Guide v16.5

| Protect | 249

• A Potentially Unwanted Application has been detected.

Green

You do not need to do anything.

• Sophos security software is working correctly.

• No active malware has been detected.

• No inactive malware has been detected.

• No Potentially Unwanted Application has been detected.

Security Heartbeat Global Configuration

This page describes how to log in with your Sophos Central account and enable Security Heartbeat.

1. Go to Protect > Advanced Threat > Security Heartbeat.

2. Specify the Sophos Central login details.

Email Address

Enter the email address of your Sophos Central account.

Password

Enter the password of your Sophos Central account.

Note: You can also create a Sophos Central account by clicking Create Sophos Central Account.

3. Click Register.

You are registered with your Sophos Central ID to the Sophos XG Firewall. Security Heartbeat is enabled.

4. Add zones to the Missing Heartbeat Zones field.

Missing heartbeats will be detected only in these zones.

Note: If a zone is blocked by a policy but no zone is added here, in the Control Center the Security

Heartbeat widget shows "Missing".

5. Click Apply.

If you disable Security Heartbeat you are still registered with your Sophos Central account. This is a comfort function of Sophos XG Firewall and has no network security value.

To clear your registration from Sophos XG Firewall, click Clear Registration.

Sandstorm Activity

Activity records provide basic information such as the date and time on which files were sent to Sandstorm. They also indicate analysis and release status. Use the links provided to view report details and release files.

To filter the list, click the Filter button ( ) and specify criteria. For example, you can filter on a date range or file type.

To view details of a Sandstorm analysis, click Show report. Reports contain the following:

• Download details, for example, the source and download time

• File details, for example, the file name and type

• Result of the Sandstorm analysis

• Description of the potential threats contained by the file

• A list of all users who have downloaded the file

To release a file, click Release Now. When you release a file, users can download it immediately. Only files that are currently being analyzed or that have been returned with error status are eligible for release.

Sandstorm continues to analyze the file even if you release it.

CAUTION: Releasing an item before the analysis is complete may result in the downloading of malicious content.