Sophos XG Firewall Web Interface Reference and Admin Guide v16.5

Figure 456: Add Local Service ACL Exception Rule

10. Click Save.

Admin Settings

Admin Settings allows you to modify the admin port settings and login parameters. Customize the login parameters to restrict local and remote user access based on time duration.

1. Enter host details a) Enter a name in the form of a Fully Qualified Domain Name (FQDN).

Acceptable Range: 0 to 256 characters

Example: security.sophos.com

Note: When the device is deployed for the first time, the serial ID of the device is saved as the hostname.

b) Enter the description.

| System | 497

| System | 498

Figure 457: Hostname

2. Configure Admin Port settings a) Displays the HTTP port configured in SF-OS v15 if you have upgraded from SF-OS v15 and enabled HTTP service.

Default: 80

Note: From v16 onwards, the device does not support access of Admin console on this port. Traffic on

HTTP port is automatically redirected to HTTPS port.

b) Enter the port number to configure the HTTPS port for secure Admin Console access.

Default: 4444 c) Enter the port number to configure the HTTPS port for secure User Portal access.

Default: 443 d) Select the Certificate to be used by User Portal, Captive Portal, SPX Registration Portal and SPX Reply

Portal.

Figure 458: Admin Port Settings

3. Set login security for Administrators a) Select the checkbox and configure the duration (in minutes) of inactivity for the administrative session after which the device is locked automatically. This configuration is applicable to Admin and CLI Console, IPsec

Connection Wizard, Network Wizard, Group Import Wizard.

Default: 3 minutes b) Select the checkbox and configure the period (in minutes) of inactivity after which the administrator is logged out automatically.

Default: 10 minutes

Note: The Logout Admin Session After value must be greater than the Lock Admin Session After value.

c) Select the checkbox to block login to the Admin Console and CLI. Enter the maximum number of failed login attempts and the duration (in seconds) within which the attempts can be made from a single IP address. When the failed attempts exceed the number, the administrator is locked. Specify the number of minutes for which the administratorwill not be allowed to login. The administrator account will be locked for the configured minutes if the allowed failed login attempts exceeds.

| System | 499

Figure 459: Login Security Settings

4. Select the checkbox to enable password complexity settings for Administrators and enforce the required constraints.

Figure 460: Administrator Password Complexity Settings

5. Select Enable Login Disclaimer to set messages for authentication, SMTP, administration and SMS customization, which administrators must agree to before they can log in to the Admin Console and CLI. You can customize and preview messages too.

Figure 461: Login Disclaimer Settings

6. Select Sophos Adaptive Learning to send the following application usage and threat data to Sophos: Unclassified applications (to improve network visibility and enlarge the application control library), Data for IPS alerts, detected virus (including URLs), spam, ATP threats such as threat name, threat URL/IP, source IP, and applications used.

The device sends periodic information to Sophos over HTTPS to improve stability, prioritize feature refinements, and to improve protection effectiveness. No user-specific information or personalized information is collected.

The device sends configuration and usage data by default. This includes device information (example: model, hardware version, vendor), firmware version and license information (does not include owner information), features that are in use (status, on/off, count, HA status, central management status), configured objects (example: count of hosts, policies), product errors, and CPU, memory and disk usage (in percentage).