/ Academy

Sophos UTM Example

Below is a quick configuration guide for Sophos UTM firewall.

Summary:

  • Define a LogicMonitor Collector network host object
  • Assign the object to IPFIX Accounting
  • Update the LogicMonitor collector configuration to listen on the correct port for IPFIX export

First, log in to Sophos UTM firewall. Navigate to Logging & Reporting -> Reporting Settings -> IPFIX Accounting:

 

Select or define a new network host object for the LogicMonitor Collector:

Assign the network object to the IPFIX export and set a unique observation ID domain:

Since the default PFIX port of 4739 is not configurable on the Sophos end, you’ll need to edit the netflow.ports section of the collector’s agent.conf to listen on that port. 

More from LogicBlog

4 Steps to Making Observability Real for Your Team
Blog / 12.03.21
4 Steps to Making Observability Real for Your Team

Here are some Unified Observability best practices your team should implement to improve visibility into your application’s code. 
Introducing LM Concierge
Blog / 11.29.21
Introducing LM Concierge

Introducing LM Concierge; the most robust, exclusive support and services offering for Enterprise customers to take their LogicMonitor journey to the next level.

Monolithic (Legacy) vs. Microservices Application Development
Blog / 11.23.21
Monolithic (Legacy) vs. Microservices Application Development

Understand the differences for development between legacy, monolithic, and microservices applications and the inherent pros and cons that each one holds.
View all
Amps robot shadow

Let's talk shop, shall we?

Get started