/ Academy

Sophos UTM Example

Below is a quick configuration guide for Sophos UTM firewall.

Summary:

  • Define a LogicMonitor Collector network host object
  • Assign the object to IPFIX Accounting
  • Update the LogicMonitor collector configuration to listen on the correct port for IPFIX export

First, log in to Sophos UTM firewall. Navigate to Logging & Reporting -> Reporting Settings -> IPFIX Accounting:

 

Select or define a new network host object for the LogicMonitor Collector:

Assign the network object to the IPFIX export and set a unique observation ID domain:

Since the default PFIX port of 4739 is not configurable on the Sophos end, you’ll need to edit the netflow.ports section of the collector’s agent.conf to listen on that port. 

More from LogicBlog

How LM Cares Is Supporting LogicMonitor’s R+DEI Initiatives
Blog / 01.19.21
How LM Cares Is Supporting LogicMonitor’s R+DEI Initiatives

LM Cares focuses on external outreach and internally supporting our LMers and our Respect, Diversity, Equity and Inclusion initiatives. See how!
What is SNMP and How Does It Work?
Blog / 01.15.21
What Is SNMP and How Does It Work?

SNMP is mainly used for the collection of data about devices, and is supported on most network equipment. Learn more about SNMP and how it works!
2020 in Review: LogicMonitor Product Advancements
Engineering / 01.12.21
2020 in Review: LogicMonitor Product Advancements

LogicMonitor had 16 product releases in 2020. Learn more about the notable capabilities that were released to advance our observability platform!
View all

Let's talk shop, shall we?

Get started