Configuring Sophos XG Firewall On Azure

Introduction

Sophos Firewall is the next-generation firewall for all solutions. It’s one of the leading Firewalls in the industry. The Sophos XG Firewall is mainly designed for Azure-based deployment. With its help, you can protect your Azure workloads against multiple kinds of threats. There are several methods to configure Sophos XG Firewall on Microsoft Azure marketplace. In this demo, we will learn how to configure Sophos XG Firewall using the Azure portal.

Prerequisites for deploying Sophos XG Firewall

1. Azure subscription
2. Sophos Central account; we can create a free trial account from here.
3. Sophos XG Firewall serial number; we can register BYOL (Bring Your Own License) for a free evaluation serial number here.

Let’s deploy Sophos XG Firewall in Azure.

Step 1

Log into your Azure portal here.

In the dashboard, choose to create a resource and type Sophos, then select " Sophos XG Firewall".

Step 2

In the "Sophos XG Firewall", select "Create" button to start the deployment.

Step 3

In the "Basic Configuration Setting" part, we can type the VM Name, Strong Password, and we have to select Subscription, Resource Group, and Location. After completing this part, click “OK”.

Step 4

In the "License Type" part, there are two types of licenses. In this demo, we choose BYOL.

• BYOL (Bring Your Own License) – we can get a one-month free license from here.
• PAYG (Pay As You Go) – Not needed serial number for this option.

We can change the virtual machine type size as per our budget, so click the "Change Size" link. You can select the cost and VM size as per your requirement. In this demo, we selected “D2 Standard”.

Step 6

In the “Virtual Network” part, we need to create the Virtual Network Name and the Address Space, and then click “OK".

Step 7

In the “Subnet” part, we need to create a WAN subnet address with a prefix, and LAN subnet address with a prefix. After configuring the subnets, click OK to close the subnet part.

Step 8

In the “Public IP Name” part, we can create a new Public IP. In this demo, our Public IP Name is “BattiPublicIP”. Click OK to close the PublicIP details.

Step 9

In the “Domain Name” part, we need to type our domain name. In this demo, I typed “batti”, so our domain address is “batti.southcentralus.cloudapp.azure.com”.

Step 10

In the “Storage Account” part, we need to create a new storage account using the “Create New” button. Enter the information and we can select the disk performance (Standard or Premium) and click OK to close the Storage part.

Step 11

Yes, now we have successfully completed the configuration part. Click “Ok” to start the process.

Step 12

Yes, our validation process has passed. Now, we are ready to buy the Sophos XG Firewall, so click “OK” to continue.

Step 13

Click “Create” to deploy the firewall.

Step 14

We have successfully deployed the Sophos XG Firewall. Choose "Pin to dashboard" to add the dashboard, or click "Go to resource group" to access your firewall.

Step 15

Now, we can find our firewall. The “BattiFW” virtual machine is our firewall, so click “BattiFW”.

Step 16

In BattiFW, we can find our Public IP address. We need to know this Public Address to access the firewall.

Step 17

Open your browser and type https://23.101.185.218:4444 and press Enter.

Step 18

It’s displaying "Not secure". Well, that doesn’t matter; just click “Advanced” to continue.

Step 19

Click “Proceed to 23.101.185.218 (unsafe), to enter the firewall page.

Step 20

Yes, now we got the Sophos XG Firewall Access. By default, our username is “Admin” and the password we created earlier on the "Basic Configuration" part. So, enter the login information and click "Login".

Step 21

In the License Agreement part, click “I accept” to continue.

Step 22

In the Serial Number part, I already got the Serial number from the free trial account. Paste the serial number and click “Continue”.

Step 23

In this part, we need to create Sophos ID, so click “Create Sophos ID”.

Step 24

It’ll prompt the new tab, so enter your information and click the “Register” button.

Step 25

Now, a confirmation email is sent to our email account. So, click the confirmation link to continue the registration process.

Step 26

Now, we need to sign into our account using our email and password. So, click the “Sign In” button.

Step 27

In this part, we can find our Device Serial Number, so click “Continue” to start.

Step 28

In this part, we need to enter our company information to complete the registration process. Click the “Continue” button to complete the registration.

Step 29

Okay, now our device is ready to register. So, click “Confirmation Registration”.

Step 30

Our device is registered now. Click “Initiate License Synchronization”.

Step 31

Now, the basic setup is completed. Let's click “Continue”.

Step 32

Now, we can access our “Sophos XG Firewall”.

Summary

I hope you have understood how to install Sophos XG Firewall. If you have any questions, please leave a comment.