What We Monitor
Sophos UTM devices are firewall/VPN devices that provide controlled connectivity between an internal network and an external network (internet) while providing protection for the internal network by blocking traffic that isn’t explicitly allowed.
The VPN functionality allows encrypted external connections to the internal network by pre-configured authenticated users. Sophos UTM devices can be configured to provide additional security functions as well. CimTrak for Network Devices monitors the device configuration for changes, logs the changes, and then notifies the responsible parties of them
How CimTrak for Sophos Works
When CimTrak locks a Sophos UTM device for monitoring, it reads the configuration of the device. It calculates a digital signature for the configuration, and store it in CimTrak’s master repository along with a copy of the configuration.
When CimTrak detects a change in the configuration, that configuration and its digital signature
Benefits of using CimTrak for Sophos
CimTrak detects any change to the Sophos UTM device’s configuration.
- When changes are detected, CimTrak for Network Devices can be used to compare the device’s configuration to its previous
configuration,
- CimTrak for Network Devices can detect any change to the Sophos UTM device’s configuration, log the activity, and notify the responsible parties by e-mail, Syslog, or SNMP.
