Central is Sophos’ unified console to manage Sophos products like your XG firewall.
Sophos Central is not just about the XG firewall. It is in fact a console to manage several different products.
The real power of Central for a home user is that you can use it to manage your XG firewall(s). Especially when you manage more than one for members of your family or your neighbor. Sophos Central can be used to centrally manage all instances.
Firewalls can be grouped together and policies can be changed once and applied to all firewalls in the group automatically.
If you only manage one firewall at your own house then one of the benefits of Central is that you can manage your firewall from outside. You can do so without opening the management port to the internet.
Registering your Sophos Central account
To start using Sophos Central you can apply for a free thirty day trial of Sophos Central. During this trial you can evaluate the full product.
After the trial period, most features will stop working, but not the XG firewall management. You can keep managing your firewalls free of charge.
First register for an account at the Sophos website. You need to enter some information amongst others your name, email address, phone number.
After registering you will receive an email to activate your account and create a password.
For extra security Sophos advises to use multi-factor authentication for all admins. I think you should just leave this box checked.
You must also choose the data center that will store your data. Currently you can choose from the United States, Germany and Ireland. Choose the location closest to your home for best performance. Beware this change is permanent and you cannot change it anymore.
Next you must enter the code sent to your email and create a PIN.
Next step is to choose an authentication type. My advise would be to choose the second option.
When choosing for this authentication method, you will see a QR-code that you need to scan with your authenticator app.
After scanning the QR-code, your authenticator app will show you a 6-digit code that you need to enter in the Security Code field. Additionally you can enter the device name of the device where you stored the QR-code.
First login to Sophos Central
After successfully verifying you will be automatically logged in to Sophos Central for the first time.
You will have full access to all features included in Sophos Central. If you would like to do so, then use these thirty days wisely. This article however will just be about Firewall Management.
Adding your XG firewall to Sophos Central to manage it
If you didn’t already install your XG firewall at home, then you might want to read my article Installing Sophos XG Firewall Home Edition explaining how to install it.
After clicking on Firewall Management in the above window you can click on a button to add your firewall. I’m not sure why this button is here, since adding your firewall should be done from the firewall itself.
To add your firewall to Sophos Central, login to your firewall webadmin page and navigate to Protect -> Central Synchronization and click on the button to register.
Next you enter the email address and password you used to register Sophos Central and confirm registration. After a short wait you firewall is registered in your Sophos Central account.
You can enable all features, however the Security Heartbeat is part of the Sophos Endpoint software (that you now are free to also try for 30 days).
After adding the firewall, you need to Approve the addition of the firewall in your Sophos Central account.
By clicking on the text ‘Approval Pending’ you can choose to ‘Accept services’ after which the firewall status will change from Approval Pending to Connected.
You can hover your mouse over several fields and click for action. Clicking on the firewall name will directly connect you to your firewall webadmin from within Sophos Central. This will work from anywhere and doesn’t require you to open up any ports to the internet.
Just hover and click around here to see what you can do with your firewall from within Sophos Central.
Open Sophos Central with an InPrivate / Incognito browser window
Not sure why but I found that in my case I often see an nearly empty screen when opening your webadmin from within Sophos Central. It must have something to do with cookies, because if I delete all cookies, then I don’t have this problem.
A faster option then deleting cookies, is to just open your browser in InPrivate or Incognito mode.
In my article Firewall groups in Sophos Central I will show you how you can group firewalls together and make changes to all firewalls in a group simultaneously. Before that make sure to add all firewalls you manage to your Sophos Central account.
If you like this article, you may also like my other Sophos articles.