We’re happy to announce the supply of Sophos ZTNA 2.1, which brings assist for on-premise Microsoft Energetic Listing for identification, zero downtime, seamless failover between cloud points-of-presence, and necessary safety enhancements.
This launch presents a brand new identification supplier answer along with the prevailing cloud-based Microsoft Entra ID and Okta options already supported by Sophos ZTNA. It allows organizations with out cloud infrastructure or a cloud-based identification platform to simply undertake Sophos ZTNA by leveraging their in-house Microsoft AD system for authentication with assist for MFA by means of captchas or e mail OTPs.
As well as, cloud gateways working on digital platforms (ESXi or Hyper-V) now assist zero downtime and seamless failover between cloud factors of presence. This functionality may also be out there for Sophos Firewall-integrated ZTNA Gateways with the discharge of v20 MR2, which is scheduled for later this month. This new functionality permits for seamless transitions to the following closest regional gateway within the occasion of an outage in your most popular gateway area, making certain uninterrupted ZTNA entry through the outage.
An extra replace with safety enhancements can also be out there as ZTNA 2.1.1. You’ll need to first replace your gateways to 2.1 after which apply the two.1.1 replace after that.
The right way to get the updates
The gateway picture updates can be found from Sophos Central. There isn’t a have to replace your ZTNA brokers.
1. In Sophos Central, navigate to the Gateways web page and spot a sign that a picture replace is offered. This notification is simply seen on gateways hosted on ESXi and Hyper-V platforms. For gateways hosted on Sophos Firewall, they are going to be up to date when making use of firmware replace v20 MR2 (out there later this month).
2. You may both provoke the improve instantly or schedule the improve for later. The replace could take as much as half-hour.
3. After the improve is accomplished and the gateway is again to “Energetic,” confirm on the gateway’s diagnostics console that each one the checks cross earlier than initiating the following replace to ZTNA 2.1.1.
Model 2.1.1 consists of necessary safety and vulnerability fixes, and we extremely suggest that prospects start the improve course of instantly. Upgrading to model 2.1.1 also needs to take roughly half-hour for a single node. The time required can be proportional if the deployment entails a multi-node cluster.
4. Verify the gateway console diagnostics as soon as the replace is full and the gateway returns to the “Energetic” state. If all diagnostics checks cross, useful resource entry may be resumed.
Documentation
The most recent on-line documentation is right here.
The troubleshooting information has additionally been up to date in case you encounter any points throughout configuration.