The Azure Security Center found a malicious container running as part of a Kubeflow implementation. Sophos also documented a cryptomining campaign called Kingminer that attacked servers using. Sophos XG Firewall is available on Microsoft Azure! XG Firewall is available as a preconfigured virtual machine within the Azure.
Azure Sophos Vpn
- Sophos UTM can connect with Microsoft Azure, site to site VPN in Static routing VPN Gateway. The basic requirement is in below table: The table below lists the requirements for both static and dynamic VPN gateways.
- Sophos Cloud Security Posture Management Easily identify cloud resource vulnerabilities, ensure compliance, and respond to threats faster. Asset and network traffic visibility for AWS, Azure, and Google Cloud Risk-based prioritization of security issues with guided remediation.
Important
The Sophos XG Firewall data connector in Azure Sentinel is currently in public preview.This feature is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.For more information, see Supplemental Terms of Use for Microsoft Azure Previews.
This article explains how to connect your Sophos XG Firewall appliance to Azure Sentinel. The Sophos XG Firewall data connector allows you to easily connect your Sophos XG Firewall logs with Azure Sentinel, to view dashboards, create custom alerts, and improve investigation. Integration between Sophos XG Firewall and Azure Sentinel makes use of Syslog.
Note
Data will be stored in the geographic location of the workspace on which you are running Azure Sentinel.
Forward Sophos XG Firewall logs to the Syslog agent
Configure Sophos XG Firewall to forward Syslog messages to your Azure workspace via the Syslog agent.
In the Azure Sentinel portal, click Data connectors and select Sophos XG Firewall connector.
Select Open connector page.
Follow the instructions on the Sophos XG Firewall page.
Find your data
After a successful connection is established, the data appears in Log Analytics under Syslog.
Validate connectivity
It may take up to 20 minutes until your logs start to appear in Log Analytics.
Next steps
In this document, you learned how to connect Sophos XG Firewall to Azure Sentinel. To learn more about Azure Sentinel, see the following articles:
Sophos Firewall Price
- Learn how to get visibility into your data, and potential threats.
- Get started detecting threats with Azure Sentinel.
- Use workbooks to monitor your data.