Sophos.Sophos_Firewall Release Notes

v2.3.1

Release Summary

This release includes bug fixes.

Bugfixes

  • sfos_firewall_rule - app_control and intrusion_prevention parameters now accept string values instead of just “Enable” or “Disable”.

  • sfos_qos_policy - added validation rules for qos policy arguments to prevent invalid configuration from being sent to the API.

v2.3.0

Release Summary

This release introduces new modules and updates for working with firewall rules on Sophos Firewall.

Major Changes

  • new module sfos_qos_policy for managing QoS Traffic Shaping policies

  • new module sfos_web_category for managing Web categories

  • new module sfos_web_filetype for managing Web file types

  • new module sfos_web_policy for managing Web policies

  • new module sfos_web_useractivity for managing Web user activities

  • updated module sfos_firewall_rule to support additional configuration parameters

  • updated module sfos_firewall_rule to support attachment of web and qos policies to firewall rules

New Modules

  • sophos.sophos_firewall.sfos_qos_policy - Manage QoS Policies (Configure > System Services > Traffic Shaping).

  • sophos.sophos_firewall.sfos_web_category - Manage Web Categories (Protect > Web > Web Categories).

  • sophos.sophos_firewall.sfos_web_filetype - Manage Web File Types (Protect > Web > File Types).

  • sophos.sophos_firewall.sfos_web_policy - Manage Web Filter Policies (Protect > Web > Policies).

  • sophos.sophos_firewall.sfos_web_useractivity - Manage Web User Activities (Protect > Web > User Activities).

v2.2.0

Release Summary

This release introduces new modules for working with URL Groups on Sophos Firewall

New Modules

  • sophos.sophos_firewall.sfos_urlgroup - Manage URL Groups on Sophos Firewall.

v2.1.0

Release Summary

This release introduces a new module for working with Netflow collector configuration on Sophos Firewall

New Modules

  • sophos.sophos_firewall.sfos_netflow - Manage NetFlow configuration (System > Administration > NetFlow).

v2.0.1

Release Summary

This release updates Python dependencies for the project to address security vulnerabilities.

v2.0.0

Release Summary

This release implements an HTTPAPI plugin for managing connections. It eliminates the need to define credentials at each task and removes the need to delegate tasks to localhost. Please see the HTTPAPI Plugin Example for details.

Breaking Changes / Porting Guide

  • Existing playbooks developed on versions prior to 2.x must be modified with these changes in order to function

  • The delegate_to localhost is no longer required on tasks, and will cause the task to fail if configured

  • The arguments username, password, port, and verify arguments are no longer supported on tasks

  • The variable ansible_network_os must be set to sophos.sophos_firewall.sfos

New Plugins

Httpapi

  • sophos.sophos_firewall.sfos - HttpApi plugin for Sophos Firewall (SFOS).

v1.5.0

Release Summary

This release introduces a new module for working with IPSec site-to-site VPN connections on Sophos Firewall

New Modules

  • sophos.sophos_firewall.sfos_ipsec_connection - Manage IPSec Connection (Configure > Site-to-site VPN > IPSec).

v1.4.5

Release Summary

This is a bugfix release for the Sophos Firewall Ansible collection.

Bugfixes

  • Fixed an issue where the sfos_syslog module was missing the ability to enable logging for anti-spam smtp events.

v1.4.4

Release Summary

This is a bugfix release for the Sophos Firewall Ansible collection.

Bugfixes

  • Fixed an issue where the sfos_syslog module required unneccessary arguments when updating logging settings.

v1.4.3

Bugfixes

  • Fixed an issue where the sfos_syslog module would fail to update log settings

v1.4.2

Release Summary

Bugfix

Bugfixes

  • Fixed issue with service_acl_exception crashing when no destination hosts are defined

v1.4.1

Bugfixes

  • Correct test files

v1.4.0

Release Summary

This release introduces a new module for working with firewall rule groups.

New Modules

  • sophos.sophos_firewall.sfos_firewall_rulegroup - Manage Firewall Rules (Protect > Rules & policies).

v1.3.0

Release Summary

This release adds modules for working with authentication servers

New Modules

  • sophos.sophos_firewall.sfos_authentication_ad - Manage Authentication settings Active Directory.

  • sophos.sophos_firewall.sfos_authentication_azure - Manage Authentication settings AzureADSSO.

  • sophos.sophos_firewall.sfos_authentication_edirectory - Manage Authentication settings eDirectory.

  • sophos.sophos_firewall.sfos_authentication_ldap - Manage Authentication settings LDAP.

  • sophos.sophos_firewall.sfos_authentication_radius - Manage Authentication settings Radius.

  • sophos.sophos_firewall.sfos_authentication_tacacs - Manage Authentication settings Tacacs.

v1.2.1

Release Summary

Minor bug fixes

Bugfixes

  • Allow use of ‘any’ keyword for src/dst networks and services for sfos_firewall_rule module

  • Fixed documentation error in examples for sfos_zone

v1.2.0

Release Summary

This release adds modules for working with IPS and Syslog settings

New Modules

  • sophos.sophos_firewall.sfos_ips - Manage IPS protection (Protect > Intrusion Protection > IPS policies).

  • sophos.sophos_firewall.sfos_syslog - Manage Syslog servers (Configure > System services > Log settings).

v1.1.0

Release Summary

This release contains new modules for working with the SNMP agent and SNMPv3 users on Sophos Firewall

New Modules

  • sophos.sophos_firewall.sfos_snmp_agent - Manage SNMP Agent (System > Administration > SNMP).

  • sophos.sophos_firewall.sfos_snmp_user - Manage SNMPv3 User (System > Administration > SNMP).

v1.0.0

Release Summary

This is the first proper release of the sophos.sophos_firewall collection.

New Modules

  • sophos.sophos_firewall.sfos_admin_settings - Manage Admin and user settings (System > Administration).

  • sophos.sophos_firewall.sfos_atp - Manage Active Threat Protection (Protect > Active threat response > Sophos X-Ops threat feeds).

  • sophos.sophos_firewall.sfos_backup - Manage Backup settings (System > Backup & firmware).

  • sophos.sophos_firewall.sfos_device_access_profile - Manage Device Access Profiles (System > Profiles > Device Access).

  • sophos.sophos_firewall.sfos_dns - Manage DNS settings (Configure > Network > DNS).

  • sophos.sophos_firewall.sfos_firewall_rule - Manage Firewall Rules (Protect > Rules & policies).

  • sophos.sophos_firewall.sfos_fqdn_host - Manage FQDN hosts (System > Hosts & services > FQDN host).

  • sophos.sophos_firewall.sfos_fqdn_hostgroup - Manage FQDN Host Groups (System > Hosts & services > FQDN host group).

  • sophos.sophos_firewall.sfos_ip_host - Manage IP Host (System > Hosts & services > IP host).

  • sophos.sophos_firewall.sfos_ip_hostgroup - Manage IP Hostgroup (System > Hosts & services > IP host group).

  • sophos.sophos_firewall.sfos_malware_protection - Manage Malware Protection (Configure > System services > Malware protection).

  • sophos.sophos_firewall.sfos_service - Manage Service (System > Hosts and services > Services).

  • sophos.sophos_firewall.sfos_service_acl_exception - Manage Local Service Exception ACL Rules (System > Administration > Device Access).

  • sophos.sophos_firewall.sfos_servicegroup - Manage Service Group (System > Hosts and services > Service Group).

  • sophos.sophos_firewall.sfos_time - Manage Date and Time settings (System > Administration > Time).

  • sophos.sophos_firewall.sfos_user - Manage Users (Configure > Authentication > Users).

  • sophos.sophos_firewall.sfos_xmlapi - Use the XML API to get, create, update, or delete settings on Sophos Firewall.

  • sophos.sophos_firewall.sfos_zone - Manage Zones (Configure > Network > Zones).

Warning

If the firewall is a member of a group in Central, the changes made by Ansible will override the settings of the group. The actual configuration on the firewall may then differ from what is displayed for the same setting in the Central group.