What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

How can I monitor Sophos UTM devices with PRTG?

Votes:

2

I would like to monitor my Sophos UTM appliance with PRTG but there are no native sensors for Sophos UTM. How can I set up UTM monitoring with PRTG nevertheless?

application-firewall firewall mib oidlib paetemplate prtg snmp snmp-library sophos utm

Created on Feb 13, 2017 5:47:09 PM by Felix Saure [Paessler Support]

Last change on Aug 10, 2017 8:27:41 AM by Luciano Lingnau [Paessler]



15 Replies

Accepted Answer

Votes:

4

This article applies to PRTG Network Monitor 16 or later

Monitoring Sophos UTM Firewalls with PRTG

Out of the box, PRTG includes a broad variety of sensors for SNMP capable devices. For other device types, like Sophos UTM Solutions, PRTG provides the great possibility to create custom sensors. For example, if the device that you want to monitor supports SNMP, you can try to get a MIB file from the vendor, convert it with the MIB Importer into an OIDlib file for PRTG, and use it with the SNMP Library sensor.

Update: For the Sophos UTM devices, we provide a Device Template to add the sensors using the auto-discovery. See below for download and instructions.

Using Device Templates to Monitor Sophos UTM Devices

We created a Device Template using the Sophos MIB files as well as the vendor's image to simplify the import. You can download the zip-archive from here: PRTG_Sophos_20170112.zip

Update: For the Sophos UTM9/XG devices, there is an updated version of the template available on GitLab. Direct link for installation download.

With the help of this device template you can create the following sensors:

Device Overview Sophos UTM

Click here to enlarge.

Follow the steps below to set up your Sophos UTM monitoring.

Steps to Go

  1. Download PRTG_Sophos_20170112.zip
  2. Extract all files into the folder of your your PRTG installation under %programfiles%PRTG Network Monitor.
  3. In PRTG, create a new device.
  4. Navigate to the settings page of the device.
  5. Choose Device Type > Sensor Management > Automatic sensor creation using specific device template(s) > Sophos UTM9 and let PRTG create the Sophos UTM sensors for you. For newer versions, please right-click the device within your device tree instead and choose "Auto-Discovery > Run Auto-Discovery with Template" and select the device template "Sophos UTM9" here.
  6. Enjoy monitoring your Sophos UTM device!

Notes

The provided files will add the most relevant monitoring metrics for Sophos UTM devices. According to the Sophos MIB file, there are no additional OIDs available right now using SNMP.

Please note that we cannot provide any support for these OIDs, nor can we guarantee that they work as expected.

More

For more information, please see the following articles:

Created on Feb 13, 2017 6:53:04 PM by Felix Saure [Paessler Support]

Last change on Aug 26, 2020 5:57:39 AM by Timo Dambach [Paessler Support]



Votes:

0

Hi U, About monitor hard disk? i tried but not successful

Created on Jul 26, 2017 9:04:37 AM



Votes:

0

Hi mathnahtnaodel,

I'm not sure whether Sophos provides data about hard disks at all by SNMP. I've found different threads stating it might work by editing snmpd.conf on the UTM while others were like "No, it does not work and there's a feature request at Sophos pending about it".

If the SNMP Disk Free or SNMP Linux Disk Free sensors do not work, then I would recommend to contact Sophos about clarification if it is possible at all.

Kind regards,

Erhard

Created on Jul 27, 2017 10:27:52 AM by Erhard Mikulik [Paessler Support]



Votes:

0

Hi Erhard Mikulik,

Thanks your reply

I also tried edit snmpd.conf but not work

Thank you!

Created on Jul 28, 2017 9:26:01 AM



Votes:

0

Hi mathnahtnaodel,

Then I'm afraid you need to contact Sophos about that.

Kind regards,

Erhard

Created on Jul 28, 2017 9:28:47 AM by Erhard Mikulik [Paessler Support]



Votes:

0

Oke Erhard Mikulik

Tks!

Created on Jul 29, 2017 3:15:21 AM



Votes:

0

How about the newer Sophos XG models? Do the provided mib file and the instructions above still work?

I found a thread on their support with another mib but haven't tested it yet. https://community.sophos.com/products/xg-firewall/f/sophos-xg-firewall-general-discussion/75477/has-anyone-got-snmp-monitoring-working/367787#367787

Created on Nov 12, 2018 2:53:48 PM



Votes:

0

Hello prehcm,

I cannot verify this as we don't have a Sophos XG lying around here. Give it a shot to find out, otherwise try the other MIB as described here for example. Otherwise contact us by email so we can dig deeper into this and also send us this other MIB file.

Kind regards,

Erhard

Created on Nov 13, 2018 1:39:23 PM by Erhard Mikulik [Paessler Support]



Votes:

1

Is there any sensors that monitor the UTM VPN Connection status (up/down) and VPN Traffics and bandwidth?

Created on Dec 12, 2018 6:46:15 PM



Votes:

0

Hello jbkatutu,

If it's not in the MIB, then no, it appears they do not provide those metrics by SNMP, see also here for example.

Kind regards,

Erhard

Created on Dec 13, 2018 6:37:21 AM by Erhard Mikulik [Paessler Support]



Votes:

0

There may be a workaround. Every Sophos UTM vlan interface is visible and to available for snmp traffix monitoring (plain SNMP) Suppos there's a way to create an extra VLAN interface between your internal network and the remote (VPN) network and getting all VPN traffic over this new Vlan. When this really works within UTM (haven't got the time to test it) it is possible to monitor traffic for the specific VPN.

Another nice extra feature would be that we're able to set QoS for each VPN tunnel (which isn't possible in UTM)

As soon I've had the time to test I'll get back.

Grtzz Mark

Created on Mar 9, 2019 5:37:14 PM



Votes:

0

Any chance to monitor the Sophos Access Point (traffic eg)?

Created on May 3, 2019 10:12:41 AM



Votes:

0

Hello Maik,

In case the Access Point has an SNMP implementation of its own, try adding the Access Point with its IP to PRTG with the required "Credentials for SNMP Devices" and try adding the regular SNMP Traffic Sensor.

Kind regards,

Erhard

Created on May 6, 2019 7:52:37 AM by Erhard Mikulik [Paessler Support]



Votes:

0

Hi everybody,

I´ve downloaded and installed the older and the newer "plugin". I´ve create a device for our UTM-Device, enabled SNMP-Query on the UTM and I´m able to query via Paessler SNMP Tester from the PRTG-Host. - Firewall logs permitted SNMP-Traffic

I´ve executed the device search with the template but nothing gets added.

Has anybody a working config?

Created on Sep 10, 2020 10:34:31 AM



Votes:

0

Jimbeam128,

Can you try adding an SNMP Uptime sensor to the UTM from PRTG?

Benjamin Day
[Paessler Support]

Created on Sep 10, 2020 8:55:06 PM by Benjamin Day [Paessler Support] (1,441) 2 1




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.