How can we help?

How to configure NetFlow on Sophos XG firewalls

Follow

Sophos XG firewalls support NetFlow v5. You can export all the parameters of v5.

You can add up to five separate NetFlow servers.

These instructions assume:

Configure NetFlow

  1. Log into the firewall’s web admin console.
  2. Navigate to System > Administration.
  3. Select NetFlow from the top navigation panel.
  4. Click on the + sign to create a new row.
  5. In the Server Name field, enter a recognizable name for the Auvik collector.
  6. In the Netflow Server IP/Domain field, enter the Auvik collector IP address.
  7. In the Netflow Server Port field, enter the port number you’d like to use. Choose from any of these ports: 2055, 2056, 4432, 4739, 6343, 9995, or 9996.

Note that Sophos XG devices will only collect NetFlow from firewall rules that are logged. So if it’s not already enabled, you’ll need to ensure the Log Firewall Traffic option is enabled for all rules that are passing traffic.

Was this article helpful?
6 out of 6 found this helpful
Have more questions? Submit a request