To set up Sophos UTM Collector, follow the procedures below:
Enable Sophos UTM Collector
Install the XDR Collector
Configure the Firewall
Open the port on the XDR Collector Host
Enable Sophos UTM Collector
In Barracuda XDR Dashboard, navigate to Administration > Integrations.
On the Sophos UTM Collector card, click Setup.
Select the Enabled check box.
Click Save.
Install the XDR Collector
If you haven't already set up the XDR Collector, do one of the following:
Configure the Firewall
In Sophos UTM Firewall, click System services > Log settings.
Click Add.
Enter a name.
Specify the settings like the graphic below.
Type 9207 in the Port field.
Click Save.
Go to Log settings and select the logs you want to send to the syslog server.
Open the Port on the XDR Collector Host
Ensure incoming traffic is allowed on UDP port 9207.
Linux
sudo ufw allow 9207/udp
Windows
netsh advfirewall firewall add rule name=“Sophos UTM Firewall Events” dir=in action=allow protocol=UDP localport=9207