Liongard

Roar Users Guide & Documentation

Welcome! You'll find comprehensive guides and documentation to help MSPs start working with Liongard's Roar as quickly as possible, as well as support if you get stuck. Let's go #MakeITRoar!

Get Started    

Sophos SG

This document provides the steps required to configure the Sophos SG Inspector.

👍

Quick Details:

Recommended Agent: On-Premise
Supported Agents: On-Premise or Self-Hosted
Is Auto-Discovered By: N/A
Can Auto-Discover: N/A
Parent/Child Type Inspector: No
Inspection via: API
Data Summary: Here

Overview

See it in Action

Video isn't playing? Click here.

Inspector Setup Preparation

Log into the Sophos SG interface

Liongard Sophos SG Inspector Setup Step 1Liongard Sophos SG Inspector Setup Step 1

Liongard Sophos SG Inspector Setup Step 1

Create a Read-Only Local User

  • Navigate to "Definitions & Users" > "Users & Groups" and then click "New User"
  • Fill in the Username and Real name fields with "liongard"
  • Set Authentication to Local and set a password
  • Make this user a member of the Read-Only group so that "liongard" has read-only access
  • This user will be used later only to map the API token in later steps
Liongard Sophos SG Inspector Setup Step 2Liongard Sophos SG Inspector Setup Step 2

Liongard Sophos SG Inspector Setup Step 2

Enable the REST API

  • Enable the REST API on Sophos SG by going to Management > WebAdmin Settings > RESTful API.
  • Click the checkbox to enable the API, and then create a new API token.
  • Map the token to the "liongard" user you created in the earlier step.
  • Save this token for later when setting up the Sophos SG Liongard Inspector.
Liongard Sophos SG Inspector Setup Step 3Liongard Sophos SG Inspector Setup Step 3

Liongard Sophos SG Inspector Setup Step 3

Liongard Inspector Setup

In Liongard, navigate to Admin > Inspectors > Navigate to the Sophos SG Inspector > Select Add System.

Fill in the following information:

  • Environment: Select the Environment this System should be associated to
  • Friendly Name: Suggested "Sophos SG [Environment Name]"
  • Agent: Select the On-premise Agent installed for this Environment or the Self-Hosted Agent
  • Inspector Version: Latest
  • IP Address: Input the IP address of the Sophos SG firewall
  • Port: Input the Port for the Sophos SG firewall. The Sophos default is 4444.
  • Token: Input the Token from the steps above.
  • Scheduling: The Inspector will default to run once a day at the time the Inspector is set up. Here you can adjust the schedule

Select Save. The Inspector will now be triggered to run within the minute.

If you have any issues with connectivity after setting up the Inspector, then you may need to whitelist the IP of the Agent running the Inspector to allow access to the Sophos SG firewall.

🚧

Serverless Environment

We recommend deploying the Sophos SG Inspector using an On-Premise Agent. However, if a client network is serverless, you can deploy and whitelist a Self-Hosted Agent and use that Agent to run the Inspector. Please review this documentation for more information.

This Inspector runs on Port 4444.

Optional: Turn on Flexible Asset/Configuration Auto-Updating

If you would like this Inspector's data to be sent to ConnectWise and/or IT Glue, turn on Flexible Assets/Configurations for this Inspector:

  • ConnectWise: Admin > Integrations > ConnectWise > Configuration Types > Confirm the "Configuration Auto-Updating" toggle is enabled
  • IT Glue: Admin > Integrations > IT Glue > Flexible Assets > Confirm the "Flexible Asset Auto-Updating" toggle is enabled

Updated 2 months ago


Sophos SG


This document provides the steps required to configure the Sophos SG Inspector.

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.