SSH Access - User can access the SSH with its own credential
Currently it is possible to access the SSH only with the ADMIN user.
For companies that need to be compliance with the PCI this is not acceptable.
It is very important each User can access the SSH with its own credential for audit purposes
It is possible to give other users access with a private key (to the admin/root account). - I personally think it should be possible to add multible users to ssh access. especially if you have multible admins with access shell access. it can be hard to track who does something if all work with the same user. - imo its just bad practice.
much more worrying is the fact, that the default-admin user can not be removed or changed.
This is not a violation of PCI-DSS as there is no reason a regular user should need to ssh into the firewall appliance. If this is the case then you need to re-evaluate your implementation and practices.
This violates PCI-DSS and also runs counter to the view of NIST on the use of privileged accounts.
Agreed - this is a violation of PCI-DSS.
NIST also frowns on this type of implementation of privileged accounts.
Please, make it possible to use every user for SSH administration.
Timothy Erwine commented
This is an absurd and easily correctable issue. Little things like this are why I cannot recommend Sophos UTM products to my clients. I have the (dis)pleasure of working on the platform where it's already been installed and I can say that I am not impressed.
Please this is very needed, more than one user should be able to access via SSH specially for VPN debugging, troubleshooting and route config. As the tools providing via GLi are not enough for these purposes
it's unacceptable this requeriments, this MUST be provided...
It's a shame that an enterprise as Sophos do things like this.
The lack of this feature just cost us a lot of money as we need to send someone onsite now.
ITTY IPE KOSHY commented
I notice that I can access the device console (CLI) only via ssh/ web admin page if I am logged in as user "admin" which is the default user ID. Following are my thoughts on XG access I think would be good when looking from a security angle.
1. It would be great if non-default user with Administrator profile would also be able to access the CLI(SSH). (It is always advisable to use non-default administrator IDs for device management.)
2. This one is connected to suggestion above. The new administrator should be able to disable the default Administrator user "admin".
John Woodall commented
Yes, this is needed.
Clayton Dillard commented
This is a much needed feature for auditing and compliance reasons.
Along this same line, allow additional users to be created and cfg'd for admin access. Also, it would be good to tie this into the profiles in "Profiles --> Device Access".
This is great needed not just for compliance here you can not use the default admin account, but you should be able to grant any admin shell access for change management and auditing. I work with many clients and I do not want to know/use their admin account. I'd much rather the clients create an alternate admin account for me to use (with shell access) so that both my actions are accounted for and cannot be blamed for actions taken with their admin account