With the release of Sophos UTM version 9.1, you can now create firewall rules based on source MAC (media access control) addresses.
This functionality provides stricter security as it prevents users from setting a static IP address and potentially gaining access to filters based on that IP address.
Known to apply to the following Sophos product(s) and version(s)
UTM 9.1 or higher
What To Do
- Open the Sophos UTM WebAdmin interface and login.
- Go to the 'Definition & Users' | 'Network Definitions' | 'MAC Address Definitions' tab.
- Create the MAC address list object.
- Go to the 'Network Protection' | 'Firewall' | 'Rules' tab.
- Create the rule as usual by choosing sources, services and destinations. 'Action' can be either "Allow", "Drop" or "Reject".
- Expand the 'Advanced' section and select from the 'Source MAC Addresses' field your MAC list definition.
This configures the rule so that it only applies to the hosts with the MAC address from that list.