As you know from the previous article in this series, there are a ton of new enhancements coming for Central Firewall Management for both you and your customers.
In this article we want to bring an important change to your attention with Role-Based Access Control (RBAC):
Change in Account Permissions Affecting Partner Central Firewall Management
The Sophos Central Partner Dashboard allows partners to set permissions per partner dashboard login limiting which customer accounts these logins can interact with. This restriction has not previously been enforced on Firewall groups as it is with other global templates. This is changing.
After July 4, 2022, partner dashboard logins below PartnerSuperAdmin level with permission to manage firewalls, will not be able to see or edit firewall templates that include customers they do not have explicit permission to manage. This will be consistent with how permissions are managed for global templates in the Partner Dashboard, and most partners should not see any change.
What you need to do:
If you use restricted roles for your partner admins, please be sure to check that customer access rights are assigned correctly before July 4th.
How to check customer permissions:
In the Partner Dashboard, navigate to Settings & Policies > Administrators, then select a login to review. If the Customer Access list does not contain all expected accounts, click Edit, and add any accounts not yet included.
The next update to Sophos Central Firewall Management will be bringing APIs and a new World View for Sophos Central SD-WAN Orchestration.