Sophos UTM Firewall

Been running XG for a while and Im really enjoying it. I was doing lab pen testing and I have to tunnel payloads through a ssh tunnel or sophos catches it (even when the payload has AV avoidance methods). Nice product.
 
Glad you are finding good use for it.

Scales very well as an enterprise product as well.
 
Giada does not support XG properly or is it the other way around...

I bought a Giada with 2 nics and installed XG

The spec for the NICs says the following: Realtek 8111F, Gigabit Ethernet

I have an old routerboard on the wan side. (I need dual WAN, and I was going to use VLANs to achieve this) But the XG can only link at 100M half duplex... and cant run VLANs due to the NIC not being supported. However, it does work in a basic configuration...

It seems there are many NICs not supported

So for my purposes I bridged the XG and set up my network and dual WAN on the Routerboard... without VLANS.

And I end up with an expensive webfilter... Dont use Giada and Sophos XG. You will be dissapointed. Lucky for me it will be donkey years before internet faster than 100mbps ever arrives where I live. So this set up is OK for decades...
 
ghoti said:
What hardware would recommend for XG? I have it virtualized at the moment, but I want to commit it to hardware. Is there some small factor duel NiC system you can recommend at a reasonable price? I would prefer something with as few moving parts as possible.
Click to expand...

PCEngines make some good hardware & enclosures: http://www.pcengines.ch/order.htm, http://www.pcengines.ch/newshop.php?c=4 if you want Sophos (Intel). My own unit is a home UTM 9 which runs on a PC based 4th gen Core i3, processor idles mostly at 1%, 8G RAM never goes over 27% with a lot of options enabled including IPS.

If the pricing is too steep, & Intel too restrictive, take a look at IPFire which will run on both Intel and ARM which includes various Raspberry Pis http://wiki.ipfire.org/en/hardware/arm/start

Personally, I'd go with the Sophos UTM or XG, and consider an appliance for production, remember that you are also paying for ICSA labs certification. And being in politics means that you would probably want to run a few VPN tunnels...
 
infscrtyrisk said:
PCEngines make some good hardware & enclosures: http://www.pcengines.ch/order.htm, http://www.pcengines.ch/newshop.php?c=4 if you want Sophos (Intel). My own unit is a home UTM 9 which runs on a PC based 4th gen Core i3, processor idles mostly at 1%, 8G RAM never goes over 27% with a lot of options enabled including IPS.

If the pricing is too steep, & Intel too restrictive, take a look at IPFire which will run on both Intel and ARM which includes various Raspberry Pis http://wiki.ipfire.org/en/hardware/arm/start

Personally, I'd go with the Sophos UTM or XG, and consider an appliance for production, remember that you are also paying for ICSA labs certification. And being in politics means that you would probably want to run a few VPN tunnels...
Click to expand...

I do socks 5 through ssh tunnels.

5N2pEYm.png


Almost always. Do this to prevent arp poisoning.Im the kinda guy that runs software constantly looking for IMSI interceptors....
 
I guess I'll need to install and test but @ghoti & @SauRoNZA

Can the home edition show current bandwidth utilization? And who/what is using it?

Can the home edition show data usage per machine or application/port or website?
 
Park@82 said:
I guess I'll need to install and test but @ghoti & @SauRoNZA

Can the home edition show current bandwidth utilization? And who/what is using it?

Can the home edition show data usage per machine or application/port or website?
Click to expand...

I haven't used the UTM in a little while, but yes it certainly could do all those via it's Reporting functions when I last used it and I don't see why it wouldn't still.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X