![]() ![]() I'll wait a week to ensure this software is fully operational (setup) before tweaking this kind of stuff. This would save a tiny mount of energy as well, assuming it works. I may remove half the RAM and underclock the CPU so I can unplug the CPU fan to see if I can go almost fanless. I've been told that my E8500 CPU is overkill along with my 16GB of RAM but it sure does work speedy. depending on the feature set you want to use, you may want a better CPU and more RAM. A dual core 2GHz CPU (no particular model or brand), 2GB RAM, 40GB Hard Drive. So I'd like to thank and for steering me to Sophos, it really is much better for a simple home user like myself.Īs for hardware requirements, those are just as difficult to pin down as pfSense. It would be nice to put both FreeNAS and the Sophos on the same machine, it would save me in energy costs but the idea of having FreeNAS on ESXi bugs me. I understand that it does run very well on ESXi although I have no intention of doing that. ![]() The feature set is remarkable and worth looking into. My test rig is pulling 58 watts of power and I could save a lot of money buy taking this hardware and re-purposing it as my firewall. It's of course better I believe to leave it in transparent overall but this was the quick fix vice turning off the web protection service. For instance Netflix doesn't like to run using the default setup, even when you have inserted many rules in an attempt to get things to work, so I changed the Web Protection mode from Transparent to Standard. I'm taking this slowly, but I did setup all the cool features and had to make a few minor changes to some of the default values to make everything work. Don't get me wrong, it's not Plug-n-Play (do you windoze people remember that terminology?), there is some configuration to do and to get the most out of this product you will need to do a lot of reading and testing to ensure you got this beast setup properly. It's been running for a while now and although it's a learning experience, overall it was an easy installation. No way, the log is a big difference, easier to use as in Fortigates! It is similar to CheckPoint firewalls.So in a different Off-Topic thread here many folks encouraged me to give Sophos a try over pfSense and I am very glad I did. With this SSL VPN, Simple NAT works and gives an SSL 128-bit AES encryption.įinally, I have a lot of experience in implementing UTM and, now, XG(S). When a branch office is implemented with a front ISP router, sometimes the NAT traversal is not possible, for IPSEC VPN connections (UDP 500). from externals attacks.Īnother trick is the SSL VPN sites to sites. It really does the job of protecting IIS, Apache, etc. All my customers with an internal webserver to be published in the net are protected with this "reverse proxy" (WAF). Tested with VM in AWS and Azure, work 5*!Īnother big difference is the Webserver Application Firewall. It can be extended to secure cloud systems with Sophos ClouOptix: It can isolate a computer from the network when detected as infected: This can resolve the problem with the "lateral movement" of an infected computer. The synchronized security interact between firewall and endpoints. The firewall is one of the full security solutions centralized in Sophos Central:Īt most of our customers, we implement a Sophos Endpoint locally on servers and workstations and firewall XGS. To respond to the question "the biggest difference", I think is the "Synchronized Security": The UTM-9 is soon end-life. Sophos security staff is now focused on SFOS 18, XG, XGS. I have personally tested the differences between the XG and XGS similar appliances. The result is spectacular. The new appliances XGS have a dedicated streaming CPU (Xstream), in addition to the main CPU. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |