Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 17757 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How do you un-register / un-activate appliances I will sell on EBay ?

Big_Buck

How do you un-register / un-activate appliances I will sell on EBay ?

I'm migrating back to Checkpoint after suffering Sophos for too long, and I do not want to leave dead wood behind.

PJR



This thread was automatically locked due to age.
  • 0

    Hello,

     

    I don't believe there is a method to unregister the firewall. Before doing this have you looked at rolling the firewall to Sophos UTM 9? In the event you're ditching the Sophos, fortunately Sophos has made transferring registration a breeze so once you've found a lucky buyer, have them create their MySophos account at which time you will be able to transfer the firewall along with licensing to the new users MySophos account, then they simply need to login to their MySophos account and Approve the transfer, pretty painless process but would recommend you give Sophos UTM 9 a shot first...

    Good Luck!

    Firewalls.com Inc.

    Get Secure. Stay Secure.

  • 0 in reply to Firewalls.com Inc

    Ok.

    And what will happen afterward moving to UTM ?  I do not want to open another closet filled up with dead bodies like XG is.  And will be for a predictable future.  What do your customers think about XG ?  Anyone of them wanted to hang you ?  I'll bet an hamburger an a soda you must have been forced to move some of them to SonicWall, Fortinet or Watchguard ?

    GoSecure here in Montreal as accepted to take back all equipment because Sophos do not talk to them anymore.  Yes, their sales department things turning off the largest security supplier in Quebec was a good idea. We had an agreement with Sophos to return these equipment if I gave it another 8 hours "professional support" trial.  They did not respect this.  They also claimed they meet our requirement list shown below. We all know by now this is false.  Most important points are not met.  Their sales have lied to us.

     

    What Sophos has done to us is called fraud.

    PJR

  • 0 in reply to Firewalls.com Inc

    Hello

    I appreciate your answer.  Just to let you know, I contacted already firewalls.com services few months ago, but they ask me to pay many thousands of dollars up front with no guarantee whatsoever.  The salesman I talk to did not feel safe to install anything but the appliance.  I.e. no virtual appliance or End Points.  The form I was asked to fill could not list our needs and seem to be limited within a rigid pre-determined frame.  The list I have just posted above, firewalls.com had it months ago.  There are items in this list Sophos in Montreal should have known was not possible. Let's go throuh some requirements (in bold).

    1. Firewall
      1. IPv6 is barely experimental and won't work.  It adds a full second set of rules and objects.  Yes, exactly like setting up and maintaining two firewalls.  No one wants that.  Is that what you call "Security made Simple" ?
      2. Rule base on applications or functions.  I.e. On URL, not on IP.  Well XG is definitely based on IP and NOT on URL.
      3. Checkpoint - like logs. YOU CANNOT COMPARE CHECKPOINT LOGS. Come on !!!  XG logs are among the worse in the industry.  Absolutely useless.
      4. Appliance WEB filtering
        1. "Transparent Proxy".  Clearly in our pre-requisites.  That critical component is in-existent in XG.  You cannot implement something like "from this zone, from this network, from this service, port forward to this network, this zone, this service".  Beside Sophos, I am not aware of any firewall unable to do it.  A $100 home Linksys can do it.  I toasted two weeks of work on mails, phones, name it.  All the way to Sophos senior Engineer.  It took 5 or 6 tech support at Sophos to figure something that basic.  Yet another existent option sold by Sophos. 
        2. Tons of web sites wrongfully classified.  Intel web site is classified as "freeware download".  Our bank is classified as "Job Search".  I am exhausted managing exceptions.  I had hundreds of exceptions in my rules at one point. Jesus !!!
        3. Will prevent just about any updates.  Microsoft, Adobe, Chrome, and many more.  Did I mentioned this is very dangerous ?
      5. App control and IPS suffer the same disease as WEB gateway. For example, some root DNSs raise IPS alarms.  Come on !!!
    2. Exchange Mail Gateway
      1. Complete mail gateway solutions, equivalent to Symantec Brightmail.  Are you kidding me ?  Sophos Mail Appliance is a toy.  You cannot compare that to Brigthmail for Christ sake !!!
      2. Let an abnormal amount of malwares in.  Exchange's own anti-spam have not detected anything here in decades.  Up until I replaced Brigthmail with Sophos' Mail appliance. 
      3. Sophos' Mail appliance reporting is mostly in-existent, un-intuitive and useless.  Not close to Brigthmail !!! Come on !!!
      4. NO.  Sophos is not equivalent to Brigthmail.  Sophos should have known it.
    3. WEB Gateway Appliance.
      1. Uses SMBv1.  Who feels comfortable to be protected by a 30 years old technology ?
      2. Synchronization with AD falls all of the time.  Cannot connect with port 3268.  Have to use ultra old and unsecure port 389.
      3. "WEB Sense" equivalent for sites categorizations.  Who in its honest mind can say this compares to Forcepoint's WEBsense ???  Another thing not matched in our prerequisites list.
      4. Uses Sophos AV which have be de-rated in the last 18 month by major AV analyses web sites as being equal or less than Microsoft.  A polite manner to say is has become medicore.  Who says that ? My favorite web site is this: https://www.av-comparatives.org/  because they give you ratings over many month with high and low catch.  There's also https://www.av-test.org  which has rated Sophos AV pretty low throughout 2017.
    4. Antivirus Appliance.
      1. Shall have all features of Symantec End Point Protection.  No way !!!  Not close to Symantec EndPoint.
      2. Push-pull install works randomly.  But mostly fails.  Have to install everything via GPO.
      3. System Lockdown.  Never seen that feature !!!
      4. Active Direction Integration.  Inexistent.
      5. Device Control. Inexistent.  I mean, certainly not like the granularity that Symantec offers.

    I tested a UTM 9 all afternoon.  Would not be a big deal to migrate.  Interface is ok.  However, it took me 30 seconds to find a "skeleton in the closet" ... No IKEv2 !!!  Might as well forget about AWS, Azure and heck, anything useful on the cloud.  We cannot blame anyone here.  IKEv2 first draft appeared in 2005.  Only 13 years ago. (Yes i'm sarcastic).  Much like SMBv2 running really as SMBv1 on Sophos WEB appliance.  Impossibly old implementation.  If I am not wrong, UTM seems to use Sophos AV.  I could not see Avira AV, so I presume it is not available there.

     

    I really wonder how can one be a fan of Sophos ...  VPN is a frustrating and permanently broken thing, no transparent proxy, logging is so useless even Sophos' own support uses CLI instead.  It seems every time one click on something, he's forced to call support.

     

    Sophos was not honest with us.  Our requirements list was crystal clear.  My frustrations are more than legitimate.

     

    A solution could be that I use those firewalls as firewalls only and nothing else.  And the WEB gateway, MAIL gateway, and End Points from someone who sells something that works, with modern technologies like SMBv3 and IKEv2, and no need to call support every 5 minutes.  Let's allow some times for Sophos to fix all of those broken things (years most probably.  v17.5 is schedule at the end of this year !!!) .  But transparent proxy is in-existent.  I would be stuck with Microsoft' proxy settings that are pain in the as...

     

    PJR