Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 20 replies
  • Subscribers 28 subscribers
  • Views 14140 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG Firewall Home better h/w: UTM 110/120 Rev5 or XG 115 Rev2 ?

Escape75

Hey guys,- I'm fairly new to Sophos and I'm trying to get a home router in place with a decent firewall,

L2TP over IPSEC VPN without 3rd party clients, something around 100 mbit down, and 10 mbit up performance.

 

Right now I'm using generic Asus home wireless router, and I will be changing that to be access point only,

and I'm either considering Sophos or something else that's fairly easy to setup, for example, an ubnt EdgeRouter.

 

So my question is, without spending a bunch of money, I can get some used UTM 110/120 rev5 (still newest I think ?)

or an XG 115 rev2 (one model older than the refreshed rev3), and I will be trying to install XG Firewall Home on it,

and I was just wondering which of these hardware boxes (or maybe something different ?) would be a better fit ?

 

Edit: From the specs pages, it looks like XG 115 r2 can do 350 mbit VPN compared to 180 mbit for UTM 110/120 r5,

so it seems the XG is a better unit even though they look virtually the same ?

 

I'd like it to be stable, of course, I don't need wireless, and I'm alright with opening the box up, replacing the SSD, etc.

It also has to be fanless because it will be sitting next to my PC :)

 

Any suggestions?

Thanks in advance!



This thread was automatically locked due to age.
  • 0

    Hi,

    to be honest, you will archive most likely more performance with some "home made" XG home. 

    You can use up to 4 Cores and 6 GB RAM with the Home License. UTM120 and XG115 do not have such hardware. 

    Check out the other guys with home build XGs. 

    https://community.sophos.com/products/xg-firewall/f/hardware

    Or ask Ian  ;) 

  • 0 in reply to LuCar Toni

    True, but if I can spend $150 on a used UTM or XG,- I would not be able to build one for that :)

    and I think the performance that I'm looking for should be easily achievable by the above 2 units,

    100 mbit down (full time firewalled), and 10 mbit up (for then VPN is running for remote access).

  • 0 in reply to Escape75

    Hi,

    the question for you is how many devices will be on your network and what will they be doing? How much experimentation  will you be doing with the XG to tweak its performance?

    Yes, you would be very hard pressed to make a home unit for $150, but from other discussions modifying an existing Sophos hardware is a bit risky because they re not straight PCs.

    Ian

  • 0 in reply to rfcat_vk

    I'm not worried about experimenting a little, and this would be a home router anyways, but I just wanted to make sure ...

     

    1) XG 115 rev2 is faster than the UTM 110/120 rev5.

    2) I can load SW-17.1.3_MR-3-250 XG Home on an XG with a swapped SSD.

    3) It will do at least 100 mbit L2TP/IPSEC VPN

  • 0 in reply to Escape75

    Hi,

    they both will do what you want. The reason I ask about the experimentation is the speed of the updates to the configuration.

    Ian

  • 0 in reply to rfcat_vk

    Can you elaborate on that last statement ?

    Do you mean there's often new updates and they might not work, or cannot upgrade existing configurations ?

  • 0 in reply to Escape75

    Hi,

    I built a lower power (10w device)  using a commercial box with J1900 (quad core celeron), 6gb ram, 4 intel NICs and SSD and found the XG GUI quite slow when updating rules etc that is what that comment is about. The box was very responsive to user websurfing requests.

    Ian

  • 0 in reply to rfcat_vk

    Interesting, I wonder how good the "official" XG 115 units run then ...

    The new one uses an Intel Atom E3940 @ 1.60GHz, almost identical to J1900.

  • 0 in reply to Escape75

    I am still struggling about the fact of "Ebay Appliance".

     

    XG is shipped in commercial version with Base License until year 2999. Base license has VPN (IPsec SSL remote access / site to site) included. But you cannot use any module else like Web filter, IPS etc. They are bind to ether subscriptions or XG home. 

    So you could run this with the bought version in your scenario. But i do not know, what you will get from the Ebay vendor. I cannot comment the source of this device. 

    Home is bind to Software Appliances only, so you would have to "reinstall" the hardware appliance with the XG Software ISO. Otherwise the hardware image will decline the Home License / SN. 

  • 0 in reply to LuCar Toni

    Correct, I was thinking about re-installing the XG Home from an ISO and running that way.

    This should give me all the new features, and VPN access, etc.