Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 30 subscribers
  • Views 659 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New to Sophos Questions

Jarrod House

I have heard great things about the Sophos FW, and I am considering buying one for my home lab. I found a XG 125  on ebay for a solid price, but if I have the hardware how do I get software upgrades? Is everything license based? I am just trying to get a solid FW for my home lab so I can separate my network from my Lab I use for work. I could purchase a consumer grade product but thought I would try something higher end than that, but the licensing is making me think twice. 



This thread was automatically locked due to age.
Parents
  • 0

    Hi 

    Jarrod House said:
    how do I get software upgrades? Is everything license based?

    It's not worth to buy Sophos Appliances for Home Usage since there's a free for Home Usage license. Well, It's only worth if want Sandstorm (Threat Intelligence on v18.)

    Three thing first:

    1. What throughput do you need ? Also what features you will use, are you going to use IPS on a lot of rules, also are you going to do SSL/TLS Decryption, or just basic Web/App Filtering ?
    2. Are you okay with a little bit of noise ? Or It has to be one of those fan-less appliances?
    3. Budget?

    Also, my recommendation for cheap budget processor that can do 1Gbit of NGFW Traffic (IPS+Web/App Filtering) is the Intel G5400. Depending where you live you can find it for ~$55.

    Compared to the XG 125 Rev.3 which uses a C3508, the Intel G5400 is almost three times faster, also the performance of the G5400 is comparable to the XG 230 Rev.2.

    Jarrod House said:
    I found a XG 125  on ebay for a solid price,

    By the price that you will pay for a XG 125 Rev.3, or even Rev.2 you can build a white-box appliance that have the same throughput of the XG 450 Rev.2.

    But of course, if you still want to buy a Sophos appliance then - since It's for Home Usage you can use the free Home License for it, the only thing you will have to do to apply the license is to wipe the appliance disk and use the Software ISO to install Sophos XG on it.

    Thanks!

Reply
  • 0

    Hi 

    Jarrod House said:
    how do I get software upgrades? Is everything license based?

    It's not worth to buy Sophos Appliances for Home Usage since there's a free for Home Usage license. Well, It's only worth if want Sandstorm (Threat Intelligence on v18.)

    Three thing first:

    1. What throughput do you need ? Also what features you will use, are you going to use IPS on a lot of rules, also are you going to do SSL/TLS Decryption, or just basic Web/App Filtering ?
    2. Are you okay with a little bit of noise ? Or It has to be one of those fan-less appliances?
    3. Budget?

    Also, my recommendation for cheap budget processor that can do 1Gbit of NGFW Traffic (IPS+Web/App Filtering) is the Intel G5400. Depending where you live you can find it for ~$55.

    Compared to the XG 125 Rev.3 which uses a C3508, the Intel G5400 is almost three times faster, also the performance of the G5400 is comparable to the XG 230 Rev.2.

    Jarrod House said:
    I found a XG 125  on ebay for a solid price,

    By the price that you will pay for a XG 125 Rev.3, or even Rev.2 you can build a white-box appliance that have the same throughput of the XG 450 Rev.2.

    But of course, if you still want to buy a Sophos appliance then - since It's for Home Usage you can use the free Home License for it, the only thing you will have to do to apply the license is to wipe the appliance disk and use the Software ISO to install Sophos XG on it.

    Thanks!

Children
  • 0 in reply to Prism

    I just need to get at least 500mb throughput as I am on a cable modem connection that will probably not ever hit that speed. Internally I am just attempting to have two or possibly 3 different LANs that do not talk to one another. I know that sounds odd, but I am building 3 different environments that share a gateway to the internet. Each will have a full wired and wireless network in my lab and possibly throughout my house. I have a Meraki FW today that I have used for years, but I cannot seem to get it to do what I am looking to do and since I am no longer a customer of Cisco I cannot get that licensing extended. I have some time on that license, but I really need to get the 3 environments up and running for testing and lab environments in my house. 

    I have a NUK that was sent to me for my lab from my employer, but I do not need that for a VM host since I have another server for that purpose. Any chance I could use that with a USB nic for the second nic? I think I have a free Cisco FP1010 coming my way as a test unit, but I would have to be able to give that up at any moment. 

    The only spec I do not see is the hard drive size necessary. I have found a few micro fanless NUC type devices that have multiple nics, but not sure if I need 32gb or 500gb hard drive. 

  • 0 in reply to Jarrod House

    Hi, 

    while 32gb is recommended it is way to small. you will need at least 128gb. If you go for the 500gb be patient when installing XG because it performs a hard format of the disk drive.

    Make sure the NICs are not intel 219 series, they are not supported. At this stage USB NICs are not readily supported.

    Ian