Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 1280 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall wireless and ports

Searchlight Admin

We are considering purchasing a Sophos XGS 116W for a new location.

We want to use the firewall to protect 2 network segments and a wireless network segment.

We do not want any of these three networks segments to be able to see the other segments. They should be completely separate. For example, we don't want someone using our wireless segment to be able to get into our private operations segment.

Can the Sophos XGS 116W be configured in this way?

We currently have a SG 135 at another location and when we first got the device, we were told it could be setup similarly, but when we set up the separate network segments, it cut the throughput of the device by more than half. Eventually we were told by support that you could not set it up that way. 

Because the device has several ports, it seems that it should be obvious that you could set up different network segments, but after our last experience, we are not so confident.

So, we are just looking for some confirmation that if we get the XGS 116W that we could set up three completely separate network segments (two wired and one wireless) and that it would not significantly affect throughput.

Thanks in advance for your help clarifying this issue.



This thread was automatically locked due to age.
Parents
  • 0

    Like Dirk already said, I have never seen something like this in a proper network design.

    That XGS 116(w) has 9 ports: 8x 1GBE (Copper) and one SFP 1GBE interface, whcih could all be used to connect to different network segments. We do this all the time, at least we separate an internal production LAN from the "Admin-LAN" used to manage the IT infrastructure by IT personnel. So internal "working speed" should not be affected by network segmentation with a firewall. It is the uplink you have to the internet that normally has the most effect on "speed", but only if using resources "outside" of your internal LAN, of course.

    As Dirk and Erick I would suggest to search a competent Sophos partner to do a proper network design and sizing of your firewall.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • 0

    Like Dirk already said, I have never seen something like this in a proper network design.

    That XGS 116(w) has 9 ports: 8x 1GBE (Copper) and one SFP 1GBE interface, whcih could all be used to connect to different network segments. We do this all the time, at least we separate an internal production LAN from the "Admin-LAN" used to manage the IT infrastructure by IT personnel. So internal "working speed" should not be affected by network segmentation with a firewall. It is the uplink you have to the internet that normally has the most effect on "speed", but only if using resources "outside" of your internal LAN, of course.

    As Dirk and Erick I would suggest to search a competent Sophos partner to do a proper network design and sizing of your firewall.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

Children
No Data
Unfiltered HTML