I am using the free UTM 9.1 and installed it on a 4 core amd pc with a 256GB SSD and 8 gigs of ram, it has 5 network cards in it. I am looking for the best suggestions how to configure the network I want an unsecured wireless guest network with its on DHCP scope , a DMZ for my own domain website as well as remote and mail servers , a full dhcp scope for my private uber secure network secured wireless netowrk with DHCP scope connected to my private LAN I can see the network cards under the interface list but since they are all the same I cant figure out which is which.. I am sure I can find a way I do have my own domain name and 5 static IP's from my ISP which will be used for my DMZ, I am assuming I can use 1 static IP to NAT to the guest network any suggestions or caveats to watch out for would be welcome, I am familiar with Cisco and Watchguard firewalls but not Sophos UTM Thanks in advance

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

need help planning a DMZ and guest network

I am using the free UTM 9.1 and installed it on a 4 core amd pc with a 256GB SSD and 8 gigs of ram, it has 5 network cards in it.
I am looking for the best suggestions how to configure the network

I want an unsecured wireless guest network with its on DHCP scope ,
a DMZ for my own domain website as well as remote and mail servers ,
a full dhcp scope for my private uber secure network
secured wireless netowrk with DHCP scope connected to my private LAN

I can see the network cards under the interface list but since they are all the same I cant figure out which is which.. I am sure I can find a way

I do have my own domain name and 5 static IP's from my ISP which will be used for my DMZ, I am assuming I can use 1 static IP to NAT to the guest network

any suggestions or caveats to watch out for would be welcome, I am familiar with Cisco and Watchguard firewalls but not Sophos UTM

Thanks in advance

This thread was automatically locked due to age.

Parents

0 TheDrew over 10 years ago

Things get lost in translation sometimes.

The way I saw the thread, you asked about a system config, William said it was too large and suggested a different way to build it for best performance. You responded that Sophos was flawed if performance of one module went down because too much CPU was thrown at it. William then explained why IPS needed a smaller CPU, and mentioned why he doesn't reccomend AMD right now, at which point you reiterated Sophos was flawed because they used the older Snort and not Suricata (implying Suricata was superior because of multithreading), then proceeded to say you needed a better product, not a better CPU because your business was starting small and could grow in future.

This is where Williams explained why AMD has issues at present, and I explained why it didn't matter if Snort or Suricata was used, it was a CPU scheduling and power conservation issue, nothing to do with threading.

I also tossed out the suggestion that if you were testing this for business use (which was implied), you'd want to consider an appliance for testing, suggesting the SG210 as it's appropriate for a 20 user office.

This is where we are now.

But I am curious, is this for business use or personal? And what license are you using right now for testing?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 TheDrew over 10 years ago

Things get lost in translation sometimes.

The way I saw the thread, you asked about a system config, William said it was too large and suggested a different way to build it for best performance. You responded that Sophos was flawed if performance of one module went down because too much CPU was thrown at it. William then explained why IPS needed a smaller CPU, and mentioned why he doesn't reccomend AMD right now, at which point you reiterated Sophos was flawed because they used the older Snort and not Suricata (implying Suricata was superior because of multithreading), then proceeded to say you needed a better product, not a better CPU because your business was starting small and could grow in future.

This is where Williams explained why AMD has issues at present, and I explained why it didn't matter if Snort or Suricata was used, it was a CPU scheduling and power conservation issue, nothing to do with threading.

I also tossed out the suggestion that if you were testing this for business use (which was implied), you'd want to consider an appliance for testing, suggesting the SG210 as it's appropriate for a 20 user office.

This is where we are now.

But I am curious, is this for business use or personal? And what license are you using right now for testing?
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data

need help planning a DMZ and guest network

Submitted a Tech Support Case lately from the Support Portal?