Jump to content
RESET Forums (homeservershow.com)

Any inexpensive, used or old appliances (WatchGuard, Astaros, etc) for Sophos UTM?


xbliss
 Share

Recommended Posts

Any inexpensive, used or old appliances (WatchGuard, Astaros, etc) for Sophos UTM?

I am keen on finding an inexpensive appliance on Ebay if possible because apparently PfSense can easily run on such boxes.. Any such appliance boxes that could support/ work with Sophos UTM?

Also, I found some older astaro stuff on ebay.. Can they be updated to latest Sophos UTM? If not the paid then Free version for home use?

Link to comment
Share on other sites

Generally, appliances are 1u servers. If you are talking about non-rackmount versions of firewalls, they tend to be fairly customized in their hardware.

  • Like 2
Link to comment
Share on other sites

Generally, appliances are 1u servers. If you are talking about non-rackmount versions of firewalls, they tend to be fairly customized in their hardware.

 

Agreed.  The one Sonicwall NSA-240 firewall I have lying around uses a MIPS Octeon dual-core CPU, and most small units are going to use MIPS, ARM, or others that probably won't load Sophos.

 

I'm surprised Watchguard would run Sophos as well.  They keep their lips pretty tight about what processors are in their boxes, but I'm pretty sure it isn't Intel until you get to some fairly hefty models.

Link to comment
Share on other sites

Agreed.  The one Sonicwall NSA-240 firewall I have lying around uses a MIPS Octeon dual-core CPU, and most small units are going to use MIPS, ARM, or others that probably won't load Sophos.

 

I'm surprised Watchguard would run Sophos as well.  They keep their lips pretty tight about what processors are in their boxes, but I'm pretty sure it isn't Intel until you get to some fairly hefty models.

 

WG's run PFSense well.. which I am guessing is lighter than Sophos.. so I was hoping to find Sophos friendly box. 

Link to comment
Share on other sites

  • 3 weeks later...

Any inexpensive, used or old appliances (WatchGuard, Astaros, etc) for Sophos UTM?

 

I am keen on finding an inexpensive appliance on Ebay if possible because apparently PfSense can easily run on such boxes.. Any such appliance boxes that could support/ work with Sophos UTM?

 

Also, I found some older astaro stuff on ebay.. Can they be updated to latest Sophos UTM? If not the paid then Free version for home use?

for Sophos hardware depending on the protection you want to enable and how many users you have as well as the internet speed you have will dictate what hardware you need. Yes Sophos needs better hardware then PfSense and for good reason.

 

What is you internet speed both up/down?

How many users are going to be behind this router?

What protection do you want to use on Sophos?

 

Generally speaking if your going to use IPS or AIPS aka "Snort" your going to need some good single core grunt because "Snort" only uses one core no matter how many cores you have so this would be something like a Core i3 with 6GB of memory, I have been told but I have not tested yet that a Celeron J1900 does a nice job but again I have not tested this yet but I plan on testing soon as I want to setup a Sophos router at my daughter house. Right now I have Sophos setup in a V/M using 2 Cores & 6GB of memory using a Intel Xeon E3-1231V3 Haswell 3.4 GHz 8MB L3 Cache and its running great with all the protection turned on. I do have a Supermicro Mini ITX DDR3 1333 NA Motherboards X10SBA-O on order and will be here by Wednesday, This has a Celeron J1900 processor for testing, See link-http://www.amazon.com/dp/B00HTILUKA/ref=wl_it_dp_o_pC_S_ttl?_encoding=UTF8&colid=1N6867G1O15RY&coliid=I2UIC7KU6P364J

This is the case I ordered for it- http://www.amazon.com/dp/B0064LWISQ/ref=wl_it_dp_o_pd_nS_ttl?_encoding=UTF8&colid=1N6867G1O15RY&coliid=I1SDLAXG5ARVWV

 

I am hoping this setup performs well, I will post back the results after testing.

Edited by itGeeks
Link to comment
Share on other sites

I tried to edit my post above to add this but I was unable to...

 

I would say if your planing on using IPS on Sophos with 10/20 users and with an internet speed of up to 150/150 your going to be in the mid 300 dollar rang for hardware to have a good performing router.

  • Like 1
Link to comment
Share on other sites

  • 3 weeks later...

I used a nice WatchGuard router.  I say nice, because it looked nice. However, I'd rather go with some beefier hardware. 

 

I'm using in Intel Celeron J1900 system for my Sophos box. (ASRock RACK brand)

Link to comment
Share on other sites

I used a nice WatchGuard router.  I say nice, because it looked nice. However, I'd rather go with some beefier hardware. 

 

I'm using in Intel Celeron J1900 system for my Sophos box. (ASRock RACK brand)

Chris can you provide a link for the board/case your using? I was thinking of getting this board-

http://www.amazon.com/dp/B00HTILUKA/ref=wl_it_dp_o_pC_S_ttl?_encoding=UTF8&colid=1N6867G1O15RY&coliid=I2UIC7KU6P364J

 

And this case http://www.amazon.com/dp/B0064LWISQ/ref=wl_it_dp_o_pC_nS_ttl?_encoding=UTF8&colid=1N6867G1O15RY&coliid=I1SDLAXG5ARVWV

To build a Sophos router for my Daughter.

 

What services are you using on Sophos?

How many users are behind Sophos?

What is your internet speed both up/down?

Are you getting your full speed according to internet speed tests?

Link to comment
Share on other sites

Chris can you provide a link for the board/case your using? I was thinking of getting this board-

http://www.amazon.com/dp/B00HTILUKA/ref=wl_it_dp_o_pC_S_ttl?_encoding=UTF8&colid=1N6867G1O15RY&coliid=I2UIC7KU6P364J

 

And this case http://www.amazon.com/dp/B0064LWISQ/ref=wl_it_dp_o_pC_nS_ttl?_encoding=UTF8&colid=1N6867G1O15RY&coliid=I1SDLAXG5ARVWV

To build a Sophos router for my Daughter.

 

What services are you using on Sophos?

How many users are behind Sophos?

What is your internet speed both up/down?

Are you getting your full speed according to internet speed tests?

 

Well, that case that you have linked? That's the exact one I'm using. :)

It's pretty nice, actually.  Only complaint is that there is no fan (but I knew that going in).

 

The specific board I used is the ASRock RACK J1900D2Y

http://www.newegg.com/Product/Product.aspx?Item=N82E16813157614

Caveat is that one Sophos UTM 9.3, it hangs on restart, and I have to manually power cycle it.  Since updates are rare.... it hasn't been an issue for me. 

 

But the SuperMicro board is a good one too.  

The specific CPU is a very nice one and definitely gets the job done, and with not a whole lot of power!

 

 

For the specific services:

Firewall (obviously), web filter, application control, and QoS. And I'm using the transparent mode filter on decrypt and scan mode.

And I have four users. But more than a few computers and other devices.  Not counting the VMs I have setup.

Internet speed: 150mpbs down, 25mbps up.  Business account, so there are no blocked ports and no data cap.

And yes, I do get the full speed... and then some, actually.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...