Jump to content
RESET Forums (homeservershow.com)

Sophos Copernicus is now out of Beta and Has a New Name, Sophos XG Firewall


itGeeks

Recommended Posts

Looks like it's time to upgrade and start writing guides then. ;)

Web filter issue. Will definitely have to look into.  I'm sure it's more complicated now...

Yes please with extra ketchup :D and I have to agree I believe its something to do with the web filter but I cant seem to wrap my hands around it. I tried putting all the RegEX entries that fixed the problem in UTM9 but not working for me in this new version. The work around for now is I have those mobile devices needing Netflix on a different wireless router.

Link to post
Share on other sites
  • Replies 300
  • Created
  • Last Reply

Top Posters In This Topic

  • itGeeks

    92

  • nrf

    53

  • pcdoc

    46

  • psykix

    40

Top Posters In This Topic

Popular Posts

for intrusion prevention, the equivalent in UTM9 is the 'attack patterns' tab on the intrusion prevention page. since I am not hosting internet services I orient both toward protecting clients. on XG

Here is what Sophos had to say about this brand new platform- https://blogs.sophos.com/2015/11/10/sophos-xg-firewall-a-network-security-ecosystem-with-many-innovations/#more-30035   You can downloa

Well I was almost there this weekend but had to bail out.  Got everything working very well such as port forwarding, filtering, application policies etc.  Got my home automation, cameras, and streamin

one observation on the new product, they do not integrate with the endpoint protection, but they are hawking a new 'home' cloud endpoint protection in beta that is instead managed 'from the cloud' (so to speak).

 

given the undocumented x64 requirement for the software version of XG (I put in a trouble report, they referred me to the forums because the developers are there, and there was no official response there either), I'm working to push my clients off whs 2011 onto my R2 node so I can turn my n40L into a XG firewall someday. Time will tell, I will not put it into production until I am really comfortable with the new product. maybe 'drashna' will have some posts about it by the time  am ready...

Link to post
Share on other sites

Well... this is some learning curve!

 

If I want to do a simple port forward, then how on earth do I do that? I've played around for a bit tonight but cannot seem to get it working!

 

Should I be doing a network rule or a Business Application Rule?

 

I also need to get port 587 opened outbound, but I'll come to that in good time!

Link to post
Share on other sites

Never mind, I figured it out eventually!

Glad you got it sorted out & yes its a real learning curve if you coming from UTM9

Link to post
Share on other sites

Haha! I've never used UTM9, and so it's even more of a learning curve moving from a consumer router (D-Link DIR890) to this...

 

I put the router in AP mode, and just left it plugged into the LAN.

 

No idea if that is best practice, but once I get a proper access point, then I'll revisit the problem.

 

One thing though.. Any idea why I have no "live users" on my Sophos XG box? (obviously it's all working etc, and I use it for DDNS, DNS, DHCP)

 

Cheers!

Link to post
Share on other sites
Drashna Jaelre

Yes please with extra ketchup :D and I have to agree I believe its something to do with the web filter but I cant seem to wrap my hands around it. I tried putting all the RegEX entries that fixed the problem in UTM9 but not working for me in this new version. The work around for now is I have those mobile devices needing Netflix on a different wireless router.

I plan on doing it on Tuesday. I have other stuff between now and then that requires it to be working. Also, I need to check ALL of my rules and config before "upgrading". 

 

Well... this is some learning curve!

 

If I want to do a simple port forward, then how on earth do I do that? I've played around for a bit tonight but cannot seem to get it working!

 

Should I be doing a network rule or a Business Application Rule?

 

I also need to get port 587 opened outbound, but I'll come to that in good time!

Yeah, it is, and the setup is confusing. Glad you got the NAT stuff sorted. That was going to be the first part I covered. Because ... yeah.

 

Glad you got it sorted out & yes its a real learning curve if you coming from UTM9

Definitely is. And even if your not... some of the UI is very confusing. I'm not sure how they designed it, but whoever they hired to do it needs to be fired. 

 

so, for those who have actually used it, is the new product 'better' than UTM9 in any way?

From what I've heard, the web filter is MUCH faster. That's a big deal, as I've definitely noticed a bit of lag. 

 

Will post feedback about it on my blog. 

Link to post
Share on other sites

I have a new question that you may be able to answer!

 

Well, 2 actually..

 

Firstly, my WAN is showing a red exclamation mark - interface status is green, gateway status is red. Says Internet (name of WAN) is down. But it's not down.

 

And secondly, why do I not see any "live users" on the dashboard?

Link to post
Share on other sites

I'm struggling to understand the performance indicator too..

 

It's flagged orange. I have 4 vCPUS and 4Gb RAM. Seems to indicate it's hit high load at some point, but CPU and RAM don't show the same?

 

sophos1_zpsq4i3kol1.png

 

sophos2_zpsz1njfffd.png

Edited by psykix
Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now

×
×
  • Create New...