Jump to content
RESET Forums (homeservershow.com)
itGeeks

Sophos Copernicus is now out of Beta and Has a New Name, Sophos XG Firewall

Recommended Posts

itGeeks

Looks like it's time to upgrade and start writing guides then. ;)

Web filter issue. Will definitely have to look into.  I'm sure it's more complicated now...

Yes please with extra ketchup :D and I have to agree I believe its something to do with the web filter but I cant seem to wrap my hands around it. I tried putting all the RegEX entries that fixed the problem in UTM9 but not working for me in this new version. The work around for now is I have those mobile devices needing Netflix on a different wireless router.

Share this post


Link to post
Share on other sites
nrf

one observation on the new product, they do not integrate with the endpoint protection, but they are hawking a new 'home' cloud endpoint protection in beta that is instead managed 'from the cloud' (so to speak).

 

given the undocumented x64 requirement for the software version of XG (I put in a trouble report, they referred me to the forums because the developers are there, and there was no official response there either), I'm working to push my clients off whs 2011 onto my R2 node so I can turn my n40L into a XG firewall someday. Time will tell, I will not put it into production until I am really comfortable with the new product. maybe 'drashna' will have some posts about it by the time  am ready...

Share this post


Link to post
Share on other sites
psykix

Well... this is some learning curve!

 

If I want to do a simple port forward, then how on earth do I do that? I've played around for a bit tonight but cannot seem to get it working!

 

Should I be doing a network rule or a Business Application Rule?

 

I also need to get port 587 opened outbound, but I'll come to that in good time!

Share this post


Link to post
Share on other sites
psykix

Never mind, I figured it out eventually!

Share this post


Link to post
Share on other sites
itGeeks

Never mind, I figured it out eventually!

Glad you got it sorted out & yes its a real learning curve if you coming from UTM9

Share this post


Link to post
Share on other sites
psykix

Haha! I've never used UTM9, and so it's even more of a learning curve moving from a consumer router (D-Link DIR890) to this...

 

I put the router in AP mode, and just left it plugged into the LAN.

 

No idea if that is best practice, but once I get a proper access point, then I'll revisit the problem.

 

One thing though.. Any idea why I have no "live users" on my Sophos XG box? (obviously it's all working etc, and I use it for DDNS, DNS, DHCP)

 

Cheers!

Share this post


Link to post
Share on other sites
nrf

so, for those who have actually used it, is the new product 'better' than UTM9 in any way?

Share this post


Link to post
Share on other sites
Drashna Jaelre

Yes please with extra ketchup :D and I have to agree I believe its something to do with the web filter but I cant seem to wrap my hands around it. I tried putting all the RegEX entries that fixed the problem in UTM9 but not working for me in this new version. The work around for now is I have those mobile devices needing Netflix on a different wireless router.

I plan on doing it on Tuesday. I have other stuff between now and then that requires it to be working. Also, I need to check ALL of my rules and config before "upgrading". 

 

Well... this is some learning curve!

 

If I want to do a simple port forward, then how on earth do I do that? I've played around for a bit tonight but cannot seem to get it working!

 

Should I be doing a network rule or a Business Application Rule?

 

I also need to get port 587 opened outbound, but I'll come to that in good time!

Yeah, it is, and the setup is confusing. Glad you got the NAT stuff sorted. That was going to be the first part I covered. Because ... yeah.

 

Glad you got it sorted out & yes its a real learning curve if you coming from UTM9

Definitely is. And even if your not... some of the UI is very confusing. I'm not sure how they designed it, but whoever they hired to do it needs to be fired. 

 

so, for those who have actually used it, is the new product 'better' than UTM9 in any way?

From what I've heard, the web filter is MUCH faster. That's a big deal, as I've definitely noticed a bit of lag. 

 

Will post feedback about it on my blog. 

Share this post


Link to post
Share on other sites
psykix

I have a new question that you may be able to answer!

 

Well, 2 actually..

 

Firstly, my WAN is showing a red exclamation mark - interface status is green, gateway status is red. Says Internet (name of WAN) is down. But it's not down.

 

And secondly, why do I not see any "live users" on the dashboard?

Share this post


Link to post
Share on other sites
psykix

I'm struggling to understand the performance indicator too..

 

It's flagged orange. I have 4 vCPUS and 4Gb RAM. Seems to indicate it's hit high load at some point, but CPU and RAM don't show the same?

 

sophos1_zpsq4i3kol1.png

 

sophos2_zpsz1njfffd.png

Edited by psykix

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now



×
×
  • Create New...