Jump to content
RESET Forums (homeservershow.com)

Sophos Copernicus is now out of Beta and Has a New Name, Sophos XG Firewall

itGeeks

By itGeeks,
in Networking

 Share Followers 4

Recommended Posts

itGeeks

itGeeks 187

Posted
  • Author
Posted

I plan on doing it on Tuesday. I have other stuff between now and then that requires it to be working. Also, I need to check ALL of my rules and config before "upgrading". 

 

Yeah, it is, and the setup is confusing. Glad you got the NAT stuff sorted. That was going to be the first part I covered. Because ... yeah.

 

Definitely is. And even if your not... some of the UI is very confusing. I'm not sure how they designed it, but whoever they hired to do it needs to be fired. 

 

From what I've heard, the web filter is MUCH faster. That's a big deal, as I've definitely noticed a bit of lag. 

 

Will post feedback about it on my blog. 

Yes the web filter as well as the whole product feels faster, Even the Admin page opens right up.

  • Like 1
Link to post
Share on other sites
  • Replies 300
  • Created
  • Last Reply

Top Posters In This Topic

  • itGeeks

    92

  • nrf

    53

  • pcdoc

    46

  • psykix

    40

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

nrf

for intrusion prevention, the equivalent in UTM9 is the 'attack patterns' tab on the intrusion prevention page. since I am not hosting internet services I orient both toward protecting clients. on XG

itGeeks

Here is what Sophos had to say about this brand new platform- https://blogs.sophos.com/2015/11/10/sophos-xg-firewall-a-network-security-ecosystem-with-many-innovations/#more-30035   You can downloa

pcdoc

Well I was almost there this weekend but had to bail out.  Got everything working very well such as port forwarding, filtering, application policies etc.  Got my home automation, cameras, and streamin

itGeeks

itGeeks 187

Posted
  • Author
Posted (edited)

I'm struggling to understand the performance indicator too..

 

It's flagged orange. I have 4 vCPUS and 4Gb RAM. Seems to indicate it's hit high load at some point, but CPU and RAM don't show the same?

 

sophos1_zpsq4i3kol1.png

 

sophos2_zpsz1njfffd.png

Mine has been showing orange as well but I am now looking the otherway, What I cant see wont hurt me :D According to the help file it says "Warning

Load Average is between 2 to 5 units" What does this mean? Your guess is as good as mine http://docs.sophos.com/nsg/sophos-firewall/v15010/Help/en-us/webhelp/onlinehelp/index.html#page/onlinehelp/ControlCenter.html
 
Also I see you allocated 4 cores & 4 Gb of memory, For home use you can really knock that down to 2 Cores and push up the memory to 6Gb. Sophos loves memory. I have Sophos running in a VM on Hyper V with the configuration I just gave you and it runs great.
Edited by itGeeks
Link to post
Share on other sites
nrf

nrf 135

Posted
Posted (edited)

the so-called heartbeat feature that paying customers will get sounds promising, but us cheapskates end up with two disjoint products, a firewall with local web interface and a endpoint feature with cloud-based interface, and they don't talk to each other. has anyone gotten a price for a small installation of the for-pay product?

Edited by nrf
Link to post
Share on other sites
itGeeks

itGeeks 187

Posted
  • Author
Posted

I have a new question that you may be able to answer!

 

Well, 2 actually..

 

Firstly, my WAN is showing a red exclamation mark - interface status is green, gateway status is red. Says Internet (name of WAN) is down. But it's not down.

 

And secondly, why do I not see any "live users" on the dashboard?

For your user qwestion, Are you using AD? If not you need to setup the users first before they will show up on the dashboard. Have a look here: http://docs.sophos.com/nsg/sophos-firewall/v15010/Help/en-us/webhelp/onlinehelp/index.html#page/onlinehelp%2FUserEdit.html%23wwconnect_header

 

As for the WAN problem it looks to me like you have something "miss configured" What is the WAN port plugged into?

Link to post
Share on other sites
psykix

psykix 27

Posted
Posted

 

Mine has been showing orange as well but I am now looking the otherway, What I cant see wont hurt me :D According to the help file it says "Warning

Load Average is between 2 to 5 units" What does this mean? Your guess is as good as mine http://docs.sophos.com/nsg/sophos-firewall/v15010/Help/en-us/webhelp/onlinehelp/index.html#page/onlinehelp/ControlCenter.html
 
Also I see you allocated 4 cores & 4 Gb of memory, For home use you can really knock that down to 2 Cores and push up the memory to 6Gb. Sophos loves memory. I have Sophos running in a VM on Hyper V with the configuration I just gave you and it runs great.

 

 

Well it's not hit more than 41% mem usage so far, so I'll monitor it. I may well cut the cores, because then I can redistribute the other 2 to my Plex server.

 

For your user qwestion, Are you using AD? If not you need to setup the users first before they will show up on the dashboard. Have a look here: http://docs.sophos.com/nsg/sophos-firewall/v15010/Help/en-us/webhelp/onlinehelp/index.html#page/onlinehelp%2FUserEdit.html%23wwconnect_header

 

As for the WAN problem it looks to me like you have something "miss configured" What is the WAN port plugged into?

 

No, not using AD. I'll take a look at the link.

 

WAN is just ADSL modem Ethernet port, to the 2nd Broadcom NIC on the Gen8 - nothing to misconfigure tbh!

 

I'd post on the Sophos forums, except it seems dead - I think the product is too new and we're on our own for the time being!!

 

Thanks!

Link to post
Share on other sites
itGeeks

itGeeks 187

Posted
  • Author
Posted

Well it's not hit more than 41% mem usage so far, so I'll monitor it. I may well cut the cores, because then I can redistribute the other 2 to my Plex server.

 

 

No, not using AD. I'll take a look at the link.

 

WAN is just ADSL modem Ethernet port, to the 2nd Broadcom NIC on the Gen8 - nothing to misconfigure tbh!

 

I'd post on the Sophos forums, except it seems dead - I think the product is too new and we're on our own for the time being!!

 

Thanks!

Sophos has a brand new community forum now https://community.sophos.com/products/xg-firewall/f/46

Link to post
Share on other sites
psykix

psykix 27

Posted
Posted (edited)

Yeah, that's where I posted my questions...

 

Very quiet in there at the moment!

 

Do you know how to reset the dashboard stats? I can't see any way to do it, and my post over there has gone unanswered.

 

I also cannot get notifications to work through my Office365 hosted Exchange server, but other servers I have with the same configuration work just fine, so I must be missing something on the Sophos box!

Edited by psykix
Link to post
Share on other sites
psykix

psykix 27

Posted
Posted

Aaaand.. I've hit the Netflix on iOS issue :-(

 

I've had to turn Webfiltering off since there seems to be no workaround at the moment.

Link to post
Share on other sites
Drashna Jaelre

Drashna Jaelre 159

Posted
Posted

Aaaand.. I've hit the Netflix on iOS issue :-(

 

I've had to turn Webfiltering off since there seems to be no workaround at the moment.

Can't help you yet.

 

But sweet lord, the new interface is beyond confusing. 

It took me an hour of trial and error and searching to find a proper solution. But hey... you should be able to access my webserver now.

Link to post
Share on other sites
psykix

psykix 27

Posted
Posted

Haha, yeah it's a learning curve alright! The Netflix issue is kind of a big deal. If I have to turn the web filter off then that's a chunk of the product thrown by the wayside. I may take a look at pfSense too, since I've not used either product before.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Followers 4
Go to topic listing
×
×
  • Create New...