Jump to content
RESET Forums (homeservershow.com)

Can i get by with Sophos Home edition?


Recommended Posts

Hello all I'm new here.  I spent the last hour or so searching the net looking for answers to my questions.  I found more on these forums than anywhere else so I figured I'd reach out and ask my questions here.

 

I'm in need a new firewall router.  My Netgear router isn't cutting it anymore.  I have about 35 devices currently between phone, cable boxes, printers, computers, video game systems, phones, tablets, etc.  A typical family with kids. One of my major desires is to be able to determine where traffic is being used.  There are times in the day when the network comes to a crawl.  My router gives me absolutely no info as to who is utilizing the majority, if not all, the bandwidth.  So I would like to be able to determine that, then once I know that, be able to either throttle that device or at least know which machine it is then maybe I can determine if it makes sense and just let that machine finish whatever its doing.

 

Naturally having kids, there is a concern for the sites they might go to.  I want to ensure they are being kids and if they do stray the websites are filtered somewhat and maybe, if possible, the content is at least checked for malware (not sure if this is possible.)  

 

I have seen the mention this is for home use and if you want to use it for business you have to get the business versions.  Is this version the same as the business versions just that it might allow more IPs on the business version and not have the CPU and memory limitations?  

 

I was on the phone today with a Sophos rep and local reseller.  They were able to answer a few of my questions but not all - which I found odd.  This is after all what they should be able to do right?  I ask questions, they answer.  So now I have to wait for a 3rd call from someone.

 

I am searching for a PC to install the software on so any suggestions would be good.  I understand minimally a Celeron J1900 with Intel NICs is a good option so I am trying to find a solution that matches those specs.  

Edited by Cuco
Link to post
Share on other sites
  • Replies 40
  • Created
  • Last Reply

Top Posters In This Topic

  • itGeeks

    12

  • nrf

    6

  • RobbieH

    6

  • Cuco

    6

Top Posters In This Topic

Popular Posts

people have been speaking about 'sophos' without distinguishing between UTM and XG versions. that may muddy the resulting discussions. in any case, a network that stops like that probably causes yelli

schoondoggy

I am actually surprised Sophos spoke to you, the free home version has no direct support, just through their forum. Sophos is a great firewall, but it is a firewall and needs to be configured and managed. It will give you info on use and traffic, it is the same base product that they sell to businesses. 

If you are looking for more parental control you may want to consider Circle as an add on to your home network. Luma is also something you may want to look at. Luma takes the place of your router and WiFi and adds control.

Dave reviewed Circle:

http://homeservershow.com/review-circle-with-disney.html

Luma threads:

http://homeservershow.com/forums/index.php?/topic/10447-luma-wifi-and-security/

http://homeservershow.com/forums/index.php?/topic/10543-luma-acquires-nodal/

Sophos threads:

http://homeservershow.com/forums/index.php?/topic/10258-sophos-copernicus-is-now-out-of-beta-and-has-a-new-name-sophos-xg-firewall/

http://homeservershow.com/forums/index.php?/topic/9974-sophos-utm-is-getting-a-new-version-and-guess-what-no-more-50-ip-limit/

Link to post
Share on other sites

Hello all I'm new here.  I spent the last hour or so searching the net looking for answers to my questions.  I found more on these forums than anywhere else so I figured I'd reach out and ask my questions here.

 

I'm in need a new firewall router.  My Netgear router isn't cutting it anymore.  I have about 35 devices currently between phone, cable boxes, printers, computers, video game systems, phones, tablets, etc.  A typical family with kids. One of my major desires is to be able to determine where traffic is being used.  There are times in the day when the network comes to a crawl.  My router gives me absolutely no info as to who is utilizing the majority, if not all, the bandwidth.  So I would like to be able to determine that, then once I know that, be able to either throttle that device or at least know which machine it is then maybe I can determine if it makes sense and just let that machine finish whatever its doing.

 

Naturally having kids, there is a concern for the sites they might go to.  I want to ensure they are being kids and if they do stray the websites are filtered somewhat and maybe, if possible, the content is at least checked for malware (not sure if this is possible.)  

 

I have seen the mention this is for home use and if you want to use it for business you have to get the business versions.  Is this version the same as the business versions just that it might allow more IPs on the business version and not have the CPU and memory limitations?  

 

I was on the phone today with a Sophos rep and local reseller.  They were able to answer a few of my questions but not all - which I found odd.  This is after all what they should be able to do right?  I ask questions, they answer.  So now I have to wait for a 3rd call from someone.

 

I am searching for a PC to install the software on so any suggestions would be good.  I understand minimally a Celeron J1900 with Intel NICs is a good option so I am trying to find a solution that matches those specs.  

Welcome to the forums! As schoondoggy said this is a true hardcore firewall its almost to good for home use. Using Sophos your going to have some setup pains to get threw. Sophos XG does not like mobile devices or gaming consoles so your going to have to bypass HTTP scanning & turn off the 'web filter' for those devices. We are hoping that the first big update for Sophos fixes these problems. As for hardware I know some HSS members are running Sophos on a Celeron J1900 and claim it works fine however I have not tested it myself. I just picked up a Gigabyte BRIX GB-BXBT-1900 but a quick search shows everyone out of stock, Maybe you could find one used on ebay. If your into building a computer you could get this case http://www.newegg.com/Product/Product.aspx?Item=N82E16811129185 & Motherboard http://www.newegg.com/Product/Product.aspx?Item=N82E16813157497

 

Personally though with a household like yours unless your willing to be yelled at and put up with things not working till you find the right tweaks I almost want to tell you to just pre-order Luma @ A 50% Savings right now, schoondoggy. myself and a few others have pre-ordered Luma because it looks like its going to be a great product with a nice balance of security and ease of administration. If you have a big house or its multi story just get the 3 pack @ 249.00 That is a steel, Soon that price will be 499.00

Edited by itGeeks
Link to post
Share on other sites

people have been speaking about 'sophos' without distinguishing between UTM and XG versions. that may muddy the resulting discussions. in any case, a network that stops like that probably causes yelling already.

 

If you are in a hurry, waiting for a new product to come out may not be so comfortable. How long has dave been waiting for his? so you might start with something like 'circle' which you can get now. 

 

Or, if you are more of a tinkerer or very detail oriented, for an interim solution sophos UTM 9 can help you get your hands on realtime data you are looking for. If you put it on a pc just make sure the pc is 64 bit so you can change to XG should it become practical. I am really satisfied with the performance (and low power use) of UTM on an old N40L microserver, besides the 'daily report' of who used how much data, you can get realtime views by clicking in the control panel. And you can find plenty of info in the 'drashna' blog on how to set it up to reduce some of the screaming over filtering. 

 

good luck on weighing the options as you have many!

  • Like 1
Link to post
Share on other sites

people have been speaking about 'sophos' without distinguishing between UTM and XG versions. that may muddy the resulting discussions. in any case, a network that stops like that probably causes yelling already.

 

If you are in a hurry, waiting for a new product to come out may not be so comfortable. How long has dave been waiting for his? so you might start with something like 'circle' which you can get now. 

 

Or, if you are more of a tinkerer or very detail oriented, for an interim solution sophos UTM 9 can help you get your hands on realtime data you are looking for. If you put it on a pc just make sure the pc is 64 bit so you can change to XG should it become practical. I am really satisfied with the performance (and low power use) of UTM on an old N40L microserver, besides the 'daily report' of who used how much data, you can get realtime views by clicking in the control panel. And you can find plenty of info in the 'drashna' blog on how to set it up to reduce some of the screaming over filtering. 

 

good luck on weighing the options as you have many!

You made some very good points however I would disagree about OP trying to learn UTM 9.x at this point because its out to pasture, For someone already running UTM 9.x its fine but coming in fresh no point in learning it. The time would be better spent learning XG even with its shortfalls. I agree Circle would be an option but that's not a router and the OP stated he wants something to replace his aged router.

Link to post
Share on other sites

then we will disagree, xg is really not worth fussing with at this time... and someday it will provide automatic upgrade from UTM so if they come through with a viable product the upgrade should be seamless and no waste involved.

Edited by nrf
Link to post
Share on other sites

I was speaking to Sophos about purchasing a XG unit because I hadn't really understood the home version.  To me, home versions, usually are cut down and I wanted more features and not something average home users wanted (in general.)  So I wanted to make sure something like the XG 85 was sufficient.  The person on the phone told me she recommended the XG 135 for my size/needs.  I was like WHAT?  When I asked for clarity on what I said that made her think a solution that big and expensive was the right solution.  She said the number of devices.  I said but they are that, devices, not people.  I asked what is a XG 85 targeted at? She said 4-5 users.  I said I am 4-5 users.  Does she consider a device the same as a user?  It seemed way overkill and a major upsell to me.  Specific detailed questions couldn't be answered by the Sophos rep.  I'm technical, but I am not a net op so I couldn't believe my questions were too much. 

 

I am actually surprised Sophos spoke to you, the free home version has no direct support, just through their forum. Sophos is a great firewall, but it is a firewall and needs to be configured and managed. It will give you info on use and traffic, it is the same base product that they sell to businesses. 

If you are looking for more parental control you may want to consider Circle as an add on to your home network. Luma is also something you may want to look at. Luma takes the place of your router and WiFi and adds control.

Dave reviewed Circle:

http://homeservershow.com/review-circle-with-disney.html

Luma threads:

http://homeservershow.com/forums/index.php?/topic/10447-luma-wifi-and-security/

http://homeservershow.com/forums/index.php?/topic/10543-luma-acquires-nodal/

Sophos threads:

http://homeservershow.com/forums/index.php?/topic/10258-sophos-copernicus-is-now-out-of-beta-and-has-a-new-name-sophos-xg-firewall/

http://homeservershow.com/forums/index.php?/topic/9974-sophos-utm-is-getting-a-new-version-and-guess-what-no-more-50-ip-limit/

Link to post
Share on other sites

Thanks for the links.  They made for interesting reads.  I currently have an iBoss router.  In concept, I liked it for when I purchased it.  However, its WiFi is something to be desired.  Until recently, it was really the only game in town (that I found.)  It requires a subscription so purchasing the Circle is an easy choice for a replacement.

 

Unfortunately it still doesn't appear like it will tell me where my bandwidth is being utilized.  That is something I still have to figure out if I don't get the XG

 

Luma is very interesting.  I like it because it seems like it would extend my Wifi abilities.  Something that would be nice as well.  I have dead spots on different spots/level in my home.  My router is in a corner of the upstairs.  So going down to the main level in the house quality drops.  Then going down to the basement, there is a very low signal.

 

 

I am actually surprised Sophos spoke to you, the free home version has no direct support, just through their forum. Sophos is a great firewall, but it is a firewall and needs to be configured and managed. It will give you info on use and traffic, it is the same base product that they sell to businesses. 

If you are looking for more parental control you may want to consider Circle as an add on to your home network. Luma is also something you may want to look at. Luma takes the place of your router and WiFi and adds control.

Dave reviewed Circle:

http://homeservershow.com/review-circle-with-disney.html

Luma threads:

http://homeservershow.com/forums/index.php?/topic/10447-luma-wifi-and-security/

http://homeservershow.com/forums/index.php?/topic/10543-luma-acquires-nodal/

Sophos threads:

http://homeservershow.com/forums/index.php?/topic/10258-sophos-copernicus-is-now-out-of-beta-and-has-a-new-name-sophos-xg-firewall/

http://homeservershow.com/forums/index.php?/topic/9974-sophos-utm-is-getting-a-new-version-and-guess-what-no-more-50-ip-limit/

Link to post
Share on other sites

then we will disagree, xg is really not worth fussing with at this time... and someday it will provide automatic upgrade from UTM so if they come through with a viable product the upgrade should be seamless and no waste involved.

Yes respectfully disagree, My point is for someone new to learn a brand new product is hard enough so Y learn a product that is already dead. UTM is a dead product and we won't see anything new to it, All of Sophos focus is on XG for better or worse. Its kind of trying to learn Windows for the first time and you tell someone to learn on Windows XP. That was my point. You did provide some great advice though, Just different worlds of thinking I guess. :)

Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
  • Similar Content

    • JROrtiz
      By JROrtiz
      I've been banging my head for a few days now trying to figure this out and I've run out of ideas. Hoping the very intelligent crew here can help me out.
       
      I have a Drobo 5N and a Synology RS816 on my network, both of which have been working without issue for quite some time now. I've always connected to both via Windows Explorer by simply going to the network address i.e., \\N5 and \\SYN (sample names). 
       
      I recently got a new desktop which is where the issues are coming up. When I try to go to \\N5, it results in a message saying it cannot find that location. However, \\SYN works just fine. What's strange is that I can see and manage the Drobo through the Drobo Dashboard software. What could be preventing Windows from seeing the Drobo on the network? 
       
      I've already enabled the SMB 1.x protocol, ensured the workgroup names are the same, rebooted both the machine and the Drobo, made sure network sharing is enabled, and even did a fresh install to ensure that some program I installed didn't cause the issue. Every other machine I have can access the Drobo without issue. It's just this new desktop, and everything is running Windows 10.
       
      Another strange phenomenon that I discovered is that if I go to "\\DROBO" (verbatim, not a sample name) it leads me to the Synology. Where is Windows getting the mapping from that it is directing that address to the Synology?
       
      This is driving me nuts so any advice would be greatly appreciated.
    • Jason
      By Jason
      Have been running a Windows DHCP server on home WSE12R2 box for quite some time behind my Sophos UTM firewall. Also allowed me to seamlessly run Windows Deployment Services at home. WDS just worked.
       
      But if I needed to make a particular LAN IP address exception on the firewall, I had to 1.) create a Windows DHCP server reservations AND 2.) create a network definition for that IP on the Sophos UTM box. 2 steps. Not very efficient; was sure I was doing something incorrectly...
       
      Tried to migrate to Sophos UTM running the DHCP Server, but now WDS doesn't work. LAN devices can no longer PXE boot. Seems possible. Many guides. None have proven especially successful.
       
      Is it possible to run a Windows DHCP server and have Sophos UTM import DHCP reservations instead of maintaining 2 unique entries for each IP reservation (one in Windows DHCP, another on Sophos UTM box)?
       
      What is best practice?
       
       
      Sent from my iPhone using Tapatalk
    • donschmidt
      By donschmidt
      Good morning.  I've just  purchased a home still under construction and plan to have CAT6 installed throughout the living areas. I'm hoping that someone can advise me as to the specific quality/specs of cable that I should use.
      Thanks and Happy New Year.
    • Joe_Miner
      By Joe_Miner
      I've been looking at the Intel Compute Stick BOXSTK1AW32SC and was wondering if anyone here has experience with that and if the Intel AC 7265 built into it is backwardly compatible with older N and A,B wifi?
    • heavy21
      By heavy21
      I want to optimize the performance and security of my home network of servers, PCs, laptops printers, smartphones, TVs, etc.  Current network appliances include layer 2 and 3 switches (Cisco small business) and Linksys router.  I’m looking to replace the Linksys with a security (pfSense) router appliance (w/OpenVPN).  I will also be adding security cameras and a NVR to the network.
       
      The gigabit network is straightforward in structure with all Ethernet connections hanging off the24 port switch connected to the cable modem and router except a cascaded 8 port switch in a room to provide 4 Ethernet connections in a room with only one data port.  Wireless connections presently come off the Linksys but will eventually come off the to-be-purchased security/router appliance with a wireless card.  I don’t see more than 100 devices in total for the whole network.  No VLANS and no sub-netting.  All hardware supports IPv6.
       
      Hardware line up is:
      Dual Zeon server w/RAID 10 of 24 TB of storage, 64GB memory
      Cisco managed switches layer 2 and 3
      HPEX495 server
      Workstations, Desktops, Laptops, Tablets, iPads
      Printers
       
      Software line up is:
      Windows Server Essentials 2012 R2, single domain controller, storage and file server duties
      Windows 10 Pro all non-server Intel computing devices
      PLEX server for streaming audio and video to display units
      Office 365
       
      From what I’ve read so far, it appears that I need to incorporate an IP addressing scheme for clients and servers on the network.  It would also appear that I need to implement VLANS and/or sub-netting to protect access to certain files and security footage, provide guest networking with future consideration for electronic door locks and some sort of server based media distribution to various display devices,
      What are best practices on assigning client and server devices to IP ranges, fixed or dynamic IP addresses?  Do I need to assign clients or servers to IP ranges?  What are the considerations in establishing sub-nets over VLANS or vice versa?  I’m pretty sure I want to restrict access to cameras and their security footage and personal files on my workstation.
       
      Thanks for any resources and advice provided.
       

×
×
  • Create New...