Jump to content
RESET Forums (homeservershow.com)

Can i get by with Sophos Home edition?


Recommended Posts

Welcome to the forums! As schoondoggy said this is a true hardcore firewall its almost to good for home use. Using Sophos your going to have some setup pains to get threw. Sophos XG does not like mobile devices or gaming consoles so your going to have to bypass HTTP scanning & turn off the 'web filter' for those devices. We are hoping that the first big update for Sophos fixes these problems. As for hardware I know some HSS members are running Sophos on a Celeron J1900 and claim it works fine however I have not tested it myself. I just picked up a Gigabyte BRIX GB-BXBT-1900 but a quick search shows everyone out of stock, Maybe you could find one used on ebay. If your into building a computer you could get this case http://www.newegg.com/Product/Product.aspx?Item=N82E16811129185 & Motherboard http://www.newegg.com/Product/Product.aspx?Item=N82E16813157497

 

Personally though with a household like yours unless your willing to be yelled at and put up with things not working till you find the right tweaks I almost want to tell you to just pre-order Luma @ A 50% Savings right now, schoondoggy. myself and a few others have pre-ordered Luma because it looks like its going to be a great product with a nice balance of security and ease of administration. If you have a big house or its multi story just get the 3 pack @ 249.00 That is a steel, Soon that price will be 499.00

 

I like the size and price of the GIGABYTE GB-BXBT-2807 but it only has 1 NIC and I don't see how you get a 2nd one in.   How do you get a 2nd NIC in there?  It seems like NewEgg has them in stock as I didn't see an out of stock on the item.  If I go the build route, I found this MB http://www.newegg.com/Product/Product.aspx?Item=N82E16813128698  It has 2 Intel NIC so its a bit more expensive.

Link to post
Share on other sites
  • Replies 40
  • Created
  • Last Reply

Top Posters In This Topic

  • itGeeks

    12

  • Cuco

    6

  • schoondoggy

    6

  • nrf

    6

Top Posters In This Topic

Popular Posts

people have been speaking about 'sophos' without distinguishing between UTM and XG versions. that may muddy the resulting discussions. in any case, a network that stops like that probably causes yelli

Welcome to the forums! As schoondoggy said this is a true hardcore firewall its almost to good for home use. Using Sophos your going to have some setup pains to get threw. Sophos XG does not like mobile devices or gaming consoles so your going to have to bypass HTTP scanning & turn off the 'web filter' for those devices. We are hoping that the first big update for Sophos fixes these problems. As for hardware I know some HSS members are running Sophos on a Celeron J1900 and claim it works fine however I have not tested it myself. I just picked up a Gigabyte BRIX GB-BXBT-1900 but a quick search shows everyone out of stock, Maybe you could find one used on ebay. If your into building a computer you could get this case http://www.newegg.com/Product/Product.aspx?Item=N82E16811129185 & Motherboard http://www.newegg.com/Product/Product.aspx?Item=N82E16813157497

 

Personally though with a household like yours unless your willing to be yelled at and put up with things not working till you find the right tweaks I almost want to tell you to just pre-order Luma @ A 50% Savings right now, schoondoggy. myself and a few others have pre-ordered Luma because it looks like its going to be a great product with a nice balance of security and ease of administration. If you have a big house or its multi story just get the 3 pack @ 249.00 That is a steel, Soon that price will be 499.00

 

I like the size and price of the GIGABYTE GB-BXBT-2807 but it only has 1 NIC and I don't see how you get a 2nd one in.   How do you get a 2nd NIC in there?  It seems like NewEgg has them in stock as I didn't see an out of stock on the item.  If I go the build route, I found this MB http://www.newegg.com/Product/Product.aspx?Item=N82E16813128698  It has 2 Intel NIC so its a bit more expensive.

Link to post
Share on other sites
GotNoTime

I like the size and price of the GIGABYTE GB-BXBT-2807 but it only has 1 NIC and I don't see how you get a 2nd one in.

It has a Mini-PCIe slot inside for the WiFi/Bluetooth card. You'll need to somehow feed the wire out the case though. Probably through the security lock slot.

 

Another alternative would be a USB ethernet adapter but generally they're not a great idea.

Link to post
Share on other sites

Welcome to the forums! As schoondoggy said this is a true hardcore firewall its almost to good for home use. Using Sophos your going to have some setup pains to get threw. Sophos XG does not like mobile devices or gaming consoles so your going to have to bypass HTTP scanning & turn off the 'web filter' for those devices. We are hoping that the first big update for Sophos fixes these problems. As for hardware I know some HSS members are running Sophos on a Celeron J1900 and claim it works fine however I have not tested it myself. I just picked up a Gigabyte BRIX GB-BXBT-1900 but a quick search shows everyone out of stock, Maybe you could find one used on ebay. If your into building a computer you could get this case http://www.newegg.com/Product/Product.aspx?Item=N82E16811129185 & Motherboard http://www.newegg.com/Product/Product.aspx?Item=N82E16813157497

 

Personally though with a household like yours unless your willing to be yelled at and put up with things not working till you find the right tweaks I almost want to tell you to just pre-order Luma @ A 50% Savings right now, schoondoggy. myself and a few others have pre-ordered Luma because it looks like its going to be a great product with a nice balance of security and ease of administration. If you have a big house or its multi story just get the 3 pack @ 249.00 That is a steel, Soon that price will be 499.00

 

I like the size and price of the GIGABYTE GB-BXBT-2807 but it only has 1 NIC and I don't see how you get a 2nd one in.   How do you get a 2nd NIC in there?  It seems like NewEgg has them in stock as I didn't see an out of stock on the item.  If I go the build route, I found this MB http://www.newegg.com/Product/Product.aspx?Item=N82E16813128698  It has 2 Intel NIC so its a bit more expensive.

If you are considering buying the Sophos XG-85, look at the Fortinet Fortigate 60d. Great firewall and easy to use.

 

I only considered the XG because I thought it was my only option.  Then I found the Home version might be good enough. 

I stumbled on the Google OnHub.  Seems like it has the ability to report on bandwidth usage per device which is something I really need/want.  Just seems that at $200 it would have many more features.  Reviews seem to point to a descent router but overpriced.  For me though, that is a major selling point.  It didn't mention anything about throttling though.

 

Seems like I can get a little from this router, a little from that router, a bit from another.  XG might be what I need/want but if its that complicated, it might not be for me.  I'm a software developer and don't want to spend time being a full time net op.

Link to post
Share on other sites

If you are considering buying the Sophos XG-85, look at the Fortinet Fortigate 60d. Great firewall and easy to use.

so evidently fortinet believes they need to be able to 'administer' their devices from the internet in spite of them belonging to us, is that a concern here?

Link to post
Share on other sites
schoondoggy

so evidently fortinet believes they need to be able to 'administer' their devices from the internet in spite of them belonging to us, is that a concern here?

Not sure as to what you are referring to, you can pay for a service to have Fortinet manage your firewalls, but I do not believe it is required.
Link to post
Share on other sites

I like the size and price of the GIGABYTE GB-BXBT-2807 but it only has 1 NIC and I don't see how you get a 2nd one in.   How do you get a 2nd NIC in there?  It seems like NewEgg has them in stock as I didn't see an out of stock on the item.  If I go the build route, I found this MB http://www.newegg.com/Product/Product.aspx?Item=N82E16813128698  It has 2 Intel NIC so its a bit more expensive.

That Gigabyte is not going to work very well for you not only is it less powerfull then a Celeron J1900 it only has a single NIC and it Realtek, Stay away from anything other then Intel NICs or your bound to have trouble with it. I am sorry I linked the wrong motherboard for you, Have a look at this one http://www.newegg.com/Product/Product.aspx?Item=N82E16813157614

That board has dual Intel NIC's. When looking for a system for this type of use make sure it has Intel NIC's or chances are your going to have trouble. Sorry for posting the wrong link for the motherboard.

It has a Mini-PCIe slot inside for the WiFi/Bluetooth card. You'll need to somehow feed the wire out the case though. Probably through the security lock slot.

 

Another alternative would be a USB ethernet adapter but generally they're not a great idea.

I agree with you, A USB Ethernet adapter is not ideal for this type of application. He his better off with duel Intel NIC's either on-board or PICe

Edited by itGeeks
Link to post
Share on other sites

I like the size and price of the GIGABYTE GB-BXBT-2807 but it only has 1 NIC and I don't see how you get a 2nd one in.   How do you get a 2nd NIC in there?  It seems like NewEgg has them in stock as I didn't see an out of stock on the item.  If I go the build route, I found this MB http://www.newegg.com/Product/Product.aspx?Item=N82E16813128698  It has 2 Intel NIC so its a bit more expensive.

 

I only considered the XG because I thought it was my only option.  Then I found the Home version might be good enough. 

I stumbled on the Google OnHub.  Seems like it has the ability to report on bandwidth usage per device which is something I really need/want.  Just seems that at $200 it would have many more features.  Reviews seem to point to a descent router but overpriced.  For me though, that is a major selling point.  It didn't mention anything about throttling though.

 

Seems like I can get a little from this router, a little from that router, a bit from another.  XG might be what I need/want but if its that complicated, it might not be for me.  I'm a software developer and don't want to spend time being a full time net op.

Sophos is going to be work to setup & tune, No way around it. I will also add its going to be a thorn in your butt if you have mobile devices & gaming consoles. Don't get me wrong Sophos is top notch protection but it's not geared to home users. I still say you should take a hard look at Luma. We still don't know if Luma will deliver on its promise but a few of us have pre-ordered it in hopes that it is as good as it sounds.

Link to post
Share on other sites

The reviews I have read on the Goolge On Hub haven't been very good.

 

I can't wait for my Luma 3-pack as I have the same issues the original poster.

 

Another question. I believe it is Sophos that limits you to a certain amount of IP's. I have around 50 items on my home automation network,

not counting all the PC's, tablets, PC's, phones, media streamers, etc. I assume the home automation isn't just seen as a hub, if so

I am well beyond the device limits for the free version. 

Link to post
Share on other sites

Not sure as to what you are referring to, you can pay for a service to have Fortinet manage your firewalls, but I do not believe it is required.

I was referring to recent disclosures of a hard-coded ssh password that allowed fortinet into your router - they said it was not a vulnerability but rather an authorization issue. their patch did not remove or change the password, but will most likely allow them in in the future if they 'knock on' the right ports for it to open up again. hence the statement that they believe they need to be able to get into your fancy router without your permission. 

Edited by nrf
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Similar Content

    • JROrtiz
      By JROrtiz
      I've been banging my head for a few days now trying to figure this out and I've run out of ideas. Hoping the very intelligent crew here can help me out.
       
      I have a Drobo 5N and a Synology RS816 on my network, both of which have been working without issue for quite some time now. I've always connected to both via Windows Explorer by simply going to the network address i.e., \\N5 and \\SYN (sample names). 
       
      I recently got a new desktop which is where the issues are coming up. When I try to go to \\N5, it results in a message saying it cannot find that location. However, \\SYN works just fine. What's strange is that I can see and manage the Drobo through the Drobo Dashboard software. What could be preventing Windows from seeing the Drobo on the network? 
       
      I've already enabled the SMB 1.x protocol, ensured the workgroup names are the same, rebooted both the machine and the Drobo, made sure network sharing is enabled, and even did a fresh install to ensure that some program I installed didn't cause the issue. Every other machine I have can access the Drobo without issue. It's just this new desktop, and everything is running Windows 10.
       
      Another strange phenomenon that I discovered is that if I go to "\\DROBO" (verbatim, not a sample name) it leads me to the Synology. Where is Windows getting the mapping from that it is directing that address to the Synology?
       
      This is driving me nuts so any advice would be greatly appreciated.
    • Jason
      By Jason
      Have been running a Windows DHCP server on home WSE12R2 box for quite some time behind my Sophos UTM firewall. Also allowed me to seamlessly run Windows Deployment Services at home. WDS just worked.
       
      But if I needed to make a particular LAN IP address exception on the firewall, I had to 1.) create a Windows DHCP server reservations AND 2.) create a network definition for that IP on the Sophos UTM box. 2 steps. Not very efficient; was sure I was doing something incorrectly...
       
      Tried to migrate to Sophos UTM running the DHCP Server, but now WDS doesn't work. LAN devices can no longer PXE boot. Seems possible. Many guides. None have proven especially successful.
       
      Is it possible to run a Windows DHCP server and have Sophos UTM import DHCP reservations instead of maintaining 2 unique entries for each IP reservation (one in Windows DHCP, another on Sophos UTM box)?
       
      What is best practice?
       
       
      Sent from my iPhone using Tapatalk
    • donschmidt
      By donschmidt
      Good morning.  I've just  purchased a home still under construction and plan to have CAT6 installed throughout the living areas. I'm hoping that someone can advise me as to the specific quality/specs of cable that I should use.
      Thanks and Happy New Year.
    • Joe_Miner
      By Joe_Miner
      I've been looking at the Intel Compute Stick BOXSTK1AW32SC and was wondering if anyone here has experience with that and if the Intel AC 7265 built into it is backwardly compatible with older N and A,B wifi?
    • heavy21
      By heavy21
      I want to optimize the performance and security of my home network of servers, PCs, laptops printers, smartphones, TVs, etc.  Current network appliances include layer 2 and 3 switches (Cisco small business) and Linksys router.  I’m looking to replace the Linksys with a security (pfSense) router appliance (w/OpenVPN).  I will also be adding security cameras and a NVR to the network.
       
      The gigabit network is straightforward in structure with all Ethernet connections hanging off the24 port switch connected to the cable modem and router except a cascaded 8 port switch in a room to provide 4 Ethernet connections in a room with only one data port.  Wireless connections presently come off the Linksys but will eventually come off the to-be-purchased security/router appliance with a wireless card.  I don’t see more than 100 devices in total for the whole network.  No VLANS and no sub-netting.  All hardware supports IPv6.
       
      Hardware line up is:
      Dual Zeon server w/RAID 10 of 24 TB of storage, 64GB memory
      Cisco managed switches layer 2 and 3
      HPEX495 server
      Workstations, Desktops, Laptops, Tablets, iPads
      Printers
       
      Software line up is:
      Windows Server Essentials 2012 R2, single domain controller, storage and file server duties
      Windows 10 Pro all non-server Intel computing devices
      PLEX server for streaming audio and video to display units
      Office 365
       
      From what I’ve read so far, it appears that I need to incorporate an IP addressing scheme for clients and servers on the network.  It would also appear that I need to implement VLANS and/or sub-netting to protect access to certain files and security footage, provide guest networking with future consideration for electronic door locks and some sort of server based media distribution to various display devices,
      What are best practices on assigning client and server devices to IP ranges, fixed or dynamic IP addresses?  Do I need to assign clients or servers to IP ranges?  What are the considerations in establishing sub-nets over VLANS or vice versa?  I’m pretty sure I want to restrict access to cameras and their security footage and personal files on my workstation.
       
      Thanks for any resources and advice provided.
       



×
×
  • Create New...