at least after I upgraded the appliance to an i7-7700T (35 Watt), which I Noctuad down to unnoticeable sound emissions. The GUI is nowhere near as nice as Astaro/Sophos/UTM and it's still obvious that the original business model was based on selling the documentation not the software, but it works, it is very well supported and it can take the load. But pfSense is worth the overhead, and I practically never need to deal with the BSD underneath the Web-GUI. kid's 0.9x OS with the Minix knock-off file system in the old days, CentOS has been my mainstay for at least a decade and BSD these days feels rather "raw". Yes, even if I preferred *real* Unix like AT&T SysV R3 or 386BSD over that Linus T. I looked around the free personal firewall scene and evaluated a couple of them to settle on pfSense. There are also simply too many good reasons to make your primary firewall an independent appliance. I tried running the appliance as a VM on my 24/7 home-server, a entry level Xeon with plenty of RAM and muscle, but since that's based on Windows server (Terminal server and desktop as well as VM host and file/print server), all type 2 hypervisors seemed challenged with such I/O intensive loads (and no IOSR-V or similar). When Astaro got bought up by Sophos, the pressure to purchase got stepped up but also my bandwidth increased from low Mbits to hundreds and a point where the Atom was becoming a bottleneck. Networking isn't my IT-primary but I really needed to keep my home, lab and family safe (two dozen physical computing devices from smartphones to big workstations). I've really liked the user interface, of course it was complex, but mostly because the appliance grew ever more powerful as well. Initially it ran on a decomissioned corporate notebook with a secondary Ethernet as PCMIA card, but eventually it graduated to a J1900 Atom with dual Ethernet NICs. The future of Sophos clearly lies in the Sophos Firewall OS and Synchronized Security.I started with UTM when Astaro came out with the free version more than 15 years ago. However, if you are looking for a new firewall with a strong level of integration, you might consider the XG. The SG line is a complete, mature, viable platform and has been a great choice for a lot of our customers as the XG series has matured. They are a classic, and though they will eventually be replaced by the XG series, that time has not come yet. There’s a reason Sophos still offers the SG line of appliances. And, all policies are in one place, easy to find and read. Sophos XG has a clean new dashboard with a nifty User Threat Quotient feature, and there are extremely helpful, thorough and streamlined compliance reporting options. The Reporting feature is also extremely granular. Also, through Live Logs you can watch traffic as it comes through the firewall as it happens and see if your policies are working. Sophos SG has an extremely quick and easy-to-read dashboard. The net effect is that threat discovery, isolation, and remediation happen much more quickly. It is a unified, systemic approach that works more rapidly, because you don’t have different stuff happening at the endpoint and the gateway. When and if a breach happens, it gets picked up and locked down much more quickly. It communicates holistically between the gateway and all your protocols, and the endpoint itself. And, with Synchronized Security on the XG firewall you can see the applications that are running on all the endpoints.Īlso, the XG series has the Security Heartbeat. It’s extremely quick and easy to check logs right through the GUI. Also, the Log Viewer is a real highlight of the XG operating system. There are some technical advantages to the XG (SFOS) over the SG (UTM) operating system.įor example, Firewall rules are much clearer and more granular. It is worth noting that the SG is upgradeable to XG firmware. As a newer product, the XG’s Sophos Firewall Operating System (SFOS) is updated more frequently. The main difference is that SG Series appliances come pre-installed with UTM 9 firmware while XG firewalls come pre-installed with XG firewall firmware. If you are looking for stability and ease-of-use, then a firewall this well-known and understood is an excellent choice.īasically, the hardware on the SG and XG series are extremely similar in terms of CPU, RAM, memory, and ports. However, that’s not to say it doesn’t have a very strong feature set of its own. The Sophos SG series (Unified Threat Management or UTM) is a very mature and stable platform. But, what’s the difference? Well, this article isn’t intended to simply steer you to buying a new XG if you don’t need one right now. You may know that Sophos carries two lines of highly-rated firewall appliances, the SG and the XG series.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |