Does Sophos XG 19 Home Edition support Intel i225v 2.5G chipset now?

Hi Ken,

trhat NIC is not supported. There is a way around the the issue and that is to install a VM. 

Ian

Hey again, so I am assuming that Sophos also does not support the latest Intel i226 and 1226-v 2.5G network cards?

Thx!

Hi,

looking at the specifications the device is aimed at the home/laptop/tablet market and other variants at fixed low power devices therefore it will be safe to assume it will not be supported.

Ian

Fair enough, that is a fair assumption.  Thanks!

I disagree. It will be supported when kernel used is new enough to have support to this model. Nothing to do with fact it is home/laptop what ever variant. Sophos has not dropped support for such models in the past. Only reason those are not supported is that kernel does not have driver modules.

The stated reason from sophos about certain nics is they not  heavy duty network devices.

ian

All consumer grade nics that have kernel modules will work as I have stated before. Even Realtek ones. Reason these 2.5G nics are not supported is that kernel is several versions old and it just does not have necessary modules. Why are you giving out such false information to forums users?

It is not false it is the previously stated Sophos position when asked to update the drivers to use these device. Your are correct infact some Realtek devices are supported and yes, last time I check the UTM does support these devices and others and has for many years.

Ian

Please review this KBA.

https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/137737/sophos-firewall-home://community.sophos.com/sophos-xg-firewall/f/recommended-reads/137737/sophos-firewall-home

The current XG kernel is v4.14-277 from 2015, I am not sure about the UTM kernel, but it appears to be older.

Sophos does support the many fanless PCs that were marketed towards home/business users such as the Qotom mini PCs with the Intel 211 chipsets. Then Sophos decided to stop supporting the newer NICs, citing that they are for "home use" which doesn't make sense since the firewall is free for....home users?

All that is required is for Sophos to release a firmware update with a newer Linux kernel and then the newer NICs will be supported by virtue of the driver being contained in the kernel. I'm sure there is nothing "special" that Sophos has to do to support the newer NICs.

Sophos is still using the older Linux kernel 4.12 (on the UTM) and all they would have to do is release a firmware with a newer Linux firmware. Linux is currently on the 5.12 kernel, so yeah, the linux kernel in Sophos firewalls is ridiculously outdated in comparison. Makes you wonder how much longer that can drag this out....

The only way around this limitation is to virtualize the XG in  KVM, ESXi, Proxmox, etc. which is another point of failure and vulnerability/ attack vector.

My theory is that since Sophos heavily invests in their own hardware obviously they don't want a $400 firewall device you can buy online to work with XG and outperform a $2,000 Sophos XGS device. It's just marketing decisions, really. But it's Sophos' choice whether to release a newer kernel or not. It just affects the home users really.

Sophos does support the many fanless PCs that were marketed towards home/business users such as the Qotom mini PCs with the Intel 211 chipsets. Then Sophos decided to stop supporting the newer NICs, citing that they are for "home use" which doesn't make sense since the firewall is free for....home users?

All that is required is for Sophos to release a firmware update with a newer Linux kernel and then the newer NICs will be supported by virtue of the driver being contained in the kernel. I'm sure there is nothing "special" that Sophos has to do to support the newer NICs.

Sophos is still using the older Linux kernel 4.12 (on the UTM) and all they would have to do is release a firmware with a newer Linux firmware. Linux is currently on the 5.12 kernel, so yeah, the linux kernel in Sophos firewalls is ridiculously outdated in comparison. Makes you wonder how much longer that can drag this out....

The only way around this limitation is to virtualize the XG in  KVM, ESXi, Proxmox, etc. which is another point of failure and vulnerability/ attack vector.

My theory is that since Sophos heavily invests in their own hardware obviously they don't want a $400 firewall device you can buy online to work with XG and outperform a $2,000 Sophos XGS device. It's just marketing decisions, really. But it's Sophos' choice whether to release a newer kernel or not. It just affects the home users really.