XG firewall, can't say I'm impressed

Live log, doesn't really exist, in fact logging looks very much like a home router and even they in a lot of cases have more information.
Countries does work. There is another thread I did answer this on. You need to create a country group, then use that group in a blocking/disallow policy at the top of the policy order.

Ian M

Rfcat,

I agree with you and I advice all to vote/open feature request. I think that we need to wait for a couple of release before they can integrate more features inside XG. For sure, logging and some other basic function should be already available but they did not spent so much time on these things but from my point of view the XG base is much better than UTM9, such as:
Reporting
CLI
Unified Policy concept
IPS: per rule so better performance in general
Custom IPS rules
OS: smaller and many packages are absents for better security (it's a firewall)
Rules per users
QOS per users
Agent for Terminal Services

At the moment I install XG and I still have it at home to get confidence with it, to find bugs, to open feature request in order to sell the XG in 2017, if they will integrate the proper features and improve GUI, otherwise we will see.

Luk

Hi Luk,
yes the foot print is smaller than the UTM 9, but the feature set is also smaller.
IPS, I am not sure about because the included package is older than the UTM 9 version.
You can do rules per user in UTM, not sure why you would want to unless you had an AD to enforce access rules.
QOS, again you could setup QOS in UTM 9 if you so desired.
CLI is better and more easily accessed if you leave a console and keyboard attached to your SF-OS.
I have been reviewing and voting for some of your feature requests.
ATP does appear to work better.

Adding my little bit of support so the product can grow.

Ian

Thanks RFcat for your feedback and votes. I already wrote that IPS engine is older than the one used in UTM but I think they will upgrade to newer version.
QOS/time access is much better than UTM now. ... if you think about Application control (time range rules is not possible) and users do not have bandwitdth allocation, so....

At the moment we are in a hope and building phase.

Keep feedbacking and writing!!!!

Regards,

Luk

the only reasonable thing Sophos could do at this point is to torch XG and bury it deep in the backyard and than focus their work on UTM 9, build on that and keep a good firewall solution alive instead of trying to push down XG our throats.

I also was disappointed by the lack of Live logs, I setup syslog to get more detailed logs which is better but still not upto UTM live log standards. Syslog logs the traffic but doesnt colour it so its all a bit of a mess and hard to find anything. But at least its more than XG built in logs

Luk,
I just tried creating a user QOS profile with bandwidth limitations in a UTM 9. Profile created without any issues, I have not tried time limiting a qos profile.

Ian

I am a fan of UTM 9.x. I still think it has the best interface of the UTM I know (Cyberoam, Fortinet, SonicWALL, WatchGuard).

The move to the XG software is not bad because it has a faster and simpler GUI, but it also has many shortcomings. It has less features, the interface is less user friendly and the object simplicity of UTM 9.x was lost.

Having many ISP links and not being able to identify them by a custom name is stupid at this point in time. Why I need to remember what I have connected at PortA?

The object management on Sophos was quite powerfull and simple.

I really hope the software evolves to something usable but for now it doesn't replace or improves the trusty UTM 9.3

That's what i say too. XG firewall GUI is miles away from the UTM GUI! The posibilty to upgrad from UTM to Sophos XG Firewall i not an option for UTM users.

Yikes, I do not like. Very cumbersome Interface. Definitely a step in the wrong direction. Where are the on\off switches? I'm staying with UTM 9.x!