Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG firewall, can't say I'm impressed

Attempted today to swith out the old UTM with XG firewall (home use). Been using this product since Astaro 4.7 (I think), and loved it since day one.

And I can't really say I'm impressed with XG firewall. The GUI is messy while im sure the touch fanboys will love it, personally I hate it. 

There don't seem to be a option to see live log. It could be that I didn't look good enough tho. 
Country blocking, couldn't get it to work. Don't know if it was even supposed to work. 
Specifying FW rules was horrible. I think I actually prefer Windows firewall rule adding to this. 

Reporting was powerfull and I can see thats a improved area.

Unfortunatley the XG firewall named Batman was decapitaed and nuked from orbit. Atleast I tried and wanted to like it.



This thread was automatically locked due to age.
Parents
  • It took me a long time, but I think I finally got a pretty good handle on the new GUI. I re-created the rules I had running on UTM9, but as soon as I had one client downloading a file the internet was crippled for any other user. (This is home use). One computer downloading a file, ping to Google was 1,200ms, web browsing was painfully slow. I start disabling HTTP(S) scanning, then IPS, and performance improves. The dashboard is showing a performance alert and my system load is 2.0 with NO TRAFFIC running through the box at all. This is on the same hardware I was running UTM9 on with no issues. I can download a file, stream HD netflix, surf the web, and play a multiplayer video game with no issues on UTM9. I went back to UTM9. Hopefully they fix the performance issues. I'm not sure if the 4-core limit doesn't play well with my 8 core Intel Atom C2750? Is the Sophos XG Linux kernel 64-bit? I didn't think to check before I re-installed UTM9.
Reply
  • It took me a long time, but I think I finally got a pretty good handle on the new GUI. I re-created the rules I had running on UTM9, but as soon as I had one client downloading a file the internet was crippled for any other user. (This is home use). One computer downloading a file, ping to Google was 1,200ms, web browsing was painfully slow. I start disabling HTTP(S) scanning, then IPS, and performance improves. The dashboard is showing a performance alert and my system load is 2.0 with NO TRAFFIC running through the box at all. This is on the same hardware I was running UTM9 on with no issues. I can download a file, stream HD netflix, surf the web, and play a multiplayer video game with no issues on UTM9. I went back to UTM9. Hopefully they fix the performance issues. I'm not sure if the 4-core limit doesn't play well with my 8 core Intel Atom C2750? Is the Sophos XG Linux kernel 64-bit? I didn't think to check before I re-installed UTM9.
Children
  • 0xDECAFBAD said:
    It took me a long time, but I think I finally got a pretty good handle on the new GUI. I re-created the rules I had running on UTM9, but as soon as I had one client downloading a file the internet was crippled for any other user. (This is home use). One computer downloading a file, ping to Google was 1,200ms, web browsing was painfully slow. I start disabling HTTP(S) scanning, then IPS, and performance improves. The dashboard is showing a performance alert and my system load is 2.0 with NO TRAFFIC running through the box at all. This is on the same hardware I was running UTM9 on with no issues. I can download a file, stream HD netflix, surf the web, and play a multiplayer video game with no issues on UTM9. I went back to UTM9. Hopefully they fix the performance issues. I'm not sure if the 4-core limit doesn't play well with my 8 core Intel Atom C2750? Is the Sophos XG Linux kernel 64-bit? I didn't think to check before I re-installed UTM9.

    XG is limited to 6 gigs of ram and 4 cores.  With you running an atom you had your total processing power cut in half so you are going to have issues.  XG is a 64 bit kernel.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow