Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Sophos Firewall

Discussions what are the possibilities of xg home firewall with limited hardware [THREAT PROTECTION, TLS INSPECTION]

Sophos Firewall requires membership for participation - click to join

Thread Info

State Suggested Answer
Locked Locked
Replies 5 replies
Answers 1 answer
Subscribers 41 subscribers
Views 1884 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

what are the possibilities of xg home firewall with limited hardware [THREAT PROTECTION, TLS INSPECTION]

mike bo over 1 year ago

what traffic can be handled in version 4 core, 6Gb RAM in relation to IPS/IDS

This thread was automatically locked due to age.

Top Replies

Erick Jan over 1 year ago +2 suggested

Hi Mike, Thank you for reaching out to Sophos Community. Sophos Firewall Home will be able to handle the IPS. For the Traffic, you may refer to IPS Signature categories and documentation. https…

Parents

0 alan weir over 1 year ago

The answer: it depends. I can only give you an example of ram usage in a particular scenario. In a simple home network (Read: home usage) with about 5-8 devices and all IPS rules enabled for all firewall rules, with TLS inspection on 3 devices, it uses around 4Gb of RAM. This is with most features enabled (app/web/IPS/TLS). Download speeds of 300 Gbps sustainable with no slow down.

As far as CPU, it depends even more.... In my performance history, the CPU usage never hovered above 25% which is very good for what I have, a quad core Xeon (a 2.5GHz variant)

What hardware do you have? What CPU? With a regular household there should be no issue, especially since Android/iOS devices will not be using TLS inspection anyways so you would only be using that for Windows/Linux devices mostly.

Also, with the IPS, which uses most of the CPU, it can be tuned by selecting only the IPS rules that you need, such as a LAN to WAN, or WAN to LAN policy. Ect. I hope this helps.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 alan weir over 1 year ago

The answer: it depends. I can only give you an example of ram usage in a particular scenario. In a simple home network (Read: home usage) with about 5-8 devices and all IPS rules enabled for all firewall rules, with TLS inspection on 3 devices, it uses around 4Gb of RAM. This is with most features enabled (app/web/IPS/TLS). Download speeds of 300 Gbps sustainable with no slow down.

As far as CPU, it depends even more.... In my performance history, the CPU usage never hovered above 25% which is very good for what I have, a quad core Xeon (a 2.5GHz variant)

What hardware do you have? What CPU? With a regular household there should be no issue, especially since Android/iOS devices will not be using TLS inspection anyways so you would only be using that for Windows/Linux devices mostly.

Also, with the IPS, which uses most of the CPU, it can be tuned by selecting only the IPS rules that you need, such as a LAN to WAN, or WAN to LAN policy. Ect. I hope this helps.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data