Hi All,
I migrated my home box from MR7 to v17 and all good.
In my case, the IPS did not start automatically after the reboot.
The other thing is the UI is faster than v16 but the Network menu is very slow compared to the others. I have only 2 NICs and 2 VLAN.
Last thing, where is the policy test?
Hi All,
in my personal opinion i will change:
- NAT and WAF Rules on different pages. Firewall ACL is another security concept
- on Dashboard no Health status about Power redundancy
- on Dashboard no Health status about disk, or mirror disk. Only one way to discover problems is to go on DataCenter room and listen to the alarm...
- on Dashboard on Web Hits, we would see the number of HTTPS connections and HTTP
- We need a full log export, in case on Deep analysis on Forensic analysis. Reports are goods for Executive and for POC but you partner need to be able to answer who did what,when, wich protocol and wich port where used.
- IPS Engine/Policy. If you need to exclude a single signatures only for a restricted number of users/pc you need to create two rules and play with priority: ok, but if you are on middle market customer how many rule you need to do to secure the customer? This is the same for Application policy
- About metrics, decide to Use Kbit (kb)or KByte (KB), but with the right Sintax.....If you play whit BWM too many misunderstanding on the GUI and Documentation
- Help us with O365 creating an Hidden Feed RSS to automate the download and the population of O365 IP/FQDN service to exclude from Proxy. Too many errors and problems about it.
Thanks
I have always complained about the static gui. It shows very limited information and most of it is not important as a snapshot. Also completely agree with kilobit and kilobyte problem. It is really not that difficult... ALL live traffic including QoS rules should be in kilobit/mbit since we get the traffic from our ISP in kilobits/megabits and our network cards are also in megabits/gigabits etc. However the aggreagate traffic, like how much traffic did TOM use or the total amount of traffic should always be in kilobytes/megabytes etc. Maybe v18...
Edit: On a side note, I have a different bug report about the firewall passing all traffic as soon as it is connected to the network. Did you guys know about this behavior? It has been there since v16[:#] https://community.sophos.com/products/xg-firewall/sophos-xg-beta-programs/sfos-v170-beta/f/sfos-v170-beta-issues-bugs/96108/bug-firewall-starts-passing-all-traffic-before-running-the-wizard
Ben,
A large portion of home users more than likely jumped to XG due to only having a CPU/MEM limit and not an IP address limit. Couple that with the popularity of IPv6 was an extra push to go to XG. I have been using UTM(SG) for quite some time with the 50 IP address limit and in doing so I have had to refrain from enabling IPv6 among a few other things. Keep in mind under UTM one IPv4 address plus one IPv6 address counts as two IP addresses against the home license. In todays home network the 50 IP limit can be exhausted rather quickly.
Home User running UTM active
Home User Following XG with a VM for testing and praying.
-Ron
[:D][:D][:D][:'(]rrosson said:Home User running UTM active
Home User Following XG with a VM for testing and praying.
For home users, sophos has great offerings and the clear winners are sophos UTM and sophos XG. Resellers are having trouble because they were given an impression that SG was going to be EOL when copernicus/XG was first introduced. They sold the newer XG firewalls because that made more sense and users demanded XG due to aggressive marketing. Its mostly water under the bridge but some of those resellers look like complete liars now two years after initially deploying XG.
I agree with Billybob.
XG and UTM can be used at home with no big missing features. Here the discussion and the moods are about XG that is not an Enterprise Ready Product even if it received several awards. Benchmarks use fixed tools and technique to test appliances but the real feedback is the field, the customer and threats.
lferrara If you are a home user, a geek, and/or someone who works in the cyber security field this can go either way. In my case I am all three. :) I am not a huge fan of the cloud based e-mail systems, the free or low cost hosting providers so I host my own internet presence behind my UTM to protect my assets. So the things I still see lacking in XG in no specific order are:
The above are just to name a few that I have on my laundry list of what i am watching for in XG before migrating from my trusty UTM. My biggest driver as a home user is the UTM license of only 50 IP addresses. Both UTM and XG have issues dealing with how Comcast hands out its IPv6 addresses for both a home and business class internet connections.
-Ron
Ron,
I am a Security Specialist. In my case, I follow different brand because when you perform auditing, you need to deal with different brands. I am on the community when I have free time, during the night to give my feedbacks, impressions from what I learn from the IT field. XG can work as home SOHO appliance but not in certain environment where the basic features are obvious....
XG is still far away from this approach and for well-organized OS.
Me and many others are here because we have passion in our job and passion in Sophos but with the way things are, passion is ending. I know Sophos since 2008 and since then I helped the Support to improve SEC, Pure Message for Exchange and SEA later...then I moved to UTM Astaro and now on XG but as I said already, my passion is ending!
Me and many others are here because we have passion in our job and passion in Sophos but with the way things are, passion is ending. I know Sophos since 2008 and since then I helped the Support to improve SEC, Pure Message for Exchange and SEA later...then I moved to UTM Astaro and now on XG but as I said already, my passion is ending!
