Newbie Question

Hi All - I am new to Sophos. I am looking to use it at home. I have 2 young boys and I want to get control of our internet prior to any problems occuring. A friend of mine recommended the fortigate FG-60E. It looks great, however, I would prefer a solution that's a little more reasonable. In my research, it looks like SOPHOS UTM is a great option.

The features (use cases) I am looking for are as follows.

  1. Control each device's access to the internet by schedule

  2. Have the ability to get daily reports of each devices internet activity

  3. Throttle devices

I know it does a ton of other things, but those are the main items I'm interested in doing.

My question is, are the use cases above easily accomplished with the sophos UTM home version? Is there a specific make/model for a device that can easily be deployed/installed?

Thanks for the help!

  • 1) Start with XG Firewall instead, which is also available on a free license for home use.   Sophos switched strategic direction several years ago, from UTM to XG, and I do not expect UTM to change much in the future.

    2) Reporting web usage is much more complicated than appears at first glance, because most websites contain many content pieces from many sources.   The web filtering device sees each request, not just the web page.   So it becomes difficult to know which pages were chosen and which pages were loaded invisibly.

    3) The big benefit of web filtering is that bad sites are blocked based before your kids can get to them.  Not just useful for protecting your kids from poor choices, it also protects you from infected websites and clicks on malicious links in an email message.

    As an example, one time a user went to a church website to check directions for a funeral.   But the church website had been infected and it tried to download malware from a Ukranian site.   UTM blocked it, sent me an alarm, and I was able to notify the church.

    4) There are two modes of web filtering - with or without inspection of https traffic  (UTM calls this decrypt-and-scan).   Once an https session is established, the web filter cannot see inside it.   So the fear is that bad guys will use an https session to download bad stuff and sneak past the web filter.   HTTPS inspection uses a man-in-the-middle trick to create two secure sessions, one from the cllent to the web filter, and one from the web filter to the remote site.   This requires setup on each device, and it will break some websites, so it is recommeded not for a newbie.

    Hope this helps.

  • Hi Alec and welcome to the UTM Community!

    While Doug is correct about future development on the UTM vs XG, I wonder if it's a concern in your situation.  In any case, both UTM and XG home versions have the same capabilities as the commercial versions. of the products

    All of the things you want to do are done straightforwardly with the UTM and there's a plethora of advice here in the Community to guide you.  For advice on getting an adequate-but-inexpensive device to run the software, see the last few pages of *Unofficial* Hardware Compatibility List (HCL).  In light of Doug's excellent advice, you might want to read HTTPS Decrypt and Scan FAQ.

    Cheers - Bob

    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA