This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is a limit of 50 IP addresses still realistic for home use?

I've recently started using a UTM 9 home license on a small firewall appliance (Intel J1900-based). It's working well, and I'm definitely a fan. However, I'm immediately running into the 50 'user' (really IP address) limit.

We're a typical family of three, admittedly a gadget-heavy household, but not ridiculously so. I expect that's likely to be a common trait of anyone sophisticated enough to want to run Sophos UTM 9 at home.

In short, I've exceeded the 50 IP limit by over 10% without even trying. Which surprised me at first, when I started counting the devices I've added to my network over the past few years, sure enough, the count was correct. For example: three eero WiFi units, 5 small 'web smart' network switches (i.e. each has a web interface), A/V receiver, four DVRs, two HDHomeRun Prime network tuners, two smart TVs, a Sonos system, a printer and an all-in-one, standalone doc scanner, two Nest thermostats, the main '24x7' Linux server, plus a small Synology and Qnap NAS, Xbox 360, nVidia Shield TV, security camera, sprinkler controller, SmartThings Hub, Roomba ...that's 32 IP addresses, before we even start talking about laptops, tablets, smartphones, kindles, etc. Even my Smartwatch requests an IP address...

As I understand it, the Home license allows 50 IP addresses, period. The only way past that limit is to purchase a commercial license, whose costs runs to four digits for even a subset of the functionality provided in the home license. If that understanding is correct, either I have to work around this limit by putting some devices on a NAT'd subnet (which seems counter to the spirit of the license), or give up and go elsewhere. Which would be a shame, the only other negative I've come across is the complete lack of UPnP port forwarding (yes, I fully understand the controversy - but believe it's a solvable problem).

I see the value being offered, and would happily pay to increase that limit to 100 or 150 IP addresses (say $99 or $149?). I'd rather not pay a subscription personally, unless it's significantly less per year. But I don't have either option, it seems.

Thoughts?

- Paul



This thread was automatically locked due to age.
Parents
  • After 2.5 years (Thanks Sophos!) of using UTM9 for Home Use, I am now exceeding the 50 limit.  For me, it is ip cameras and wemo switches causing the greatest pain.  Media streamers are next in line.  I totally understand the limit and appreciate what Sophos does.  The reality is that I will have to move to another platform soon because I can't justify a business license.  I have a lot of time invested in getting everything working while keeping it as secure as possible.  Like others, I would be willing to pay something but that small amount of money doesn't change anything for Sophos.  I get that.  So I guess my question is if anyone has insight at Sophos to know if this topic is known and if there is any chance they are considering something.  If not, I have enjoyed it and will have to move to something else soon. 

  • If these are wireless IOT devices, perhaps using a consumer grade router/ap might be the ticket.  As far as utm is concerned it's only doling out a single IP even though you may have a dozen clients behind it.  Maybe configure the router so there's full access lan<>wan?

Reply
  • If these are wireless IOT devices, perhaps using a consumer grade router/ap might be the ticket.  As far as utm is concerned it's only doling out a single IP even though you may have a dozen clients behind it.  Maybe configure the router so there's full access lan<>wan?

Children
  • Thanks.  I understand that option.  However, I have three APs that serve all wireless needs.  One IOT AP would not provide the necessary coverage.  I also am very uninterested in playing games to circumvent the 50 (55) IP limit.  While a double NAT on Wemo switches may not be a big deal, it is just unneeded complexity.  I could use the resources (time and money) to just transition to a decent router that supports the number of IP addresses I need.

  • Couldn't agree more.  This is precisely what lead me, in a home environment, to pursue a replacement to Sophos UTM.  Candidly, IMO Sophos XG Home is still a bit too immature for me.  Understand it's all a matter of opinion and personal preference.  Needless to say, I went with an established competitive offering for which I willingly pay a minimal annual fee and haven't looked back.

    Again, I appreciate Sophos business model is geared towards business.  Certainly not criticizing this.  Inevitably, I was willing to pay an annual subscription to not have to cobble together workarounds to game the system.

    In event Sophos offered such an option in the future, I would certainly consider returning to their platform.