Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 6 subscribers
  • Views 6016 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SG210, SG230 or SG310? User calculation question

Wouter Steen Redeker

Hello, 

We are looking for a new firewall. But if I use the calculation, I don't know if I'm do it right. So my question is, do I make the right calculation?

Internet-speed: 500 down, 50 up. 5 externe ip addresses.
Total networks: 5

Network 1: Office
25 Workstations, 7 heavy users (more than 250 mails a day(Office 365)).
25 Phones form employers
25 VoIP phones, max 8 at the same time calling outside.
5 VPN users (home working)
1 VPN tunnel (10~15 users, + MySQL sync every 5 min. + once a day backup(data, 25GB)). They have the SG210. 
Windows FileMaker server (authentication with AD) for all users (25 workstations + VPN tunnel users)
Synology NAS (Time Machine only, 25 workstations) connect with the AD.
Synology NAS for file sharing (25 workstations) connect with the AD.
Synology NAS for backup, this NAS will sync the backups every night too an other Synology NAS to the VPN tunnel

Network 2: Repairs/Testing
±10~15 Mac connected with internet (mostly youtube/webbrowsing/some mailbox updating)
±50~75 iPhones connected with internet (mostly youtube/iTunes)

Installing updates for all devices (4 central points where the updates are downloaded), so this is including into the devices (iPhones/Mac’s) up here.

 

Network 3: Servers
3x webservers with Plesk (total 30.000 visitors a year)
10x Synology NAS for backup from costumers


Network 4: Costumers network
max. 15~20 costumers connected at the same time (internet, mail). 

Network 5: Testing servers
10 virtual machines for testing, mostly for MDM (Apple). In the future we wil use this for manage (MDM) devices for costumers. 

 

If I’m looking at this PDF: utmshop.nl/.../sophos-sg-series-sizing-guide.pdf and calculate with the devices we have, than the calculation is the next:
Workstations: 18x1 + 7x1,5=28
Phones: 25x1=25
VoIP:  8x1? (Max 8 lines out calling at the same time)=8
VPN: 5x 2 (connected all day)=10
VPN tunnel:  ±10~15x2 (connected all day)=20~30
Costumers: 15~20x1=15~20
Webservers: ±80 a day, so 10 at the same time. 10x1,5=15

So totall is a of 120~150… So if we choose for FullGuard, we need a SG310. 
My question is, do I make the right calculation



This thread was automatically locked due to age.
  • 0

    Hey Wouter.

    You should really get a partner involved. They should be able to help you do the math and take in considerations things you might have missed. That being said, SG310 should suffice, based on your description.

    On a personal note, do consider that you are making a commitment with a hardware for at least three to five years (Sophos EOLs devices in five years) and things change very quickly nowadays. New features that require more processing are added, the number of devices grow, etc. Lesson learned the hard way: If there's budget, I always try to get a model higher from what the specs suggests. If not, SG310 should give you some wiggle room for future growth already.

    Regards,

    Giovani 

  • 0

    Hi Wouter and welcome to the UTM Community!

    I wouldn't get anything less than a 330 based on your post because there are too many unanswered questions.

    This sizing tool is meant to be used by an experienced reseller, so I agree with Giovani that you should get several reseller recommendations from Sophos Sales.  Then, check with the resellers' customers about how the reseller performed in recommending a unit that wasn't dramatically overpowered, but still had enough capacity for growth in requirements over the next six years.

    Once the reseller has made a recommendation, they have "skin in the game" and will be more likely to be sure that you get what you need.

    It seems that you are in a situation where you should have a second unit in Hot-Standby.  There is no additional licensing cost for this.  You should also discuss this with your reseller.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML