This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Security/Drive encryption on bare metal installation

I'm new to Sophos and I want to install Sophos UTM on a bare metal server but have some concerns regarding security and encryption.

If the entire server/drive containing the UTM installation is stolen, would it be possible for the intruder to retrieve information from the server, granted that the admin password is strong enough? I'm thinking about all the saved credentials including VPNs etc that are stored on the drive. Does Sophos have built-in encryption/protection for this?

If running the appliance on a VM, we can do full drive or VM encryption, but I want to run it on bare metal for maximum performance.

Additional, when running on bare metal, how easy it is to recover settings in case of hardware failure? Is it a simple matter of spinning up another factory instance and import backed up configuration files? Does Sophos have built-in imaging based backup utility to make regular backup and restoring to a new server a simple process?

Thanks.



This thread was automatically locked due to age.
  • Hi and welcome to the UTM Community!

    Yes, virtually all passwords are encrypted.  PSKs for IPsec VPNs are visible in the printed configuration as are passwords for anonymizing reports.

    Yes, a fresh install and simply restoring a configuration backup for the same or earlier version as that installed.  When I install a new client, I have backups automatically emailed to them and to our Sophos.Backups@ourdomain online repository.  Some prefer that the backups be encrypted.  There are several options for keeping logs and or copies off the UTM.

    In general, I'd say that these types of questions should be easily answered by a competent Sophos partner.  You will want to establish a relationship with one before you spend money so that you get the right solution for your needs.  Sophos sales can give you a list.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • @

    When one does a fresh install, upon first connection to the webui it asks you to enter various details, organization name, city, state, admin email, and possibly some others. It requests this before the option is given to restore a backup file.

    I believe these are used in certificate creation.  What happens to the certs when a backup is restored? Information from the backup overwrites what is initially entered?

  • Correct, unless you restore from a backup that doesn't include 'Unique site data (license, passwords, certificates/keys, endpoints)'.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA