This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM for QNAP NAS

First off pardon me if i may not be posting on the right section, and if i'm really not please send me to where i need to post my query. 

 

So i'm happy that i was able to setup/install my home sophos UTM successfully in my OLD PC and play around with it for a couple of weeks. My setup is MODEM <> OLD PC (where sophos UTM is installed) <> QNAP NAS. It was working fine however i noticed that there's really a big reduction with the throughput in any of the VM's running in my QNAP. I have a pretty descent internet connection, like 35-40Mbps download and upload but when i tried to do that(speedtest) in any of my VM it's just around 1-2Mbps so i was thinking of scrapping my OLD PC and install the sophos UTM in a VM in my QNAP and route all the traffic there before reaching my internal network which is mostly VM's as well.

 

Questions are :

  1. Is it possible and doable?
  2. Will there be any difference in terms of speed?
  3. My QNAP has 2 physical adapters, in terms of physical connection, should i connect both of my physical ports to my modem?
  4. I've added the image of what i plan to accomplish, should i configure my virtual switch 1 as bridge?

 

 

Right now, i have really no clue if this is going to work so any help will be much appreciated.



This thread was automatically locked due to age.
  • I have run UTM on a QNAP previously, but it was a bigger unit (TVS-673) with 64GB RAM.  Not sure how much you have in your TS-451+, but you would need to give a minimum 4GB to the UTM VM for it to run well, possibly more depending on enabled features.

    Without knowing the specs of the old PC and what the bottleneck is, it's hard to tell if you may get any speed increase.  If the hardware was weak, IPS could have been resource constrained.  If you're comfortable in the CLI, you can run a speedtest from the UTM as mentioned here: https://community.sophos.com/products/unified-threat-management/f/general-discussion/79286/utm-slowing-down-network-speed.  Also check the items in #7 of the Rulz.

    As far a physical connection, one interface would go to the modem, the other to your inside network. Virtual Switch 1 can be a simple switch, if bridge would pass link state to the VM that would be better, but not necessary.  Big thing is to not run a DHCP server or anything else on the virtual switch, it's not needed and could cause problems.

    I personally wouldn't recommend running UTM on a QNAP if that's going to be your Internet connection.  It complicates updates to QTS and Virtual Station, as you have to bring down the VM to perform some operations, leaving you without an Internet connection.

    -Steve

  • I have limited unhappy experience with a QNAP NAS sitting inside my network behind UTM.   The "Download Station" application is installed and activated by default.  I assumed it was used for product updates, but I eventually learned that it is an implementation of BitTorrent.   

    This became evident when my UTM started throwing ATP alarms because QNAP was trying to connect to command and control sites.   Further review of the logs revealed that QNAP was being detected as a portscanner because it was trying to connect to thousands of different Internet addresses every single day.

    The first time this happened, I retired the unit as infected.   When it happened on a second unit, I talked to a knowledgeable person in their support organization and learned that I was running BitTorrent without intending to do so.   Disabling the application allowed the device to behave properly, as a simple NAS, which is all that I wanted it to do.