Hello everyone. I'm brand spanking new to the concept of UTMs in general and Sophos in particular; but I'd like to use it to protect my home network. I'm about to purchase a barebones mini PC to use for installing SOPHOS UTM Home edition on it. However, before I pull the trigger on my purchase, I'd like to ask a couple of questions to be sure I have the right idea and am getting the right gear. First: the requirements listed in the PDF instructions say 2GB of memory is required, but I'm getting 4GB, as per the recommended specs (I read that somewhere). However, I've been hearing of some people recommending 8GB. Is that what I really need? I'm fairly new to the idea of a DMZ also. I'd like to eventually run my own email server for privacy reasons, and I've heard a DMZ is useful for that...but I'd need DynDNS services and even though I'm using a VPN, I'm still uncertain of how secure DynDNS services may or may not be. Anyway, do I HAVE to have a DMZ for an email server later? (This is important because it could mean I will need 3 ethernet ports instead of 2, and therefore a different machine). Solid State Drive or Traditional Hard Drive for the UTM...or does it matter? Finally: Where on the network will the UTM sit? Currently I have the following setup: Incoming line---> Modem (set in passthrough mode)--->Wifi Router (with firewall, DHCP, and MAC rules)---->Various sundry devices (phones, PCs, tablets, etc.) I saw in similar question here that an expert advised disabling DHCP and the like from someone's router and letting the UTM take over that duty, since it will be better at it...but I'm not sure if the WiFi signal on the device I'm purchasing for the UTM has the broadcast strength/reach for the rest of the house to access it. So, would it be possible for the UTM to sit between the Modem and the Router, with the UTM doing Firewall, DHCP, and MAC filtering (can it do MAC?)--and just have the WiFi router act sort of like a WiFi access/switch (if that's even possible)? I'm sorry for all the crazy questions...but a lot of these details are going to dictate what I purchase (and I DO need to purchase it soon!). For all those who take the time to answer, THANK YOU so much in advance!

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM device...hardware questions, where to deploy, and do I need DMZ?

Hello everyone. I'm brand spanking new to the concept of UTMs in general and Sophos in particular; but I'd like to use it to protect my home network.

I'm about to purchase a barebones mini PC to use for installing SOPHOS UTM Home edition on it. However, before I pull the trigger on my purchase, I'd like to ask a couple of questions to be sure I have the right idea and am getting the right gear.

First: the requirements listed in the PDF instructions say 2GB of memory is required, but I'm getting 4GB, as per the recommended specs (I read that somewhere). However, I've been hearing of some people recommending 8GB. Is that what I really need?
I'm fairly new to the idea of a DMZ also. I'd like to eventually run my own email server for privacy reasons, and I've heard a DMZ is useful for that...but I'd need DynDNS services and even though I'm using a VPN, I'm still uncertain of how secure DynDNS services may or may not be. Anyway, do I HAVE to have a DMZ for an email server later? (This is important because it could mean I will need 3 ethernet ports instead of 2, and therefore a different machine).
Solid State Drive or Traditional Hard Drive for the UTM...or does it matter?
Finally: Where on the network will the UTM sit? Currently I have the following setup:

Incoming line---> Modem (set in passthrough mode)--->Wifi Router (with firewall, DHCP, and MAC rules)---->Various sundry devices (phones, PCs, tablets, etc.)

I saw in similar question here that an expert advised disabling DHCP and the like from someone's router and letting the UTM take over that duty, since it will be better at it...but I'm not sure if the WiFi signal on the device I'm purchasing for the UTM has the broadcast strength/reach for the rest of the house to access it. So, would it be possible for the UTM to sit between the Modem and the Router, with the UTM doing Firewall, DHCP, and MAC filtering (can it do MAC?)--and just have the WiFi router act sort of like a WiFi access/switch (if that's even possible)?

I'm sorry for all the crazy questions...but a lot of these details are going to dictate what I purchase (and I DO need to purchase it soon!). For all those who take the time to answer, THANK YOU so much in advance!

This thread was automatically locked due to age.

0 DouglasFoster over 7 years ago

On email: check with your isp. They should block port 25 for home users, since its primary usage would be for spammi g from zombie pcs.
Cancel
Vote Up 0 Vote Down

Cancel
0 DouglasFoster over 7 years ago in reply to DouglasFoster

On DMZ for incoming connections: always wise, never required.
Cancel
Vote Up 0 Vote Down

Cancel
0 DouglasFoster over 7 years ago
On the substantive question: There are four possible network positions for UTM

At the perimeter as a firewall

On a bridged path to the firewall

On a routed path to the firewall

Not on the path to the internet (Standard proxy functions only)

I assume your WiFi Router is also a firewall. If you put it in front of UTM, you can only implement the last option (which can be very useful). If you put it in front of your WiFi Router, you will be implementing the first option. For either of the middle two, you would have to acquire another firewall.

I suggest you read my "UTM Architecture" post, recently added to the UTM Wiki:

https://community.sophos.com/products/unified-threat-management/w/utm-wiki/13/read-me-first-utm-architecture
Cancel
Vote Up 0 Vote Down

Cancel
0 B. H. over 7 years ago in reply to DouglasFoster
Mr. Foster (and others!):

I took a look at your Wiki post, and that helped a bit with regard to understanding how the UTM actually works.

If I knew that the Wi-Fi broadcast capabilities of the barebones PC I'm buying was strong, then I'd simply replace my WiFi router with the Sophos UTM (although I'd hate to do so; I spent money to invest in a pretty good one and it's only just over a year old). However, I think I have only two possibilities for my UTM:

At the perimeter as a firewall. In this case the UTM is guarding traffic back and forth to the Internet...but in theory, someone could hack into the wireless access point of the router and gain access to the network.

Behind the router, acting as a "guardian" proxy. In this case, someone could breach the router either wirelessly or from the Internet...but the UTM would (in theory) deny them entry to my network, so all they would gain is free Internet access.

Did I miss anything? If I've assessed this correctly, I'm thinking that the second option would be the better choice. Does that mean DHCP duties should be given to the UTM now?

Thanks again.
Cancel
Vote Up 0 Vote Down

Cancel