This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Red Modes

Lots of info on this but I want some clarity.

 

In Transparent/Split Mode....

1. You get no security benefits from the UTM's web filtering or firewall?

2. The term "Split" means only traffic designated to and from your private network is sent though the RED?   

3. Why on earth is there not an option to have a transparent connection that routes all traffic to the UTM, allowing private traffic in and out of the network and internet traffic filtered by the UTM, without the need to change client IP addresses? (?Transparent/Unified?) ... Is there something i'm missing that makes this not possible?

 

Any help understanding would be greatly appreciated !

 

-Steven



This thread was automatically locked due to age.
  • Hi, Steven, and welcome to the UTM Community!

    The advantage of split is that inbound traffic from the Internet comes through at your full download speed instead of at the upload speed of the Server side of the tunnel.

    The advantage of Unified is that the remote network appears to be a network local to your UTM.

    Are you using a RED device or is this a tunnel between two UTMs?  What will be the advantage of connecting the two sites?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thank you for the reply Bob.

     

    Here is what I would like to achieve. A transparent tunnel from the Site1 to Site2. Site has the UTM and Site 2 the RED. Services like AD, DNS, DHCP, ect. are passed between the two sites. This would keep the IP address schema from changing at Site 2. Internet traffic would route back through the RED to the UTM and be filtered through web protection.

    What I think i'm starting to see here is that another UTM is needed at Site 2. If that is the case did I just waste money on the RED 50? I could have just purchased another UTM and setup IPSEC between the two...right?

     

    Thanks again!

  • I always recommend an SG 115 with a 3-yr Network Protection subscription.  It's cheaper over six years than the RED 50 with warranty extensions.  It's also more flexible.  Since you want the traffic to all come back to the UTM, there's no real advantage to rethinking this though.  Just go with Unified and you'll be fine.

    One advantage of the RED is that you have the option of bridging the reds# virtual NIC with your Internal network.  This is really convenient if you have folks going back and forth with laptops.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA