Which features will still be available after the UTM EOL? Can it still be used but with no more updates, or will the license expire and make the modules not active?
This thread was automatically locked due to age.
I, too, would like to know. It's a shame that good hardware, SG210 in my case, would have to be trashed as e-waste. If possible, I would love to use the hardware in a lab environment. I wouldn't need to use many of the additional features like network, email, web, webserver, and wireless protection, sandstorm, and endpoint antivirus. So long as I can route data, I'd be happy.
Would there be a license that we can apply which would disable those features, along with disabling the Up2Date functionality? Or conversely, enable all features with the specific understanding that the device is for non-production-environment use since it would be susceptible to future attacks because the patterns will not be updated?
You can always convert an SG license to an XG license.
Mit freundlichem Gruß, best regards from Germany,
Philipp Rusch
New Vision GmbH, Germany
Sophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.
Thank you for the option but I do not believe this is a recommended solution.
From the Sophos UTM/SG End-of-life: Frequently Asked Questions thread:
I may be misinterpreting the effects of migrating to the XG license. If I am mistaken, could you explain the process in more depth? Is there a license level that will enable basic operations in perpetuity?
It depends, if not sure, look here:
Sophos SG: Appliances that are eligible for an upgrade to Sophos Firewall
Link: https://support.sophos.com/support/s/article/KB-000035565?language=en_US
Mit freundlichem Gruß, best regards from Germany,
Philipp Rusch
New Vision GmbH, Germany
Sophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.
We have put together some information on product behavior as licenses expire and the end-of-life date passes and added it to the general FAQ here: Sophos UTM/SG End-of-life: Frequently Asked Questions
Hallo Herr Rusch, das beantwortet nicht die Frage. Es geht darum ob die Software noch weiter benutzbar bleiben wird, auch wenn Sie weder Support noch Updates dazu anbieten.
Das sollte unbedingt seitens Sophos ermöglicht werden, damit nicht Mitte 2026 plötzlich an X Stellen die Funktionalität eines stabil und durchweg laufenden Systems weg ist. Es gibt ja auch tausende von Installationen der HomeUse-Lizenz, die irgendwann mal irgendwo eine EDV-Fachkraft für Familien eingerichtet hat und diese Familien haben kostenpflichtig hunderte von Sophos APs erworben.
Die Sophos UTM ist seit vielen Jahren stabil genug dass sie auch ohne dauerhafte Updates betrieben werden kann und sei es nur für Firewalling, NAT, Webserver Protect und Wireless. Und auch bei mir*: Alleine das Thema mit den Sophos AccessPoints ist in meinem Umfeld riesig.
*Ich kann von geschäftlicher Seite Projekte durchführen dass ich im Betrieb SG-Hardwareinstallationen auswechsele und mit fachkundigen Experten die UTM 9 wechsele zu XG Betriebssystem-Basis. Aber wenn ich noch parallel privat jetzt hergehen muss und alle Freunde, Bekannte und Familien umshiften auf neues SophosOS und ggfls. auch Hardware tauschen, dann bin ich deutlich länger beschäftigt als bis Mitte 2026.
Liebe Firma Sophos ==> Sie sollten deshalb bitte eine Möglichkeit bieten dass man ohne jegliche Garantie zwecks Updates, Support und verlässlichem Schutz einfach eine unbeschränkte Lizenz unter https://myutm.sophos.com/ erstellen kann oder zumindest eine die bis zum Jahr 2040 gültig bleibt.
----
Hello Mr Rusch, that does not answer the question. The question is whether the software will remain usable even if you offer neither support nor updates.
This should be made possible by Sophos so that the functionality of a stable and consistently running system is not suddenly gone at one point in the middle of 2026. There are also thousands of installations of the HomeUse license, which at some time somewhere an IT specialist set up for families, and these families purchased hundreds of Sophos APs for a fee.
The Sophos UTM has been stable enough for many years that it can be operated without permanent updates, even if only for firewalling, NAT, web server protect and wireless. And also for me*: The issue with Sophos AccessPoints alone is huge in my environment.
*I can und will carry out projects from the business side that I change SG hardware installations in the company and change the UTM 9 to XG operating system basis with knowledgeable experts. But if I have to go here at prosumer-side at the same time and switch all friends, acquaintances and families to the new SophosOS and possibly also change hardware, then I will be busy for much longer than until mid-2026.
Dear SOPHOS Ltd. ==> You should therefore please offer the possibility of simply creating an unlimited licence at https://myutm.sophos.com/ without any guarantee for updates, support and reliable protection, or at least one that remains valid until 2040.
I'll add that the migration tool is not even recommended, let alone accessible to home users. If only they could make it accessible to home users within the next 3 years.
Even a final firmware update that disables the activation expiration would be nice to have. But as new security threats emerge, it would not be safe to use such an outdated firewall. So keeping a defunct software available would be a security risk eventually.
Hi Alan, good addon points.
The security issue would not be a problem if the software is simply no longer available for download online. But it would be fatal if all running instances were simply deactivated at a certain point in date or reduced to a minimum functionality without being able to continue to operate everything individually without restrictions.
I would recommend to start evaluating the SFOS platform (aka XG/XGS) now. Then you have enough time to decide.
Mit freundlichem Gruß, best regards from Germany,
Philipp Rusch
New Vision GmbH, Germany
Sophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.
I'm sure SFOS will be a worthy replacement especially within the next three years. By then maybe version 20 will be available.
I recommend Sophos firewall to t others whenever I can as a next gen firewall solution to anyone serious about their security. Thank you to Sophos for offering such a great product for home users. (UTM/XG)
Looks like I'll be moving to one of the *sense options. I need to be able to execute wpa_supplicant to get my isp authenticated. So far I see no way of adding it to XG, so no XG.
Also as mentioned elsewhere, the 6GB ram home user license limitation is significant unless you're running a very basic configuration.
Looks like I'll be moving to one of the *sense options. I need to be able to execute wpa_supplicant to get my isp authenticated. So far I see no way of adding it to XG, so no XG.
Also as mentioned elsewhere, the 6GB ram home user license limitation is significant unless you're running a very basic configuration.
In that case you should check out ZenArmor. The free tier is similar to what SFOS offers but with no malware/botnet protection. works with pfSense/OPNsense.
It looks promising but I'm not giving up my Sophos access point and jump ship just yet. I'll wait to see how affordable the newer access points are when they are released
If you haven't' tried the XG due to RAM limitations, I was using the XG firewall and 6Gb or ram was plenty. With all IPS rules enable and web filtering /TLS decryption, my system was only using around 50% of RAM. just under 4Gb.
I agree the GUI of OPNsense looks very polished. But the features of XG are what would keep me using it. Maybe version 20 will have an improved GUI. The access points are kind of expensive for home users but worth it considering the firewall is always free.
If you want to discuss the flow and life of a packet again, we can create another thread. But we should stay on topic on this thread as well for people reading this topic later.
__________________________________________________________________________________________________________________