Which features will still be available after the UTM EOL? Can it still be used but with no more updates, or will the license expire and make the modules not active?
This thread was automatically locked due to age.
I, too, would like to know. It's a shame that good hardware, SG210 in my case, would have to be trashed as e-waste. If possible, I would love to use the hardware in a lab environment. I wouldn't need to use many of the additional features like network, email, web, webserver, and wireless protection, sandstorm, and endpoint antivirus. So long as I can route data, I'd be happy.
Would there be a license that we can apply which would disable those features, along with disabling the Up2Date functionality? Or conversely, enable all features with the specific understanding that the device is for non-production-environment use since it would be susceptible to future attacks because the patterns will not be updated?
You can always convert an SG license to an XG license.
Mit freundlichem Gruß, best regards from Germany,
Philipp Rusch
New Vision GmbH, Germany
Sophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.
I'll add that the migration tool is not even recommended, let alone accessible to home users. If only they could make it accessible to home users within the next 3 years.
Even a final firmware update that disables the activation expiration would be nice to have. But as new security threats emerge, it would not be safe to use such an outdated firewall. So keeping a defunct software available would be a security risk eventually.
Hi Alan, good addon points.
The security issue would not be a problem if the software is simply no longer available for download online. But it would be fatal if all running instances were simply deactivated at a certain point in date or reduced to a minimum functionality without being able to continue to operate everything individually without restrictions.
I would recommend to start evaluating the SFOS platform (aka XG/XGS) now. Then you have enough time to decide.
Mit freundlichem Gruß, best regards from Germany,
Philipp Rusch
New Vision GmbH, Germany
Sophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.
I'm sure SFOS will be a worthy replacement especially within the next three years. By then maybe version 20 will be available.
I recommend Sophos firewall to t others whenever I can as a next gen firewall solution to anyone serious about their security. Thank you to Sophos for offering such a great product for home users. (UTM/XG)
Looks like I'll be moving to one of the *sense options. I need to be able to execute wpa_supplicant to get my isp authenticated. So far I see no way of adding it to XG, so no XG.
Also as mentioned elsewhere, the 6GB ram home user license limitation is significant unless you're running a very basic configuration.
Looks like I'll be moving to one of the *sense options. I need to be able to execute wpa_supplicant to get my isp authenticated. So far I see no way of adding it to XG, so no XG.
Also as mentioned elsewhere, the 6GB ram home user license limitation is significant unless you're running a very basic configuration.
In that case you should check out ZenArmor. The free tier is similar to what SFOS offers but with no malware/botnet protection. works with pfSense/OPNsense.
It looks promising but I'm not giving up my Sophos access point and jump ship just yet. I'll wait to see how affordable the newer access points are when they are released
If you haven't' tried the XG due to RAM limitations, I was using the XG firewall and 6Gb or ram was plenty. With all IPS rules enable and web filtering /TLS decryption, my system was only using around 50% of RAM. just under 4Gb.
I agree the GUI of OPNsense looks very polished. But the features of XG are what would keep me using it. Maybe version 20 will have an improved GUI. The access points are kind of expensive for home users but worth it considering the firewall is always free.
If you want to discuss the flow and life of a packet again, we can create another thread. But we should stay on topic on this thread as well for people reading this topic later.
__________________________________________________________________________________________________________________