Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 35 replies
  • Subscribers 12 subscribers
  • Views 18524 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM (Home) EOL and moving over to Sophos Firewall... options?

vicegod

Hello there...

Apologies if there is already a thread of this type... search didn't seem to find anything.

So UTM has a EOL announcement and I'm not here to bleat.

I've been using UTM Home for over 10 years so its kinda baked into my network with many many years of tweaking etc. It works. I can gladly say I have never had any compromised systems in this time.

The "new" Sophos Firewall was presented to me by a vendor/sophos team a few years ago as a suggested migration and try out. I wasn't impressed when I looked at it a few years ago and didn't feel like being a guinea pig for a system that could have an impact of a functional home system with "working from home" aspects too.

I have since had a good look over a Sophos Firewall demo site and had a browse through most of the options. Functionality in all the basics seems to be there, just a matter of finding it. Its another learning curve I suppose I may need to undertake.

So options???

Any comments suggestions etc from the long time users of UTM who have made a transition?

Regards
Craig




[locked by: emmosophos at 3:34 AM (GMT -7) on 9 Aug 2024]
  • 0 in reply to vicegod

    Kinda...

    I am with Opensense right now. But it's a BIG mess in comparison to the UTM.

    Logic Fails with interfaces , too complicated in areas. and so on.

    so many ways to solve things are just not logical there or split up in to many areas.

    so i hope after the Sophos UTM 9 is "dead" that there is some sort of "fork" .

    but i guess i'll take the pain right now, because i dont wanna end up with another company like Sohpos anymore

    and stay with open source.

    but it is indeed pain in the a......

  • 0 in reply to WolfgangS

      

    I see from one of your previous posts that you use intrusion prevention. With the UTM, you can terminate SSL with the WAF and IPS can then scan the unencrypted traffic. I can verify that it works really well for ingress traffic and it doesn't require installing a cert on the client computers. However, from what I've read, you cannot do this with *sense because the only IP you will be able to block is the IP of the firewall, itself. Do you know if what I said about IPS and *sense is still true? This is the main reason why I haven't bailed on Sophos, yet.

    --------------------------------------------------------------------
    Sophos UTM 9.719-3 - Home User
    Virtual machine on Dell Optiplex 3070
    i3-9100 @ 3.60 GHz, 16 GB RAM
    --------------------------------------------------------------------

  • 0 in reply to Jeff x

    Hi Jeff, 

    i am sorry,  but i have not reached the point of IPS testing.

    Still battle with VPNs, interfaces, rules, NAT and so on.

    after that is done, i am going over to IPS, Mail proxy and stuff.

     

  • 0 in reply to vicegod

    See  RE: Thank you for all the good times

    Anyone else gone this way > OPNsense + Zenarmor ?

    Been reviewing Tech Tutorials - David McKone and seems like a solution... new learning curve, but okay Slight smile

  • 0

    Zemarmour has a paid home option and a "free" version...

    Has only 1 Policy (Home has 3)... but this should be more than enough for most situations. A DNS PiHole can be added to manage the additional URL blocking.

    Device blocking would need to be at a firewall level from what I see, unless you used a Home version.

Unfiltered HTML