Advisory: Sophos Endpoint - "Your connection isn't private" We're aware of a certificate issue and are actively working to resolve. Please see: KB-000045954 for the latest updates.

Still don't get it, no replacement on market for UTM 9

Sophos, (sry for the bad english, no native speaker here)

why the heck do u kill this excellent product in favor for your XG whatever product, which is miles away from the UTM 9 instead putting all efforts in getting the UMT9 up to date ?

i can't get it. it's ridiculous.

after playing arround with XG , pfsense , untangle and how all this other crap is called, NOTHING comes close to the UTM 9, NOTHING !

and i don't say this because i don't wanna learn a new system, it's just the lack of features in those systems and logic how things are sorted.

What's wrong with u people to drop the UTM 9 ? Sryl ?!

I can't understand those management guys  and if i would be in charge, i would fire those guys.

geez it's just unbeliveable annoying how bad all those other firewalls are, expect the enterprise ones,

which are a simple no go for soho , mid size business , and so on.

i am so mad right now.....



e
[bearbeitet von: WolfgangS um 11:28 PM (GMT -7) am 27 Aug 2023]
Parents
  • I fully understand what you mean.

    Honestly speaking, some of the points given by Sophos are valid.
    UTM is heavily based on linux and especially iptables as filtering engine.
    Since it's creation the linux world has moved on, today ebtables is the natural choice and iptables considered legacy.

    I wonder how many of the nice Astaro Karlsruhe folks are still around and capable to build such a GUI for ebtables on the UTM, maybe many of them are retired (it's 20 years), frustrated or moved on t another company.

    What's disgusting me most is the special kind of rudeness Sophos uses to place their new product.
    This is something i'd probably tolerate (not welcome anyways) in the open source world, but not with a product you are expected to pay (ten)thousands of Euros for.

    There is another thread "unwanted parenting" which also expresses this. Cutting off functionality (mail) and forcing the user to the cloud (after all Sophos is non-EU and in a country being part of the five eyes) is an absolute red flag.

  • What does the 5 eyes have to do with anything? Are you alluding to Sophos purposely creating vulnerabilities, like how the UTM offers 4096 bit Diffie-Hellman key exchange for the remote access VPN, while the XG maxes out at only 2048 bits which I'm sure not many people would notice, but I did and no explanation was given about why the 4096 bit key exchange isn't available in the XG. I was always interested in knowing why. I'm not a cryptologist, but I would assume that in cryptology, more bits is better than less bits.

Reply
  • What does the 5 eyes have to do with anything? Are you alluding to Sophos purposely creating vulnerabilities, like how the UTM offers 4096 bit Diffie-Hellman key exchange for the remote access VPN, while the XG maxes out at only 2048 bits which I'm sure not many people would notice, but I did and no explanation was given about why the 4096 bit key exchange isn't available in the XG. I was always interested in knowing why. I'm not a cryptologist, but I would assume that in cryptology, more bits is better than less bits.

Children