What's new

Hardware Sophos Home Firewall or pfsense

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

techfranz

Occasional Visitor
I am looking for recommendations on a good dual nic box ready to go. I am leaning towards Sophos because of their name recognition.
  1. Are the mini ITX boxes on Amazon any good?Which is better pfsense, Sophos, openBSD or some other?
  2. Which has the best free content filter?
  3. Some of the boxes have WiFi antennas.
  4. Can these be used to transmit?
 
Last edited:
I am looking for recommendations on a good dual nic box ready to go. I am leaning towards Sophos because of their name recognition.
  1. Are the mini ITX boxes on Amazon any good?Which is better pfsense, Sophos, openBSD or some other?
  2. Which has the best free content filter?
  3. Some of the boxes have WiFi antennas.
  4. Can these be used to transmit?
Franz,

I like both. Pfsense is free, has great support, and is BSD based. It is easy to figure things out and basic set up is easy and informative to use. There is a ton of useful information on there forums if you run into issues. And if you want Professional Support, its on there site at a very reasonable cost for SMB's.
I tried out Sophos and the interface is clunky but the features are top notch. It take awhile to really get into the interface but once you figure things out...it is by far the better Enterprise solution.
As far as the mini ITX boxes on Amazon...be careful. Some work, some don't. I bought hardware directly from the Electric Sheep guys...top notch hardware and support.
Sophos is expensive but for what you get...it does an outstanding job! Sophos is always top rated when it come to their Security...and from every one that I know that runs them...they do the job very well. If you have the funds to buy a UTM...go with Sophos. If you are on a limited budget, PfSense can't be beat.
I hope I at least pointed you in the right direction?
 
Thanks, I will check out the boxes from electric sheep. Have you tried the free Sophos software firewall?https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx
Franz,
I use the Sophos home for my home.
|It is excellent.
The learning curve is semi-steep but google and the Sophos forums are you friend.
The main reason I chose it over pfSense is because it is more secure.
By default most home level FW's assume traffic originating from the inside is secure & allows it to traverse out to the internet. Thus opening the return port for a response from wherever your local device "phoned home".
However the idea that every pc/cell phone/xbox is virus/malware free would be woefully incorrect.
Thus once you have an infected device on the inside and it calls back to HQ for whatever nefarious reason the average router & FW will just let the devices talk assuming that since it started from inside it must be legit.

Sophos however requires you to punch pin holes through. Much more secure and I can tell it exactly which device can do what to the outside.
There is also the inline IPS which is functional in Sophos.

There is a device limit for the free version but it is an outstanding product that I fully endorse if your willing to take some time to learn/configure it. It is the most robust FW I have used outside of enterprise Cisco ASA's. Very similar actually.

Oh and another suggestion would be to instead or at least consider building your own with an older/spare pc you probably have laying around. That's what I did.
Put 2 NIC's in it (1 for WAN and 1 for LAN) but you can add more NICs for DMZ's or multiple LANs.

Enjoy whatever you choose!
 
slidermike, I tried the free Home Sophos UTM and it is great...but it does, as you stated, have a steep learning curve. But the features and the security it provides is top notch. I believe you can only have up to 50 IPs on your network...which for a most homes is plenty..unless you have 4 people in the house who own 4 devices each and your networking device, wifi access points...etc..can fill up you alotted IP's very quickly. For a Free UTM...I know of no better unless you start getting in to the Enterprise price range and the complexity to go with it...(headache)
PfSense, for home or small business is great. I deploy it at home and at clients sites. Now like any Gateway/Firewall/ Security Device it has its quirks. But for free it can't be beat. You have a plethora of options to run on it..Snort, Proxy, Cache Server, Radius, etc...there are a ton packages that can be installed (just to name a few).
Sophos is the better between the two for security, but for the amount of options you get, pfsense is the one I chose. ( Biased)
Just make sure you have a decent machine with at least 2 nic cards (Wan, Lan). If you want to have wifi access point built in the machine, Pfsense has that covered as well.
But both of these are great options for home and small business. Good luck and would love to hear how you have yours set up slidermike...becasue I got so frustrated with Sophos...I went back to PfSense for its ease of use...I have been wanting to give Sophos a try again. Maybe you can guide me on my set up...cause I about threw it out the window after about 3 hrs...lol..( not very patient)
 
Sophos and PFSense are two very different firewalls...with different purposes.

PFSense is like a "Ferrari"....(assuming it's on good hardware)....it's lean, mean, very fast, excellent traffic shaping and quality of service features, good VPN performance, overall simply a very fast and (assuming on good hardware)..very stable.

Sophos is a UTM...a Unified Threat Management firewall. It has built in antivirus and antimalware modules, and spam filtering, and web content filtering. Yes...with PFSense you can sort of/almost/kind of make it a partial UTM....by installing some add-ons. But quite frankly...most of those add-ons aren't very good. True UTMs like Sophos or Endian or Untangle or ClearOS or Simplewall or have good modules to begin with.

We work with Untangle a lot...we're partners with them and have a lot of clients using their product. However I've played with most of the *nix firewalls out there...and I do like Sophos a lot (back when I was using it a lot it was still Astaro). Very nice and polished product. They were pushing me hard to sign up as a reseller.

We also use PFSense....on little Netgate appliances. We have one of our larger clients on it..they have traveling "mobile" branches that go all over the country, and setup their mobile "trailer office" to VPN back to the main central office. All of their locations are on PFSense units.

As for what hardware to install them on...it's best to check in their user forums first....I can recommend using good standardized Intel based chipsets (remember...these run on older version of some flavor of *NIX....so you want hardware that is supported well). With many UTMs...since they push the NICs hard...you want better hardware controller based NICs. Intel usually. But don't assume the latest "mini" versions will always be supported...these little mini-itx boxes are coming out with new chipsets all the time. Check the user forums for the distro you're looking at.

In the mean time, for your own "testing"...snag some older business grade computer, a small form factor, slap in a PCI or mini PCIe NIC...combined with the onboard....and install a distro just to test and play with. Keep trying different distros. Once you find one that you like...now go find some hardware that supports it well (based on researching in their forums)..and purchase something. Less of a chance of wasting money...then buying any old piece of cool looking mini hardware appliance..and then trying to install the distro you want and find out it won't work on it.
 
Question here for the experts in VM's: I'd like to run Sophos UTM on a laptop, which of course only has one NIC; but if I ran the Sophos UTM in a VM, could I then use TWO nic's that I would create with USB-NIC connectors? These TWO NICs would be viewable from the Windows 10P laptop (say, or I could also load Ubuntu Linux tho I aam not familiar w/ Linux). Then somehow link the VM's NIC s to these USB-NIC's .
If this is feasible in principle, any hints /suggestions would be appreciated
 
I have not run sophos utm in a virtual machine but, I do have it running on a Zotac mini PC. I am using a USB 3 nic adapter for my WAN interface. One internal NIC for LAN and the other is for admin access. I needed 3 being I have it running as a transparent firewall between modem and router. There are several posts on the sophos forums where people are running in a VM also.

Sent from my Pixel using Tapatalk
 
I have not run sophos utm in a virtual machine but, I do have it running on a Zotac mini PC. I am using a USB 3 nic adapter for my WAN interface. One internal NIC for LAN and the other is for admin access. I needed 3 being I have it running as a transparent firewall between modem and router. There are several posts on the sophos forums where people are running in a VM also.

Sent from my Pixel using Tapatalk

Thanks! I will check their forum, and maybe I'll just try and run Sophos on a laptop with TWO usb nic's - which brand of usb nic did you use or do you recommend?
 
I used the J5 brand from a local Best Buy because they had it in stock. The model I bought is a USB 3 hub and NIC all in one but uses the same asix chip which is supported in the Linux kernel as the model without the hub.

Sent from my Pixel using Tapatalk
 
Just a note also, the Sophos UTM 9.4 did not activate the USB nic during install . The device was detected and I had to enable it in the admin interface before I could use it.

Sent from my Pixel using Tapatalk
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top