[quote user="generaltab"]Hello, I'm looking for a small dual Ethernet machine on which to run Sophos UTM Home Edition. Any recommendations? [/quote] You just need to find a simple, small "firewall appliance" or a "firewall computer" that is intel-compatible with at least 2 NICs, and preferably up to 4 cores and 6GB of RAM. They can come "barebones" or with RAM and an SSD installed. They are usually fanless, so they make no noise. There are a lot of great affordable options available for under $500. Many are under $300. Several here recommend Qotom Q Series . I like the Protectli Vault . I have also used ZBOX Nano , which other users here have too. You can also ask around. If you have an old intel-compatible computer laying around or have one donated to you, it can work as long as it meets or exceeds the specifications above. Im sure you will find something you like that fits your budget.
↧
Forum Post: RE: Hardware recommendation for UTM Home Edition
↧
Forum Post: RE: Hardware recommendation for UTM Home Edition
That Protectli Firewall appears very underpowered for the price. I wouldn't go with any model with 4Gb of ram unless it was upgradeable to 8Gb.
↧
↧
Forum Post: RE: Avira up2date error: Is there any solution?
I have the same issue. After got the new V17 appliance, and install the V16.05.8 MR-8 firmware, the issue happened... I have tried to modify the "/content/u2d/pattern" & "/var/savapi" and update XG pattern. But both of them didn't work. The firewall is online and for service already, so I can restore to the V17 firmware... I open a case, and support team help me to resolve the issue. But support team can not share steps to resolve this issue, reason is there is a patch available for this issue and only development team have all details about it. It so sad... Shunze
↧
Forum Post: 80040406 Delivery failed for software subscription.
Hello, I have this error "80040406 Delivery failed for software subscription. Access to the source update location is denied or the location is otherwise unavailable." on my SEC. The Update was working bufore, the problem was caused by a disk space issue, and I have extended the disk space, empty folder WORKING and WAREHOUSE, stopped and started the update manager service, but still I got this error and could not get the update. Here are the errors I found in the SUMtrace log: 2018-01-08 09:42:31 : EventLog: 3758112773 1 Inserts:> "WarehouseListData: Failed to read customer file content." 2018-01-08 09:42:31 : Cmd-ALL WarehouseListData: Failure loading customer file content. Attempting to read backed up customer file... 2018-01-08 09:42:31 : EventLog: 3758112773 1 Inserts:> "WarehouseListData: Failed to read customer file content." 2018-01-08 09:42:31 : Cmd-ALL WarehouseListData: Failure loading customer file content. Attempting to read backed up customer file... 2018-01-08 09:42:31 : EventLog: 3758112773 1 Inserts:> "WarehouseListData: Failed to read customer file content." 2018-01-08 09:42:31 : Cmd-ALL << [E4005][WarehouseListData: Failed to read customer file content.] Decode operation failed. Details: WarehouseListData: Failed to read customer file content. 2018-01-08 09:42:31 : Cmd-ALL << [E400D][ActionDecodeEverything-SDDM][DispatcherPrograms-2018-01-08T01-41-35-1] Action 'ActionDecodeEverything-SDDM' with caller 'DispatcherPrograms-2018-01-08T01-41-35-1' failed! 2018-01-08 09:42:31 : Cmd-ALL << [I1021][ActionSelfUpdate-SDDM][DispatcherPrograms-2018-01-08T01-41-35-1] Action 'ActionSelfUpdate-SDDM' with caller 'DispatcherPrograms-2018-01-08T01-41-35-1' started... 2018-01-08 09:42:31 : Cmd-ALL << [I1017][ActionSelfUpdate-SDDM][DispatcherPrograms-2018-01-08T01-41-35-1] Action 'ActionSelfUpdate-SDDM' with caller 'DispatcherPrograms-2018-01-08T01-41-35-1' could not execute. 2018-01-08 09:42:31 : Cmd-ALL << [E400E][DispatcherPrograms-2018-01-08T01-41-35-1] Event with dispatcher ID 'DispatcherPrograms-2018-01-08T01-41-35-1' failed to execute. Could you please give some suggestions on what else I should check to solve this problem? Thanks Peter
↧
Forum Post: Installation fails while updating - Windows Pro 64
I installed Sophos Home on another PC with no problems, but while trying to install to my other PC or to a Microsoft Surface, the install seems to work, but it hangs while downloading updates. After install, the update process starts, then stops at about 85% or so. Hours later, the update process is still at the same mark. Canceling the install via task manager stops the install, but now the program doesn't work (gives a "restart" message, but restart does nothing). Also, the program cannot be uninstalled. This is a really good program when it installs :~(
↧
↧
Forum Post: Multi Tenant Site to Site RED
Hi All, I have a small Datacenter with an SG210. I have some (around 20) clients with SG units at their location. I have created site-to-site Red tunnels for my own use, but never for multiple tenants. I've got the following to answer: Looking for a "rinse and repeat" strategy so that one I get one done, I just "rinse and repeat" Some of my clients Internet/LAN are the same, eg. 192.168.1.0/24 Can I possibly bridge the RED tunnel to a VLAN on the DC Sophos Has anyone done this ? Does Sophos has a consulting department that architect this ? Thanks in Advance, G
↧
Forum Post: RE: Firewall Rules and NAT in XG
My opinion: Confusing (to be polite). Uselessly complicated. Certainly not on-par to the rest of the industry. The philosophy to have NAT not part of an object but rather part of a rule is a big mistake. My 2 cents. XG will be great 3 years from now. Paul Jr
↧
Forum Post: RE: Visited pages log
None can help me?
↧
Forum Post: RE: Internet with Single WAN to Multiple LAN Sophos XG
Hi Max. I tried your solution. But a bridge is present between LAN1 and WAN. The DMZ was an idea LAN and DMZ must be in the same network LAN with DMZ. And i can not associate LAN with DMZ (restriction of the enterprise). I have created a second LAN2 zone for isolate of LAN1. If i add LAN2 to the bridge, i have not Internet despite network rules. I tried too of create a NAT rule but nothing. For additional information: The router in the enterprise is for the moment no manageable. The Appliance Sophos is configured in bridge mode and can not be changed. There are only 4 ports on the appliance and i can use 2 ports maximum. My project is to create an another infrastructure. By that i mean servers for: Active Directory for the new domain, dns + dhcp, exchange and this clients. That's why I have to be on an independent zone to not be in conflict with the present domain. So what can i do? Thank you in advance for your answers and sorry if i repeat me. Regards, PBJM
↧
↧
Forum Post: RE: Intel CPU Bug Hotfix - Sophos Compatibility Check?
Hi Bryan, Please find below the required information for your query: For Microsoft products the vulnerabilities are addressed in patches that were released ahead of schedule by Microsoft on 03 Jan 2018, see security advisory ADV180002 for details. For Apple products see the following statement: About speculative execution vulnerabilities in ARM-based and Intel CPUs Patches are available for Linux systems, we advise you to speak to your Linux Kernel vendor for more information. Also, refer to the article Advisory: Kernel memory issue affecting multiple OS (aka F**CKWIT, KAISER, KPTI, Meltdown & Spectre) for more information.
↧
Forum Post: RE: CISCO VPN broken after XG 17 release
Any updates on this? I have the same Problem. It still persists in MR3. Very annoying...
↧
Forum Post: RE: SMS 7.1.2474(18) Reporting Device Rooted
Hi vondes vondes Please do brief your query. Are you trying to run the spy apps on android and wants to know if that can work with Sophos?
↧
Forum Post: RE: Intel CPU Bug Hotfix - Sophos Compatibility Check?
Dear Bryan Gritton Sophos ENDPOINT has no compatibility issues with the MS Update Patch released as per Sophos and also they have already started rolling out IDE;s in this regards and can be found on the Systems who have fetched the latest Definitions.
↧
↧
Forum Post: RE: WIFI only at 400Mbps Sophos AP55
Hi David Thanks very much for your time and reply. 400Mbps is the connection speed between my phone/tablets/laptop to my AP55. I am running sophos XG on a Dell Optiplex i5 3570 SFF PC with 8G RAM, definitely not a sizing issue here. I noticed a reply made by Sophos engineer in another post The Max connection speed on AP100 with 80Mhz channel width is 1.3Gbps. Please note that the client has to be a 3 spatial stream 802.11AC device to achieve this Data rate. Max connection speed on AP55 with 80Mhz channel width is 866Mbps. The default channel width is set to 40Mhz to suite enterprise deployments. You can change the default Channel width from CLI. and here is how to check what channel is allowed on AP55 6. Which Wireless Channels are currently allowed on this AccessPoint? root@OpenWrt:/# cat /tmp/ap_caps allowed_channels=1,2,3,4,5,6,7,8,9,10,11,12,13,36,40,44,48,52,56,60,64,100,104,108,112,116,132,136,140 I haven't tried this yet as I need to get a usb-console cable. Currently I am happy with my XG and two AP55s Thanks
↧
Forum Post: Blocked HTTPS from Apple
All: I've noticed recently that my Apple iOS products no longer sync Contacts--that is, if I create a contact on my iPhone, that contact is never recognized on my iPad--until I use those products on networks other than one running through my Sophos UTM. I pulled up an WebAdmin Live Log Firewall window to see if something was being blocked. Sure enough, while using my iPad (or iPhone) I'm seeing HTTPS (443) traffic being dropped that's sourcing from Apple subnets 17.253.x.x and 17.248.x.x with the destination address being the static address assigned by my Internet Provider. For example, if x.x.x.x is the static IP address assigned to me (which I have entered under Management-->System Settings-->Hostname), I'm seeing: Default DROP TCP 17.253.29.204:443 --> x.x.x.x: (Some high port number like 54977) [RST] len=40 ttl=56 tos=0x00 srcmac=whatever dstmac=whatever What's going on here and how do I remedy it? I already have firewall rules in place to allow traffic to/from Apple Networks (17.0.0.0/8) to my iPad and iPhone in place. Any suggestions or thoughts would be appreciated. Regards, Robert
↧
Forum Post: RE: Block Amazon video without the whole site
You should start blocking the domain cloudfront.net in Web Filtering
↧
Forum Post: RE: Sophos Enterprise Console Not Updating
Hello Provided instruction didn't work for me ! can you update with new solution.
↧
↧
Forum Post: RE: need help removing SVR .msi intaller in order to download latest edition (Windows 10)
Hi hArd_nUt2crAck Please go to the following location and check if the installer is present: 32-bit computer: C:\Program Files\Sophos\Sophos Virus Removal Tool\ 64-bit computer: C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\ If the installer is available, please you can run the following command line: 32-bit computer: C:\Program Files\Sophos\Sophos Virus Removal Tool\SVRTcli.exe -uninstall 64-bit computer: C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTcli.exe -uninstall Please refer to the article Overview of the Sophos Virus Removal Tool (SVRT) . Let me know if this helps your query.
↧
Forum Post: RE: Enterprise Console - Software Update Failed
Hello, its not working for me , would you please share new update solution.
↧
Forum Post: RE: Visited pages log
The easiest way to do this is to open the log viewer in the upper right corner of your dashboard . Then view list of web filter events . On the left side select the filter source IP . Finally you just need to enter your desiered IP-adress and then it should display all the connection from the device. Have a try.
↧