I added the USB device on VMware, Sophos detects it via lsusb, but not ifconfig. Therefore, it only shows one network adapter. I can't seem to add the USB adapter into VMware's networking switch. Then tried compiling the drivers manually, but wget won't even connect, so I'm stuck... Trying IPFire next. *Failed. Version 2.0 requires another network card for BLUE WiFi hotspot. Dunno where is 3.0, but at least it detects my USB card correctly... *ClearOS gives me a black screen after install... Alt+F2 needed. *Trying a ClearOS Hot LAN guest WiFi hotspot with bandwidth control. Should be good. *OK, the web filter and anti-virus won't work, but Egress firewall does. Oh well, that combined with Norton DNS should be good enough. Now what domains to block...
AFAIK IQ01, ID90, ID91 and ID92 have dual GBE nics. http://www.zotac.com/products/mini-...er/DESC/amount/10/section/specifications.html http://www.zotac.com/products/mini-...er/DESC/amount/10/section/specifications.html http://www.zotac.com/products/mini-...er/DESC/amount/10/section/specifications.html http://www.zotac.com/products/mini-...er/DESC/amount/10/section/specifications.html
Thanks J_L for testing. So maybe I have to build cheap barabone which have 2NIC to use Sophos UTM. I found good one and by reusing 4GB memory I have it will be about $300 in US$. Still big money for poor student like me.
I have been thinking about giving Sophos UTM a try on my Home Network (4 Windows PC's) for some time. I don't like the idea of using an Old PC for the Sophos UTM. I always like new hardware. Does anyone have any experience with using SuperMicro Server Motherboards for the Sophos UTM? If yes, what Motherboard Models do you know that 'for sure' are compatible? Do you recommend any other Motherboard Brands/Models that 'for sure' are compatible? I am looking for either Mini-ITX or Micro-ATX form factors. Thanks in Advance.
Microcenter sells fast mini-form factor refurbished (really these are new) faster dual core 2.66ghz machines with 4GB ram for $129.00. These SMOKE on Sophos UTM, and have small 135 watt power supplies so they aren't very hungry for people.. That's what I use now, and I would recommend it. Rock solid.
You can take a look at the hardware list I posted earlier in this thread... The total price's about RMB 2100, roughly $335. In the list, I chose Core i3, SSD and a nice small ITX case with built-in power supply. The price also includes the memory. With HDD, Celeron, existing memory and maybe a cheaper case w/ power supply, you should be able to build one for about RMB 1500, about $239...
I have been watching this thread for a while and it has inspired me to build a new rig to run Sophos UTM. I was thinking of buying a Zyxel UTM but the annual support costs and model redundancy were my main concerns (I previously had a Checkpoint Safe@Office 500w). I have just purchased my new hardware (online in UK) and if it will help others, here is my research. I was looking for a mini-ITX motherboard to build my system around - the only 2 that I could find that have both Dual-NICs and Wifi are the MSI Z97I-AC and Gigabyte GA-Z97N-WIFI. Both come with Intel 802.11ac (mini-PCIe) however the MSI uses Realtek NICs (which are not recommended on Sophos forums) but the Gigabyte has Intel and Atheros NICs (I was lucky to get a revision 1.0, as 1.1 has Intel and Realtek NICs). The rest of my hardware is in my sig. Now to get building and testing ...........
This guy right here smokes Sophos UTM, toss in a $9 Intel NIC for the second NIC, and you are good to go. http://www.microcenter.com/product/...s_7_Professional_Desktop_Computer_Refurbished
Thank you. What kind of additional NIC Card did you purchase for it? I assume that it would be best to stick with an Intel NIC. I assume that these use 'Low Profile' PCI NIC's. Is this correct?
I don't remember what brand I used. I think it was Tenda or Trendnet, but I DO NOT recommend using a non-intel. I had to struggle to get mine to recognize, but once I got over that hurdle it has been perfect in every way. If I had to do it again I would drop an Intel Low Profile NIC in.
I think that it may be best for me to use a currently 'Idle' Mid-Tower PC that I used for trying out to learn Linux Distro's in the past. It has an on-board Realtek NIC. I think that I will disable the on-board Intel NIC and buy two (2) Intel PCI NIC Cards for it. Motherboard: http://www.newegg.com/Product/Product.aspx?Item=N82E16813128078 CPU: http://www.newegg.com/Product/Product.aspx?Item=N82E16819115032 The two (2) NIC Cards would be like these: http://www.newegg.com/Product/Product.aspx?Item=N82E16833106121 Do you think that it would be best to first install Sophos UTM on that PC with the Realtek NIC still enabled just to check for hardware compatibility before buying the two (2) NIC Cards? Thanks in Advance.
If I could find a cheap ITX form factor that would work, and consume TINY amounts of power I would buy one. The problem is they get expensive fast, sometimes don't have dual NIC's, and/or have anemic hardware. Something like ITUS running Sophos would be fun. ITUS running DDWRT is no fun, and useless to me. But I like the hardware they have in it. We should probably explore low power, cool operating small form factors for this. I've found a few sellers offering surplus ITX on Ebay, but they usually have 10/100 internals, useless for me as my WAN Is 180Mbps. Right now my servers use 135-185 watts each, but if I could trim that to 10-20watts, I may do it.. Power is expensive these days.
I think that I read that Sophos states 2.0 GHz Minimum CPU for the Hardware Requirements. I was looking at an Intel Atom Mini-ITX Motherboard which has a CPU which is slightly less than 2.0 GHz. I assume that the Dual Engine Antivirus Scanning would be one of largest consumers of CPU resources. How much CPU processing power do you really need for the Sophos UTM?
Sophos uses almost no CPU. With everything maxed on mine, I am using less than 5% of CPU cycles per day on a dual core. I'm sure you can get away with way less. I have dual AV engines enabled.
Here's a summary of CPU use, keeping in mind this is an ancient refurbished dual core. Everything is maxed on my UTM, both AV engines, IPS (full sigs), and URL filtration w/HTTPS.
It has been engineered quite efficiently, that is impressive considering the role it plays on the network with dual scanning engines and more. I am almost sold on this and will continue to follow closely. I used to build PCs a while back and this is sparking an interest for me.
Remember, Sophos don't accept PCI NIC cards. J_L confirmed it. They have hardware compatibility list in pdf and it seems only a few Realtek NIC are supported. I also saw an experience by others that non-supported NIC couldn't be used. But if you have the hardware, it's good to test it first as you don't loose anything.
Thanks, actually I looked. But do you know what NIC they use? I only see these are gigabit NIC, but couldn't find mention about its vendor (Realtek or Intel or other?). I'm currently thinking to purchase Shuttle DS57U3 (Core i3 2.0 GHz with 2 Intel NICs) and attach 4GB memory I have and cheap 2.5 inch HDD (possibly SSD, but for reliability I prefer HDD) for it. How do you guys think about it?
The board I mentioned uses Realtek RTL8111G - 10/100/1000. http://www.biostar.com.tw/app/en/mb/introduction.php?S_ID=671#spec I can't find the official HCL for latest UTM Home Edition, could you check if this RTL8111G is included? DS57U looks fine for me. Core i*-5xxxU looks cool. Personally I prefer built-in power supply, but most products in the market don't go this way...
PCI NIC's are out. MANY Realtecs are out.. I found Trendnet Realtecs from Microcenter actually do work. USB NIC's won't work. For my Realtec you just need to manually detect it, Sophos won't auto-detect. Not a big deal really.
Here's HCL. RTL8111G is not included. https://sophserv.sophos.com/repo_kb/118185/file/118185_HCL9001.pdf (Note: it's 199 pages!)
Would this Motherboard with two (2) on-board Intel NIC's (Intel 82574L) be compatible with Sophos UTM? http://www.newegg.com/Product/Product.aspx?Item=N82E16813182243 If I used this motherboard I would have to get the Supermicro 1U Case for it since it is a 'proprietary' form factor.
Check this http://www.gigabyte.com/products/product-page.aspx?pid=4918#ov (j1900) 85$ CPU + Motherboard or wait for the new intel n3700 (like I do) Is a requirement to have 2 physical nics. To virtualize if you need so, you can use proxmox (kvm) or Vmware, I personally prefer proxmox. It works with pfsense, and it should work as well if someone want to try with Sophos UTM Regarding the minimum specs for sophos take into account that those are for business use with almost all the options active, for home use any dual core (or even a single core 2.X) with 2gb of ram I think it should be more than enough. Pfsense runs in almost any hw. Any hw should work in sophos if it works in linux and in pfsense if it works in Freebsd, but depending on the HW you may need to do some manual steps
@guest Not necessarily. Depends on what's compiled into the kernel, and what version the kernel is. e.g. ClearOS currently uses an ancient 2.6.32 kernel, without support for USB to Ethernet adapters. I discovered this to my chagrin after installing it on an old laptop. ClearOS isn't the only one either. (As to why, though, I really don't know. 3.x kernels have been stable as a rock for some time now, can be as modular as you please, and even have some improved security features compared to 2.6.x. Seems like a bit of a no-brainer to me, but then I'm not a firewall admin.)
