Recommendation on Choosing Network Security Device

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Recommendation on Choosing Network Security Device

breda
Hi, wanted to ask the group for help on Choosing Network Security Device replacement for my Shield, we have updated are ISP to 250 Mbps and needed something that can give us more throughput, the most I can get out of the  Shield  is 55 Mbps I'm in bridge mode, I have done some research on  the  Sophos XG Desktop https://www.sophos.com/en-us/products/unified-threat-management/tech-specs.aspx#DesktopModels  the setup will be for  a home and business network at the same location, we have a mix of  5 to 6 ethernet devices and multiple Wi-Fi Devices using 2.4  GHz and 5 GHz, not sure if should go with an all in one device from Sophos?, or use something like Orbi Wi-Fi? we need to cover about 2800 square feet, any help would  be greatly appreciated  
Reply | Threaded
Open this post in threaded view
|

Re: Recommendation on Choosing Network Security Device

Turrican
This post was updated on .
Hi

I’ve been using a Sophos sg 120 appliance for around a year now, coupled with 2 x ap-55 access points to cover my house. I installed the home edition of the sg utm 9 which has a license limit of 50 devices so it took a bit of time to add all my hosts as static but even though I have approx 35 devices in use regularly it’s been fine. Just remember to change your dhcp pool to 10 devices or so so you can manage the device limit well. Xg firewall home has no device limitations, only limited to 6gb ram and 4 cores I think.

  I paid about £60 for the box and £100 each for the aps which is great value for the power this thing delivers. Steep learning curve though. I had it installed in a vm for 6 months while I got to grips with it. Now doing the same with xg firewall but it’s very different so again, will take some time to get my head around it.

Sg 120 box gives me around 150mb throughout. The sg/xg 115 would give more I believe but not tried them. I believe the sg and xg hardware is the same, just comes with a different os. Utm 9 will be phased out eventually but for now is still being updated fairly regularly.

Other choices are buying a mini pc with 2 or more Ethernet ports and using utm 9 or any of the other available security installs such as pfsense, untangle etc.


Running Bridge Mode
v1.51 SP1 + Hotfix Mar 9
Reply | Threaded
Open this post in threaded view
|

Re: Recommendation on Choosing Network Security Device

breda
Hi,  Turrican Thank you

if I buy mine own mini pc can you recommend some specs?

on the WiFi would  ap-55 access points would they work with  UTM 9? or would have to buy Sg 120 or sg/xg 115? in order to use them?


Reply | Threaded
Open this post in threaded view
|

Re: Recommendation on Choosing Network Security Device

Turrican
https://www.amazon.com/gp/offer-listing/B072Q872V9/ref=dp_olp_0?ie=UTF8&condition=all

Something like that :)

The ap55s would be compatible with utm 9 or xg firewall. I have mine plugged into a Poe switch via my in-house cat 6 cabling.

Running Bridge Mode
v1.51 SP1 + Hotfix Mar 9
Reply | Threaded
Open this post in threaded view
|

Re: Recommendation on Choosing Network Security Device

breda
thank you
Reply | Threaded
Open this post in threaded view
|

Re: Recommendation on Choosing Network Security Device

user8446
Administrator
What about https://securityonion.net/ ? Snort & Suricata built into an OS - just install it w/ the setup wizard. Free, no limitations, and pure Cisco's Snort instead of just being based on it.
Running in bridge mode, 1.51 SP1 fw
Reply | Threaded
Open this post in threaded view
|

Re: Recommendation on Choosing Network Security Device

breda
Thanks user8446 the  https://securityonion.net   would it work like Bridge mode? or is it like  Sophos and does all the routing? I was looking at  https://www.amazon.com/gp/offer-listing/B072Q872V9/ref=dp_olp_0?ie=UTF8&condition=all or  Protectli https://protectli.com/6-port/