9/25/2023 0 Comments Sophos home utm as wifi router![]() ![]() ![]() Naturally, a lot of people are assuming, especially given the recent and past actions of Netgate, that they’re going to start leaving pfSense CE behind to get people to pay up for plus.Īlso, as much as they claim it’s ‘open source,’ well, those claims don’t really tend to hold up that well when you start to look deeper. See, the free version, called “Community Edition” now, is taking a back seat to “pfSense+,” which is the version that used to be shipped on their own hardware appliances, and is now just straight up being sold. Kinda not true, and I’ve switched to OPNsense because of the actions of Netgate, the company that owns and produces pfSense. It doesn’t have all the features of a full UTM, but in some ways it’s a little better.īesides being FOSS, it’s also based not on iptables for filtering and routing, but pf (packet filter) instead, hence the name, pfSense. PfSense is a network firewall application built on FreeBSD. This also comes with software and virus database updates.Īnd one final thing to note that will be important later: the UTM installer checks how many NICs (translated: Ethernet ports) your device has, and it will refuse to run unless there’s at least two, one for the WAN (internet / ISP / “everyone else”) side, and one for the (own network) side. To the best of my knowledge, the real backend of the firewall / NAT section is iptables, which, let’s just say I’m glad it’s much simpler to use graphically.Ī home use (non-commercial) version is available for free, licensed for 50 LAN-side IP addresses. It ran mainly off a system called confd, a central (to the device, in this case) configuration management engine, wrapped up in a nice (and slow) graphical web interface. UTM could even do things like webserver protection, act as an AP controller, so much fun stuff. UTM 9, besides being a pretty standard firewall / NAT device, also did a lot more like application traffic shaping, what’s effectively Snort traffic monitoring, HTTP download virus scanning, URL blocking, email download scanning, email DKIM signing, email spam detection… a lot of things. Note: the successor to this is called Sophos XG, which… I’ve never touched, I just didn’t upgrade. The software package I was using was the UTM 9 (Unified Threat Management) by Sophos, and, if you’re familiar with that name, then you already know it does a lot. In terms of core features, it’s the network router and gateway, and in terms of other features… it’s a firewall. (Technically, my network and the rest of the house, but…) So, the basics… I upgraded the box that sits between my network and the rest of the internet. Now, this is a story, all about how my life network got flipped, turned upside down, and I’d like to take a minute, just sit right there, I’ll tell you how I became the prince of a town called Bel Air the owner of a… just… just cut the music. Yeah I figure why not, at the same time that I’m replacing another key piece of network infrastructure, I might as well just replace the (second) most important piece, right? ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |