Sophos is the better between the two for security, but for the amount of options you get, pfsense is the one I chose. You have a plethora of options to run on it.Snort, Proxy, Cache Server, Radius, etc.there are a ton packages that can be installed (just to name a few). Now like any Gateway/Firewall/ Security Device it has its quirks. I deploy it at home and at clients sites. PfSense, for home or small business is great. For a Free UTM.I know of no better unless you start getting in to the Enterprise price range and the complexity to go with it.(headache) I believe you can only have up to 50 IPs on your network.which for a most homes is plenty.unless you have 4 people in the house who own 4 devices each and your networking device, wifi access fill up you alotted IP's very quickly. But the features and the security it provides is top notch. Slidermike, I tried the free Home Sophos UTM and it is great.but it does, as you stated, have a steep learning curve. Put 2 NIC's in it (1 for WAN and 1 for LAN) but you can add more NICs for DMZ's or multiple LANs. Oh and another suggestion would be to instead or at least consider building your own with an older/spare pc you probably have laying around. It is the most robust FW I have used outside of enterprise Cisco ASA's. There is a device limit for the free version but it is an outstanding product that I fully endorse if your willing to take some time to learn/configure it. There is also the inline IPS which is functional in Sophos. Much more secure and I can tell it exactly which device can do what to the outside. Sophos however requires you to punch pin holes through. Thus once you have an infected device on the inside and it calls back to HQ for whatever nefarious reason the average router & FW will just let the devices talk assuming that since it started from inside it must be legit. However the idea that every pc/cell phone/xbox is virus/malware free would be woefully incorrect. Thus opening the return port for a response from wherever your local device "phoned home". The main reason I chose it over pfSense is because it is more secure.īy default most home level FW's assume traffic originating from the inside is secure & allows it to traverse out to the internet. The learning curve is semi-steep but google and the Sophos forums are you friend. I hope I at least pointed you in the right direction? If you are on a limited budget, PfSense can't be beat. If you have the funds to buy a UTM.go with Sophos. Sophos is expensive but for what you get.it does an outstanding job! Sophos is always top rated when it come to their Security.and from every one that I know that runs them.they do the job very well. I bought hardware directly from the Electric Sheep guys.top notch hardware and support. It take awhile to really get into the interface but once you figure things out.it is by far the better Enterprise solution.Īs far as the mini ITX boxes on Amazon.be careful. I tried out Sophos and the interface is clunky but the features are top notch. And if you want Professional Support, its on there site at a very reasonable cost for SMB's. There is a ton of useful information on there forums if you run into issues. It is easy to figure things out and basic set up is easy and informative to use. Pfsense is free, has great support, and is BSD based.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |