I have used Sophos XG at home for about one week now, and I could not have been happier 🙂
For the last year I have tried most of the software firewalls out there, but let’s face it, I am a home user – I need a simple and nice GUI! It does not matter how great a functionality is, if you cannot use it. I understand basic networking, but it is not my strongest side.
After most of my tries on different firewalls, I landed on Sophos UTM 9. The Sophos UTM home-license had a 50 IP-address limit, which was too small for my network – so I ended up running Endian. Endian was great, but had a very static interface.
A garbage product to something beautiful
I tried Sophos XG early in the progress, when they announced that Sophos XG should take over for UTM. It did not take long before they retracted that comment after high amount of comments from the users.
Sophos XG was not a great product at the start. The GUI was terrible. You had to hover the menu to multiple levels, which was poorly described. It probably took you 10 minutes to find the feature you were looking for.
Sophos has done great things in the last version of XG. It is a lot simpler to navigate and you can find the things you are looking for.
Difference between Sophos UTM, XG and Endian
I mainly like Sophos because the nice interface. It shows charts and has great reports of what is going on – this is the same on both UTM and XG.
The UTM GUI is starting to get a bit out-dated, where the XG is more up to date.
Endian reminds me of any default firewall from a basic router. Maybe a bit more advanced features. Endian also has a great log view, but it mostly stops there. The interface is very static and does not show the health-status on your network. Endian uses ntop for a graphical network flow, but it is a separate page/GUI. It also don’t show any security/health related info – so I had no idea if anything on my network had a virus or doing anything something out of the ordinary.
Some short words about my setup
My firewall is running on my Vmware ESXi, which has two network cards. One for Internet/WAN and the other on the LAN-side.
The installation was simple, but a bit tricky. I did not find much information on the installation, so I had to google the username/password and try/fail on what network interface was WAN or LAN. When I finally got the web-interface up, it was mostly next-next-next.
I started with both web and application-filter, but I had to remove the application-filter, as it flagged Skype as a level 5 (highest level) security breach.
My kid is also getting more and more curious on the Internet, so I have now added a time-schedule called “KidsTime”. In this timeframe, the firewall will be a bit more protective, like blocking nudity (Right now it is just set to Warn in a testing period).
Sophos has a great database for web and applications. I do not agree with all of the classifications, but it works in most cases. Sophos is not just a firewall, it also protect my home users from doing stupid things 🙂