Unconfigured Ad Widget

**rkt88edmo** · 12-26-2014, 11:51 PM

I'm gonna read up and maybe get back to you

**CTallerico** · 12-30-2014, 6:26 PM

PfSense with Snort FTW

**elx144** · 12-30-2014, 6:52 PM

I can run my perimeter firewall all day long, but the real point of attack is the end user's client. Virus definitions are most effective there. You should have a hardened gateway to prevent direct attacks, but exploiting people who browse the Internet all comes down to exploiting the executable that acts as the browser. Run anti-virus on your PC, Mac, Linux, or BSD but most importantly lock down the accounts so they don't run as administrator.

**jmlivingston** · 12-30-2014, 7:37 PM

The Sophos UTM product includes endpoint protection, remote vpn, and IDS as well as the firewall. I'm in the process of setting it up in a VirtualBox VM, should have it finished shortly after I get home from vacation.

**dscoduc** · 12-30-2014, 9:40 PM

Originally posted by elx144

I can run my perimeter firewall all day long, but the real point of attack is the end user's client. Virus definitions are most effective there. You should have a hardened gateway to prevent direct attacks, but exploiting people who browse the Internet all comes down to exploiting the executable that acts as the browser. Run anti-virus on your PC, Mac, Linux, or BSD but most importantly lock down the accounts so they don't run as administrator.

You are absolutely correct in that attacks on client machines is a serious issue that requires anti-virus to help defend - as well as running with least privilege.

But it's all about defense in depth. If there is an updated list of suspected/bad URL's out there that can get loaded into my transparent proxy every 15 minutes, then I want that additional layer of defense to prevent my family from even connecting to the site...

I used to use Microsoft's TMG with free virus signatures and URL filtering due to my MSDN subscription, but since TMG has been discontinued it seems that for a one time purchase of around $200 hardware and free Sophos UTM for Home I can continue to filter my internet traffic.

**dscoduc** · 12-30-2014, 9:42 PM

Originally posted by jmlivingston

The Sophos UTM product includes endpoint protection, remote vpn, and IDS as well as the firewall. I'm in the process of setting it up in a VirtualBox VM, should have it finished shortly after I get home from vacation.

I started with VM's as well to check it out then decided, a.) I didn't want the internet coming into my everyday machine, even with a dedicated interface isolated to the Sophos VM, b.) I didn't want to leave my VM server running all the time to run the firewall VM.

This is where the beauty of the PCEngines platform shines. It's exactly the right amount of power and capacity needed to run this job, without any fan noise (passive cooling) or large PC boxes.

**dscoduc** · 12-30-2014, 9:45 PM

Originally posted by CTallerico

PfSense with Snort FTW

pfSense with Snort is definitely a good solution and I looked at that originally. The problem is the pfSense GUI is dated and didn't include all of features that I want to manage.

Either way, the pfSense with Snort or the Sophos UTM is a definite improvement to any household wishing to protect their family from both malicious traffic and a curious kid...

**elx144** · 12-31-2014, 11:48 PM

Originally posted by dscoduc

You are absolutely correct in that attacks on client machines is a serious issue that requires anti-virus to help defend - as well as running with least privilege.

But it's all about defense in depth. If there is an updated list of suspected/bad URL's out there that can get loaded into my transparent proxy every 15 minutes, then I want that additional layer of defense to prevent my family from even connecting to the site...

I used to use Microsoft's TMG with free virus signatures and URL filtering due to my MSDN subscription, but since TMG has been discontinued it seems that for a one time purchase of around $200 hardware and free Sophos UTM for Home I can continue to filter my internet traffic.

I've used Avast before. It gives you a virus definition that updates often and includes bad URL's and even Java script that could be infected. It's free too. Defence in depth is always what I've been taught, I've also heard it called the layers of the Onion.

I thought the most important thing to remember was that someone will always be able to find a way in to an Internet connected computer. Then I worked on an air gapped network that got a virus that was transferred by usb disks. If you're concerned with security to the point of paranoia bury that thing in 20 feet of concrete and encase it in 1/2" of AR500 steel.

**CTallerico** · 01-01-2015, 10:28 AM

I have about 30 pfSense boxes in my network and swear by them. If the GUI is what you dont like, download the 2.2RC, I hear they refreshed the UI. Plus 2.2 introduces multithreading on the PF and the ESF guys have pushed 1Gig of IPSEC traffic.....That's amazing performance from a $1400 security appliance. But yeah, any of the appliances you're talking about are waaaaaaaaaaaaay better than some POC from Best Buy for Frys.

**johnjacobschmidt** · 01-05-2015, 1:31 AM

Just use linux and no more viruses.

**atc4usmc** · 01-05-2015, 4:48 AM

Im curious with this set up OP, could I continue to run a synology DS through this as well? I currently have my DS running and connect to it through DDNS (NO-ip) would this still be doable?

Thanks in advanced!

**mds2004** · 01-06-2015, 8:05 PM

I love Sophos and have been running their UTM for a few years now. Before them I was using Astaro, which was bought by Sophos, and before that I used Untangle.

The GUI is clean and programming it is extremely simple. I work for a Managed Service Provider and we have one of these at at every location as their main firewall, and these have been extremely stout.

**engi** · 01-06-2015, 8:24 PM

Interesting. I'll have to read up on this stuff and check it out.

**Flyliner** · 01-08-2015, 4:06 PM

Originally posted by dscoduc

I have young(ish) kids who are just starting to use the internet for games and school research. I also have a wife who likes to troll the internet to who-knows-where picking up whatever malware is out there...

After spending a long time looking for a solution that would protect the home network, scan websites for malware, filter which websites are available, and ensure safe searches on search engines, I settled on the Sophos UTM Home Edition over the more common pfSense.

The Sophos UTM features are exactly what is needed to protect my family and home network. Here is the list of items I used to build an "appliance" device:

APU1D4 DIY Kit (Black/Blue/Red) : $200
MyDigitalSSD Super Boot Drive mSATA SSD 64GB : $49.99
Sophos UTM v9.3 : Free

So for approx. $250 I have an appliance device that works great, including free regular virus definition updates and website filtering list updates.

If anyone has any questions or is interested in building one of these things feel free to ping me and I will be glad to help out.

Nevermind, I get it now.

Unconfigured Ad Widget

Home Internet Protection with Sophos UTM

Home Internet Protection with Sophos UTM

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Calguns.net Statistics

What's Going On