Overall, Sophos is a great platform. And part of what adds to that greatness is the web filtering options. By default, it gives a bunch of options that can be filtered out by default. However, […]
Well, I apparently missed doing this. And there are some important steps here, because the installation for Sophos UTM isn’t as turn key as it could be. There are some specific things you have to do before it’s up and running 95%.
So we are going to cover that here.
Previously I talked about, well how awesome the firewall and intrusion countermeasures in Sophos are. And I didn’t get to how to actually configure them because of the shear amount of content I covered.
This time, we’re going to walk through how to add services to the firewall, and how to lock down or allow traffic through Sophos (your firewall). This includes how to enable Sophos to do the normal “Consumer Router firewall” stuff, as some people are “too lazy*” to set this up properly.
As I said previously, I am going to talk more about Sophos and my adventures with it.
The first part that I need to address is Sophos’ firewall. It’s beyond awesome. But the phrase “draconian” is an absolutely accurate description. During the initial setup wizard, Sophos ask you what services you want to allow by default. The default services it configures Remote Access (RDP, VNC, etc), Instant Messaging, VoIP, Email and Web Surfing. You can select any combination of these services.
Due to some issues lately, I’ve taken the excuse to upgrade the hardware on my network.
Specifically, my pfSense box now refuses to boot (CF Card isn’t taking any new flashes apparently), and my Linksys router is on the way out. By on the way out, I mean that turning on QoS causes the system to overheat and lock up. Frequently and quickly.