Free Sophos XG Home Firewall
193°Expired

Free Sophos XG Home Firewall

17
Found 21st Jun 2017
I manage the full-fat enterprise Sophos XG firewall. This home edition seems to have a lot of the same features, so ideal for home protection or to use as a training aid from a reputable security company.

Features
Increase your Internet Bandwidth - You can make easy use of traffic shaping to prioritize application traffic over your internet connection and even subscribe to multiple ISP connections to get more bandwidth or resiliency in the event of an outage with one of them.
Monitor and control family web surfing - Use Web Filtering to stop sites from infecting you with viruses and spyware, keep your children from surfing to bad sites, and get full reporting on the activity in your home. Also setup access schedules or usage quotas for family members who may be wasting too much time online.
Access your home network from anywhere – Use VPN to access your network remotely from anywhere in the world.
Stop Viruses - Dual AV scanning engines stop viruses in file downloads, email attachments, and embedded in web sites. Sophos catches them at the gateway, before they can get in to assault your computers.
And a lot more...
Community Updates
Groups

    Groups

    17 Comments
    Made my old Dell laptop run like treacle. Dumped it within weeks, but it must work ok for some, so fair do's.
    Anyone attempting to install this needs to read this first:

    NOTE: The Sophos XG Free Home Use firewall contains its own operating system and will overwrite all data on the computer during the installation process. Therefore, a separate, dedicated computer is needed, which will change into a fully functional security appliance. Just right for the spare PC you have sitting in the corner!

    If that's what you want, then it's all good.
    Original Poster
    Predikuesi

    Anyone attempting to install this needs to read this first:NOTE: The … Anyone attempting to install this needs to read this first:NOTE: The Sophos XG Free Home Use firewall contains its own operating system and will overwrite all data on the computer during the installation process. Therefore, a separate, dedicated computer is needed, which will change into a fully functional security appliance. Just right for the spare PC you have sitting in the corner!If that's what you want, then it's all good.




    Alternatively do what I do and install on a hypervisor such as Hyper-V or VMWare
    I personally feel the utm 9 is still better for home if you can handle only 50 ips protected by the gw. virtualized is a reasonable way to go if you can leave it on 247, or like me, find an supported embedded board running very low wattage and leave it powered 247 as a perm fw I will change to xg some point in the future once its feature set catches up with the utm.
    mattuk

    I personally feel the utm 9 is still better for home if you can handle … I personally feel the utm 9 is still better for home if you can handle only 50 ips protected by the gw. virtualized is a reasonable way to go if you can leave it on 247, or like me, find an supported embedded board running very low wattage and leave it powered 247 as a perm fw I will change to xg some point in the future once its feature set catches up with the utm.


    please elaborate (with links)
    I agree, I use Sophos UTM for 3 years now and i have tried XG Home as well, I do prefer much more the UTM version.
    Link here: sophos.com/en/…spx
    I run it in a Vmware ESXi.
    I believe this Antivirus is Which magazine recommended.
    Heat, thanks for sharing OP!

    After a catastrophic hardware failure I retired my hardware firewall - it's too loud to bother repairing and overkill for me now (Juniper SRX1400). I gave up caring and just rely on Windows 10 & Virgin Media, under 8 minutes completely re-installs my machines with all their apps anyway, I have only had 1 infection so far..
    Predikuesi

    Anyone attempting to install this needs to read this first:NOTE: The … Anyone attempting to install this needs to read this first:NOTE: The Sophos XG Free Home Use firewall contains its own operating system and will overwrite all data on the computer during the installation process. Therefore, a separate, dedicated computer is needed, which will change into a fully functional security appliance. Just right for the spare PC you have sitting in the corner!If that's what you want, then it's all good.



    Reminds me a wee bit of how Smooth wall Firewall runs ...
    clarkeyi

    Alternatively do what I do and install on a hypervisor such as Hyper-V or … Alternatively do what I do and install on a hypervisor such as Hyper-V or VMWare



    That's interesting, does that method work any good then?, or .....
    Do you need special network topology to use it? For normal home network topology, all devices directly connect to a router in parallel, how can it, installed only on one device, protect other devices? Thanks in advance.
    Original Poster
    amour3k

    That's interesting, does that method work any good then?, or .....



    ​Yes works well but depends on hardware spec you host it on.
    flying_carpet

    Do you need special network topology to use it? For normal home network … Do you need special network topology to use it? For normal home network topology, all devices directly connect to a router in parallel, how can it, installed only on one device, protect other devices? Thanks in advance.


    Very good question
    You do not need a special network topology but will need to, at a minimum, set all devices to connect to the Internet via the firewall.
    For full protection I would disable access to the router from any other address other than the firewall and 1 specified 'Clean' PC that you can use to access the router in an emergency.
    All devices that connect to your network should connect via the firewall and the router should ignore/drop all attempted connections that do not come from the firewall. (Except for the 'Clean' PC which you must ensure is protected from infection etc.)
    You can avoid the need for the 'Clean' PC if you are able to quickly/easily reconfigure a PC to have the same IP address as the Firewall in an emergency (i.e. the Firewall crashes etc). The choice is yours depending on your Tech skills.
    You will also need to have a router that is configurable and NOT locked down as ISP's tend to do.

    Personally, I run my own 'Filtering' DNS Server and Firewall which between them filter out Ads and 'Bad' Addresses.
    I block any attempts to access the router directly and any attempts to access DNS other than my own Server.
    (Lots of software tries to access its own DNS Servers, ignoring my own setup. Which I find a little bit annoying as it is a potential source of unknown/unfiltered access to my PC's and/or network.)

    As you can tell , I am not very trusting of 'Magic' software that just does its own thing. !!!
    r4w80

    I agree, I use Sophos UTM for 3 years now and i have tried XG Home as … I agree, I use Sophos UTM for 3 years now and i have tried XG Home as well, I do prefer much more the UTM version.Link here: https://www.sophos.com/en/products/free-tools/sophos-utm-home-edition.aspxI run it in a Vmware ESXi.


    Many Thanks, I have taken your advice and downloaded the UTM version.
    I will run it in a VM to see how it performs.
    Huawei_or_my_way

    Very good question :)You do not need a special network topology but will … Very good question :)You do not need a special network topology but will need to, at a minimum, set all devices to connect to the Internet via the firewall. For full protection I would disable access to the router from any other address other than the firewall and 1 specified 'Clean' PC that you can use to access the router in an emergency.All devices that connect to your network should connect via the firewall and the router should ignore/drop all attempted connections that do not come from the firewall. (Except for the 'Clean' PC which you must ensure is protected from infection etc.) You can avoid the need for the 'Clean' PC if you are able to quickly/easily reconfigure a PC to have the same IP address as the Firewall in an emergency (i.e. the Firewall crashes etc). The choice is yours depending on your Tech skills.You will also need to have a router that is configurable and NOT locked down as ISP's tend to do.Personally, I run my own 'Filtering' DNS Server and Firewall which between them filter out Ads and 'Bad' Addresses.I block any attempts to access the router directly and any attempts to access DNS other than my own Server. (Lots of software tries to access its own DNS Servers, ignoring my own setup. Which I find a little bit annoying as it is a potential source of unknown/unfiltered access to my PC's and/or network.)As you can tell , I am not very trusting of 'Magic' software that just does its own thing. !!!


    Thanks a lot for your very helpful reply and other useful safety tips ;). I am still a bit confused how you can make all other devices connect only via the firewall if it's a normal star home topology, i.e. internet/WAN - router - LAN devices including the firewall, pcs, mobiles etc? One topology which can make it work is internet/WAN - router - the firewall - switch - other LAN devices including pcs, mobiles etc, but it is certainly not a typical topology for a normal home and also you need at least two Ethernet cards for your firewall PC. Have I missed anything?
    What you need
    Intel compatible computer with dual network interfaces. (Any previous OS or files on the computer will be overwritten when installing the XG Firewall Home Edition)Home Edition is limited to 4 cores and 6 GB of RAM. The computer can have more than this, but XG Firewall Home Edition will not be able to utilize it.
    would it be possible to run it through virtualbox ?
    Post a comment
    Avatar
    @
      Text