• expired

Free Sophos UTM Firewall Software [Need a Spare PC with Two Network Ports]

110

This is a really good freebie as it combines all the security features into one. For those who don't know, a UTM stands for Unified Threat Management which combines all the possible security features such as Anti-Virus, Firewall, Web filter, Spam filter into one single software.

Features

Increase your Internet Bandwidth - You can make easy use of multiple Internet connections at the same time, giving your home more bandwidth.

Protect your Kids Web Surfing Habits - Use Web Filtering to stop sites from infecting you with viruses and spyware, keep your kids from surfing to bad sites, and get full reporting on the activity in your home.

Solve your Spam Mail Problems - Use Mail Filtering to clean up your inbox and reduce the amount of spam you have to sift through using any POP3 or SMTP setup.

Access your Home Network from Anywhere - Dial in using Road warrior VPN access to securely use Remote Desktop, transfer files, and even print, from anywhere in the world, even from your iPhone.

Connect to Work or Friends - Create a permanent tunnel to other Unified devices, linking you with a friends network, or having the perfect encrypted link to your office Astaro to work from home!

Stop Viruses in Web and Email - Dual Scanning Engines stop viruses in file downloads, email attachments, and embedded in web sites. Sophos catches them at the gateway, before they can get in to assault your computers.

Note: The Sophos UTM Free Home Use firewall contains its own operating system and will overwrite all data on the computer during the installation process. Therefore, a separate, dedicated computer is needed, which will change into a fully functional security appliance. Just right for the spare PC you have sitting in the corner!

Software appliance can be either installed on a dedicated Intel™-compatible PC or within a virtual machine. Virtual appliance can be run directly in any VMware vSphere Edition.

Related Stores

Sophos
Sophos

closed Comments

  • Or use Pfsense?

    • You can use that as well. Sophos is just another option :)

    • Which ones better?

      • I have no idea about sophos, but i would expect there are generally more options available with pfsense with all the addons that have been made for it

      • We have pfSense running for 5 years now. Can't really fault it plus you can find cheap hardware on Aliexpress easily and turn them into kickass appliances. I've only seen the XG and it's as polished as a commercial product can be. Might give Sophos a try one day.

        • The XG-series of UTMs is polished, but there is limited customizability when it comes to spam filtering functionality. For example, with the XG in MTA mode for email filtering, there is no mechanism to whitelist emails/domains/IPs to bypass filters for unscannable attachments (there is a feature request on ideas.sophos.com for this exact feature since late 2016 with quite a few votes including mine), and the mail log can't be filtered by email address or sorted in any way, which significantly limits its usefulness.

          Be aware also that XG Home apparently no longer includes the 12 free endpoint security licences like UTM9 did, but I suppose you could use Sophos Home (https://home.sophos.com/) instead for endpoint security.

          XG is supposed to be an amalgamation of UTM9 and CyberoamOS technologies, but I think there's still a ways to go. I'd stick with UTM9 and avoid upgrading to XG until it matures a bit more.

      • Sophos is designed for less texhie people, pfsense has much more granular control, but its also harder to setup.

  • -2

    These are decent enough but doesn't come close to a real standalone Sophos UTM. Big price difference obviously.

    • The home edition has all the same features as enterprise. Only difference would be the hardware (it's up to you what you run it on), and that it is limited to managing/protecting a network with only up to 50 devices.

      • 50 devices rules how my home network then 😭

  • ideally you have a very low powered dedicated PC like an Atom whatever as you will be leaving this on 24/7 as a hardware firewall

    i wonder whats the catch

    you can use something like untangle or monowall

    theres a fair few free firewalls content filters etc out there

    • As far as I remember, Untangle is not a UTM. And needless to say the horrible interface it comes with.

    • I do agree in general, but the real trouble is low power = low throughput.

      These UTMs on anaemic hardware will cripple that fast NBN connection you are paying so much for. You will see sub 10mbps throughput. You really need a cpu with the latest AES instructions for decent throughput, which rules out all the atoms.

      I'm in the process of building up a low power server but with decent throughput. I'm going to run all of the stuff I need on the one box under proxmox. As a bare minimum I need UTM, NAS and a Win7 MCE TV tuner guest. The server I'm using consumes 40W at idle. It uses an 8 core Xeon E5-2450L and a single 16GB ECC stick (need ECC for the NAS guest).

      Adding a single win7 guest to that server only increases the load by about 1W idle. So you can see it is best to try to consolidate all of your device needs into one server for the power savings. I think we are a long way off from a standalone 4 core 4GB win7 Xeon machine that uses 1W idle.

      • -1

        Not necessarily, newer Atoms have features such as hardware accelerated crypto and network offloading to the NIC.

        I'm running Sophos XG as a 2 CPU, 4GB RAM VM on a NUC6i5SYH and I get 100M fine on my NBN connection.

        • thats a $500 latest gen i5 NUC, not exactly an atom.

          What I'm saying is, you either need to pay a lot for the latest and greatest low power hardware, or you get lower throughput on cheap low power hardware.

          I'm trying to go the middle ground, with decent (but cheap) older hardware, and gaining low power by consolidating my appliances into the one box.

      • If you start turning on IPS, intelligent threat protection, etc the throughput will slow down.

        I'm still using the UTM 9 from Sophos - came with 10 or so client anti-malware licenses.

        It is reasonably straight forward to use. I have two internet connections - Telstra cable and TPG ADSL2. It has failover, etc. I can forward some types of traffic out of the adsl2 unlimited connection and utilize 100mb/s Telstra for real time communications and general web-browsing.

        The newer XG is pretty confusing (at least to me) and seems to lack features of UTM9. They have been promising an auto-rule conversion tool for years - yet to appear. I played around with XG when my UTM9 license expired, gave up and got another 3year free UTM9 license.

        You can run it on a N36L (or N40L) box with 4gb of ram. The XG is limited to 4GB of ram. I installed it direct using
        I did play around it in a virtualized environment, but the tangle of network cables and patching, rebooting of the host caused too many dramas.

        It's probably better to get one of those ebay ex-lease desktops with 2 or 4 cores and 4GB+ of ram for <$200 (or <$100 if you're lucky). My system was slow with 3gb of RAM, bumped it up to 4gb and it seems fine now.

        • I've got 2x TPG ADSL2+…

          How do i set it up so i can get the other computers to run using the "Increase your Internet Bandwidth"? :S

        • @jimbo jones: How do i force all my clients to use the new interface?

          Do i change the gateway or enable DHCP on the UTM?

          Can i also use UTM as a DNS? As in a netflix unblocker/VPN?

          Also, does UTM support VPN connections?

  • This has been free for quite a few years now. It used to be called "Sophos XG Firewall Home Edition" which is also software based firewall, but had less features (mainly had QoS, filtering and app blocking).

    • correct. but with the additional features, it makes a good contender to Pfsense

    • +1

      Sophos XG is the next generation replacement of Sophos UTM. I'm running both UTM 9 and XG and I'm finding XG is still lacking some features available in UTM and the UI is annoying convoluted vs UTM which is very simple and fast. UTM used to be Astaro before Sophos acquired them way back.

      I'm not sure why this is being posted as a deal. Its free, has been for years and years.

  • Should note there is a limit on the amount of connected devices, or at least there used to be.

  • this is the direct page:

    https://www.sophos.com/en-us/support/utm-downloads.aspx

    not sure what is what or what sys reqs you need for your hw device.

  • Protect your Kids Web Surfing Habits

    Dad's thinking of putting this firewall in. Any recommendations for VPN software for me? 😉

    • What about when he sees a tonne of VPN traffic going through the box? He'll block that too. Best to stay ahead of the curve and look into RFC 2549

      • Oh no, he's detected me reading that RFC. I'm gonna have to implement RFC 6921 to make him unread it. 😉

    • It'd be interesting how you'd going using a smartdns or a split tunnel vpn or even Opera browser vpn.

  • These entry products allow companies to get users familiar with their products …..then you buy for work or recommend for next project ….

    Also the more feeds they have the better their threat intelligence becomes …

Login or Join to leave a comment