12/04/20 - review,sophos
Before I begin, let me clarify this is a largely opiniated piece, and I acknowledge I may be biased. Be that as it may, I have 3 years experience with the setup and administration of Sophos XG firewalls, have setup new at least 20, and am a Sophos Certified Architect. I am far from the best engineer, but I do know what I am doing.
So, with that out of the way, where do I begin?
Hardware Performance
Let’s start with the most common issue: the hardware appliance. The hardware is subpar, at best. But how can I substantiate that? The most noticeable is via the WebGUI – sluggish is an understatement for how poorly it can perform on even a 310 series appliance. The appliances I’ve taken apart all have had SSD’s as the storage device, and the DDR3 is at a relatively decent clock speed, so what gives?
Continue Reading -->11/29/20 - firewall,sophos,kb
In XG v18, NAT policies were split from Security(Firewall in XG) rules. You can, however, create a “linked” NAT rule, which will only trigger when traffic passes that specific Security rule. But this won’t be covering that method.
Instead, this will be covering how to setup Firewall/Security and NAT rules on a system which splits those rules. In many firewalls you will come across, Security and NAT rules are kept and created separately.
This also largely covers the theory of firewall rules and NAT policies. While it is sort of brand specific to Sophos XG’s, the concept works across the majority of major firewalls.
Continue Reading -->