My new homelab Firewall is insane! // Sophos XGS 2100

I use the ubiquiti solution.

A 300 users / 4k $ firewall seems excessive for a home lab! I'm considering 2 of them for a mid sized company, to replace 2 watchguard M370.

I'd love to get my Hands on one of these...I'll even take one of the Desktop Models :D. Currently running a virtual v19 one infront of my "Homelab" Server (rented at Hetzner).

now you can upgrade it to make it better - install pfsenes on it.

Wow, that's a decent bit of kit. How do you find the performance vs your virtual machine? I've got a Sophos XG, on Proxmoxx (setup with your video), that has 4 10900K cores and 6GB RAM - it doesn't do very well with all the security features turned on.

Wow man. Your home Sophos is overkill. My company has used XG115s and XG125s for small to medium sized businesses 10-100 people 100+ devices for years with no issues. We are running XG210s in HA for COLO server/VOIP applications, and XGS3100 in HA for larger business 100+ people 1000+ devices.

I'm certified as a Sophos Architect and I just use a Sophos home license on an old Datto NUC type box. Never had an issues either. That license gets me all the features I actually use. No need for NFR renewals like I had to do when I had actual Sophos hardware.

I'm running Sophos XG v19 on a hp dl380 g7 8gb ram raid 5 storage

Im using Sophos XG210 more than 2 years at my home. Now running with XGS2300😆

Love Sophos!

I have a question. How loud is the XGS 2100? I have my cabinet right next to my desk in my living room.

Will there be any disadvantages when I'm running this xgs firewall with an home licence?

Still getting slow internet with Sophos XG even with no filtering , Pfsense ?

Can you do active / active with two WANS?

Hello! Can I ask if the XGS 2100 will be able to maximize a gigabit internet connection?

I see some people benchmark the next level down (the XGS 136) and that firewall barely maintains 600 Mbps when NGFW settings are turned on, even if there is only 1 firewall rule and 1 wired user.

Do you run Sophos Home XG on your 2100 ?

Nice video, do you know that the Sophos UTM (astaro) is a much more refined and stable product from Sophos,. That system is insanely simple, not confused an ugly like in XGS/Cyberoam, Everyone trying to use multiple vlan's with many rules know that XGS is just a toy and the UTM with the object based setting and rules is a lot better.
The gui is older looking yes, but that is actually good thing beacuse it is tested and loved. it i easy to understand.

The Cyberoram gui is prety but not usable for much more that wan+lan+dmz - You could make a video comparing the 2 systems

Hi, Really nice video. Just a quick question, i bought used sophos xg 210 firewall now i want to transfer the device registration under my account. Unfortunately i am not able to contact current device registerar. Is there any way i can register the device under my account and enable evaluation licence as i will use it for my home network only.

Thx

Is it possible to use this firewall with a free home license in a homelab? if yes are there any performace drops?

hi,
perfect video.
i use sophos xg in the datacenter where my virtual systems running.
And a sophos xg on an intel nuc with 2 etherenet ports at home :)

I tried installing Sophos Free Home Firewall on a spare PC, but there is no documentation for this product on the Sophos website. I even asked around several times on their support forum and nobody knew what I was talking about, even a tech support person. Not impressed.

buying a firewall to pay a monthly fee, pass

Can this firewall also work as an external load balancer for a kubernetes ingress controller? Similar to Kemp or haproxy?

Looks like an impressive product, but the price tag is completely off the charts 2.5k Euros is way too much for one device

I just rewatched this as I was able to get a Sophos 210XG hardware appliance, I am really curious if you have some ideas or links to explore setting up rules and policies. Also, really interested in your current Sophos setup and rules.

Can you buy just the appliance and then load the homeuser free license?

Whether or not you the viewer like Sophos or not, it sure is refreshing to see a "home lab" that isn't just a copy cat of someone else's Unifi crap. I have used Sophos off and on for several years and I have to agree with Christian on their current quality and feature set. Yes, the XG vs UTM debate will rage on for years, but they are making steady progress.

Das Problem das ich mit der XGS habe ist, dass man um die Sophos XGS sinnvoll nutzen zu können jährliche Lizenzen benötigt die gerne Mal 11.816,38 € für 3 Jahre kosten.

Ohne diese Subscription kann die Sophos XGS nicht viel mehr als eine OPNSense.

Wenn ich das richtig verstanden habe, kann die XGS ohne diese Subscription kein:
- TLS Decryption
- IPS
- DPI
- Web Security & Application Control
- Zero Day Protection
- Funktionsupdates

Was die XGS wiederum irgendwie nutzlos macht.

Amazing that you can use Sophos on any PC, and add NIC cards to it to make it just like an XGS appliance. Be aware that the home license only supports up to 4 CPU cores and up to 6Gb of ram.

Hey, Question for you. Are you using Sophos Home Edition Firewall or are you using a full enterprise license? I have a Sophos XG125 and am looking to switch to Sophos Firewall Home so I don't have to pay any license fees.

Hey Christian, out of curiousity, can you tell me what the hardware specs are on the XGS2100 (e.g. open an advanced shell and run "cat /proc/cpuinfo" "cat /proc/meminfo". I only ask because the XG/SG series have pretty standard x86_64 Intel architecture (e.g. I have an XG210 w/a Celeron G3900 & 8GB RAM), and I am curious what has changed with the XGS series. Thanks!

Cool video. Just curious, why not go with the sophos switch at this point. It would make for an interesting video as well. I'm curious if that would be managed from the firewall like Fortinet does it.

Hi! Is the XGS 2100 noisy? Our rack is not in a soundproof room, so it could be a problem if it's noisy.

I have migrated now some Sophos UTM to XGS. I found so many bugs and UI problems. It's like a cultural shock you search the whole time some parts in the menue that is really not intuitive. The performance of the UI is very slow and sometimes you won't get a return and you stuck on that loading screen. So this is version 19.5 now and this is the product from years of development sorry but this is very sad.

The whole system looks to me that someone started building a green gras project and then oh wait we forgot IPv6 and we have so make a second area for it. Ok but then the customers has to make duplicate rules. OK thats no problem. In most cases the whole structure makes no sense. I had a call with the support. And they had the same problems and mentioned the same. And he told me that most customers have the same problems. So why is Sophos not hearing to the community and take 2 people to fix all the small problems?

The answer is money. Sophos changed the prices 3 times in one year and they don't lowering the prices. But the product won't get better.

But your video is great it's only my option to the XGS systems.

Hello sir I recently purchased a used Sophos XG300 series. I wanted to inquire about some of the reporting and identity features in zenarmor. Are there comparisons in sophos or are those licenses we would have to purchase.

eine Sophos Firewall und dann ein tp-link Switch, genau mein Humor ;-)

so now you pay thousend of dollars yearly for licencing? xD

I would love to pick your mind on security, you're one of the only knowledgeable sophos channels. 🌟

Nice, how much is it ?

Sophos is garbage. It's over priced hardware and software that has changed hands too many times. It cannot reliably maintain site to site VPN connections. Perhaps it's usable enough for a simple home network. Ended up getting a Fortinet Fortigate 100F and haven't looked back.

Sophos (or as I call it "Syphilis") is only good when you install OpenWRT/OpnSense/PfSense on there... I use that trash at work all day, that firewalls are just trash.
Edit: And if you want good wifi, just use Unifi, they're cheaper and more powerfull.

Nette Sache, das muss man sich erstmal leisten können als "Home Lab" Spielzeug. Wer mir welches schenken möchte darf sich gerne melden. Ich nehme High Tech Spenden gerne an :-)

iam using one

You have two time an outro? 😅

This video is so good.
Thanks!

Asking myself about physical XGS 2100 or 136 for my homelab or home version (4c, 6GB) virtualized on proxmox on a beefy i5-14500. Any advice ?

Install OPNsense or PFsense for a usable environment. SFOS is the worst firewall os i've ever touched :)

What is the cost of running the appliance on a yearly basis (on license level)? Note: asking this before having seen the complete video

Thanks. I have been using pfSense since 2017 and has been working out solidly. No complaints from me. With FreeBSD loosing support, might need to look for a new FW to switch to in the future.

Jusing a hartwähr feierwoal is raser a probläm off se preis sän off se konfiguräischen, reit?

I'd love to get a sophos or something similar, but they're just too expensive