New versions of the Endian and Sophos UTM solutions

Warhorses

Conclusions: Endian 3.0

With the new release, the Endian developers have significantly shortened the gap to other UTM systems on the market – Endian Firewall Enterprise 3.0 is an impressive piece of work. However, much remains to be done. No uniform user database for VPN and web proxy use is available, and you will look for user-specific spam quarantine in vain. Endian also does not provide meaningful security enhancements such as a web application firewall (WAF) or email encryption, even in the new version of its firewall.

Sophos UTM 9.2

Sophos UTM (as the former Astaro Firewall has been called since the takeover by Sophos in the summer of 2011) is considered one of the most popular UTM systems. In Germany, this popularity is a result of the product targeting the market by means of local development resources. Also, customers and partners can use the feature request portal, introduced back in the Astaro era, to propose new features [9]. After registering, users receive 20 votes with which they can vote on feature requests. Proposals with the most supporters typically rapidly make their way onto the developers's roadmap, leading to a consistent focus on the needs of customers.

The newly released 9.2 version of Sophos UTM comes with several new features. In line with its update routine, Sophos has now completed the soft release phase, in which the new version is only available as a manual update. Automatic distribution by Up2Date was scheduled to start shortly before this issue went to press.

The various security functions of the Sophos UTM firewall are available either individually in the subscription model or en bloc as a full-guard license. Sophos now offers the following subscriptions:

  • Network Protection: Firewall, intrusion prevention, VPN.
  • Web Protection: URL filtering, application control (next-generation firewall), anti-virus, HTTP, and HTTPS proxy.
  • Email Protection: Anti-spam, antivirus with SMTP and POP3 proxy.
  • Web Protection: Web Application Firewall (WAF) for protection against attacks on web servers and applications.
  • Wireless Protection: Use of the UTM system as a central WLAN controller for Sophos Access Points, including a captive portal.
  • Endpoint Protection: Antivirus and device control for (Windows) clients on the network

Installing UTM 9.2

The Sophos UTM is available [10] as an ISO image and as an Up2Date Package for existing installations. The image can be installed either on a physical device with at least two network cards or on a virtual machine. Sophos supports Xen, KVM, and VMware, as well as Microsoft's Hyper-V hypervisor platform. To run version 9.2, the manufacturer recommends at least a 1.5GHz processor, 1GB of RAM, and 20GB of free hard disk space; a faster processor and more RAM will give you a noticeable performance boost.

Alternatively, you can test the new version in the Amazon cloud (AWS). Sophos provides Amazon Machine Images (AMIs) on Amazon Marketplace for the regions US East (Virginia), EU West (Ireland), and Asia-Pacific (Singapore).

Note that the installation routine completely overwrites the contents of the existing hard disk; parallel operation with existing operating systems is not intended. After installation using the default settings, the firewall's web interface is accessible on https://192.168.0.1:4444 , where you specify the password and install licenses.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus