Alternative option for Sophos XG 230 Security Appliance
-
I bought this last year for A$ 3,000 and now I am just thinking if I should really spend A$1000 to renew their subscription (basic stuff including VPN) or are there any recommendations from your end within the same price range?
Ideally, I am looking for a
UTMfirewall without paying for the yearly subscription fees.[Not sure if I really need a UTM as at the moment, I am using only the Network Protection service of Sophos]
-
If you feel you need the additional protection of a UTM over a traditional Firewall, then add any additional security services without loading down the Firewall box. I run OSSIM (AlianVault's open sourced version of their security scanner) from a VM, does a great job.
Price wise, I only know the Ubiquity ER-X price off the top of my head, $50 at bhphotovideo.com. That model is only good for forwarding 500mbps, so I have no idea if that will meet your needs or not. If you do need more performance, then step up to the USG-PRO line.
-
i'm gonna download and play with AV. I see open source and then i see pricing. what am i going to miss out on using the "free" ISO?
-
@hubtechagain said in Alternative option for Sophos XG 230 Security Appliance:
i'm gonna download and play with AV. I see open source and then i see pricing. what am i going to miss out on using the "free" ISO?
It's been a while. The two major things are support (as always), and some of the automatic customization stuff. I haven't done much with adding the custom monitoring stuff, but it still finds things for me.
The only slightly annoying part is getting all the client access working.
-
If only looking for a firewall, consider just buying a Ubiquiti.
-
@scottalanmiller said in Alternative option for Sophos XG 230 Security Appliance:
If only looking for a firewall, consider just buying a Ubiquiti.
You mean USG?
-
@sn said in Alternative option for Sophos XG 230 Security Appliance:
@scottalanmiller said in Alternative option for Sophos XG 230 Security Appliance:
If only looking for a firewall, consider just buying a Ubiquiti.
You mean USG?
Not specifically. The EdgeRouters would be the main choices. USG is more for home users.
-
@scottalanmiller said in Alternative option for Sophos XG 230 Security Appliance:
@sn said in Alternative option for Sophos XG 230 Security Appliance:
@scottalanmiller said in Alternative option for Sophos XG 230 Security Appliance:
If only looking for a firewall, consider just buying a Ubiquiti.
You mean USG?
Not specifically. The EdgeRouters would be the main choices. USG is more for home users.
Why do you say this? Not that I agree or disagree.
-
@Dashrender said in Alternative option for Sophos XG 230 Security Appliance:
@scottalanmiller said in Alternative option for Sophos XG 230 Security Appliance:
@sn said in Alternative option for Sophos XG 230 Security Appliance:
@scottalanmiller said in Alternative option for Sophos XG 230 Security Appliance:
If only looking for a firewall, consider just buying a Ubiquiti.
You mean USG?
Not specifically. The EdgeRouters would be the main choices. USG is more for home users.
Why do you say this? Not that I agree or disagree.
USG is the tiniest or nearly EdgeRouter device but with that "end user" interface on top of it. It's much less powerful than it's half prices brethren.
-
@scottalanmiller said in Alternative option for Sophos XG 230 Security Appliance:
brethren
I don't think so (not sure about the pricing), UBNT website has listed them under the Enterprise category. They are not tiny either, see one here.
-
The USG is supposed to be hardware comparable to the ERL
Feature wise , not so much.
-
@sn said in Alternative option for Sophos XG 230 Security Appliance:
@scottalanmiller said in Alternative option for Sophos XG 230 Security Appliance:
brethren
I don't think so (not sure about the pricing), UBNT website has listed them under the Enterprise category. They are not tiny either, see one here.
It's about 50% more on pricing from what I remember. It's the same hardware but has a bit more overhead on it.
-
@JaredBusch said in Alternative option for Sophos XG 230 Security Appliance:
The USG is supposed to be hardware comparable to the ERL
Feature wise , not so much.
Yeah they seem to be working on it.. but it's definitely behind.
-
@sn said in Alternative option for Sophos XG 230 Security Appliance:
@scottalanmiller said in Alternative option for Sophos XG 230 Security Appliance:
brethren
I don't think so (not sure about the pricing), UBNT website has listed them under the Enterprise category. They are not tiny either, see one here.
it is twice the price of the ER-X and about $20 more than an ER-L.
-
Are there any yearly subscription charges involved with Edge Routers to maintain the firewall features working or is it going to be a one time purchase?
-
@sn said in Alternative option for Sophos XG 230 Security Appliance:
Are there any yearly subscription charges involved with Edge Routers to maintain the firewall features working or is it going to be a one time purchase?
Nope, nothing like that. No hidden costs.
-
If you're not using the other features you can renew the firewall portion for around half of the above cost. It would save you from ripping it out and starting over. But if you never fully implemented the Firewall then it might not be hard to replace.
If you do decide to replace it let me know, I would possibly buy it off of you.
-
@sn said in Alternative option for Sophos XG 230 Security Appliance:
Are there any yearly subscription charges involved with Edge Routers to maintain the firewall features working or is it going to be a one time purchase?
All EdgeOS features are inclusive. Nothing is licensed separately and everything is included in the hardware, no license needed even for the base package. EdgeOS is free, you could get it on its own, but it is only built for the EdgeRouters so if you don't own an EdgeRouter hardware you'd be on your own to get it to install on something. So they have no need to charge for the software separately from the hardware.
-
@Reid-Cooper said in Alternative option for Sophos XG 230 Security Appliance:
@sn said in Alternative option for Sophos XG 230 Security Appliance:
Are there any yearly subscription charges involved with Edge Routers to maintain the firewall features working or is it going to be a one time purchase?
All EdgeOS features are inclusive. Nothing is licensed separately and everything is included in the hardware, no license needed even for the base package. EdgeOS is free, you could get it on its own, but it is only built for the EdgeRouters so if you don't own an EdgeRouter hardware you'd be on your own to get it to install on something. So they have no need to charge for the software separately from the hardware.
Statements like this need to be tempered by the fact that an EdgeRouter is not a UTM. It's just a router/firewall. This isn't meant to downplay the EdgeRouter, but to ensure people understand the differences between it and something like the Sophos appliance this thread is about. i.e. the Edgerouter doesn't do antivirus scanning or web filtering. If you need these features, you'll need to purchase them through another means if you use an EdgeRouter. Many here would say that's the better way to go anyway, one device, one function (at least in this case).
