Reverse proxy, SSL VPN, web & email protection
For me, those features were most valuable from a security point of view;
• Reverse proxy is very important for shielding application frameworks.
• For VPN, we all knew that PPTP was broken and is not secure anymore. For Ipsec, you need to have opened ports, and if you are in a hotel who only has ports 80 and 443 opened, you can’t do anything.
SSLVPN is one of the solutions. Yes, you can use DirectAccess, but there are some limitations, too.
For DirectAccess, you need to have all those computers joined in one domain.
• Web & email protection is a nice feature because you have all of those controls in one dashboard. This is of course for small and maybe some mid-size companies. For larger and enterprise, it’s another story.
Less and faster administration, full control of traffic, and a lot of futures included in the base price.
The goal for small companies is to have one administration dashboard -- from where you can manage antivirus for computers, firewalls, IDS, IPS, mobile phones, tablets, etc.
Sophos UTM is on the right path to getting there.
Sophos UTM 135 = two years.
Sophos UTM 115 = one year.
No problems with stability.
No problems with scalability.
The technical support is really good and the representatives are very responsive.
Cisco (didn’t achieve expectations), Microsoft TMG (end of life).
The setup is straightforward, but I suggest hiring an expert for integration. This is your first line of defense, and there is no room for mistakes.
Sophos UTM’s are not the cheapest but they are not the most expensive. Create a checklist of what you need, and go through it with a sales representative. They will advise the right license for your company and I’m sure you can get some discount.
Create a checklist with your requirements, test the solution, and if it passes everything, implement it.
Hi PatrikS, it was ASG120, had to reset it connecting via com port and using monitor connected to the unit.