Sophos XG firewall on Proxmox

Sophos XG firewall on Proxmox A enterprise grade firewall for yore home! You will get a ton of features and possibuilities to fine tune the firewall and thret protection. You have all the stuff you need in one package. #sophos #proxmox

Sophos XG firewall on Proxmox

An enterprise grade firewall for yore home!

Sophos firewall is not opensource and it needs resources to run. It's possible to run on bare metal or install it in a VM with 4 cores and 4-6G ram.

You will get a ton of features and possibilities to fine tune the firewall and thret protection. You have all the stuff you need in one package.

Installation and setup

To download and install you need to do a lot and it's clear as mud.

Register

First you need to get a Sophos Serial Number by sign up on their web page. You get the Serial Number to the same email you registered - RTFM. Documentation

Download

Then you need to download two 2 qow2 files for your VM. For that you need to get a Sophos ID. It's free. Create your account and go to it and and register the Serial Number in Register Devices. Then you can access the Download Installers and download the Virtual Installers: Firewall OS for KVM zip-file.

Download later: Sign in at Licenses & Account go to Network Protection - Firewall Installers - Virtual Installers: Firewall OS for KVM and download the zip-file.

They are small to download c. 450 MB. Extract the zip-file Move the files to /var/lib/vz/templates/qemu or any other place you like and remember.

You can't use the ISO-file for VM's!

Prepare the VM

Create a VM 4G to 6G ram, 4 cores, 2-n network cards

SCP the files to your Proxmox.

Now add them your disk less VM, Primery first. It will be disk0, and now make it the boot disk.

cd /var/lib/vz/templates/qemu
# XXX = VM number 
# directory = lvm-local or my_zfs ...
gm importdisk XXX PRIMARY.... directory
gm importdisk XXX AUXILARY.... directory

Now the disks are 16G and 80G

Start the VM

Do the initial set-up in the console. Login as admin/admin and set-up the networks. The rest is better to do in the browser.

Go to https://172.16.16.16:4444 and configure and setup the Firewall

Now you have one of the best firewalls on the market to keep you safe as you choose!

You have Network, Web, Zero-day Protection. DNS, DHCP, VPN, VLAN Link to pdf

WARNING

Sophos XG is very powerful and it's not meant for beginners - you can really mess up with it. BUT if you are familiar with the basics you will enjoy the ride and learn a lot!