Share your knowledge!
Hello guys! today I will tell you how I configured my home server for a virtual Sophos UTM. All configurations in ubuntu can also be used for a virtual Sophos XG. In this article I assume that Ubuntu and virt manager are installed. The following link deals with the basic configuration of virt manager under … Read more
Hello guys! I had the task to secure VMware Horizon via the Sophos XG WAF. In this example we have a VMware Horizon server with the IP 192.168.100.20. The Sophos XG DMZ interface has the IP 192.168.100.1. The following steps were necessary: Create a new Webserver definition For a better searce. I write Host … Read more
Hello, my name is Phillip. Michel asked me a while ago if I would like to continue the blog for him, because of his own company he had no longer the time to work on the blog. I’m working as a network administrator since 2015. I was in a team with Michel until 2019. My … Read more
Hello again! Some days ago I talked to a Sophos employee and he founds out that I am the Network Guy and he said that I need to update my recommended hardware for the home edition deployment of the Sophos XG and Sophos UTM Home Edition. Also some of my followers wanted it also, so … Read more
Migrating firewall systems between two different vendors can take a loooooooong time. In this case, I needed to migrate to a Sophos XG system. Most of the work is to reconfigure definitions like hosts-, network- and service-objects. There is a way, where you can import XML config files into the Sophos XG. We found this … Read more
In my opinion, ekahau Site Survey is the best survey utility for WLAN planing and onsite surveys. Of course, not everything is perfect but they are near to 100%. I’m working with ekahau since many years and have seen many changes. I can recommend this to everyone. Ekahau also offers a light product called “HeatMapper” … Read more
Good afternoon my fellows! There are many ways to configure quality of service (QoS) on a switch. First we need to classify what we want to be on a higher priority. You can classify an access-list, vendor-mac-addresses or just everything/any. In my case I wanted to prioritize a whole VLAN (ID 17 in my case). … Read more
Note WAF: TLS session tickets facilitate clients to speed up repeated TLS handshakes by re-using certain cipher parameters. This re-use of cipher parameters can cause encrypted connections to be less secure by impacting their perfect forward secrecy. To improve the overall security of the product, TLS session tickets are no longer enabled by the WAF. … Read more
First, thanks to all of my visitors and followers! As you can see, I didn’t had much time this year to post many tutorials and news. Besides I started an own company and this took a lot of time. My “New Year’s resolution” is to write more tutorials/posts and also get in more detail of WiFi … Read more
Good day everyone! If you want/have to implement wireless networks in companies you need to secure them more than your home WLAN. In this case, you need to use a radius server for this (so called WPA-Enterprise or WPA2-Enterprise Authentication with Protected EAP. I will use a Microsoft NPS (network policy server) on a Microsoft … Read more
