Hello again! Some days ago I talked to a Sophos employee and he founds out that I am the Network Guy and he said that I need to update my recommended hardware for the home edition deployment of the Sophos XG and Sophos UTM Home Edition. Also some of my followers wanted it also, so I took some hours of research to find a good hardware for UTM and also XG use. The UTM supports some Realtek network cards and also a USB NIC compatibility. The XG only supports Intel network cards and won’t start until there are two recognized network interfaces. Since there is only a feature request for XG USB NIC support, we need to add an additional network card in our setup. I think a passive cooled system is a good way to deploy a home firewall system. Since our home internet connection speed reaches 100Mbit per second and beyond, we will need a performant hardware device to route traffic.
I compared many vendors and thought that we give a chance to the ASRock mini ITX mainboard series. The ASRock website makes it easy to compare different mainboard modells. I found the J4105-ITX and the J5005-ITX, both have the same hardware, the only difference is the built-in processor. The ASRock J5005-ITX has the Intel Quad-Core Pentium Silver Processor J5005 (up to 2.8 GHz) processor and the ASRock J4105-ITX has the Intel Quad-Core Processor J4105 (up to 2.5 GHz). So what does this mean? The SG and XG hardware are using of course also Intel CPUs. You can see it in the Sophos SG/XG Series Appliances Technical Specifications datasheet:
So based on this information I compared it with the SG/XG 230 hardware (using Intel Pentium G4400). I found the website UserBenchmark.com to compare CPU benchmarks. The battle between the Intel Pentium G4400 and the J4105-ITX shows, that the CPU are very similiar (only a difference of 7%):
The J5005-ITX mainboard with the Intel Pentium Silver J5005 is only 7% faster but it costs about 45€ more than the J4105-ITX mainboard. So I would recommend the ASRock J4105-ITX mainboard. The original Sophos SG/XG 230 hardware (8GB memory) costs about 1800€ and can easily secure a 100 user company with a firewall throughput of 7Gbit/sec. With all activated security features (Intrusion Prevention, Advanced Threat Protection, Web Protection, Application Control, etc.) you can nearly reach 1GBit/sec. So I think this is a pretty good home hardware 😉
This recommendations are not tested! Maybe I will order this hardware for proofing or someone of you can proof it.
|Memory||Crucial CT2K4G4SFS824A DDR4 8GB (2x 4GB Kit)||38€|
|Hard drive||Crucial BX500 CT120BX500SSD1(Z) 120GB||19€|
|Power supply||SilverStone SST-ST30SF v 1.0 – SFX Serie, 300W||50€|
|PCI express extension cable||glotrends PCI-E Verlängerungskabel 0,6 m UEX101||10€|
I found a similar complete system: Kettop Mi5250L (Intel I5-5200U, 8GB Memory, 128GB SSD, 4 NICs) for 353€ including shipping from Hongkong. The device has four Intel I211-AT network interfaces. I didn’t tested this device, so I give no guaranty that it works with Sophos UTM and/or XG. There is also a cheaper device with four Intel NICs.
|Article||Link||Ø Price includig shipping|
|System with SG/XG 230 performance||Kettop Mi5250L (Intel I5-5200U, 8GB Memory, 128GB SSD, 4 NICs||353€|
|System with SG/XG 135 performance||Mi19W-S2 (Intel Celeron J1900, 4GB Memory, 64GB SSD, 4 NICs||259€|
Registration, Software Download and Installation
|Sophos UTM||Sophos XG|
|Account registration||Account registration|
|ISO file download||ISO file download|
|Install Sophos UTM from USB Stick||Install Sophos XG from USB Stick|
Feel free to comment the recommendation or ask for further installation help. If you want to support me, buy stuff over my Amazon links or click on an advertisement. Thank you very much!