Sophos UTM Tutorial Virtual. Box Deployment. Sophos UTM Home Edition formally Astaro Security Gateway is an enterprise grade Unified Threat Management appliance that can be licensed at no charge for home users. Its features include antivirus scanning of HTTP, HTTPS FTP traffic with your choice to use Avira, Sophos, or both AV engines, web content filtering and application control permitting the blocking of undesirable sites, IPS protection using Snort, network firewall and the ability to block traffic based on country of origin, client authentication, e mail protection, VPN access, traffic shaping, and other capabilities. By default features are turned off so that one can enable only what is needed, however with its solid web interface the task of enabling features is quick and hassle free. Before continuing further we wish to clarify that we are not affiliated with Sophos or the UTM developers in any way and do not personally benefit from people using this product. This tutorial will showcase how to install and configure Sophos UTM as a virtual system on an Intel i. Virtual. Box server to be used to protect outbound internet access on a home network. A web filtering policy that blocks known malicious sites, web ads, and scans web traffic for malware is employed. The IPS will be configured to block client targeting exploits, and the firewall will be configured to permit all outbound traffic except for a select set of protocols. In this setup Sophos UTM will be upstream of clients but will be behind a hardware firewall i. System requirements for UTM can be found here. In our setup we allocate two cores, 2 GB RAM, and 6. GB storage to the VM. Below is the list of topics Create the virtual machine. Astaro Security Gateway License File' title='Astaro Security Gateway License File' />Install Sophos UTM basic configuration. Configure management settings. Configure IPS protection. Franais About Us Terms Conditions Warranty Search Shopping Security Privacy Policy Help Desk Support Contact Us. Bewaar Exemplaar. Uitgebreid overzicht securityproducten en diensten voor de ICTprofessional Mobility Security Cloud Security Security Appliances. Canadian Computer Distributors Inc., CCD, OnLine Shopping, Windsor Ontario, Canada, USA, north America, web store, Dell, Lenovo, HP, IBM, Toshiba, Samsung, Cisco, D. Download the free trial version below to get started. Doubleclick the downloaded file to install the software. Configure firewall. Configure web protection. Optional Improve TLS ciphers. Optional Improve ad blocking. Optional Test the IPSPossible privacy concerns. How to deploy and use your UTMConclusion. Download the Sophos UTM v. ISO by registering for UTM. Below are the hashes for the UTM v. In Virtual. Box select New. Give your system a name, for Type select Linux, for Version select open. SUSE 6. 4 bit SUSE is the base for Sophos UTM. For Memory size specify 2. MB this can be increased later if necessary. For Hard drive specify Create a virtual hard drive now, then select VDI, Fixed size, and set it to 6. GB. Once the VM is created, right click on it, select Settings, click on System, and on the Motherboard tab change the Pointing Device from USB to PS2 Mouse, and uncheck Floppy from the boot order. Click on the Processor tab and specify 2 CPUs again this can be incremented later if necessary. Click on Storage and under Controller IDE specify the Sophos UTM ISO that you downloaded, click on Audio and uncheck Enable Audio, click on Network and for Adapter 1 change Attached To from NAT to Bridged Adapter, click on Advanced and for Adapter Type select Paravirtualized Network virtio net, click on the Adapter 2 tab on top and replicate these settings i. UTM you can select NAT instead of Bridged for the second adapter. Click on USB and uncheck Enable USB Controller. Astaro Security Gateway License File' title='Astaro Security Gateway License File' />Notes Collateral Listings Deliberately listing nonoffending IP addresses, in order to coerce ISPs to take action against spammers under their control. Solution Best advice is get an additional ASA for the new site. Cisco site to site VPNs work well when using the same stuff on each end. At a previous job. Astaro Security Gateway License File' title='Astaro Security Gateway License File' />Click OK to complete. If your host OS CPU supports Nested Paging. Virtual. Box hypervisor can use large pages to reduce TLB usage and overhead. This is done via a command line entered in the host OS userCentos vboxmanage modifyvm Sophos UTM largepages onuserCentos vboxmanage showvminfo Sophos UTM grep Large Pages. Large Pages on. With the VM created, we proceed to install UTM. Start your VM and select Start when prompted to install Sophos UTM 9. You will be asked basic questions such as keyboard layout and timezone. When prompted which interface to use for Web. Admin, we select eth. You will be asked to specify its network configuration IP address, netmask, gateway. Provide the appropriate information for the network that UTM will be residing in. When prompted on whether you wish to have a 6. Yes. Also answer Yes when prompted to install all capabilities. The installer will proceed to partition and format your virtual disk. The Salvation Army Character Building Programs here. Once UTM has finished installing, you will be prompted to remove the CD ROM from the VM, reboot, and connect to the Web. Admin interface on https lt eth. Connect to the Web. Admin interface and fill in the fields as requested, then click on Perform basic system setup at the bottom right. Basketball Scouting Report Templates there. Once this is complete you log back into Web. Admin with the username admin and the password you selected a minute ago. The setup wizard should begin. Select the Continue radio button and click on Next. When prompted to enter a license file, you can either specify your free home license file that you should have received by email when registering for UTM, or you can choose not to specify anything and proceed without a license for 3. But keep in mind that the free home license is slightly more restrictive than the commercial product and 3. UTM will disappear once you apply the free home license key. When prompted for the Internal LAN Network Settings, these should contain the entries that you specified during the installation earlier. In our setup we do not enable a DHCP server on the internal interface. When prompted for the Internet Uplink WAN Settings, we select Standard Ethernet interface and specify a static IP address. If when creating your VM you selected NAT instead of Bridged for Adapter 2, then instead of a static IP you would configure it so that it is automatically assigned. Important The WAN settings is likely the one that could cause UTM to not work out of the box and if you find that you cannot access the internet through UTM, this is a setting youll wish to revisit. In our case the IP address we specify is an unused IP within the subnet of the hardware firewalls internal interface that UTM is connected to, with the default gateway of this interface pointing to the firewall. For most home networks the default gateway and DNS forwarder are likely the same. When prompted for the Allowed Services, we select Web and FTP, and check both UTM Ping settings, but this does not matter much as later in the configuration we change these settings. For Advanced Threat Protection Settings, we check both Intrusion Prevention Engine and Command ControlBotnet Detection Engine. For the Web Protection Settings, we check Scan sites for viruses and leave all others blank. For the Email Protection Settings, we leave both unchecked. The next screen is a configuration summary. Review and click Finish. You should now be in the Sophos dashboard. In our cases there is one firmware update available. Click on the red text to bring you to the Up. Date screen then click on Update to latest version now. In our case the system required a reboot and so the web interface became unresponsive. Once the system reboots, close your web browser and log back into UTM to complete the configuration. We strongly encourage you to visit every single tab in UTM to review all settings, but below are some management settings we wish to highlight Management System Settings Scan Settings This is where you specify which AV engine to use, and whether you wish to upload suspicious samples to Sophos. Management Web. Admin Settings Advanced Here you can specify the Web. Admin idle timeout, change the default Web. Admin port, display a warning banner, and specify whether to send anonymous data to Sophos.