Note: Sophos XG Firewall Home Edition as name suggests only for home use and non-production environments.
Since I am an IT consultant I prefer to do the most, if not all, of my network testing in my home lab prior deploying it to my customer's production network. So in order to do so I have setup myself a small WM ESXi and couple of VM computers. Now I need a firewall that would do more then just regular SMB firewall. Picked Sophos as per my friend Eric's Stewart (Thank you!) recommendation.
So where do we start and what do we need?
1. Pre-requisites:
a. We assume that you have working VM Ware environment and WAN and VLAN switches already created.
Note: In the example bellow VM Network refers to the network interface connected to your ISP connection, Public interface. VLAN2 refers to an internal, private switch.
b. Minimum hardware requirement to install for home use (1 CPU, 1 GB RAM, 10 GB of hard disk space) but the more the better. If installed on hardware make sure you assign enough of disk space as it won't be possible to expend later.
2. Download Software required
Navigate to https://www.sophos.com/en-us/products/free-tools/sophos-xg-firewall-home-edition.aspx and click on Download button.
Confirm that price is right :-) and click on Get Started button.
Fill in name and an email address and click on Submit. An email will be set to you with serial number that you will use to register firewall during setup.
Download the ISO file you want to install (e.g. "SW-SFOS_17.0.6_MR-6-181.iso") and save it to your datastore or some other location.
Now it is time to create a new virtual machine in your virtualization environment. In my case it is VM ESXi5.5.
2. Create a new Virtual Machine
Select your VM host and click on File>New>Virtual Machine
New Sophos Firewall VM is created but shut down.
Right Click on it and select Open Console
Right click on it again and select Power>Power On. Your VM installation starts booting from ISO file and will continue until completed. Then reboots.
You will be presented with following screen
Type default password which is lower case word admin and hit Enter
From this point on you need to initialize and configure time and date, admin password, NIC1 and two etc.
Once done go to your browser and type the LAN IP address in following format: https://<LAN IP_address>:4444 and hit Enter.
Your browser may complain about certificate but proceed anyway.
Kommentare