- Joined
- May 28, 2011
- Messages
- 10,996
I haven't done any real work with pfSense so I'm not sure how it operates but the one thing I do like about Sophos is I do not have to add packages and really do any management once it's setup. To be honest, Sophos is doing all I originally wanted and adding email antivirus protection is just an extra bonus. I run Norton Internet Security on all my machines so they catch all the bad emails but if I can configure Sophos to do the same thing, maybe it will catch the one thing Norton fails to catch, although it's got some great marks for doing it's job correctly.
Setting up the rules was difficult because I had to learn how to, I'm not a networking guru. Once I figured it out it was simple. There will be a learning curve for either product.
To put netflix and the like into perspective... You can rule your WAN with an iron fist if you want but I feel it's easier to look at where I started with a simple NAT router and now I'm in the big leagues with Sophos because I can block countries and allow only what I want. Using the Standard vs. Transparent mode allows netflix to work without any special rules, however I guess Transparent mode is better overall, still not sure it really matters otherwise why would it even be an option. And the Netflix issue is a known problem in Sophos, hopefully to be fixed in the near future. Amazon already has pre-made rules and I'm not a member so I can't say if it works or not.
My advice would be to find yourself a spare computer with at least 4GB RAM, an 80GB hard drive (don't use a large drive, it will take a long time to format), and dual core CPU if you have it, and of course two LAN connections (I have made it work with a USB to Ethernet adapter but it was a USB 2.0 port and limited the bandwidth). Give it a try. My ISP provides two WAN IP addresses so it was easy for me to test my system out using a VM of Windows on a different network over the same LAN. I took a week or so before I trusted my setup and implemented it into my home network (no need to have the wife and daughter yelling at me). After playing with it, do the same with pfSense, the hardware requirements are similar. One difference is Sophos is Linux, pfSense is FreeBSD. The LAN drivers for Sophos appear to be very compatible with Realtek and you know how many motherboards come with Realtek. Both of my LAN adapters are Realtek and one a single hickup. Of course if I decide to order parts for a small form factor machine, I'll get Intel LAN ports if I can. But honestly, I'm drawing 52 watts of power with my current hardware and I haven't even started to lower the power consumption yet. The cost of a new system would still take me well over 10 years to recoup in power cost savings so the odds of me replacing my hardware, probably not going to happen, however I do have other systems in the basement which I may dust off to see what they can do. Most likely are too slow but I need to go through the stuff anyway and toss out the crap.
If I could plug this software into my ASUS router, it would be there. Too bad DD-WRT isn't up to this level, I really like DD-WRT and have been using it for over 10 years, just not in my ASUS router (yet).
Setting up the rules was difficult because I had to learn how to, I'm not a networking guru. Once I figured it out it was simple. There will be a learning curve for either product.
To put netflix and the like into perspective... You can rule your WAN with an iron fist if you want but I feel it's easier to look at where I started with a simple NAT router and now I'm in the big leagues with Sophos because I can block countries and allow only what I want. Using the Standard vs. Transparent mode allows netflix to work without any special rules, however I guess Transparent mode is better overall, still not sure it really matters otherwise why would it even be an option. And the Netflix issue is a known problem in Sophos, hopefully to be fixed in the near future. Amazon already has pre-made rules and I'm not a member so I can't say if it works or not.
My advice would be to find yourself a spare computer with at least 4GB RAM, an 80GB hard drive (don't use a large drive, it will take a long time to format), and dual core CPU if you have it, and of course two LAN connections (I have made it work with a USB to Ethernet adapter but it was a USB 2.0 port and limited the bandwidth). Give it a try. My ISP provides two WAN IP addresses so it was easy for me to test my system out using a VM of Windows on a different network over the same LAN. I took a week or so before I trusted my setup and implemented it into my home network (no need to have the wife and daughter yelling at me). After playing with it, do the same with pfSense, the hardware requirements are similar. One difference is Sophos is Linux, pfSense is FreeBSD. The LAN drivers for Sophos appear to be very compatible with Realtek and you know how many motherboards come with Realtek. Both of my LAN adapters are Realtek and one a single hickup. Of course if I decide to order parts for a small form factor machine, I'll get Intel LAN ports if I can. But honestly, I'm drawing 52 watts of power with my current hardware and I haven't even started to lower the power consumption yet. The cost of a new system would still take me well over 10 years to recoup in power cost savings so the odds of me replacing my hardware, probably not going to happen, however I do have other systems in the basement which I may dust off to see what they can do. Most likely are too slow but I need to go through the stuff anyway and toss out the crap.
If I could plug this software into my ASUS router, it would be there. Too bad DD-WRT isn't up to this level, I really like DD-WRT and have been using it for over 10 years, just not in my ASUS router (yet).