I tried out Sophos UTM as an experiment for work today. I learned something about the product: as much as I wanted to like it (and there were a number of good features to like), it’s moniker for “Home Users” was very poorly placed. Sophos UTM’s default configuration is like a Republican congress with a Democratic president – the land of ‘no’. After spending nearly two hours with it, I could not get it to let any real nonstandard traffic out the door. HTTP worked fine, but remote desktop on a nonstandard port? Nope. Getting the new replies in misc.legal.moderated usingĀ Agent? Nope. Syncing my phone with my NAS? All aboard the Nope train to Nopeville! It didn’t matter what rule I put into that thing, that traffic was NOT happening. I never thought there would be a software-based firewall that would make me pine for a SonicWall, but a ‘deny any any’ rule in a default config for outbound traffic? Not fun.
pfSense? From CD to working default config in 20 minutes. I can be okay with this. I’m also looking forward to seeing what happens with my transparent proxy; hopefully it will speed up load times on my poky DSL line.