Nessus Home: Scanning your network for vulnerabilities

I recently came across Nessus Home which is a network vulnerability scanner and free for personal use. It scans for a wide range of vulnerabilities such as misconfigured network settings, devices using the default password or firmware that's out-of-date. According to the Nessus website, the home version is limited to 16 IP addresses per scanner … Continue reading Nessus Home: Scanning your network for vulnerabilities

Sophos XG: Completely isolating the local and guest network

In my previous post on setting up a guest network, I explained how to setup a guest network using a separate VLAN. While this will mostly separate the guest network from the local network, there are several ports open to your Sophos XG device based on the guest network being assigned to the LAN zone. … Continue reading Sophos XG: Completely isolating the local and guest network

Sophos XG: Setting up a guest wireless network on a separate VLAN

In this previous guideĀ I explained how to setup a guest network using a separate wireless access point. This guide will show you how to setup a guest wireless network on a separate VLAN using the Apple Airport Extreme/Time Capsule's guest network feature. This guide assumes the Apple Airport is connected directly to Sophos XG (i.e. … Continue reading Sophos XG: Setting up a guest wireless network on a separate VLAN

Sophos XG: Setting up a guest wireless network using a separate access point

When friends and family are visiting and require wifi access, we typically give them complete access to our network by providing the password to our wireless access point. While most friends and especially family wouldn't be doing anything malicious on our network, the bigger concern is the devices they're using to connect to the network … Continue reading Sophos XG: Setting up a guest wireless network using a separate access point

Sophos XG: Creating a custom IPS policy

Sophos XG comes with pre-defined Intrusion Prevention System (IPS) policies but you can easily create one tailored specifically for your needs. The benefit is so the IPS engine is not scanning your traffic against more signatures than necessary, thus reducing overall system load. As a comparison, the pre-defined 'lantowan_general' policy has 7,181 signatures in its … Continue reading Sophos XG: Creating a custom IPS policy