Sophos XG: Using a backup ISP for specific devices/applications

I recently purchased a Netgear 4G LTE Modem (LB1120) that I'm using with a T-Mobile Pre-Paid cellular data plan as a backup ISP. The data plan is only $5/month for 500GB of data at 4G/5G speeds and once the 500GB allotment is used, the speeds are reduced to 2G (~128kbps). For my use case, I … Continue reading Sophos XG: Using a backup ISP for specific devices/applications

Sophos XG: Completely isolating the local and guest network

In my previous post on setting up a guest network, I explained how to setup a guest network using a separate VLAN. While this will mostly separate the guest network from the local network, there are several ports open to your Sophos XG device based on the guest network being assigned to the LAN zone. … Continue reading Sophos XG: Completely isolating the local and guest network

Sophos XG: Setting up a guest wireless network on a separate VLAN

In this previous guideĀ I explained how to setup a guest network using a separate wireless access point. This guide will show you how to setup a guest wireless network on a separate VLAN using the Apple Airport Extreme/Time Capsule's guest network feature. This guide assumes the Apple Airport is connected directly to Sophos XG (i.e. … Continue reading Sophos XG: Setting up a guest wireless network on a separate VLAN

Sophos XG: Setting up a guest wireless network using a separate access point

When friends and family are visiting and require wifi access, we typically give them complete access to our network by providing the password to our wireless access point. While most friends and especially family wouldn't be doing anything malicious on our network, the bigger concern is the devices they're using to connect to the network … Continue reading Sophos XG: Setting up a guest wireless network using a separate access point

Sophos XG: Creating a custom IPS policy

Sophos XG comes with pre-defined Intrusion Prevention System (IPS) policies but you can easily create one tailored specifically for your needs. The benefit is so the IPS engine is not scanning your traffic against more signatures than necessary, thus reducing overall system load. As a comparison, the pre-defined 'lantowan_general' policy has 7,181 signatures in its … Continue reading Sophos XG: Creating a custom IPS policy