I am a big fan of home network security. As the father of three kids and the one in charge of the network at home, I am constantly worried about online safety. Over the years I have tried many different security solutions and am now running Sophos XG at home. Sophos is one piece of my home setup, and you can see more of my setup here.
- All models are available for cloud-management in Sophos Central. Indoor models can also be managed on-premises via XG Firewall and SG UTM. The Sophos APX Series is a growing portfolio of access points with 802.11ac Wave 2 technology.
- Note Sophos APX series, AP10, AP30, AP50, and Wi-Fi enabled devices can access only the primary RADIUS server. Related information Authenticate branch office users with head-office AD server.
A few years back, I got tired of the constant reboots I was having to do to my consumer router. It seemed that if I didn’t reboot it every few days to a week, it would cause my network to become laggy. I had the problem in varying forms and severity across several routers. Adobe bridge cc for mac. I decided to switch to Ubiquiti equipment, and ran that up until this year. I used an EdgeRouter Lite as my main router and a UniFi UAP-LR as my access point. This was a great combination for many years. I also used Open DNS as a content filter for many years to help the inside to outside security.
AP30 Scope of supply Mounting instructions The Sophos AP30 can be mounted on the ceiling. Screws are included in delivery. Use the screws from the scope of supply or screws whose dimensions correspond with the mounting holes in the bracket. Remove the bracket from the housing Unlock the bracket on the backside by turning it (approx.
Although the EdgeRouter was a great router/firewall and OpenDNS a great filter, I really wanted the filter on the local network. The more network between my users and the equipment protecting them, the more vulnerable the protection is. With OpenDNS, there was a lot of network in between, most of which was out of my control. I read about hardware/software firewalls like pfSense, Sophos and Untangle and was really interested in using them as a solution. After looking into the available options, I wound up choosing Sophos XG as my firewall. There really isn’t a well defined reason I chose it, as all three options are really solid.
Having picked up an old Dell Poweredge 1950 III a few years back, I wanted to stay with rack mount type equipment for my network stuff. I wound up grabbing a Roswell brand 2U case and a Lenovo ThinkCentre with a core i5-2500 3.3GHz processor and 4GB of ram. I pulled the hardware out of the ThinkCentre and put it in the 2U case. 4GB is the Sophos home user (free for home users) RAM cap, so the ThinkCentre’s hardware worked out perfectly.
Once configured, I have a pretty robust bit of security all contained right here at home. Although my past Ubiquiti AP was awesome, I wanted the extra control and features available to the firewall that come from using a Sophos AP. I am using a Sophos AP55C 802.11 a/b/g/n/ac and a Sophos AP30 802.11 b/g/n to run three SSIDS. The first SSID is WPA2 enterprise encrypted, RADIUS authenticated using the wonderful software, FreeRADIUS. The second SSID is for my dumb devices that can’t authenticate via RADIUS. It is WPA2 encrypted and whitelist MAC address filtered. The third and final SSID is completely open! *GASP* Ok, it isn’t exactly open. It is configured as a hotspot and requires a randomly generated, time expiring voucher key to access. It is also isolated from the rest of the network on its own VLAN/subnet.
All in all, I am pretty happy with my current setup. I have good security, good filtering, all while still getting full internet speed from my provider. I am sure that in time, something new will come along and I will change it all again. Hopefully, that isn’t anytime soon!
Use these settings to enable wireless protection, to set notification time-out, and to configure a RADIUS server for enterprise authentication.
If access point firmware is not installed, click the link to download and install.
- Enable wireless protection
- Scan all traffic on the specified zones for threats and malware.
- Allowed zone
- Network zones that permit access point connectivity. You can deploy access points on the specified zones.