HomeLab Part 10 – Sophos SG Appliance Replacement
I was working with Sophos SG Appliances (formally known as Astaro UTM) since 2005 (version 5.x). In the beginning I used white boxes with 2-4 NICs as my personal firewall. In January 2013 when I was about to start a new job I had the opportunity to attend a Sophos UTM technical academy. The best thing about this academy was that I could keep the Sophos UTM 120 I used for configuration purposes during the acadamy. Since then this little box served me really well. These are the specs of this box:
Sophos UTM 120 Rev.5
CPU: Intel Atom N450 (1Core/2Threads, 1.6GHz)
Memory: 2GB DDR2 SO-DIMM
Network: 4x 1GBit Intel NICs
HDD: 250GB 2.5” SATA
The successor – SG135 Rev.2
I had this little box until the first half of 2020. During the last month and after every Sophos update I realised that the performance when accessing the WebAdmin interface was more and more degrading because of the old hardware specs. So I decided to look for a replacement. I created a search agent at one of the Austrian small ads sites which is similar to eBay or Shpock. After a while I found the perfect replacement for the UTM 120, a SG135 Rev.2. It was also a little bit of a russian roulette because the C2000 CPU was known for a bug which could have made this box unusable. The specs of this box are here:
Sophos SG135 Rev.2
CPU: Intel Atom Rangeley C2558 (4Cores, 2.4GHz)
Memory: 6GB DDR3
Network: 8x 1GBit Intel NICs
SSD: 64GB Transcend (TS64GSSD370)
This box was a beast. When I first logged into this new appliance it was like day and night. I never saw the WebAdmin in such a speed. Every click got a direct response and I didn’t have to wait for any site to popup. Unfortunately after 2-3 month this appliance died during the night. It was not the previous mentioned C2000 bug rather the mainboard died and booted with an error code 99. So I put my old UTM120 back into place.
The new Champion – Dell R220
During the last couple of month I was searching for a new hardware platform that could run Sophos UTM 9.7. I found a lot of smaller appliances but neither of them fitted my needs. This was the requirement for the new Sophos UTM hardware:
- Low power consumption (similar to the UTM and SG if possible)
- Low price
- 4+ Gbit NICs
- powerful processor
One could ask why I was searching for multiple interfaces, right? This is a really good question, because some people told me I could have done this with only 2 interfaces using VLAN interfaces. The people were right I could have done this with VLAN interfaces, unfortunately there are some functions within Sophos UTM were VLAN interfaces can’t be used and I need to have physical interfaces. I not only have a LAN and WAN interface, I also need a IoT and WLAN interface. During my research I came across multiple vendors who are selling pfsense hardware or firewall hardware. Unfortunately most of them are either too expensive, don’t have the required ports, have week processors or shipping from China.
By accident I then found an Austrian YouTuber (austriangamerstech) who replaced his pfsense firewall hardware with a DELL R210 II. He also made a video (german only) were he explained what he was doing and how to optimize FANs and power consumption. I had a look into this type of hardware but for my taste it was a little bit outdated. But the good thing was I now searched for similar Dell R series server and found the Dell R220 which was the successor of the R210 II. The specs of the server were awesome and I also found a lot of seller on eBay. Here is the BOM for the new hardware firewall:
Hardware | Price |
---|---|
DELL R220 Intel XEON E3-1231 v3 (TDP 80W) 8GB DDR3 UDIMM 1TB HDD |
201.85€ |
DELL iDRAC7 Remote Access Card | 17.02€ |
DELL Intel I350-T4 (THGMP) | 48.90€ |
DELL iDRAC7 Enterprise License | Free |
TOTAL: | 267.77€ |
I kept everything except the HDD which I replaced with the Transcend SSD I had left from the SG135. Compared to the other offers I found on Amazon or eBay with different and smaller appliances I saved a lot of money. The only drawback I saw with this setup was that it might have a much higher power consumption than the appliances I had in the past. After I got all pieces together, I installed Sophos UTM in the most recent version and saw that during boot up and installation the power consumption was around 40-60 watts which was 2x-3x more than I had with the UTM appliances. But to my surprise the consumption went down after the firewall was installed and configured. My current consumption is just 5 watts higher than my older appliances which is based on the used CPU a pretty decent result.