9/20/2023 0 Comments Sophos xg home limitationsI've seen CPU usage get pretty high on the unit under heavy packet load so I'm probably approaching the limit. W/re: 1) Yeah, I had a feeling that might be the case. Someone else might have better and more accurate input here. Traffic shaping I have very little experience with though - my go-to logic is to give clients as much throughput as possible to get them off the high network use as soon as possible and only traffic shape essential services as guarantees. In regards to 2) - You might be able to achieve this by using traffic shaping per FW rules and using shared limits for all FW rules out of a specific subnet. It did about 7-8Gb/s on just FW with no protection. Personally I use a virtual Sophos FW appliance right now running on a Ryzen 3100 and it achieves 1Gb/s in some tests I ran, though my uplink is not that high so I only have limited experience and my tests were not exhaustive. The 4 core/6gb RAM limitations apply as per the home licensing.Īs a point of comparison you could look up the exact CPUs the XG Firewall (not XGS due to added NPUs) appliances use and see the throughputs they can achieve as per the datasheet, the knowledge will be limited to older gen CPUs, v18 firmware and from what I remember public datasheet don't expose the lower "real life" throughputs. Also, generally the better cores you can throw at it, the better the throughput. Just FW with no protection should be very easy to reach. Though it really depends on the feature set you have enabled protection wise. From experience it struggled to reach 250Mbps throughput with IPS enabled. In regards to 1) - I used to run Sophos Firewall on a similar grade of CPU in an old Cyberoam appliance. r/talesfromtechsupport - Support stories from the trenches ![]() ![]() r/sysadmin - General Sysadmin topics and rants r/aww - For your support-related relief needs Sophos XG - Official How-to videos for the XGĭavid Okeyode - XG/UTM Cloud How-to videos Naked Security - Award-winning computer security news Posts from your own blog are welcome, as long as disclosure is made, they are relevant to the sub, and follow Reddit rules regarding self-promotion Posts should be related to Sophos as a company or its productsģ. ![]() Members are expected to follow the basic rules of ReddiquetteĢ. Community members shall conduct themselves with professionalism
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |