F5F Stay Refreshed Power Users Networks Determine the optimal configuration for Sophos UTM 9 with a Layer 3 switch.

Determine the optimal configuration for Sophos UTM 9 with a Layer 3 switch.

Determine the optimal configuration for Sophos UTM 9 with a Layer 3 switch.

X
XxPandaSoulsxX
Member
Find
123
10-27-2016, 02:47 AM
#1
Hi everyone, i've been using Sophos UTM 9 and my L3 switch (dlink dgs 1510) that i only bought for connecting my workstation to my nas via 10Gbit SFP+. Everything is working fine as my setup is very straight forward: Sophos acts as a gateway, handles the dhcp of the network and gives the network internet access via the ISP modem The Dlink switch didn't do any of what a L2 or L3 switches are made for as it was only used as a switch connecting all the devices of my network. As I'm about to move in to a new house and as i wil be impementing a new server, video surveillance and ip phones to the network I decided to dig deeper and did some research. Here is what I think my new setup will be like_ VLAN 1 Freenas, Workstations, Home wifi and so on VLAN 10 Guest WIFI VLAN 20 Video surveillance VLAN 99 MGT VLAN 150 ip phone Sophos ---> Gateway and Firewall of the networ-->ISP modem-->Internet Dlink switch ---> L3 Switch will handle VLANS and the routing in case i wanted some vlans to communicate with each other Now is this a good way of doing things? Do I have to setup a trunk between the router and the switch? Does the sophos have to be the gateway or it can just be a firewall and provide me VPN etc?
Reply
Reply
X
XxPandaSoulsxX
10-27-2016, 02:47 AM #1

Hi everyone, i've been using Sophos UTM 9 and my L3 switch (dlink dgs 1510) that i only bought for connecting my workstation to my nas via 10Gbit SFP+. Everything is working fine as my setup is very straight forward: Sophos acts as a gateway, handles the dhcp of the network and gives the network internet access via the ISP modem The Dlink switch didn't do any of what a L2 or L3 switches are made for as it was only used as a switch connecting all the devices of my network. As I'm about to move in to a new house and as i wil be impementing a new server, video surveillance and ip phones to the network I decided to dig deeper and did some research. Here is what I think my new setup will be like_ VLAN 1 Freenas, Workstations, Home wifi and so on VLAN 10 Guest WIFI VLAN 20 Video surveillance VLAN 99 MGT VLAN 150 ip phone Sophos ---> Gateway and Firewall of the networ-->ISP modem-->Internet Dlink switch ---> L3 Switch will handle VLANS and the routing in case i wanted some vlans to communicate with each other Now is this a good way of doing things? Do I have to setup a trunk between the router and the switch? Does the sophos have to be the gateway or it can just be a firewall and provide me VPN etc?

Reply
Reply
R
Rik3107
Member
Find
59
10-27-2016, 08:52 AM
#2
Performing routing on an L3 switch ensures high performance, though security features are limited to basic ACLs and may not cover advanced needs. For firewall-protected areas such as MGT and Surveillance VLANs from workstations, traffic still passes through a UTM solution. This security tier might be excessive for your setup, but routing into those VLANs on the L3 switch could suffice.
Reply
Reply
R
Rik3107
10-27-2016, 08:52 AM #2

Performing routing on an L3 switch ensures high performance, though security features are limited to basic ACLs and may not cover advanced needs. For firewall-protected areas such as MGT and Surveillance VLANs from workstations, traffic still passes through a UTM solution. This security tier might be excessive for your setup, but routing into those VLANs on the L3 switch could suffice.

Reply
Reply