    Difficulty deciding

    Back Story: So I've been using Untangle (I have a yearly home sub) on and off for the past year using it for a few months then using Sophos XG (the original firewall\utm that I started using many years ago). And maybe it's my OCD or something but I just can't decide which one to use. I love the new Sophos XG V16 (yes V15 was horrible and that's what got me to try out untangle) but at the same time I love the simplicity of Untangle even though I have pretty decent knowledge of sophos XG. For what I run, A few servers like FreeNAS, windows server 2016, few Synology NAS's. I also have smartthings with about 20 smart home devices including the Hue lights along with a few windows 10 computers, ipad and several android devices.

    So now for my questions,
    1. Do I really 'need' something as advanced as Sophos XG Home edition or would something like Untangle be more then ample for protecting my network and? (I do have some friends that do 'stupid' things on my network so there's that)

    2. I know untangle has IPS issues (not blocking everything) which i've always ran IPS on sophos just because i've always been told it's something you should if you have the specs. But is IPS really necessary or what's the story there?

    3. Do you need to use the 'lite' plugins when you have the non lite ones installed because i've seen around here on the forums that they work in different ways apparently (web filter lite uses local database and the other one uses the cloud).

    4. Something i've never been sure about is under the Apps-Firewall-Rules is should those 3 boxes be selected? The ones that say "black all traffic to port 21, Block all traffic from etc, and accept all traffic to the range of.... Does this firewall block everything automatically or what?

    Sorry for the huge amount of questions and super long post but they are what has been on my mind about Untangle for a while now.

    1) Anything from the business firewall space is going to be fine for your home network if properly configured.

    2) I'm not aware of any IPS issues. Untangle, while it does have many dangerous features, including IPS, generally tries to cater to users that want a secure network with no headaches. IPS is not a powerful security technology compared to others in this aspect. In many organizations the costs outweight the benefit. Our approach real security driven by data, not marketing security. If you feel strongly that the default ruleset enable a bunch of block rules that cause problems and create noise for you to show your boss, Untangle may not be right for you. Many users are a part of the system to sell fear and generate noise to justify their job. Other users just "feel" a block-by-default IPS adds security despite all data. If those are you, Untangle may not be right for you. Sorry to be blunt - this conversation we've had hundreds of times. The good news is that if you are a part of the latter group, there are literally hundreds of products that cater to you. Sophos being one.

    3) No. You should not use the lite versions if you have the full version installed. Do you see a warning at the top in the administration interface? It will warn you if you have two apps installed and shouldn't. The one exception is that you can run Virus Blocker Lite in addition to Virus Blocker if you want clam to provide an extra layer of antivirus.

    4) Those are example rules - not for actual use. If you want to add rules for egress filtering you can do so. Since all inbound sessions are blocked by default by NAT and most (90%+) organizations do no egress filtering, this is the correct configuration for most.
    Feel free to change - thats why its configurable.

    worth a read:
