Free Antivirus and Firewalls (UTM, NGFW) from Sophos

    Sophos home

    I would like to talk about free Sophos products that can be used both at home and in the enterprise (details under the cut). Using TOP solutions from Gartner and NSS Labs will significantly increase the personal level of security. Free solutions include: Sophos UTM, XG Firewall (NGFW), Antiviruses (Sophos Home with web filtering for Win / MAC; for Linux, Android) and malware removal tools. Next, we will consider the high-level functionality and steps for obtaining free versions.

    Today, many homes have several laptops, tablets, telephones, there are remote sites (houses of parents and relatives), there are children who need to be protected from inappropriate content, and computers should be protected from ransomware / ransomware. All this essentially boils down to the tasks of a small company - with a distributed IT infrastructure and high security requirements. About products that allow you to solve these problems for free at home - we’ll talk today.

    Lyrical digression about Sophos

    Sophos was founded in 1985 as an antivirus company, which remained so until the early 2000s. From that moment, Sophos began to actively develop in other areas: through its own expertise and laboratories, as well as through the acquisition of other companies. Today, the company has 3,300 employees, 39,000 partners and 300,000 customers. The company is public - reports for investors are available openly . The company conducts research in the field of information security (SophosLabs) and monitors news - you can follow it on the blog and podcast from Sophos - Naked Security .

    To be the best in the world to provide integrated IT security for enterprises of various sizes (from small businesses to international corporations).


    • Only security.
    • Comprehensive security to make simple.
    • Management is both fully local, and through the cloud.

    The only vendor in information security, which is a leader in network security and in the safety of workplaces, was the first to come up with their joint work. The company focuses on the corporate sector, so solutions for home users do not contain advertising, fully functional. It should be borne in mind that most of the solutions below are intended for home use. All Sophos commercial solutions can be tested within 30 days.

    Closer to the point or start in order

    The main page listing almost all free solutions is the page: Sophos Free Products.

    To quickly navigate the solution, I will give a short description. For convenience, quick links will be provided to obtain the appropriate product.

    The basic steps that you need to take for almost every product:

    1. Registration - get MySophos ID. Everything is standard, as elsewhere.
    2. Download request. Fill in the required fields.
    3. Export check. A bit unusual step. Unfortunately, one cannot do without it (export law requirements). When downloading the product, you must fill in the appropriate fields. This step can take about a day (depending on the number of calls, as it is checked manually). The next time you will need to repeat after 90 days.
    4. Download request. Re-fill the required fields. The main thing is to use Email and name from step number 2.
    5. Download and install.

    Sophos Home for Windows and Mac OS

    Sophos Home Dashboard

    Sophos Home - free antivirus and parental controls. Secures all home computers with the free Sophos Home antivirus. This is the same anti-virus protection and web filtering technology that hundreds of thousands of companies trust, available for home use.

    • Keep track of events and change security settings for the whole family centrally from any browser.
    • Access control by categories of websites with one click.
    • Protecting computers with Windows and Mac OS.
    • Free, up to 3 devices per email account.

    Sophos Home Premium provides protection against ransomware and exploits for home users, uses deep machine learning technology to detect malware that has not yet appeared = next-generation antivirus (functionality of the commercial Intercept X product ). It increases the number of devices under one account to 10. The functionality is paid, available for a number of regions in the world, unfortunately unavailable in Russia - VPN / Proxy to help.

    Download link for Sophos Home .

    Sophoph central dashboard

    The commercial version of Sophos Central allows you to manage from a single console:

    • Endpoint Protection is an antivirus for workstations.
    • Intercept X is a deep machine-trained antivirus and EDR for incident investigation. Belongs to the class of solutions: Next Genereation Antivirus, EDR.
    • Server Protection - antivirus for Windows, Linux and virtualization servers.
    • Mobile - mobile device management - MDM, containers for mail and data access.
    • Email - cloud anti-spam, for example for Office365. Sophos also has various variants of Local anti-spam systems.
    • Wireless - manage Sophos access points from the cloud.
    • PhishTreat - allows you to conduct phishing campaigns , train employees.

    A distinctive feature of Sophos antivirus is the high speed of the antivirus engine in combination with high quality malware detection. Antivirus engine is inserted other information security vendors, such as Cisco, BlueCoat and others. (See. Sophos OEM . The Russian anti-virus engine uses, for example, Yandex .

    Antivirus is in the top three versions to Gartner , so the use of the home version of industrial antivirus definitely raise the overall level of information security households.

    Sophos UTM Home Edition

    Sophos UTM Dashboard

    Class: UTM (Unified Threat Management) - a Swiss knife in the field of information security (all-in-one)
    Leader: Gartner UTM , starting in 2012
    Platforms: x86 server, virtualization (VMWare, Hyper-V, KVM, Citrix), cloud (Amazon ), the original hardware platform

    Demo interface is available at this link .
    Download link for Sophos UTM Home Edition .

    Features and Description:
    Sophos UTMprovides all the necessary functionality to protect the network: firewall, web filtering, IDS / IPS, anti-spam, WAF, VPN. The only limitation of the home version is 50 protected internal IP addresses. Sophos UTM comes as an ISO image with its own operating system and overwrites data on the hard disk during installation. Therefore, a separate, specially designed computer or virtual machine is required.

    On Habré there was already an article about the organization of web filtering based on Sophos UTM (in terms of replacing Microsoft TMG).

    The limitation compared to the commercial version is the protection of up to 50 IP addresses. There are no functional limitations!

    As a bonus: there are 12 Endpoint Protection antivirus licenses in the Home Edition, which means that you can control not only network security, but also the security of workstations from the UTM console: apply anti-virus filtering rules, web filtering to them, control connected devices - it works even for computers that are not on the local network.


    Step 1 - Getting Software

    1. Get MySophos ID - see above.
    2. Fill in the required fields and submit the form (divided into several screens).
    3. Get an email with links.
    4. Make a request to download the ISO image from the links from the letter or directly. If necessary, wait for export control checks.
    5. Use ISO to install on your x86 server or in any virtualization (VMware, Hyper-V, KVM, Citrix).

    Stage 2 - obtaining a License

    1. By the link from the letter above - activate the account on the MyUTM portal . If mail was previously used, enter or reset the password to gain access to MyUTM.
    2. Download the license file in the License Management -> Home Use License section. Click on the license and select Download License File. A text file with the name “licenseXXXXXXX.txt” is downloaded.
    3. After installation, open the WebAdmin control panel at the specified IP address: for example
    4. Upload the license file to the section: Management -> Licensing -> Installation -> Upload.

    Getting Starting Guide in English .

    The license is created for 3 years, after which the license must be generated again by the steps of Stage 2, after removing the expired license from the MyUTM portal.

    Sophos UTM Essential Firewall

    Sophos UTM Essential Firewall security functions

    Free firewall for commercial use. To obtain a license, you must fill out the form at this link . A text license file with a perpetual license will come to the mail.

    Functions: Firewall up to L4, routing, NAT, VLAN, PPTP / L2TP remote access, Amazon VPC, GeoIP filtering, DNS / DHCP / NTP services, centralized management of Sophos SUM.

    A visual representation of the functions is shown in the figure above. The modules that surround Essential Firewall are separate licensed subscriptions.

    Sophos sum

    Sophos sum dashboard

    It is convenient to use Sophos SUM (Sophos UTM Manager) for centralized management of isolated UTMs at different sites. SUM allows monitoring the status of slave systems from a single web interface and distributing individual policies. Free for commercial use.

    Link to download and request the Sophos SUM license . The letter will contain download links (similar to Sophos UTM) and a license file in the attachment.

    Sophos XG Firewall Home Edition


    Class: NGFW (Next Generation Firewall), UTM (Unified Threat Management) - filtering by applications, users and UTM functions
    Leader: Gartner UTM
    Platforms: x86 server, virtualization (VMWare, Hyper-V, KVM, Citrix), cloud (Azure) , original hardware platform

    Demo interface is available at this link .
    Download link for Sophos XG Firewall Home .

    Features and Description:
    The solution was released in 2015 as a result of the takeover of Cyberoam.
    Версия Home Edition решения Sophos XG Firewall предоставляет полную защиту вашей домашней сети, включая все функции коммерческой версии: защита от вирусов, веб фильтрация по категориям и URL, контроль приложений, IPS, шейпинг трафика, VPN (IPSec, SSL, HTML5 и др.), отчетность, мониторинг и многое другое. Например, с помощью XG Firewall можно провести аудит сети, выявить рисковых пользователей и блокировать трафик по приложениям.

    • Полная защита домашних пользователей и домашней сети.
    • Поставляется в виде законченного ISO образа с собственной ОС на базе ядра Linux.
    • Работа на Intel-совместимом оборудовании и в виртуализации.

    Not licensed by IP address. The limitation compared to the commercial version is up to 4 CPU cores, 6GB RAM. There are no functional limitations!

    Getting Starting Guide for Software version in English and Russian .

    Sophos XG Firewall Manager


    It is an advanced system for centralized management of subordinates of XG Firewall. Displays security status on connected devices. Allows you to manage the configuration: create templates, make bulk changes to groups of devices, change any fine-tuning. It can act as a single entry point with a distributed infrastructure. Up to 5 managed devices are free.

    Demo interface is available at this link .

    Download link for Sophos XG Firewall Manager .

    Sophoph iview

    If there are several installations of Sophos UTM and / or Sophos XG Firewall and you need to have summary statistics, then you can install iView, it is a Syslog collector for Sophos products. The product is free up to 100GB of storage.

    Download link for Sophos iView .


    Sophos Mobile Security for Android

    The award-winning Sophos Mobile Security for Android free antivirus protects Android devices without sacrificing performance or battery life. Real-time synchronization with SophosLabs provides real-time protection for your mobile device.

    • Detection of malware and blocking potentially unwanted applications and Internet threats.
    • Protection against loss and theft with remote locking, data wipe and location.
    • Privacy Advisor and Security Advisor help provide even greater device protection.
    • Authenticator manages one-time passwords for multi-factor authentication.
    • Secure QR Code Scanner blocks malicious content that may be hidden behind the QR code.

    Download link for Sophos Mobile Security for Android .

    Commercial product: Sophos Mobile Control - belongs to the MDM class and allows you to manage mobile phones (IOS, Android) and workstations (MAC OS, Windows) according to the BYOD concept with mail containers and data access control.

    Sophos Mobile Security for iOS

    Sophos Mobile Security for iOS dashboard
    The first step in securing your iOS device is to install the latest updates. The Sophos Mobile Security for iOS solution talks about the need to install updates, and contains a collection of convenient security enhancements for iOS devices:

    • OS Version Advisor explains the security benefits of upgrading to the latest version of iOS (a convenient description of updates and fixes).
    • Authenticator for managing one-time passwords for multi-factor authentication.
    • Secure QR Code Scanner blocks malicious content that may be hidden behind the QR code.

    Download link for Sophos Mobile Security for iOS .

    Malware Removal Tool (HitmanPro)

    The Windows malware removal tool scans your entire computer for problems, and if they are found, you are given a free 30-day license to remove the threat. Do not wait for the infection to occur, you can run this tool at any time to see how your current antivirus or endpoint protection software works.

    • Removes viruses, trojans, rootkits, spyware and other malware.
    • Without configuration and installation.
    • A free independent scanner will indicate what has been missed.

    Download link for Sophos Malware Removal Tool .

    Commercial Product: Sophos Clean comes in many commercial products such as Sophos Intercept the X .

    Sophos Malware Removal Tool

    Virus Removal Tool

    The free virus removal tool helps you quickly and easily find and remove threats lurking on your computer. The tool detects and removes viruses that your antivirus might skip.

    • Removing viruses, worms, rootkits and fake antiviruses.
    • Support for Windows XP SP2 and later.
    • It works simultaneously with the existing antivirus.

    Download link for Sophos Virus Removal Tool .

    Virus Removal Tool

    Sophos Antivirus for Linux - Free Edition

    Protect critical Linux servers and prevent all threats - even those designed for Windows. The antivirus is lightweight and easy to use so that Linux servers can maintain high speed. It works seamlessly in the background and scans in one of the modes: upon access, on demand, or on schedule.

    • Searches and blocks malicious files.
    • Easy installation and seamless operation.
    • Supports a wide range of Linux versions, including customized distributions and kernels.
    • Ability to easily upgrade to commercial version with support and centralized management.

    Download link for Sophos Antivirus for Linux .

    Commercial product: allows you to connect to a centralized management system and supports a wide range of operating systems - Linux and Unix.

    Sophos Antivirus for Linux

    Support or help yourself

    A single login window is the Support section on the vendor's site - Sophos Support , with an end-to-end search of all resources. A separate portal has been created for Sophos Home .
    There are three main ways to find a solution to the problem:

    1. Documentation, in many cases it is built into the product itself, but if you want to read the PDF before going to bed, there is a Documentation section .
    2. The knowledge base at Sophos is publicly available. Here you can see the main configuration scenarios and difficult moments. See Knowledge Base .
    3. The user community that allows you to find a solution to the problem is located at Community Sophos .

    For commercial customers, of course, there is full support, both from the vendor and the distributor. In Russia, the CIS and Georgia - from Factor Group .

    Protect yourself from cryptographers!

    Finally, you can watch a video about Time Machine for protection against encryptors :)

    Also popular now: