Something happened in your environment, and suddenly you no longer have any contracts or subscriptions to run any of the Sophos software on your purchased Sophos appliance. So the software is useless, but the appliance is otherwise functional and seems to work fine. What else can you install on it? Here's a few lab-tested (by yours truly) options you can consider.
Before we get to the list, I suppose it might be worth clarifying the general process I used, since it did seem to have AN effect on some of the results.
General Process:
- Using an unrelated Live Linux USB, use gparted and remove all partitions
- Create a bootable USB from ISO using rufus
- Use the USB on an SG105 appliance
Finally, I would like to clarify what I mean by "working" on the appliance... A good example here may be pfSense. I have found various posts in all kinds of different forums offering various suggestions on how to get pfSense to work on a Sophos appliance; most of them are beyond the skills we could expect from the "common man" to whom this article is more tailored to. I'm not trying to find an OS that can be made to work on a Sophos device, I want to see what works, right out of the box, no (or very little/simple) changes/fooling around. I'm also not going very deep into the features and usage of the software (that may come at a later time), but just whether or not it installs, configures, and boots.
Now, on to the good stuff!
To start things off, I figured that since the appliance was designed to be a firewall, why not see what other F/OSS (Free and/or Open Source Software) alternatives can run on it. Here's the results:
Firewalls - What Worked
Despite the fact that IPCop hasn't been updated since 2015, it still seems to have a following and still enjoys seemingly widespread usageIt installed and worked just fine- Discontinued and no longer available from their site
- You need to register with Untangle to complete the install/configure process
- It looks like not ALL features are included in the Free offering
- Otherwise installs, configures and boots fine
Endian Firewall Community Community
- Installs, configures, and boots fine
- Looks to be more of a Windows Server alternative, as opposed to Firewall-specific, though there is some firewalling features
- You can set up fileshares and AD
- Not sure about having that DIRECTLY accessible to the internet
- Installs, configures, and boots just fine
Firewalls - What Didn't
- Installs fine
- Crashes on boot
- There are a few different 'versions', ALL versions crash when booting the installer
- There are a few different 'versions', ALL versions crash when booting the installer
- Installer seemed to load some kind of live environment
- Though there didn't appear to be any networking drivers loaded
- No clear option/method to install and further configure
- Installer does not boot
- Installer does not boot
- Installs and boots fine
- Does not appear to immediately start any networking upon boot
- No clear/obvious way to continue configuring/setting up
There were a couple other OSes I had found, like Smoothwall Express, fli4l, Zeroshell Linux Router, LEAF Project, where there wasn't clear/obvious ISO files, or rufus couldn't open or use the ISO file, so there was little else I could check out with those.
Once I got through the Firewall-type OSes, I started to wonder what ELSE could be installed on the device? Could we turn it into a Web Server? Mail Server? What else could we do with it?
Base Server
- Installs, configures, and boots fine
- Encrypted LVM partitioning works great as well
- though you would need a keyboard and monitor at boot to enter the decryption key
- Installs, configures, and boots fine
- though the interface naming is a bit unusual
- Encrypted LVM partitioning works great as well
- though you would need a keyboard and monitor at boot to enter the decryption key
Web Server
- Installs, configures, and boots fine
Mail Server
All the real, fully featured Mail server solutions required a base install of sorts, and then the software/packages are installed on top of the server OS.
- Installs, configures, and boots fine
Sovereign - email and contact/calendar server
- Installs, configures, and boots fine
- Installs, configures, and boots fine
Mail-in-a-Box only supports being installed on Ubuntu 14.04
- Installs, configures, and boots fine
SIEM
Security Information and Event Management
- Installs, configures, and boots fine
- Installs, configures, and boots fine
Virtual Server
Though perhaps not best suited to the smaller devices (like the *G105 series devices I tested with), this may be a useful/viable option for some of the larger devices.
Using VirtualBox and phpVirtualBox on top of a Base server with some Web Services (Apache, nginx, etc...), taking queues from a How-To over on HowToForge
- Installs, configures, and boots fine
- Installer does not boot/start properly
Desktop Linux
Since the Base Server installed just fine, I figured it shouldn't be that much of a stretch to install a desktop environment and just use that. But if I am going to make use of a desktop environment like that, I might as well use an actual Desktop-type distro that already has all the nice integrations set up for me. Yes, there are many MANY others out there, but I just wanted to quickly hit some of the major players, since the core/underlying OSes (RedHat, Debian, etc...) will be similar to others.
- Installs, configures, and boots fine
- Installs, configures, and boots fine
- Installer completes fine
- but the device crashes/cores upon boot
- Neither the CLI nor Live options detected the CD/USB to complete the installation
Actual DVD
- Installs, configures, and boots fine
- Encrypted LVM partitioning works great as well
- though you would need a keyboard and monitor at boot to enter the decryption key
- Installs, configures, and boots fine
- Encrypted LVM partitioning works great as well
- though you would need a keyboard and monitor at boot to enter the decryption key
Could you imagine this? The hardware LOOKS like it's a network security device, but in all reality it's ACTUALLY a hack box, sitting and waiting to do your bidding. Install VirtualBox on that bod boy, and install Sophos in a VM, and you could have, for all intents and purposes, a secure Sophos device, meanwhile, it's just a front. I might set this up in the future and REALLY poke about on it and see what we could do with that kind of setup.
Sophos Home Edition
Wait what...??? Wasn't this about NON-Sophos software? Yes, yes it is. I went through all the above noted OSes, then a thought occurred to me, why not try and see if the Home Edition of UTM and/or XG will work on the devices. Since the only real difference in Licensing, this should work just fine. That being said, the UTM and XG installers (seem to) check the HDD for an exiting UTM/XG installation, and verify whether or not the hardware is a Sophos Appliance, and if it is, it will NOT perform the install. So the secret to making this work is noted above in my 'process', where you delete/remove the existing partitions and filesystems, and run the installer on a 'blank' HDD like that.
Limited to 50 'internal' IP Addresses
- Installs, configures, and boots fine
Limited to 4 CPU cores and 6GB RAM (this is roughly equivalent to an XG 135)
- Installs, configures, and boots fine
Final Thoughts
As you've seen, there are a number of options as to what you can do with an 'old' Sophos Appliance, and this is hardly scratching the surface. Feel free to experiment and test what you will on a spare/extra/old Sophos device; let me know the results, and I'll put them up here crediting your work and efforts. Also, if there's any key/important/big OSes that I missed, just contact me to give your suggestion, and I will be sure to respond in turn.
