SRX UTM: Antivirus - Sophos

Here is a quick overview of getting Sophos AV working on an SRX

Sophos is the Cloud based solution and so needs an active Internet connection to work. This means the AV database is not stored locally on the SRX like Kaspersky. The SRX uses DNS queries to the Sophos Cloud to perform AV queries. We'll see later how these work.

Sophos can also perform URI content checking over HTTP to detect malware.This is essentially a reputataion check and can be disabled if you wish.

The Sophos solution should put less load on the SRX, processor and memory wise due to not having to download a giant AV database and run checks against it though it does cache responses to improve lookup performance.

SRX VPN: Checkpoint to SRX Site-to-Site Policy Based.

Today we are going to take a look at a site to site VPN between a Checkpoint and an SRX.

We will focus more on configuration and testing rather than VPN theory as the Internet is full of great resources in that respect. No NAT in this one either to keep it more simple and just focused on the VPN side of things. We will do a seperate Blog for VPN troubleshooting.

Here is a layer 3 view of the network we will be using..