In the background, the configuration you just specified is uploaded to the Sophos provisioning cloud. RED Interface IPv4 and Netmask is the Network you want to define at the remote site.Deployment option is Standard or unified.Unlock code is only require if the RED is re-purposed.The RED ID # is the unique number on the bottom of the RED device.UTM hostname is your Central UTM’s public DNS name or fixed public IP address.Select the remote device Type (Either RED10 or RED 50).Select the Server Deployment Helper tab.In the Sophos UTM management console, open the RED Management and enable it if you have not already done so.That’s right, if you want to change something like DHCP on the remote site, the change is made on the UTM, and the RED simply inherits the configuration. Configure the Sophos RED Device on Sophos UTMĪll of the settings for the RED are configured on your central Sophos UTM. A personal favorite of mine is to extend the connectivity by using a Sophos Wi-Fi AP. If however you have multiple devices you can connect them to a standard switch and patch that into the RED. **A note on the internal network: ** If your site is small and you only need to connect 4 devices, you can patch them directly into the RED. LAN ports connects to the remote internal network (marked LAN1, LAN2, etc).WAN port connects to your Internet router.The units are all solid-state components with no fans or moving parts and they have a sturdy steel case. There are no buttons or configuration options on the box. The RED devices are design to be both tamper proof and fool proof. To get a fixed public name even from a dynamic connection, read our article on Configuring Dynamic DNS on Sophos UTM. This would typically be located at your head office or data center. You need a central Sophos UTM that has a fixed public name and/or IP address, and a full guard license. What is really nice here is that you can switch ISP or even the routers themselves, without needing to reconfigure anything on the RED or the UTM. This means you can theoretically use any router regardless of the medium such as a DSL, VSAT, T1, T3, ISDN, and 3G. Anything that can connect to the Internet and provide a DHCP address to the RED device plugged into it will do. You also need an Internet break out at your remote site. They are purchased as a once off cost with no annual subscription required. The good thing is that they are relatively inexpensive. Unfortunately there are no virtual RED devices, so you have to get the hardware. It also means all users, regardless of site can be reported on with the same infrastructure. This allows you to have a consistent user security profile across all of your sites. Once your RED is configured all of your devices on the remote site can be set to browse the Internet through your central UTM. The concept is not new, but the ease of implementing it, and the elimination of remote side configuration is what makes it really cool. The RED or Remote Ethernet Device is a small box you deploy to your remote sites, and it establishes a VPN back to your central Sophos UTM so that anything connected to the RED is seen as part of your network. One of the very first features of Sophos UTM that grabbed me as a seriously cool feature is the Sophos RED device integration.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |