Sophos XG Appliance for the Private Home

Horrido! Is there anyone here who happens to be familiar with the current Sophos XG? Especially with the XG 115/125. I would like to know if these devices can be used as regular routers like, for example, a Ubiquiti USG. I don’t think very highly of the USG, and the XGs even have integrated DSL modem modules.

Merci

Even the smallest unit, the 85er, is overkill in terms of performance for a private household. A firewall can always route as well.

Thank you! The network is otherwise also slightly oversized, so that doesn't matter. Do I understand correctly that I also need to purchase the yearly licenses for the extended protection features in addition to the appliance?

.... Do I understand correctly that I also need the annually purchased licenses for the extended protection functions in addition to the appliance?

yepp!

That adds up quite a bit. And you want to administer it yourself? So you come from IT or have dealt with it intensively?

Then this is certainly one (of many) options to (additionally) protect the network.

Alternatively, you can install pfsense or similar on it. That is then license-free, but the DPI is a bit more complicated to administer...
(If pfsense, you should of course buy the Sophos used for around 100 - 150 €)

It would be a misconception to think that Endpoint Protection can therefore be omitted, but you are probably aware of that...

Endpoint is a different topic. I see/saw the XG only as a charming way to combine firewall, AV, VPN, and powerful routing in one. But I believe the ongoing costs do not quite justify the benefits for the IT-savvy home.

The costs really are not justified. The firewall on the USG is quite cumbersome. DPI and IPS are better than nothing. How many ports do you want to open? At home, things usually don't change much... The firewall rules between the VLANs are also quite simple to configure. Traffic from outside will run through VPN in our case. An alternative would be pfsense.