Build Your Own Sophos UTM

Building your own requires hardware or a virtual machine that is compatible with the Sophos UTM Software and meets the performance requirements to get the job done. The following list of parts will handle a home or small business with one internet connection and one local area network connection. The motherboard has a PCI slot that can be used to add ports for additional internet connections or networks.


Use the links near the top of this page to get your free license for home (Home Use Firewall) or business (Essential Firewall) from the Sophos web site. A UTM with an Essential Firewall license starts out with basic features, but can be upgraded by adding subscriptions. Contact your MCK.NET Sophos Certified Architect for more information.


HardwarePart NumberEstimated Cost
In-Win Development BM639 mini-ITX case with 160-watt power supplyIW-BM639.AD160TBL $56
Gigabyte motherboard with two gigabit network portsGA-J1900N-D3V 89
8gb Kingston ValueRAM DDR3L SODIMMKVR16LS11/8 77
60gb Kingston SSDNow V300 SATA SSD driveSV300S37A/60G 63
ASUS internal SATA DVD writerDRW-24B3ST 28
Total: $315

Request A UTM


Installation Instructions

This assumes you have some technical knowledge. Hardware may not always come with instructions that are clear if this is the first time you're building a computer.


Download the latest .ISO file from the Sophos web site and burn the image to a CD. After the computer is built, boot the UTM from the CD to install the Sophos UTM Software.



A couple of the questions asked during installation are about the network interface. Make sure the hardware you're using has at least two network ports. Select one for the local area network and use an IP address that is available and accessible on your existing network. The default IP address for the LAN interface is 192.168.2.100. The IP address can be changed, later, to replace an existing gateway.



If you're using modern hardware, make sure you install a 64-bit kernel.


Higher-performance processors and solid state drives and more memory can handle more computers and devices and more features such as web filtering.



Keep in mind installing the software will erase everything that is on the drive. If you don't have a computer you can dedicate to your Sophos UTM, consider using a virtual machine or asking your tech at MCK.NET for help.



After installation is complete, restart to continue configuring your UTM through WebAdmin by using a web browser to go to https://192.168.2.100:4444 or the IP address you entered during installation.


You'll be asked for a license when you use WebAdmin for the first time. Upload the .TXT file emailed to you by Sophos.


The UTM can be restarted or shut down using the WebAdmin interface or the soft power button on the hardware or shut down option (not turn off) on the virtual machine.