Please implement the posibility to bond WAN-lines. Free FW-Appliances like pfSense are able to do that. Why not Sophos?
At home (my testing area, before I implement new confs in the company FWs) I have two ISPs. UnityMedia with 125/4 MBit and Telekom with 100/40 MBit. Only with an UTM it's not possible to bond the lines, so that I can use the full bandwith of both lines.
Momentary I've solved that by putting a pfSense-appliance between the IPS-modems and the UTM. So I reach speeds like 223/44 MBit.
But... why use an other appliance between ISP-lines and UTM? Why isn't it possible that the UTM can manage that?
At our main office we also have 2 ISP-lines. So it would be also interresting for our FullGuard-UTM' to use the full bandwith of both lines.
Manuel Abeledo commented
The shared picture is NOT the desired result. It's my momentary setup at home.
I've two DIFFERENT ISPs (see bandwiths at left side) and pfSense is able to bond them without any third-party service or something else. The screenshot at right side is a REAL one from speedtest.net
There are services that allow you to aggregate your ISP links by creating a VPN back to their POP; This way they're able to serve you a single IP that encompasses both links.
I've worked with a few of these providers and the results have been surprisingly good; There's a surprisingly low amount of overhead created by the VPN connection, and the amount of latency added was also surprisingly low; On the downside, tuning the links was occasionally an issue, and packet loss tended to creep in when the bundle wasn't tuned correctly.
Aside from this approach, I don't know how two links could transparently be aggregated; You've got an IP per ISP, and I'm not sure technically how you'd spread a single session across those IP addresses. Balancing would be easy, but you've said that's not what you're looking for.
Another option would be to ask your ISP if they support any aggregation, such as MLPPP. That way they can aggregate multiple links to you over a single IP
The picture you shared doesn't really reveal much, except the desired result. There has to be something to bundle the two WAN links into a single public-facing entity; For this, you'll need the cooperation of your ISP or a third-party service.
Manuel Abeledo commented
Lippold, I'm NOT talking about Balancing, I'm talking about BONDING of two lines.
See here: https://pl.vc/y5ujc
Hi All, i can´t understand what you want? The SG / UTM Devices have Uplink Balacing, an Multipath Rules. Use use it on serveral customers, which have up to four different ISPs and it works great.
When pfsense could this, it shouldn't be a Great Problem for Sophos to implement this Feature! I would like it!
I can not englisch...
Habe mir den Text von Google übersetzen lassen. Ich fände das auch sehr gut. Wir haben auch 2 Leitungen. Ein bündeln wäre sehr schön.