sophos

Creating Your Own Sophos UTM Bootable USB Installation Drive

by

Etienne Liebetrau

Etienne Liebetrau

Installing Sophos UTM from a boot CD is straightforward and works well. The only problem with this old school method is that Sophos UTM appliances do not ship with optic drives, and this is true for most modern hardware.

Most current operating systems can be installed from USB (Windows, OSX, Linux, etc) and it is often the preferred method because these OS installers are aware that they are installing from USB.

Sophos provide a USB installation option called the Smart Installer for UTM hardware appliances, but this is a special USB drive that emulates a CD, essentially working around the issue.

This article steps you through the process of preparing and creating your own Sophos UTM bootable USB installation drive.  Please note that since this is a workaround it is not a supported method by Sophos.  It is handy for building and rebuilding your home and test equipment but for your serious production hardware please follow the official Sophos recommended method of attaching an external optical drive.

Step 1. Download the Sophos UTM ISO

Download the latest version of the Sophos UTM images from https://www.sophos.com/en-us/support/utm-downloads.aspx

There are two options when downloading the ISOs. One for hardware appliances and another for software appliances. If you have a physical Sophos appliance use the first option, if you are building your own on a virtual machine or PC, use the second option.

Step 2. Download and run Rufus

Rufus is a USB utility that allows you to create bootable USB drives from ISO images, and it is available from https://rufus.akeo.ie.  There are a number of similar utilities available which you should be able to use if you prefer.

  1. The executable does not need to be installed. Simply run the exe as an administrator on your system.
  2. In the Format Option section set the Create a bootable disk using to ISO and select the Sophos UTM ISO downloaded in step 1.
  3. Click Start and accept the warning that the USB drive will be erased

The process take a few minutes and will notify you when it has completed.

 

Step 3. Boot and Build from USB

Here is the theory of what happens next. When the system boots from the USB drive it will be running an installation subset version of Linux.  This version runs completely in RAM. For it to make use of files on the USB drive, the drive needs to be mounted. To do this we are going to switch between the installer and a console session. We will use the console the mount the USB drive, making the files available, and then switch back to the installer and continue from there.

Insert your USB drive into your device, in my case a Dell PC, power it on and invoke the boot selector by pressing F12 and then selecting the USB drive option. Depending on the hardware, you may find it automatically boots from USB or you might have to access the BIOS and set it as the preferred boot device. This can normally be accessed by pressing the Del or F2 key during POST.

The Sophos UTM installer should start and display the black Welcome screen. Press Enter to start the installation.

 

At the blue Introduction Screen press Alt + F2.  This will switch you to a console screen.

 

Mount your USB drive with the following command:

mount /dev/sdb1 /install

Press Alt + F1 to switch back to the installer and carry on with the installation. If you run into an installation error, see the troubleshooting section below.

That's all there is to it!  Once the installation finishes you can remove the USB drive and reboot.

Conclusion

You don't have to run around trying to find writable CD's or USB optical drives to build a physical Sophos UTM device.  You also don't have use the Sophos UTM Smart Installer USB drive. Although, if you are routinely building Sophos UTMs from scratch, it might be worth the convenience.  For more details on the Smart Installer check out https://www.sophos.com/en-us/support/utm-downloads/utm-smart-installer.aspx

 

Troubleshooting

If you are reading this it means you probably ran into an installation error.  If you do not explicitly mount the USB drive as described, you may receive this error during the 'formatting' stage:

install.tar wasn't found on the installation media

 

The installation expects the install.tar file to be located in:

/install/install/install.tar

You can check this by switching back to the console with Alt + F2 and using

cd /install/install

ls

It should list the following items:

build; install.md5; install.tar; rpm

 

If this error occurs, it is most likely that your USB device was not detected as /dev/sdb1. To verify this you can use the following command

dmesg | grep sd

Look for your usb device in the list, it should show the device name and size.  Change the mount command to reference the correct sd_x_1 device id. For example, instead of

mount /dev/sdb1 /install

use something like:

mount /dev/deviceid install

Take Fastvue Reporter for a spin

Download the free 30 day trial, or schedule a demo and we'll show you how it works!

  • Share this story
    facebook
    twitter
    linkedIn

Attacking and Testing Sophos SG Web Application Firewall

Learn how to set up a Sophos SG Web Application Firewall testing environment where you can test and hone your WAF configuration skills.
Sophos

Attacking and Testing Sophos XG Web Application Firewall

Continuing our series on the Web Security Dojo, now testing Sophos XG web application firewall with easy to follow step by step instructions.
Sophos