Installing Sophos UTM from a USB memory stick

By 14 noviembre, 2014 IT Security, Sophos UTM


Most tutorials regarding loading Sophos UTM firmware are related to CD-ROM. Not only that, but there are also abundant information about the impossibility of doing this through an external USB memory stick, unless it is supplied by Sophos (Sophos UTM Smart Installer).


Well, the issue is much simpler and less expensive than this, and I will detail the steps to restore the firmware or load it from a USB memory stick.

There are several free tools to copy an ISO image onto a USB stick. Xboot is an excellent small application, but in this tutorial, I will use the latest version of Rufus that can be downloaded here.

Make sure that your USB drive does not contain important data before flashing the device as they will be deleted. Start the Rufus application and select the ISO you want to load to the UTM or device (e.g. ssi-9406-3.1).

In the initial screen of the application, select the following options:

  • Target device (USB memory)
  • Type and target of system partition: MBR for BIOS or UEFI
  • File system: FAT32
  • Cluster size: 8192 bytes
  • New tag: (optional)
  • And finally, select the ISO image from your hard drive and click “start”.

In most cases, at startup, Sophos UTM devices will try to boot from the USB ports. Both Sophos SG 135 and UTM 220 searched the USB ports without having to rearrange the boot order in the BIOS. If this is not your case, you should define this order through the BIOS by pressing ‘Del’ to enter when you get the splash screen.

  1. Start the device with the USB stick plugged in and hit ‘enter’ to continue.
  2. When the option to enter the console appears press ‘Alt + F2’.
  3. Type the following: mount /dev/sdb1 /install (make sure you respect the spaces).
  4. Type “ALT + F1” to exit the console and continue with the installation.

If there is a failure, make sure you are using the correct device:

  1. Return to the command line by typing F2.
  2. Type ‘fdisk -l’ to find out the name of the USB volume.
  3. The last device in the list will be labeled ‘smb’.
  4. Find the boot partition labeled ‘smbx’ where ‘x’ is the number of your bootable USB device.
  5. Mine in this case was 5 so my boot device was therefore ‘SMB5’.
  6. Return to step 3 of the first part and replace the x with a 5 as in mount /dev/sdb5 /install.
To keep up with IT Security issues and get the latest top stories, kindly join us on Facebook  and follow us on Twitter.