Mostly for you
Lenny_Fox, but also others.
The beautiful thing with Sophos XG is that it is free for home use.
I use it in bridge mode witch means that it sits behind your router and only filters the traffic going in and out on your network.
Setup XG in Bridge mode
Behind the XG I just run a 24 port switch to feed the house.
I run this on an old Intel i3 cpu with just 4 GB RAM, I do not feel anything lagging except maybe if you download a big exe file for example.
This is to be expected due to the scanning/inspection of the file, you can set how large files you want to scan, and if you like to use both Sophos and Aviras AV, or only one of them to scan the file.
On top of that you can enable some sort of ATP scanning, I am not sure how that work because I did not buy a license for their
Sandstorm, I suspect this is some kind of HitmanPro tech witch Sophos did buy a couple of years ago. But it seems these are two different modules (ATP and Sandstorm)
As I mentioned there is an ATP scanning that you can activate, and I did have 2 detection coming from that module, so it works.
When it comes to surfing the webb, streaming or any other use of the webb I do not feel any slowdowns, I only have a 100Mbit connection so I do not know how it would feel on Gbit connection.
When it comes to WiFi I only use a simple router connected behind the XG, but of course you could use an access point if you want to reach your intranet with your wifi stuff.
I also like
Untangle who also can be set up in bridge mode:
Bridge mode
Untangle is by far more easy to set up and run compared to Sophos XG, security wise I can not comment, as there are no tests in this area that I know of?
This is a area that I would love to see the AV test organisations to start look into.
/W