Sophos UTM Reviews

Sophos UTM is the primary product I work with, specifically the firewalls. I mainly use the application control feature of Sophos UTM, which really helps manage application usage because it is very easy to maintain bandwidth. If you have 20 Mbps in an office for about 100 people, it becomes much easier to manage.

I am not using other Sophos products; Sophos UTM is the only one I use. I have not subscribed for zero-day protection with Sophos UTM; the licenses I have are for email, web protection, and a few other things, but not for zero-day.

The features I have found most valuable in Sophos UTM are that it is much easier to configure, I appreciate the reporting side of it, and the rules are very straightforward to work with.

Sophos UTM's real-time insights into network health help my organization because I get real-time reports on what is happening on my network, what is trying to access me, the destination, and all that. I can then be reactive or proactive, and for zero-day, I think it is beneficial because it can learn what my network does. If anything goes outside what it expects, it sends a report on Sophos Central, so I find zero-day makes my work a bit easier.

The use of Sophos UTM's intuitive management console has impacted my security policy enforcement in that it is much easier to configure; I configure with information rather than with presumptions.

I would like to improve Sophos UTM in that there is software I use that goes deeper in the reporting on usage. There is software called Fastvue that breaks down everything in the firewall and whatever is going on, and I wish you had reporting of that caliber. It would make my work much simpler because it makes decision-making much easier. Fastvue is worth investigating.

I have been using Sophos UTM for five years now.

The initial setup of Sophos UTM is easier, but as you progress, your firewall learns the threats you have. I configure based on whatever threats I see coming in and out.

The pricing for Sophos UTM is reasonable; I do not have an issue with it, though I was considering RED because I have different sites I wanted to connect, and instead of doing site-to-site, the RED option is quite pricey.

I do not see why email protection has to be paid for separately with Sophos UTM. I feel that emails are very essential and should be part of the firewall; it should even be part of the base license. I do not understand why email protection must be a separate cost, and I feel it is ineffective if I do not pay for it because those are the main channels that receive information from outside coming in. If I am required to pay for it and if I do not pay for it, then it is not covered, which makes the entire firewall proposition unclear to me. I believe email protection should be part of the base license. I would rate this review a 9.

My main use case for Sophos UTM is to support several customers; we have some enterprise customers as well, but they use different firewalls, and for the smaller customers, usually we have our local Sophos, and then they have their own Sophos at their premises. We usually have site-to-site VPNs and monitor their on-premise equipment with our monitoring system.

At our own company, we also use Sophos UTM as a mail gateway, and we use it for the VPNs for the road warriors, providing remote access for employees.

In my opinion, the best features Sophos UTM offers are part of the firewall itself, so we don't need an extra appliance, we don't need to set up extra open-source VMs or anything. It's just part of the gateway that is connected to the internet anyway, and we protect our Exchange servers with it. This works fairly well in my opinion, and it's good.

What I appreciate most about the features is that you can have modules with Sophos UTM, so network protection including the reverse proxy, or that you can have a module for the email protection, a module for the network protection, and so on. You really can only purchase the functions you need and still have the possibility to add later, so that's excellent.

Sophos UTM has positively impacted my organization certainly in all of those areas because any security system you have is better than none. The ease of use and the pricing have made it very easy even for smaller clients to have certain security measures in place. I would count that as a win for security and cost saving at the same time.

I can share specific outcomes regarding Sophos UTM; we've seen reduced costs certainly. Either the clients wouldn't have any security measures at all, just an ISP provided router, but those don't serve very well security-wise. Or they would have had larger, more expensive firewalls, and Sophos UTM really is easier on the budget. We've also seen time saved, definitely. We streamlined all our clients into using Sophos UTM if they want to have their on-premise infrastructure monitored, and that really saves a ton of time.

The needed improvements for Sophos UTM include that the GUI could be a little more high-resolution-aware because it's still stuck in the small, low-resolution admin days, and those are long over.

I choose a rating of nine out of ten for Sophos UTM because, as I mentioned, the graphical user interface is stuck in the past, and some things here and there are not implemented to the full, such as the reverse gateway thing, reverse proxy, and web application firewall. If you want to really implement some rules that are a little bit more difficult, Sophos always recommends getting the dedicated WAF, or web application firewall, but I would prefer to have more features on the web application firewall in the firewall itself because it would make more sense. Other than that, it's a very smooth experience, and I really appreciate it.

I have been using Sophos UTM since before it became Sophos. I used it from the Astaro days, actually, before they were bought by Sophos, so since 2009. I have been using Astaro and all the way up until recently when it became Sophos UTM.

Sophos UTM is very stable.

In terms of scalability, Sophos UTM is very good. You can have large appliances or small appliances, you can change them, you can have high availability clusters, so very, very scalable in my opinion.

The customer support for Sophos UTM used to be better when it was still Astaro, but those days are long gone. The customer support has been good to mediocre, but not very good.

I previously used different solutions; for the smallest of our customers, I usually use OPNsense, for example, the open-source firewall, because they don't want to pay any money whatsoever, besides needing more time to set up and everything. For larger customers, we usually had a FortiGate, for example, but FortiGate is a little bit more expensive and a little bit harder to set up, so I count Sophos UTM really good for that.

My experience with pricing, setup cost, and licensing with Sophos UTM is that I was astonished to find that the prices are a little lower than competitors, and I'm really pleased with the functionality that you get for the price.

I have seen a return on investment with Sophos UTM, and I can share that the price is around thirty percent better, especially if you count in the employee time.

Before choosing Sophos UTM, I evaluated other options including FortiGate, OPNsense, and SonicWall, which was one customer using.

The customer support for Sophos UTM used to be better when it was still Astaro, but those days are long gone. The customer support has been good to mediocre, but not very good.

In my opinion, the best features Sophos UTM offers are part of the firewall itself, so we don't need an extra appliance, we don't need to set up extra open-source VMs or anything. It's just part of the gateway that is connected to the internet anyway, and we protect our Exchange servers with it.

I choose a rating of nine out of ten for Sophos UTM because, as I mentioned, the graphical user interface is stuck in the past, and some things here and there are not implemented to the full, such as the reverse gateway thing, reverse proxy, and web application firewall.

What I appreciate most about the features is that you can have modules with Sophos UTM, so network protection including the reverse proxy, or that you can have a module for the email protection, a module for the network protection, and so on.

At our own company, we also use Sophos UTM as a mail gateway, and we use it for the VPNs for the road warriors, providing remote access for employees.

In terms of scalability, Sophos UTM is very good. You can have large appliances or small appliances, you can change them, you can have high availability clusters, so very, very scalable in my opinion.

I can share specific outcomes regarding Sophos UTM; we've seen reduced costs certainly. Either the clients wouldn't have any security measures at all, just an ISP provided router, but those don't serve very well security-wise.

Before choosing Sophos UTM, I evaluated other options including FortiGate, OPNsense, and SonicWall.

My advice for others looking into using Sophos UTM is that it's really good to have fairly good knowledge of Linux because Sophos UTM is built on Linux and it helps debugging, it helps, for example, network tracing, and issue fixing. Other than that, get the introduction course and get ready to deploy. It's really easy. I give Sophos UTM an overall rating of nine out of ten.

We are still working with Sophos UTM, so I can confirm that we have not switched to something else.

I have been working with Sophos UTM since 2018.

The most valuable features in Sophos UTM are Mail Protection, Web Server, advanced endpoint, and the servers. Our systems are silent, secure, and we don't have many problems with security policy enforcement.

In terms of setting rules to guard the organization, especially on the network, we can set those rules, and through Sophos Central, we are able to see the equipment that has been registered and all the reports on the performance of each piece of equipment. For the endpoint equipment, there are close to 300 people using Sophos UTM in my company.

We have five administrators and around 10 servers, so we have advanced server protection that we are using.

We find the most valuable features in Sophos UTM to be Mail Protection, Web Server, advanced endpoint, and the servers. It helps us quite a lot, especially because since we use Sophos UTM, malware intrusions are not rampant.

It has helped us to set rules to guard our organization against any intrusion from outside. Our systems are silent, secure, and we don't have many problems with security policy enforcement. In terms of setting rules to guard the organization, especially on the network, we can set those rules, and through Sophos Central, we are able to see the equipment that has been registered and all the reports on the performance of each piece of equipment.

I would prefer to see additional features in the next release of Sophos UTM because cyber crime increases every day, so we also need to improve our game to prevent any chances for intrusion.

I cannot be specific regarding the features I would prefer to see in the future in Sophos UTM. In everyday life, there is room for improvement; it is the biggest room, so there is always a need to improve. Through the technical team, they can look at the loopholes and then be able to seal all the vulnerabilities that would bring problems.

I have been working in this field for 18 years.

So far, I have not had any problems with the scaling of Sophos UTM.

We have not experienced any problems with the technical support because we are getting support from both the partner and Sophos directly.

I would rate the technical support by Sophos a 10.

Positive

Before we used Sophos UTM, we were using Kaspersky.

I took part in the implementation of Sophos UTM.

The implementation was straightforward, with no difficulties during the process.

It took approximately two hours to complete in my case.

Four people were needed for the implementation.

I completed the implementation with the help of a Sophos partner.

The company that helped us is called Cloud Logic.

The pricing would be more economical if sold directly to the user compared to going through a partner, as they need to take their percentage.

We evaluated other options before choosing Sophos UTM. We tried Sophos UTM and found it to be more helpful than what we were using initially, which was Kaspersky.

For an organization similar to ours, we recommend working directly with Sophos instead of going through a partner. Additionally, having regular webinars would be beneficial so that people can be trained and given insights.

On a scale of 1-10, I rate Sophos UTM a 10.

I am familiar with Sophos UTM, which is the firewall. Sophos UTM's main use case is for protection and to control security features or navigation features, like implementing and controlling users' navigation. The clients that we implement and support with Sophos UTM are from different segments, with no specific segment.

Sophos UTM's valuable features include the cost, which is very competitive when compared with other vendors, balanced with the features that it delivers. Sophos UTM can deliver not only the basic but also the main features that a UTM demands, so the cost benefit is good.

Sophos UTM integrates well with other Sophos products through a console center for this purpose.

Sophos UTM's real-time insights into the network health have helped some of my clients, although the monitoring is adequate and does not provide high-quality monitoring. The functionality is not granular enough to monitor or identify issues effectively.

The update process could be improved with Sophos UTM overall since the experience and accuracy when updating the box could be better.

I have been working with Sophos for around five years with my clients.

I would rate the technical support with Sophos a seven because sometimes the time of the first resolution is not ideal, and we sometimes need to reopen the ticket and investigate more.

Positive

I have experience with Sophos and other similar network products because we are a reseller of both Sophos and Huawei. I can answer questions about my opinions on Sophos or my experience. I have limited familiarity with the application control feature of Sophos UTM, as I only know and have experience observing it, not the management part. Some of my clients' companies use Amazon Web Services as a main cloud provider for their solutions. Sophos UTM pricing is competitive for both the license and the box from software and hardware perspectives. I would rate this review an 8 overall.

Most of my customers have more than one or two sites which are connected with the IPsec tunnel. For some people, they need VPN to enter the particular main HO site and access all other remote site subnets, such as when there is a file server hosted on another site. This was a simple use case: from one site, they will enter from SSL VPN to one site and access all their remote sites using this VPN policy only. We don't need to require the VPN for all particular single sites; we create only one single VPN, and from that single console, they can access all these sites as well.

Currently I am working at AVH, which is a system integrator that provides solutions such as security and UTM solutions to clients. My task is the complete installation and implementation of these firewalls and, apart from that, post-support calls. If clients are facing any issues, they reach out to our company, and the company assigns me to their tech solutions.

For the initial setup, we create an SSL VPN portal for this customer's public IP, and we make some local subnet so that the user will get some local subnet IP after connecting with Sophos UTM. After that, we allow the security policy, which determines which resources they can access after connecting with Sophos UTM. They access Sophos UTM VPN using the public IP, and then when they enter the site, they can access the limited resources we have allowed in the policies.

The most useful features I have worked with in Sophos UTM mostly involve the DNATing process and their web filters. Many customers require these web filters to be aligned, such as when they need to access resources over the VPN or over the DNATing process.

Application control reduces their bandwidth consumption. When users consume large amounts of bandwidth, this application filter can limit their usage, ensuring they won't face bandwidth failures. Users are limited to a particular bandwidth for a specific application only.

When connecting to Sophos UTM VPN, certain applications can be restricted from being accessible using this VPN policy. It is more secure with more granular security, allowing the user to only access specific, allowed applications.

I can very easily manage my Sophos UTM VPN users and get all the logs, details, and traffic monitoring over my single dashboard console.

For the challenges I've faced, zero trust is one area where I haven't worked much or have sufficient experience.

I have around 2.5 years of experience in this particular domain.

I currently don't have experience with deployment issues.

I have connected with the Sophos UTM technical team one or two times.

Positive

It is user-friendly and straightforward, so there are no certain challenges to configuring this VPN with Sophos UTM.

Compared to other OEMs and other vendors' firewalls, Sophos UTM is very user-friendly. It has a user-friendly dashboard so that anyone, even a new beginner, can easily learn where the options are and how to configure UTM profiles. Different industries such as hospitality and manufacturing can have customized UTM profiles. The UTM is a granular and easy step, and non-standard categories can be manually added.

Regarding pricing, it's affordable for the features that Sophos UTM provides; there is no higher price, it is affordable.

When deploying on-premises, all customers have suggested this deployment type. Occasionally, there are certain failures; however, it's mostly user-friendly and reliable, with no major challenges in configuration. I definitely suggest checking it out.

On a scale from one to ten, I rate Sophos UTM a nine.

I have been using Sophos UTM for the past six years to protect the network at my organization. I use it for my customers and to secure our internal infrastructure.

The zero-day protection and firewall rules are some of the most effective features for threat management. I can set the rules and features, and also use IPsec to connect all my on-premises servers and link them to Sophos UTM so that they are protected even when in the cloud. 

Additionally, I use it to control access into the building through a captive portal integrated across all the PCs we have, ensuring secure access only for authenticated users.

I would love to see artificial intelligence capabilities integrated into Sophos UTM. This would help reduce reliance on external support.

I have been using the solution for the past six years.

There have been no issues with the stability of Sophos UTM.

There have been no problems with the scalability of the solution.

The technical support by Sophos is amazing, especially when I pay for the enhanced support. I receive maximum attention and it is a good system.

Positive

I have been using these boxes for a long time now, all the way from CyberRoam until we migrated to Sophos.

The initial setup was easy because I have been using these boxes for a long time. The operator provided an option to send someone down, however, I worked with them remotely and we were done with configuration in 30 minutes to an hour.

They just sent somebody. However, I was able to handle most of it myself remotely due to my previous experience.

Pricing has become expensive recently due to the dollar hike and naira value changes in Nigeria. Even though it's expensive, I consider Sophos a major first line of protection, so I pay for it nonetheless.

I've been recommending Sophos UTM to others, and I would continue to do so. 

Overall, I would rate the solution a nine out of ten.

Currently, I have Sophos UTM. I don't remember the details. I know it's about management. I have monitoring from Sophos, alongside the Sophos firewall and Sophos antivirus. Sophos manages the service, with people monitoring my network, including the data from my endpoints and firewalls. They can alert me if there is a security risk. I purchase this service through a distributor in Colombia because the service offers direct management and monitoring.

This integration of the antivirus and the firewall works together to enhance security. Integration is key in securing my system.

With artificial intelligence, there is room for improvement in all antivirus and security software. However, the bad actors are also improving their methods by using artificial intelligence.

I have been using the solution since 2014 or 2015.

Sometimes, I communicate with Sophos support. It was hard for me to talk with them since my English is not as good as American English.

Positive

I used WatchGuard before. WatchGuard was used as part of Azure's antivirus suite. Although all firewalls work similarly, the integration of antivirus and firewall from one company decided my preference for Sophos.

The people who sold me the solution helped me configure everything.

The installation was done by one engineer. Inside my company, two or three people worked with him to deploy it, including my boss, a technician, and myself.

The value between what I receive and what I pay is the best in the industry.

I definitely recommend Sophos. I rate it a nine out of ten. 

Other firewall companies do not have antivirus development as well as Sophos. Sophos is unique in this regard, having developed its antivirus before the firewall, and now both are very good.

The primary use case for the solution is as a perimeter protection firewall, which includes functionalities such as VPN, web control, and traffic inspection. It is used in various customer environments, providing comprehensive security management and network protection.

The platform's most valuable features include the integrated multifactor authentication (OTP) for VPNs, which enhances security, and the flexible and intuitive firewall policy settings that simplify management.

Enhancing the user interface to achieve the same level of flexibility as the older UTM interface could improve the product. The current XG interface needs to be more consistent during configuration.

I have been using Sophos UTM for 15 years. 

The solution is stable. I rate it a ten for stability.

The solution is highly scalable, especially with VM offerings, though it can be pricey. I rate scalability as eight or nine.

The customer service and support for Sophos UTM have been exceptional. The developer community is also valuable, offering substantial support and insights.

I previously used solutions like FireGuard and WatchGuard but switched to Sophos for its comprehensive features and superior user interface.

The initial setup for basic functions is very straightforward and can be completed in less than an hour. However, advanced configurations can become challenging.

Our in-house team manages the deployment. We seek help from third-party MSPs with expertise in complex configurations.

The product pricing and licensing are higher, but they offer good value for the features and stability provided.

I evaluated other options including Fortinet FortiGate, but found Sophos to be more suited to our needs at the time due to its ease of use and robust feature set.

The platform requires regular monitoring. Overall, I rate it a ten. 

I deploy Sophos UTM FullGuard for each of my clients. It is a complete bundle of security subscriptions that include web filtering, dual inline antivirus, etc.

The packet filtering's great. You get out what you put into it. It works great as long as you know your security and configure everything adequately. If you just pop one in and it's not configured, then it's basically wide open. It kind of depends on the admin skill, but it's an excellent product.

UTM has sand-storming, got dual inline virus scanning, filtering, DNAT, translations, etc. You can implement Google Safe Search for schools and stuff.

Email spam filtering only works if you have an on-prem Exchange server. It doesn't interface with Office 365 like the XG model. That would be one feature that they could improve. They're not going to do it because they're trying to push us all to XG.

I have almost 30 years of experience in IT, and I've been deploying Sophos UTM and its predecessor for the last 14 years. Originally, the product was called Astaro ASG, which is short for "Astaro security gateway." Sophos bought Astaro in 2010 or 2011, and it became Sophos UTM.

I've been using this stuff forever, and I've only had to replace a couple. That was due to lightning strikes, power surges, and other things that are out of our control. It's a highly stable platform with very few hardware issues. As long as you set it up right. I have my solution scripted so I receive backups and nightly config files in the email. Each night, I look at the executive report to monitor the solution. As long as the administrator takes the time to set it up correctly, I think it's a highly stable product.

The Sophos UTM and XG lines are highly scalable. It's the same OS and security across all modules. The scalability is based on the size of the hardware.  If you have a small network, then you go with an SG 115 or something. If you have a network of up to around 50 people, then you bump that up to a 210. If you have a couple of hundred people, you bump it up to a 310. To scale up, you increase the hardware for higher throughput and such.

The initial setup is pretty easy for anyone with a security background. Sophos has a wizard that holds your hand through the initial setup to get you up and running, but an administrator needs to get in and fine-tune the solution after the fact. 

The deployment time depends on the size and scope of the client. I've put a bunch of them in small networks of fewer than 10 machines. Those don't take more than a couple of hours. I've also done larger companies with 120-150 people and multiple departments. I like to lock everything down, so I know it's secure, and I create exemptions for things that don't work. It just depends on how many applications, end users, departments, etc. For a big customer, it's a one or two-day process.

I started in corporate networking for large enterprise clients, but I've been running my own business for the last 13 years. A good rule of thumb is about 200 endpoints per technician. That's doing everything, including desktop support and security, etc. For security administration,  one person who knows what they're doing can set it up and administrate it fine.

Now, I have a team of a couple of people underneath me because I have a lot of companies all over the place. It takes more than one person to keep everybody going. If I were the full-time IT guy for a company of 200 people, I could deploy it, manage it, and do it all by myself.

I run a managed service provider, and I put everybody on UTM appliances. Those licenses are all renewed annually, and I have to manage their networks. I get a great return on investment.  With the XG line, you can get into the Sophos Flex program, where I only get billed monthly for it. We charge the customer monthly for their security subscriptions, so we get a return every single month.

I keep my prices reasonable. Lots of people charge twice what they pay, and they get a lot more money in their pocket, but I just don't like gouging people.

Sophos is actually fairly expensive. When it was Astaro, it was the most expensive solution in the same tier as Cisco PX and Barracuda's line with multiple different blades to do different things. Astaro was the first solution to have unified threat management all in one blade. You don't need to get full-blown security at the top price. You can get the network security subscription or the web security subscription, etc.

On a scale of one to five, I'd probably give it about a four for affordability because it's pretty expensive. It's good stuff. I've always been a firm believer that you get what you pay for.

I rate Sophos UTM nine out of 10. I think Sophos UTM is pretty close to perfect.  I wish they weren't discontinuing the UTM line. They're forcing all of us partners to switch to XG. XG has a lot of AI integrated into it, so it's probably more secure, and there are more features. At the same time, it's a lot harder to work on, and I don't care for the UI. I like the way that the UTM is laid out.

You get out of it what you put into it. That's true of any security appliance, whether Sophos, Barracuda, WatchGuard, Juniper Systems, etc. If you want to secure your networks, this is a great device, but you have to put some time into it. You need to understand your customer's environment. I like to lock it down and create exemptions for things that they need. That way I don't have to waste my time cleaning up viruses, ransomware, and all these threats that happen all the time.