What is our primary use case?
I implemented this firewall for my clients. They're small offices. One has got half a dozen computers, and the other one has about 30 computers on the network. Both utilize VPN to remotely access their workstations in the office.
It is sized based on the client. So, there are actually two different versions that I've utilized.
How has it helped my organization?
VPN setup is great and easy to implement for outside users to access data or workstations in the network. Easy to manage and set up. No major glitches. Runs reliably. Setting up iPhones and Macs is a bit more involved since you have to use VPN apps that are compatible with Apple for VPN and remote desktop.
What is most valuable?
Compared to other firewalls that I had looked at, I thought Sophos was the better solution. It just seems to be easier to manage versus Cisco, Fortinet, or one of the other options I was looking at.
I'm not going to say that it's easy to configure, but I can understand how to configure it. There is a certain amount of support available to do the configurations.
What needs improvement?
I'm just a sole proprietor for IT support, and from my perspective, there could be better ways to educate a proprietor, such as myself, on how to set it up, program it, and manage it. They do tend to have support, but a lot of times, it is for larger networks. I need something simpler and more rudimentary to set up and configure the firewall, set up the rules, and that type of thing. So, if there is a missing component there, that would be it.
Any firewall will need rules for how it protects the network against a variety of threats or various degrees of protection. My comments are not aimed at Sophos specifically. As a new person just learning about firewall protection, it would be helpful for any vendor to have an education area that runs through various scenarios and implements them in the firewall. Videos would be helpful. From my initial research on which firewall to choose, Sophos appeared to have the most straightforward interface.
I purchased the units from www.firewalls.com, and they worked with me to do the initial setup. That was very helpful to get started
For how long have I used the solution?
I have been using Sophos XG for 4 years.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
It is scalable. There are different models, and you really need to choose a model that is appropriate for your current situation. You can buy something with a certain degree of scalability. Because I purchased it through firewalls.com, I was able to have that discussion, describe the application, and then choose a model that would suit that particular client with a degree of scalability. Now, for instance, if they went from 20 employees to 500 employees, then it is not scalable to that degree, but if they went from 20 employees to 50 employees, then it would be scalable. So, you've got to define the criteria in terms of what you're trying to protect, the number of users, the bandwidth that is going through it, the speed, etc. When I purchased them through firewalls.com, they explained and helped me choose the most appropriate appliance for what I'm doing.
How are customer service and support?
I did have a circumstance where the firewall had been damaged during a lightning storm or something like that, and I called them to help me diagnose what the issue was. They were good about the diagnostic. They were good about spending the time with me to figure out what was wrong. In the particular case that I was researching, it turned out that one of the ports was bad for some reason. It was either because of the lightning storm or some other reason. It was under warranty, and they replaced it with a new unit. So, I'm satisfied with Sophos' support.
Which solution did I use previously and why did I switch?
Previously used a small $100 cisco unit. Not easy to implement VPN. They may have an app, now, but at the time it was problematic and way too complicated.
How was the initial setup?
I purchased it through firewalls.com. They're an online vendor, and they did the initial setup and configuration on both firewalls. My experience with them was good.
What about the implementation team?
I used firewalls.com and they were excellent
What was our ROI?
Fewer management headaches
What's my experience with pricing, setup cost, and licensing?
The pricing was reasonable. VPN licensing is included.
Which other solutions did I evaluate?
I looked at Cisco, Fortinet, and one of the others, and compared to them, I thought Sophos was the better solution. It seemed to be easier to manage. After the implementation, I could figure out what to do with a Sophos interface. If it was something like Cisco or other vendors, it would be far more complicated to deal with. So, that's one of the reasons why I chose Sophos.
What other advice do I have?
For someone who is not acquainted with firewalls, whether it is Sophos or anything else, dealing with a third party for the implementation is kind of a must.
I am satisfied with this solution. I don't really have any hands-on experience with other firewalls that I can compare it against, but I'm satisfied with it. I like it, and I'd buy it again.
I would rate Sophos XG a 10 out of 10.
*Disclosure: My company does not have a business relationship with this vendor other than being a customer.