Sophos Cyberoam UTM Room for Improvement
SH
SiyatHulbale
Global IT Manager at a energy/utilities company with 501-1,000 employees
As for areas where Sophos Cyberoam UTM can be improved, it's hard to say; I have not at the moment seen anything that I could not get a solution for, but if there's anything, I'll make sure to raise that with the Sophos team.
Regarding the documentation, I find that it is still lacking, although the YouTube videos, user training, and knowledge forum are now better than they were before.
Sophos Cyberoam UTM should move in the direction of AI capabilities, as the world is moving toward AI.
Sophos Cyberoam UTM is not promoted enough. I see FortiGates organizing student competitions and Cisco doing CCNA classes, so Sophos should follow that route as well.
View full review »
Dipak M Gohil
IT Manager at a energy/utilities company with 201-500 employees
I face issues when connecting to the VPN since it requires an authenticator. It would be beneficial if phone calls or SMS for two-factor authentication were available. Furthermore, during emergency situations, it is difficult to contact support quickly, which affects response time.
View full review »EM
Edwin Mwaura
Information Technology Manager at a educational organization with 11-50 employees
The product fails to provide proper reports, making it an area where improvements are required.
I wish that the product has the capability to send out emails or notifications to someone in the leadership team of an organization. In the school where I work, we need to keep track of the internet to check on incidents related to bullying and to keep a check on whether children are going through pornography or gaming websites. The product should have the capability to send out emails stating that a particular user has accessed a site at a particular time to the concerned authorities who need to take care of such issues.
Buyer's Guide
Sophos Cyberoam UTM
December 2025
Learn what your peers think about Sophos Cyberoam UTM. Get advice and tips from experienced pros sharing their opinions. Updated: December 2025.
879,425 professionals have used our research since 2012.
Kiarash Heydari
Information security manager at a non-profit with 10,001+ employees
Sophos Cyberoam UTM has room for improvement in specific rules-based objects and redesign.
The solution also needs to improve in adding rules and policies, including renewing and finding policies.
The Sophos team should make Sophos Cyberoam UTM policies and rules better and more useful than the old ones because that can be difficult and confusing sometimes. For example, adding policies or rules can be confusing, and that can be risky.
To improve Sophos Cyberoam UTM, Sophos should add an IPS or IDS signature feature in the current plans offered to customers.
Upgrading or patching the solution can be slow, so that's another area for improvement.
In the next version of Sophos Cyberoam UTM, I want it to have an appliance management feature, similar to what's in FortiManager, where you can connect all appliances and manage the devices because that would be easier in terms of reporting.
View full review »
Saurabh Bhansali
Head of IT at a wholesaler/distributor with 1,001-5,000 employees
SD-WAN should be included in the tool.
Diptendu Ghosh
Group CIO at a construction company with 5,001-10,000 employees
Sophos VPN connectivity could be improved, as it can be lengthy, and users take longer to connect. This is why some locations do not use Sophos VPN but instead PSM, which is much easier. CyberArk has some useful features, but connectivity can sometimes be an issue, even though it usually connects. It is mainly the process of connecting and licensing that is the problem. Sophos has licensing requirements, and some SMBs do not like to renew their licenses frequently. If Sophos could improve its VPN connectivity, it would be a more attractive product for SMBs.
Not many people are using Sophos Cyberoam UTM. The licenses are not the same initially, but some features can be changed.
View full review »
Manojkumar Deshmukh
VP of Operations at a manufacturing company with 501-1,000 employees
How best the rules can be configured and written is an area that benefits businesses. Hence, it needs to be easier to configure rules using the solution. Today when I configure a policy definition, it should be made simpler on a "tick basis," where this is what you enable, and this is what you do.
If you have a software-based firewall also, which you can use in conjunction with a hardware firewall, it becomes an even more secure gateway. If I have a server in place, when logging through a VPN, I have to unnecessarily enter my server gateway and go into the server deployed on the cloud. This feature would be much more useful if you have something that works as a soft form for mobility. It would be direct web to web but with all the security in place. There's a product called Zscaler, which is only a software-based firewall.
View full review »SH
SiyatHulbale
Global IT Manager at a energy/utilities company with 501-1,000 employees
The product must make the documentation a bit more available. The documentation is not straightforward. We have to click a lot to navigate and set up the policies. The solution should incorporate one field that cascades down the policies that are needed.
View full review »
Dhaval Raval
Sr. IT Engineer at a tech services company with 201-500 employees
Sophos Cyberoam UTM could have a more advanced reporting function.
Sophos Cyberoam UTM should include email security.
View full review »
PAUL OMANGA
ICT officer at a government with 1,001-5,000 employees
We do not have any specific features in mind for improvement, however, we'd always like more features.
The solution could be cheaper.
View full review »
Moshiur-Rahman Khan
CEO at a tech services company with 11-50 employees
They could improve the product by enhancing hardware reliability, addressing occasional memory overflow issues, and improving scalability without compromising performance.
View full review »ED
EzekielDawal
Network Administrator at a financial services firm with 1,001-5,000 employees
The data support response time should be improved. It is generally lengthy. When logging a complaint, it often takes considerable time to receive attention. Improving support in terms of response time would be beneficial.
AK
AliKia
Research And Development Manager at a consumer goods company with 201-500 employees
The solution should improve its scalability because it cannot support enterprise networks.
Cyberoam was discontinued five years ago, and they have no new features. Sophos continues their products under the XG brand name. I would like to see Sophos XG features included in Cyberoam.
View full review »RA
Renu Arora
Sr. IT & Admin Officer at a financial services firm with 11-50 employees
I don't know whether this will be included in an upgrade, but I would like to get the user utility, like seeing where the users are using more of the data.
Sometimes there are heavy downloads, which I'm not able to track. If I can get that information, that would be more useful from the IT point of view.
View full review »
Andreas Heider
Owner and manager at a tech services company with 1-10 employees
The solution's pricing could be a problem for some small businesses.
View full review »
James Gerbabuena
Information Technology Administrator at a tech company with 51-200 employees
The blocking needs to be improved. Sometimes we need to block YouTube, Facebook, or something like that, and then we need to optimize our Internet. The Internet in the Philippines is very bad, and it's kind of expensive if you want a high-speed connection. We're getting to the next generation, but we must improve our Internet. We then have to make policies where users cannot access certain websites to optimize the Internet because sites like YouTube take a lot of latency, especially on HD. But sometimes Cyberoam doesn't work like that, and we must use another third-party solution like Trend Micro. Trend Micro does the job, but Cyberoam should be the one that does the job because it's the firewall itself. Cyberoam needs to improve that kind of security blockage.
View full review »
Himanshu Mesvani
Owner at a tech company with 11-50 employees
I want the solution's reporting functionality to be better. Also, I want the solution's policy configuration and review to be made easier for the users.
View full review »
reviewer1989567
Owner at a consultancy with 1-10 employees
The product strategy of the manufacturer is strange. I don't understand what they are doing in that regard. Therefore, I'm seeking a different solution. I want something that has a clear roadmap.
Technical support could be better.
View full review »
YoussefElhaddad
IT Manager at a tech vendor with 10,001+ employees
We have all of the features we need. It isn't missing anything.
View full review »TK
Taha Kazmi
Systems Administrator at a maritime company with 51-200 employees
There are some issues with logs and report limitations.
View full review »
Kalyan Chowdhury
Founder at a tech services company with 51-200 employees
The price is obviously a more sensitive area to focus on when selling it.
View full review »
German-Ruiz
Director at a tech services company with 11-50 employees
Network visibility of the connections is an area in the solution where improvements can be made.
AK
Arvind -Kumar
Head IT at a tech services company with 11-50 employees
Improvements are mostly needed on the technical side to enhance security and ease of management.
Additionally, the reporting part could be more user-friendly for troubleshooting and identifying network issues. It should be more easy for a normal user to identify the problem in their network. So, the reporting part has room for improvement.
View full review »NU
Nurullah USLU
General Director
I would like to see improvements in the development of reports. The process needs to be made simple. So, reporting needs improvement.
View full review »
Saifee Chulawala
Founder Cum Technical Consultant at a tech services company with 11-50 employees
What needs improvement in Sophos Cyberoam UTM is openness in the competition among Sophos partners or any other Sophos product.
Another area for improvement in the solution is pricing. It could be cheaper.
View full review »reviewer1223154
IT Architect at a consultancy with 11-50 employees
Sophos Cyberoam UTM could improve by adding VPN site-to-site capabilities. The correct version does not work with Microsoft Azure Cloud.
View full review »NK
Nishant Kumar
Network Engineer at a media company with 11-50 employees
The product had a hang issue. We needed to reboot, recreate the image, and reconfigure the previous image because the product hanged frequently.
Being able to block applications and services could also be a product improvement.
View full review »Diptendu Ghosh
Group CIO at a construction company with 5,001-10,000 employees
The solution is at its end of life and some of the appliances are finishing.
View full review »Manojkumar Deshmukh
VP of Operations at a manufacturing company with 501-1,000 employees
The product is at its end-of-life. There is nothing to improve as it will be discontinued.
With technology such a Sophos, Palo Alto, and Fortinet there has always been a lot of online documentation, which Cyberoam always lacked.
View full review »SH
SiyatHulbale
Global IT Manager at a energy/utilities company with 501-1,000 employees
The reports are not very detailed, or, at least, some aspects of it are not that detailed. They need to improve the reporting and to bring in greater detail.
The policy is a bit too vague. The solution needs to be much clearer when they go about making policies.
I'd like to see better documentation in the future.
View full review »
Muhammad_Irfan
Sr. Network Administrator at a manufacturing company with 201-500 employees
I had an issue when I was trying to stop a user from using too much bandwidth while I was using Azure, I was not able to stop them. You normally can just right click and block them but in this solution, it was not working in the firewall settings.
JB
Jeronimo Binosa
Technical Operation Head at a financial services firm with 51-200 employees
The reports need to be more detailed and granular.
View full review »BO
Bola Ogundiran
Network consultant at a comms service provider with 51-200 employees
The product needs to improve its pricing.
View full review »reviewer1864560
Senior IT Expert at a construction company with 51-200 employees
The configuration requires an expert to be set up, so it could be made simpler.
View full review »AM
ArunM4
Creative Head/Director at a marketing services firm with 1-10 employees
While the security features are excellent, they could be improved.
SK
SaifKhan1
Network Security Engineer at a consumer goods company with 201-500 employees
The implementation policy needs improvment.
View full review »reviewer1583568
Head of IT at a tech services company with 1-10 employees
Sometimes, during part of the configuration, if you don't have a lot of technical knowledge, then you may struggle a bit to configure it - especially for the exit through the internal server. When you are doing the business application publishing and if you don't know much of the port forwarding or how the business application configuration is done, then you may struggle a bit.
The pricing could always be better. It would make it a win-win for everyone.
View full review »DS
Darshil Sanghvi
Consultant at a tech services company with 501-1,000 employees
The VPN is an area that can be improved. Often, it will fail to connect or become disconnected. Also, the solution is not in the same lane as sending organizations, which have more security features. The enhanced security model is also lacking time-wise.
Now that the company has shifted from Cyberoam to Sophos, I would not recommend implementing the security-related features of the solution. I have heard from customers that it falls short of the mark.
In the next release, I would like to see integration with the security features. I wish to see in the actual device the integration of the security feature with another product.
View full review »reviewer1042635
Science Technician at a government with 201-500 employees
In my experience the solution can be easier to configure with more documentation, we need more training.
View full review »reviewer1534851
Network & System Administration at a healthcare company with 501-1,000 employees
It should have better VPN protection. Some of the VPN applications are not blocked by this firewall. Some VPNs are able to get through this firewall, which is why I am planning to replace this firewall with a good one in the near future.
View full review »reviewer1042635
Science Technician at a government with 201-500 employees
A user needs to do some training on the solution in order to take full advantage of the product.
There needs to be more documentation that users can access to help them understand the solution or troubleshoot as necessary. Right now, this is lacking quite a bit.
Beyond that, there aren't really any missing features that I can recall. I can't speak to what I would like to see in a future release.
View full review »
Samaila Yusuf
Associate Director - Management Support Services at a non-profit with 201-500 employees
So far, I have not encountered any problems.
I am not happy with my last pricing experience. The pricing could be better.
I would like to see real-time alerts on traffic insights.
View full review »
Malick Thiam
IT Service Manager with 11-50 employees
It's coming to the end of its life. I would like to change to another solution.
Technical support could be faster.
View full review »AA
Abayomi Ajisefinni
Senior IT Officer at a non-profit with 201-500 employees
Sometimes, users are timed out intermittently.
We have had trouble logging into the firmware.
reviewer1444476
Sales Engineer at a tech services company with 51-200 employees
It should have a better VPN client. We decided to find something different than Cyberoam because of the VPN client software.
It would be nice to have a user interface not only in English but also in different languages.
View full review »
Mohammed_Sajid
Information Technology Network Administrator at a outsourcing company with 1,001-5,000 employees
Web filtering capability that allows the blocking of web sites needs to be implemented.
We have had some issues with technical support, which is an area that needs improvement.
Support for cloud security sandboxing would be a helpful addition to this product.
View full review »reviewer740283
Solutions Consultant at a comms service provider with 501-1,000 employees
Cyberoam UTM needs to have more certifications with third-parties, such as NSS Labs.
The GUI is not very user-friendly and should be improved. One of our customers had trouble with the configuration and needed somebody to help manage it for them.
The vendor needs to generally invest more in the development of this product.
View full review »it_user1269588
Assistant Engineer - Network Solutions at a tech services company with 51-200 employees
When it comes to web filtering and application filtering, it does not contain enough signatures to determine all of the sites that need to be blocked. This is something that higher-end firewalls are better at.
View full review »BT
Bhushan Tusuju
IT Officer at a healthcare company with 51-200 employees
MV
Mohd Adam Haikal Adbullah
Senior Security Engineer at a tech services company with 11-50 employees
I would say there's room for improvement in terms of the GUI. Because it is better than some of the other standard firewalls. They have the drag and drop features.
Also, their logging systems need improvement because their logging systems sometimes look a bit complicated if you're not familiar with it.
View full review »RO
Robert Olsinski
Managing Partner at a consultancy with 11-50 employees
Sales and support. The sales team is constantly being changed and after acquisition by Sophos, it was treated as a stepchild until they announced the end-of-life cycle with a path to Sophos XG product. We are now looking for options on replacing it and adding e-mail protection.
View full review »ST
ReviewerTK258
IT Support Engineer at a wholesaler/distributor with 201-500 employees
The reporting should be improved as well as the backup.
View full review »it_user931740
IT Manager at a energy/utilities company with 201-500 employees
I think that it would be helpful to have advanced application layer security. It's time for Cyberoam to upgrade themselves and add new relevant add ons to their product.
View full review »it_user903573
Assistant Manager IT at a insurance company with 11-50 employees
Once in a while, an unwanted email will slip in. You have to set your parameters to avoid that happening, but once in a while, an email has slipped past firewall. Once you update the firmware, you notice that it doesn't happen. If an email slips in, I get a little bit worried. I do get the report, but you just don't want that situation happening in the first place.
When I look comparatively at certain products like Check Point - I haven't used Check Point but I have seen it in action - the people who have actually used it have confirmed that they have not had that experience before.
However, I do know that Cyberoam is upgrading from Cyberoam to Sophos. I'd love to see the upgrade. I'd love to see a swap-out of the device. I should be able to swap out my device rather than I have to buy the whole unit again.
One of the places that viruses spread is through the browser. Unfortunately, Cyberoam configuration is done through the browser. That makes the configuration process is easier. But if your PC is clean and you're configuring Cyberoam then you should have no issues in the first place.
I've never used the console, so maybe that's an area of training that the Cyberoam should look into. That would enable me to configure the device without necessarily using a browser. But then again, if I am going to use a computer to configure it, my PC should be clean.
EB
Ersin Bostancı
Director Of Information Technology at a hospitality company with 1,001-5,000 employees
I am not sure there will be a another release of Cyberoam because it will be Sophos going forward. What could be included going forward though? I would like to see a better content management pack and also the website searching should be better.
View full review »Muhammad_Irfan
Sr. Network Administrator at a manufacturing company with 201-500 employees
They have some issues with email filtering. Sometimes, I have found emails that have passed through the firewall, so I contacted Cyberoam. They said, "Okay, we are going to update the signature in the next update you, you will not get it like this again."
View full review »AF
Abdul Faheem
Global sales head at a manufacturing company with 201-500 employees
There is a lot or room for improvement, because it is still not a fourth or fifth generation firewall. It lacks security features. I would say security is something that is not that appealing in this product, so that's where they can improve.
View full review »it_user462609
Head of IT Services at a security firm with 10,001+ employees
Needs a mail alert/notification when the device loses any of its connections, during ISP redundancy implementation.
View full review »it_user593490
Senior Network and Security Engineer
- Web Filtering using wildcards
- Clarity on the firewall rules
- Granular reporting features
it_user235446
Pre Sales Engineer at a manufacturing company with 501-1,000 employees
On-box sandstorm should be available. As of now, it is from their cloud.
View full review »it_user749697
Owner with 11-50 employees
Perhaps the SSL VPN.
We use different workarounds and find different solutions for it, depending on the client's needs. We shouldn't have to, we should just be able to use the product as it comes with Cyberoam, rather than having to revert to other products.
View full review »GN
Gajanan Narwade
Team Lead.Tech.Support (Network & Security) at a tech services company with 1-10 employees
The Web Filter and Application Filter need improvement.
In the Web Filter, there is a problem to block YouTube by HTTPS, so this needs to improve.
View full review »it_user545529
Technology Consultant at a tech services company with 51-200 employees
The Traffic Discovery feature should allow administrators to disconnect unnecessary live connections.
View full review »it_user323775
Business Development Executive at a tech vendor with 1,001-5,000 employees
VPN configuration is not very swift.
View full review »it_user179934
Security and Infrastructure Analyst at a tech company with 51-200 employees
Maybe network traffic analysis for malware and malicious behavior.
View full review »JM
SenSupAn849302
Senior Support Analyst at a non-tech company with 1,001-5,000 employees
Reporting.
View full review »it_user395232
IT Consultant & Network Engineer at a tech services company with 1-10 employees
Smaller CR15 units don’t have a hard disc or built in IView software. These units could do with that feature.
View full review »FF
Fred Fish
Network Administrator at a non-profit with 201-500 employees
We have issues with IPS and DoS attacks taking down a couple of our sites. I've changed the IPs of the external interfaces yet the attacks still happen and the Firewall will disconnect the VPN connection as well as stop all internal traffic from flowing externally. I am still able to HTTPS to the external interface, but it takes a full reboot of the appliance to get any traffic flowing again.
View full review »it_user325818
System Administrator at a financial services firm with 51-200 employees
Not many things would need to be added but I strongly feel it could be made more robust. For example, the cooling system in the device could do with a good revamp. There are times when the device gets too hot and begins to misbehave. Other things that could be improved are the password complexity policy and the password history policy. One thing that could be done as well is to create role based users like we have in the active directory. There are times when we have users who are not admins but need to monitor the device and access levels do not exist for such users.
View full review »it_user426327
Executive at a mining and metals company with 10,001+ employees
The dashboard could be improved.
View full review »it_user179934
Security and Infrastructure Analyst at a tech company with 51-200 employees
We have had issues with malicious sites and external scans.
View full review »it_user285771
Director / CTO at a tech services company with 51-200 employees
You can now load the Sophos software onto a Cyberoam box to use the new feature set, although it would be nice if it came with it.
Sophos bought Cyberoam a short while ago and they have amalgamated the Sophos technologies with the existing Sophos ones and some from astaro which they previously bought.. So there is now a Sophos firmware which you can install onto the Cyberoam instead of the Cyberoam one. Because it’s Linux based it’s very portable.
it_user231909
Presales Engineer at a tech company with 201-500 employees
Not very often, but there are some minor bugs in the products. I think their quality control can improve.
View full review »it_user300513
Manager at a tech services company with 501-1,000 employees
The most important improvement Cyberoam needs is the multiple ISP segregation.
View full review »it_user252528
System Engineer L-2 at a tech services company with 1,001-5,000 employees
The scalability needs work.
View full review »it_user2721
IT Administrator at a tech services company with 51-200 employees
Policy configuration and implementation is a bit lengthy process.
Nothing else of any significance that we found but yes, it is a bit pricey.
View full review »
it_user1128
Infrastructure Expert at a tech company with 51-200 employees
This UTM comes with the user base license so you may have to purchase a different model according to your user numbers. Its costs are high. They provide first year support for free then after that they charge for support. An upgrade charge will be also applicable.
View full review »
it_user1065
Senior Manager of Data Center at a integrator with 51-200 employees
Few cons of the product are
1) Incapable of handling new attacks without degradation in performance
2) High pricing
3) ASIC based hence cannot be reprogrammed for newer attacks, falls victim to new vulnerabilities and exploits
4) Older software architecture and lack of multi core technology
5) Performance is a legitimate concern under high traffic conditions
View full review »
LK
LIJU KURIAKOSE
Managing Director at a tech services company with 51-200 employees
The product’s pricing has increased by approximately 45% in four months. This particular area needs improvement.
View full review »TA
Tharaka Athukorala
Solution Specialist at a computer software company with 11-50 employees
The solution had a feature to import users from a CSV file. However, the latest version does not have that option.
View full review »Buyer's Guide
Sophos Cyberoam UTM
December 2025
Learn what your peers think about Sophos Cyberoam UTM. Get advice and tips from experienced pros sharing their opinions. Updated: December 2025.
879,425 professionals have used our research since 2012.
Buyer's Guide
Download our free Sophos Cyberoam UTM Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2025
Product Categories
Unified Threat Management (UTM)Popular Comparisons
Fortinet FortiGate
Check Point Quantum Force (NGFW)
Sophos UTM
Juniper SRX Series Firewall
KerioControl
Untangle NG Firewall
Seqrite UTM
Buyer's Guide
Download our free Sophos Cyberoam UTM Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More:
- Primary Use Case
- Benefits
- Valuable Features
- Room for Improvement
- Customer Service and Support
- Initial Setup
- ROI
- Pricing
- Other Advice
- Cyberoam or Fortinet?
- I am looking into getting a Cyberoam UTM, what do you think?
- FortiGate 200E or Cyberoam 300iNG-XP?
- When evaluating Unified Threat Management (UTM), what aspect do you think is the most important to look for?
- What UTM solution do you recommend?
- Why is a UTM solution important?
- Which tool is better for internet protection: Meraki MX or Fortinet?
- Why is Unified Threat Management (UTM) important for companies?
