Sophos Firewall Reviews

I'm the CTO of our company and we are customers of Sophos. 

I've found that the valuable features are the interface and the security, both are really great. 

The security of the solution could be improved by making it more intuitive and it should have a background reputation service for classification of websites for content filtering. It's a service which defines the type of websites enabling me to do my content filtering in a much more effective and efficient way.

They really need to include some kind of a client app for mobiles so that firewalls and all the metrics can be accessed directly on the phone; some kind of administrative application on the phone, maybe on an iOS or Android.

I've been using this solution for over four years. 

This is a stable solution, it's a nice robust firewall. We love using it. 

The solution is scalable, we have around 700 end users and 10 technical people on staff. 

We are satisfied with the technical support but having said that, we didn't need much support because the menus and all the online documentation is self-explanatory. There was no failure so we didn't have to actually log a call with Sophos. 

We didn't previously use another solution before implementing Sophos. We chose it by specification and the reputation it has in the market.

The initial setup was a little complex because of the kind of configuration that we were looking at, the way the firewall had to be configured was slightly complex. We carried out the implementation ourselves and it took a maximum two days. 

I would recommend this solution but would suggest that before buying any firewall, it's important to assess your expectations and then match it with the specification. You will not be disappointed if you do this.

I would rate this solution a nine out of 10. 

We essentially use Sophos XG to protect our customers. Most of our customers use remote VPN connections. They also use the WAF protection for exposed internet WEB servers.

The web application firewall or WAF is very useful. Web application firewalls help keep your servers safe from hackers by scanning activity and identifying probes and attacks.
Using the Web Application Firewall (WAF), also known as reverse proxy, Sophos
UTM lets you protect your webservers from attacks and malicious
behavior like cross-site scripting (XSS), SQL injection, directory
traversal, and other potent attacks against your servers.
You can define external addresses (virtual webservers) which should be
translated into the "real" machines in place of using the DNAT rule(s).
From there, servers can be protected using a variety of patterns and
detection methods.

This function has been completely re-developed in XG, relatively of the UTM-9 version, and it works fine. I protect many internet web servers (IIS) for my customers with this function, due to of a lot of attempted attacks. It's a very useful and relatively simple to implement in Sophos XG.

Obviously, like all security systems, it is not a "fire and forget" configuration. It is necessary to properly analyze the system to be protected, create an appropriate policy and monitor its behavior once activated.

https://support.sophos.com/sup...

I think Sophos XG can improve some annex features. Like in DHCP, we can't make IP reservations in the range. We must reserve out of the range, which is not good. It will not be the same as the DHCP function in a Windows Server. We can't make an IP reservation in the range of the DHCP in the Sophos.

Better in the next release? I hope...

Sophos can also improve the debugging of the WAF function and provide a better resolution in the log, in the attached WEB log. The initial error doesn't appear. You must tail the console log to find the source pattern, cause of the error.

I have been using Sophos XG for about tree years.

Sophos XG is stable. I don't encounter problems that are typical with broken systems. But bugs in the system exists. Last example, I discovered a bug is in the asymmetric routing implementation. In a specific network configuration, asymmetric routing, with sub-net 25 doesn't work, but mask 24 and mask 26 works!!

But this is just a bug, and Sophos' support is very good to correct quickly, ASAP.

I only had a break function once because of the appliance BIOS. The Sophos support send me a new BIOS very quickly, and the problem was resolved.

I have a lot of issues with Sophos technical support. I still have some pending issues that need to be resolved. It's very odd in the beginning because your first contact is with the sub-part of another sub-part of Sophos based in India or Pakistan. It's very odd to have a quick connection with the second level or third level engineer at Sophos in UK.

I have personal contact with some security managers and the sub-part manager of Sophos support. When they don't resolve a problem quickly, I send an email, or I call my contacts Sophos UK, and it happens! They have good reactivity.

We start with Sophos UTM-9, the old version of Sophos firewalls, and then we switched to the XG.

The initial setup of the last version of Sophos XG is good. The initialization is very simple, but you must prepare it. You need an Sophos customer account , on the web cell, to declare easy a firewall.

It'll ask for an account, and you can create it in the interface, but it's better to prepare it before in the Sophos site, to have the account ready, for the first initialization of the firewall.

The deployment time depends on the system's complexity, the number of ISPs, the number of sub-nets, WAF functions and VPNs. 

It's normally very easy for a little company. A retail company with 20-30 computer-users, and a simple connection to the internet, it'll take about four to six-hours to deploy. If you need to fine-tune it, maybe two hours more. So like eight hours or a day to deploy.

Sophos XG isn't expensive compared to Check Point. Sure, Check Point is the Rolls-Royce of firewalls: It's great, it's fun, technically good tunned, but it's very expensive. 

But the specs and technical side of Sophos XG are close to Check Point, and the price is lower. It's better for our customers. I can do the same complex configurations with Sophos XG that I used to do on Check Point firewalls.

The main difference between Sophos XG and Check Point is keylogging and working with clouds. Both FortiGate and Watchguard doesn't have  in log packet analyzer to do so deeply. 

For me personally, Check Point firewall is the best firewall, because the log console is the power key of the firewalls. But Sophos XG is the main challenger of Check Point, I think. You can open the debugging packet analyzer, like a Wireshark, directly in the WEB log console. This function is a powerful tool and must be discovered, because it's very useful for quick debugging.

If I had to rank them, it's Check Point first, second, Sophos XG, and in third with FortiGate and Watchguard. We chose Sophos XG because it's much cheaper than Check Point.

I think it's very important to choose the right appliance first. Implementing a lot of things like VPN, IPS strong protection and WAF functions will stress more the appliance CPU. It depend also with the number of connections and number of users too.

Sophos XG is a lot of fun because you can change the appliance model without changing the configuration. You can back-up the configuration of the old appliance and import into the new appliance without spending hour for migration. It's powerful, and the new system is quickly operational.

Another key is VPN LAN to LAN in SSL, allowing connections to be set up much faster. Is this the end of the old IPSEC protocol? No, but it is a function which increases the versatility of the Sophos XG firewall.

Last, but not least, the virtual appliance works perfectly, in private or public clouds. Very simple to implement, work perfectly.

On a scale from one to ten, I would give Sophos XG a nine. 

We were able to integrate the solution using existing infrastructure installed, such as different firewalls and security software. We have integrated the solution in multiple sectors, for example, the education and banking sectors. 

UTM appliances have generally improved organization networks and given away to multiple link management, identity management, and easy firewall options. SOPHOS has a better GUI and dashboard which can be easily understood and managed in an organization.

The solution was able to be integrated well with exciting hardware and software and in multiple business sectors.

With the proliferation of fiber connectivity becoming available at our homes, consumers should not have to go and buy another module for fiber to ethernet converters or another device to get the fiber options. I understand all UTM models should have direct SFP ports available so that FFTH is directly terminated to UTM for better management and uptime. 

I have been using the solution for the past five years.

I have found it to be a stable product.

I can say it is more stable rather than scalable. I do not think they have the ability for scalability with the options currently included esp in SMB segment. However, if they did have better options then I believe the product would have better scalability.

Some of our clients have been enterprise and SMB customers. Overall the range of our clients has been between medium and enterprise clients.

The customer support is not that good. We found the support to be extremely slow in response.

I rate Sophos XG support a three out of ten.

We have used other products as well and we understand those products work well which has better and local support. In addition, it depends on the company's focus. SOPHOS has focused on small to enterprise customers but support needs improvement to be in the market. SOPHOS channel partnership program needs also improvement and commitment so that System Integrators and partners are able to pitch the products well in the market. 

Setup is good and the integration is very easy. The technology creates several good products.

We do the deployment and implementation of the solutions.

They should include fiber SFP ports on smaller product models as well and the tools should be improved for scalability.

I can definitely recommend the product because it is good. There is no doubt.

I rate Sophos XG a 6 out of 10.

I use it for one of our universities in Palestine. It's an Arabic university and there were about more than 10,000 students. So, our user base ranges from 1 to 10,000. I use it as the main firewall. I use it for High Availability (HA). That's the main use case why we use Sophos XG. We do intend to keep using it.

As a security solution, it's a very good security solution.

Some features are not available on the graphical interface. So you need to return to the command line to solve some issues that are faced by the customer. I used it for enterprise networks, I decided that it is not very good for enterprise networks. There is some issue with its hardware. I have faced two problems and that were resolved by Sophos earlier. They changed the appliance. In other products, I have not seen such problems in the hardware. So I think that the hardware is not heavy duty. You can say it's not heavy duty like other vendors. The performance is not as it says on the datasheet. They should improve the hardware. If they can do that, it would be a very good product.

I am using the appliance from XG 110. We use versions 105 TO 370. I use more than one product for small to medium size businesses. We also use Intercept X firewalls. We deploy Sophos XG on-premise. 

It is scalable for some things. It can have an extendable host. The appliance can be customized for more than one connection point. You can put it in the same fibre and DSL connection.

They have proper support in the technical point of view, and their English language is not clear. You know that they are not native English speakers. That's one of the things that I faced. But they have very good knowledge.

The installation of Sophos is very easy and straightforward. 

It's not very expensive. 

I recommend it for small to medium businesses, not for enterprise businesses. I'll rate it 8 out of 10.

It is very user friendly and easy to manage from the administrative point of view. It is good, reliable, and easy to implement.

It is a very basic and entry-level firewall. It doesn't give very granular control over the traffic. It should have more granular control over the traffic. This feature should be there similar to Palo Alto and Cisco. It should have such advanced features.

I have been using Sophos XG for the last two years. We are using the latest version.

Its stability and reliability are fine.

If you want to have multiple firewall rules, it has this type of scalability. When I compare it with some other products, such as Palo Alto, I can't find similar scalability in Sophos XG. In Palo Alto, we can have rules based on applications or app IDs, and we can create multiple rules for a single ID. We can create a single user or single IP, but such options are not there in Sophos XG. Granular level scalability should be there in Sophos, and they should do better.

I appreciate their support. Their support is good.

I also use Palo Alto. Palo Alto provides application IDs, which is a very powerful feature. Sophos XG is a very normal next-generation firewall with URL filtering, application filtering, and all such features. It is not something extraordinary. It is a very normal next-generation firewall. 

The initial setup is straightforward. It is a single day task to do the initial configuration and move the traffic over there. The firewall hardening, of course, will take some time depending upon the traffic, but the initial setup is a single day task.

It is a normal firewall. All the basic features are there. However, it is not as advanced as some of the other solutions, such as Palo Alto. As we have more security threats, we need more granular control, but these features are not available in Sophos XG.

I would rate Sophos XG a five out of ten.

Right now, we are using this product as a perimeter firewall just to deal with emails and to protect servers, as well as other equipment that is on the network.

What we found valuable is the way they deal with emails, as well as the way the bandwidth usage is shown. I find this information to be very interesting.

We are having challenges with social media because ever since this issue of COVID-19 came into existence, the idea of using online discussions has become relevant. Before this, they were not made the priority because they were not considered to be important. Now, we've discovered that we need to use a lot of these online applications.

We are having challenges when using Zoom with Sophos XG deployed. Our wireless network is not stable through the connection. More work needs to be done there, since the FW is doubling up as a wireless controller.

I would like to see improvements made to the display and visibility. I'm also using Sophos XG firewall as our wireless controller, but as it is now, I can't see my access points on the firewall. My wish is to see the Wireless network and reports also on this firewall cum- controller. 

We have been using Sophos XG for almost three years.

Sophos XG is stable and we have no problems with it.

I think there is a limitation on the issue of scalability, and it is related to the interfaces that we bought. Right now, all of the employees are using it. The traffic that passes through it covers close to 2,000 users.

For us, our bandwidth is growing so we may have to scale further, in terms of the hardware networking components.

We are constantly in touch with the distributor in Zimbabwe and they are excellent.

Prior to Sophos XG, we were using Cyberoam for our firewall. We switched because Cyberoam was acquired by Sophos.

The initial setup is very simple. It takes perhaps an hour to complete, which included importing rules from Cyberoam.

We completed some certifications for using this product, but for the implementation, we were assisted by IDSS. In some instances, we are doing the maintenance on our own. When we have a challenge, on a case-by-case basis, we might contact the vendor and may require them to come in and assist.

The issue of a recurring license is a hassle because every year, we have to subscribe. It causes us problems in our organization.

We are expanding and setting up a new data center, and I want to put a new firewall in. We have an interest in diversifying, in terms of vendors, so that we do not create a single point of failure in case one product fails. Ideally, we want to have different products.

This is a product that I can recommend for anybody who is looking for a firewall.

I would rate this solution a eight point six out of ten.

We are using this product as the firewall for our head office, so any connections going outside of the office go through it. We are also using VPN clients and especially during the lockdown, it was very helpful.

The feature that we find most valuable is the VPN, which ensures that people working remotely have a secure connection.

The email security and other security-related features are useful.

We feel that the GUI can be improved a bit because it has a lot of information and looks a bit outdated.

Nowadays, you hear a lot about next-generation firewalls, so some additional features can be added from an EI perspective. Products like FortiGate, for example, have a lot of features apart from the basic firewall. 

We would like to see integration with existing IPAM and IDAM products.

In the future, I would like to see new kinds of automations, as well as the inclusion of artificial intelligence-related features. A lot of other firewalls already have these now.

I have been using Sophos XG for approximately three years.

We have not had many issues, perhaps two or three of them, when using Sophos XG.

Scalability-wise, they have different models. With the requirements that we have, this firewall did a good job. It's still doing a good job in terms of performance. For a larger enterprise with a higher number of users, they can recommend other models.

Currently, we have approximately 100 users.

We have received good support. For the small number of issues that we have had, we received help from IT. This included assistance with configuring some additional policies. Whenever we reached out to them, they were very prompt in terms of responding to us.

Prior to Sophos XG, we were using a firewall by Palo Alto. The major reason we began looking for a different one was that the support was not very good. The firewall was pretty decent but whenever we wanted some help, it was a bit difficult to reach out to them. To summarize, it was not very prompt.

The initial setup was simple. Within one to two hours, we were done. This was not just the installation, but the complete configuration.

We performed the deployment with the Sophos team guiding us over the phone. It was not complex. There was one person from Sophos who was coordinating it, and it was done by our internal IT manager.

For the most part, I can say that we plan to continue using this product. However, we would like to see if they have come up with new models and what additional features have they been incorporating. With cybersecurity, I know there have been a lot of threats of late, so we would like to see some new technologies or new features being incorporated.

This is a product that I can recommend. My advice for anybody who is implementing it is to first try to understand what the major use cases are. People need to know that there are quite a few options, such as Fortinet, and all of them have different advantages. Sophos fits perfectly for a smaller group of users, with perhaps between a hundred and two hundred people. For larger enterprises, I recommend that they implement Fortinet or Check Point.

I would rate this solution a nine out of ten.

This solution does everything and anything a firewall can do.

I am tempted to say that all of the features are valuable. 

When you choose a firewall you have to make a strategic decision, much more than a tactical one. We decided that everything we use within it, goes through and it's got protection.

The dashboard is intuitive and user-friendly.

Training on the devices is an area that needs improvement. Their training mechanisms are not perfect, and this is where you lose a good appreciation of the product.

The documentation for implementation is not good. For example, when you look up the details on a firewall rule to validate it, the details are not there.

If you click on the help file, they say a zone is an area where you can define specific logical network areas. This is where they stop, with nothing more. If you want to go further into the concept of it, which you know there is, you have nothing. Then you have to revert to the internet and go onto newsgroups to try to see if anybody has had your type of experience. Then you find someone, they explain it to you then say, "Oh, it only makes sense". So, then when you want to implement this, it's much easier at that time. So, that's the best-case scenario that I can explain.

There is an area that is very specific to our setup, where working tools you cannot easily establish a VPN between two internal networks.

When you want to establish a VPN with different wizards, they assume that you're always going through your internet link. 

If you want to create, with the zero-trust concept, which is where you don't trust anybody or any device, you want to make sure that everything on your network is segmented and everything is relative, depending on its flexibility, behind its firewall or a firewall segment. At some points, you might want to establish VPNs between certain network segments. 

Since you cannot establish VPN tunnels from the Sophos interfaces, plus if you are doing something that's going through the internet, then you lose flexibility. 

Currently, let's say we have a factory V-LAN and you don't want anybody within the factory V-LAN to be able to connect to another unless it is to a specific V-LAN, and you want to use VPN technology, you can't do it because you can't establish the connection again between two internal interfaces.

I have been working with Sophos XG for six years.

It's a stable product.

In regards to scalability, it's difficult to ascertain at this time because we haven't scaled it necessarily. 

The use cases that we have are very particular, and we're not in a mode of having scaled it yet. We have approximately 100 users in our organization who are using  Sophos XG.

Their support, we have a mixed review of it. It's good, but where it's bad, is because they're an international company that relies on many different continents to be able to get the support at different levels.

When we get into the people that are from India, that's where the support becomes not as efficient as we would want it to be. They have different rules of operating under and they don't show themselves to be flexible. Whereas where I am, currently I'm in Canada. When I speak to the support people within Canada, they're much more flexible when it comes to trying to follow us up on what we're trying to do and get the thing working. They're more flexible.

It was a combination of 75 percent straightforward and 25 percent complicated.

It's approximately $6,000 for each device. We have three devices and it was somewhere around $18,000.

I would recommend Sophos XG to others who are interested in using it.

I would rate this solution an eight out of ten.