The reporting system is very poor. I cannot trace any traffic to our site if it feels some threats. It just tells me that there is something during a certain time but does not provide information about the type of threats or how to get rid of them. This needs improvement. View full review »

While all features of Sophos XG are good, some improvement is needed in the UI, as sometimes beginner users get lost in UI settings and do not understand where to find specific settings.

View full review »

There is room for improvement in Sophos XGS, specifically in three areas: slowness, centralized synchronization, and bandwidth issues, plus throughput is very low.

I would prefer DDNS features in Sophos XGS. The DDNS features are essential for any organization, as it is better not to have a static IP address from an ISP.

View full review »

The knowledge base needs improvement, particularly in terms of community support and training videos on platforms like YouTube. Compared to other firewalls, Sophos XG documentation is somewhat confusing and can be difficult to use. The licensing model could also be improved to cater to smaller offices, as the current minimum purchase is for 50 users, which can be expensive. Incorporating AI technology for enhanced learning and easier configurations would make the solution more robust.

View full review »

The support time needs improvement, as sometimes they ask everything via email and then it takes additional time for them to respond. When asking for something related to reporting or anything, many times their help desk doesn't have a ready reckoner sort of solution, which requires improvement on those timelines.

The initial setup of the Sophos XG is not exactly straightforward.

View full review »

Sophos XG is not easy to navigate and to use, and the integration capabilities are lacking. It cannot integrate properly with solutions like Darktrace. The VPN client on mobiles, especially Android phones, has issues. It is resource-greedy, causing performance problems even on new computers. Improvements are needed in resource management and integration with other security solutions. View full review »

One improvement I would like to see is a better activities log, such as a monitoring log that tracks activity more comprehensively. View full review »

They could change their licensing model, simplify it, and make it more available to upgrade. We are looking into upgrading or refreshing these firewalls since they will be end of life. We are looking to replace it with another firewall with a five-year license, at least, so that we can survive.

View full review »

We are not using Palo Alto Threat Intelligence Management for a long time, but it is very effective.

The reporting and visibility of the network were low.

There are many problems, but compared to pricing, Sophos XG is good.

We need better reporting and a clear vision of the network, and Sophos XG does not provide that.

View full review »

The main improvement needed is in the pricing. It is a little higher when compared to competitors like Huawei. There are many Chinese products in Myanmar, and their prices are more competitive. Sometimes, for budgets with limitations, I offer Chinese products like Huawei. Additionally, Sophos XG's response time is sometimes delayed due to time zone differences in customer support. View full review »

The direct proxy or proxy mechanism is missing. Legacy applications should have this option, but Sophos XG has removed it. This feature was available in UTM nine but not in XG. View full review »

Sophos XG is reaching its end-of-life and end-of-support; therefore, the user count limitation of particular models should be improved.

View full review »

To improve Sophos XGS for the next release, I recommend enhancing visibility as it's the biggest challenge. There should be more details on visibility.

View full review »

Sophos XG should concentrate on improving SD-WAN solutions. Currently, the in-built GUI doesn't support configuring SD-WAN. If configuration from the firewall itself was possible, it would be very useful for us. Presently, we rely on Sophos Central to make configuration changes.

View full review »

The reporting side could use improvement. Having more reports on the dashboard would be beneficial. While there might be different tools or licenses for various purposes, having more reports available would be helpful. View full review »

I cannot remember anything specific about Sophos XG that could be improved at the moment.

View full review »

I do not have any specific ideas on what disadvantages Sophos XG could improve upon.

Everything has been good; I have not encountered any major challenges or problems.

AI could be one of the area for improvements.

View full review »

There is room for improvement in the cybersecurity and personal information protection areas of Sophos XG. View full review »

One drawback I've noticed with Sophos XG is that sometimes, the platform can become unresponsive. I've observed that it occasionally hangs, causing traffic to get stuck. During these times, users cannot access the internet or any services routed through the Sophos Firewall. This issue happens randomly and isn't something we've encountered with other firewalls like FortiGate, which we used in the past.

Dealing with licensing has been a big challenge for us. Despite our efforts to resolve issues through our sales contact, we've faced limitations. After confirming our purchase orders, we had to escalate the issue. We were ready to extend our licenses for two or three months.

View full review »

There is interest in seeing more features related to AI and customization in future releases. View full review »

The firewall could be made more robust, particularly by simplifying two-factor authentication. It should also improve SD WAN capabilities. Additionally, there are issues with site-to-site VPNs dropping connections, which can be frustrating.

View full review »

The user-friendly interface of Sophos XG is acceptable but too complicated. There are many options and configurations, but it is very complicated to navigate through all those options if you are not familiar with the product.

Sophos XG can be improved by making the UI more user-friendly. They should add packet capture functionality in the UI instead of requiring users to access the server directly for this purpose, as it is a very useful tool that everyone needs. Additionally, it can be confusing when working in the AWS Marketplace, as users might mistakenly purchase the old version of Sophos XG.

View full review »

Sophos needs to do a lot of roadshows to attract enterprise customers. Their marketing strategy is quite low, and they need to enhance engagement with partners. There's room for improvement in their response time for technical support.

View full review »

A lot of training is required. When I train our engineers, they aren’t able to get sufficient training from Sophos-hosted sessions. We only find textbooks and some videos on Sophos portal. 

More live sessions or time-bound training would help us understand how to pitch the firewall or use specific features, like advanced photo settings or integration with SD-WAN. 

We need to know which feature is suited to different environments. Right now, that knowledge gap makes us more dependent on OEM support, which could be reduced by up to 40% if more training was available.

For me, reporting is a major area for improvement. Detailed reports help pinpoint issues like usage bottlenecks or abnormal activities, allowing us to fine-tune the firewall. IPS in XGS is great because it provides timely attack reports we can present to management. Integration with Active Directory could also be better. Sophos Central integration is good, but the firewall’s performance is slow when accessed through Sophos Central. Our clients also experience slow access when using their credentials. That’s a bottleneck I’d like to see resolved.

View full review »

The technical support could be improved, particularly in terms of response speed, as there were delays when working with their Indian support team.

View full review »

There is no option for right-clicking on any feature after logging into the firewall. I am unable to open a feature in a new tab. In FortiGate, I can do it; in Sophos, I cannot.

View full review »

An area that could be improved is technical support's ticket registration process. Sometimes when I contact technical support, they do not register the tickets properly. They ask about registered mail ID and registration number when I am already under pressure. For instance, when the internet is not working or when I cannot apply certain rules, I am already stressed, but the tech support did not register the calls. This happened three to four months ago.

View full review »

Hardware stability needs improvement. I have experienced multiple hardware complaints, particularly during firmware updates that sometimes cause crashes. Improvements to the hardware would be a critical enhancement.

View full review »

There could be improvements for IPsec VPN setup. They could also improve their marketing strategy and lower their prices.

View full review »

One area of improvement is the lack of cross-cluster capability, meaning you need different sets of tasks and pipelines for each Kubernetes cluster. Tekton also has an unstable API with frequent changes, making it challenging to maintain consistency across versions. Additionally, there's a need for a better dashboard and built-in authentication mechanisms.

View full review »

One feature I would like to add is remote wipeout capability. This would be useful in cases where a user leaves the organization and fails to return their laptop. Remote wipeout would allow for the deletion of data from the device with a single command. Regarding technical support from Sophos XG, it's generally satisfactory. However, the response time could be improved. It takes around one hour to receive assistance, but reducing this to 30-45 minutes would benefit us.

The tool has only a base DLP feature. It needs to have a full DLP feature with additional licensing. 

View full review »

We encounter difficulties while navigating through certain features and functionalities of the product. The GUI could be much more transparent.

View full review »

Sophos XGS should improve its customer service and educate its implementation partner. It should also work on building relationships with customers directly because there is no Sophos office or person to handle the Pakistan region. If Sophos opens its local office, its business will increase. Sophos XGS should train the technical staff about new challenges in security.

View full review »

I want an increase in the ability of the product to block and delete the websites and applications that don't work fine for our company. The tool ends up blocking another website that I need when I only want it to block a particular website or application. I can't use the product's application control feature, making it a disadvantage of the solution where improvements are required.

View full review »

In previous versions, NAT rules were easier to create. After version 18.5, creating a NAT rule has become more complex, requiring the creation of a separate policy and an additional component. 

Reducing the complexity of creating rules would make it easier for administrators, especially when troubleshooting and managing.

View full review »

The support service offered by Sophos is an area of concern where certain improvements are required. My company did not get enough support when, in our enterprise, we faced some issues with the product and needed support. For support, one has to go with the online community, and even then, it cannot be guaranteed that one will get the right support.

The support team's response time should be minimized. The support should be more available. I think that one has to wait for four or five days to get support. Business cannot stop just because of issues with support. The tool's renewal service was really good and straightforward.

Some of the working features of the product, like sandboxing functionalities, are complex for me to handle, especially since one has to buy them separately. You have to buy sandboxing features separately, but I believe that it needs to be given to a user along with the product. In my company, we couldn't find the detection features of the product. Though I did a remote code execution, and it stopped abruptly, it never showed where it actually stopped. In the area of reporting, there needs to be a lot of improvement in the tool.

Partner engagement is an area in which I feel there should be some improvements. Getting support or being able to deal with certain stuff when it comes to Sophos because of the OEM should be made possible. When an OEM is with you, you'll feel more comfortable doing business. My company started doing Fortinet a few days ago, but before that, we had Sophos. My company is moving away from Sophos because it is no longer needed. When it comes to the price or during some disconnection, my company doesn't get any support from Sophos.

View full review »

Sophos should work on its marketing strategy as it seems to lag behind Fortinet. Their pricing strategy creates difficulty due to high availability, causing price undercutting without maintaining regular margins.

View full review »

There should be a workaround in case of equipment breakdown, like a stopgap measure while the equipment is being returned or replaced. An improvement in the product's pricing would also be beneficial so that more people can afford it.

View full review »

One area where Sophos XG could improve is in its patch management system. I encountered an issue where installing a new patch resulted in being locked out of the firewall, which was quite inconvenient. This suggests a vulnerability that needs addressing to ensure administrators can update patches without losing access. Such incidents shouldn't require a complete reconfiguration, so there is definitely room for improvement in this aspect.

One piece of advice I would offer is for Sophos XG to consistently incorporate the latest technologies to stay competitive with other vendors. Ensuring that new features are regularly updated and integrated into future products will enhance the platform's effectiveness and appeal to users.

View full review »

With the firewall part in Sophos XG, it is not very flexible if you want to block access to a particular site during your internal usage. The tool is not able to block access to a particular website instantly or easily since it takes a considerable amount of time to configure a few things. If you specify that a user should not be able to go to www.google.com, it should be denied for sure.

The support engineers of the product are not very tech-savvy, making it an area where improvements are required.

View full review »

The areas needing improvement are support and configuration. The delays in technical support can be handled better. Sometimes, configuration gives some issues.

View full review »

All the security features could be better.

View full review »

The user interface has improved significantly over the past few years, and having a more competitive price model could make it a preferable choice for customers. It would be beneficial if Sophos XGS offered an end-to-end solution with competitive pricing.

View full review »

The interface is really showing up on the edge now. It needs to be more modern and faster, with more rules visible on a single screen for better details rather than just six rules. The threat detection system could be more GUI-based or provide templates for common threats. We also need more updated version 20 study materials.

View full review »

As my company does not cater to the needs of customers with very large networks, I haven't faced any challenges with Sophos XGS and my company is happy with the solution till date.

When it comes to the telemetry data, which comes under what you call the tool's service part, better known as MDR, I feel Sophos should add more telemetry data to its products. The tool should support multiple vendors and multiple OEMs. Right now, I think there are only less than a dozen vendors or OEMs supported by Sophos. I feel Sophos should support tools from more vendors.

View full review »

We are facing a little bit of an issue with the product's web filtering capabilities. It must be improved. SD-WAN can be improved.

View full review »

The solution’s reporting could be improved.

View full review »

VPN setup could be improved. Fixing some bugs would also be beneficial.

View full review »

A feature that could be improved in Sophos XGS is the ability to perform internal vulnerability checks. This would provide more comprehensive security by checking both external and internal vulnerabilities on the same appliance.

View full review »

I've had experience with Sophos XG's threat intelligence features, and they provide good coverage, although I wouldn't say they're the best in the industry. The sandbox feature is available with top-tier subscriptions, allowing you to test content in a cloud sandbox.

One improvement I'd suggest for Sophos XG is to make certain functionalities, like CR functionality, part of the default firewalling rather than exclusive to premium subscriptions. Enhancing DLP capabilities at the gateway level could significantly boost security for organizations.

View full review »

The VPN has been a persistent problem for us. It's not straightforward to configure. We often encounter issues with setting up the VPN. Sometimes it works, sometimes it doesn't, and we haven't been able to determine the cause.

So the VPN configuration could be less cryptic. It should be easier and more straightforward to configure. A simplified installation process and clearer instructions would be helpful. The current VPN configuration is a bit convoluted.

In additional features, it would be beneficial if Sophos XG could have an enhanced feature for aggregating bandwidth. Currently, it supports load balancing to some extent, but it would be even better if it could aggregate the bandwidth. For example, if I have multiple links, say two or three, it would be great if the solution could aggregate the bandwidth from those links. 

View full review »

SD-WAN would benefit from further improvement, particularly in terms of incorporating optimization techniques that are not typically found in traditional firewalls. Nowadays, WAN optimization features are being integrated into many firewalls, and implementing similar capabilities in SD-WAN would enhance its performance and functionality.

The user interface of Sophos is very simple and good compared to Azure.

View full review »

Some features need remuneration and there are performance improvements required.

View full review »

Sophos XGS changes every two years, so we must update our knowledge. We can only test it with real requirements or problems to find scalability and reliability. We can't find these in normal testing. We can see reviews based on Gartner reports, but sometimes, we really feel problems. It can create many issues, even compatibility problems with fiber modules. Only system integrators or installers find these problems.

View full review »

I would like the product to improve so that it can provide advanced SD-WAN, which can allow users to deal with infinite connections along with seamless bandwidth utilization.

In the product, the area revolving around SD-WAN has certain shortcomings where improvements are required.

It would be great if I could monitor a particular traffic from a network with Sophos XG.

View full review »

Areas for improvement in Sophos XGS include better balance when handling high availability configurations, smoother firmware upgrades without the need for turning off devices, and simplified configuration after firmware updates.

In the next release of Sophos XGS, I would like to see improvements in log searching within the interface and more functionality available without needing to go to the command line, especially for troubleshooting purposes.

View full review »

The product's user interface has certain shortcomings where improvements are required.

View full review »

The vendor doesn’t publish the price on the website. We must contact the agents to know the price. It is a lengthy process. It would be easier if the price details were provided on the website.

View full review »

Sophos XG requires a bit more restarting than Cisco. The main difficulty is to keep up with the current threats. The solution should have the ability to be up to date with the most recent threats.

View full review »

While Sophos XG has been reliable for remote troubleshooting sessions, it would be beneficial if the platform provided more flexible support for a variety of devices. The user interface is intuitive for those familiar with it, but improving accessibility and user guidance could be beneficial for newcomers. Additionally, although the features are comprehensive, fair pricing and more flexibility with device compatibility could make it even more appealing in the market.

View full review »

The support from the vendor needs to be improved.

View full review »

We recently did an upgrade on the Sophos XG firmware and we were surprised that after the upgrade,  the automatic switch actually we were using did not work anymore.

We try to understand exactly why it wasn't working with the new 18.5 firmware, but we could not figure it out. I realized that I was stuck with the main ISP. If there's an outage, it was not reliable on the network any longer.

We had to reverse, back to the old firmware even though we were still trying to fix the new version. It is a very efficient feature for our operation. If it was not there, it could make the workings of our operation inefficient. It is one of the best features of Sophos XG. It makes operations very efficient. You don't have to worry about anything at all. We are using the entire Sophos package, such as Sophos endpoint, Sophos XGR, Sophos ZGR.

The documentation can improve with Sophos XG. This will allow our network engineer to work better with the solution. Additionally, they can improve the ability to filter down devices. Recently we were faced with a challenge where we needed to restrict mobile phone users on the network but we realized that we couldn't do this with the solution. 

Recently I was looking at the Cisco Meraki solution, to see what it can do in terms of capacity. There's one feature that stood out to me, and that feature has the ability to implement some policies. Organizations need to have security policies in place. I would like the ability to create policies.

View full review »

The integration could be a bit better. They need to allow their solution to integrate with other products and not just other Sophos solutions.

Sophos has a feature that in my opinion is very limited. They don't have enough VPNs on their models. They have the XG 750, which is a sizeable appliance. On those models, they used to have not enough VPNs. They always were short on that area. 

Pricing used to be very bad, however, they've adjusted their strategy recently. 

The product needs to improve its marketing in Mexico. It's not a well-recognized product in our country.

The solution's technical support is very bad.

There is an overall lack of documentation in relation to features and capabilities. We need these to help explain aspects of the solution to our clients. 

View full review »

In Sophos XG, the throughput for larger networks is an area of concern where improvements are required.

I hope the product comes up with some better prices and offers for the tools provided to academic institutions.

View full review »

While Sophos XG is a great product overall, there could be some room for improvement in its pricing since my clients usually feel like the product is on the expensive side.

View full review »

I encountered an issue while implementing web filtering for users. Specifically, when attempting to access reports detailing which sites users are visiting, the diagnostic report fails to display the complete URLs of the websites visited. This becomes particularly problematic when users utilize proxy software to bypass the firewall, as it renders tracking their website visits nearly impossible. Training presents a major challenge as there are numerous features available, such as IPS and IDS, which many network administrators are unfamiliar with and tend to leave disabled. Users are unable to enable these features themselves due to their lack of understanding of their functionalities and configuration processes. The training manual provided to users lacks proper guidance on configuration procedures. The content outlined in the user manual differs significantly from the live configuration process.

View full review »

Fortinet surpasses Sophos in terms of support, particularly with its comprehensive five-one feature console. 

Additionally, there are notable differences between appliance models, including variations in hardware, utility, and product offerings. 

It is essential to compare these aspects to ensure optimal performance and functionality. 

While Sophos may not excel in the support aspect, it still provides satisfactory performance overall. 

However, other solutions may offer better support and resource availability.

View full review »

One area for improvement would be including automatically generated certificates for HTTPS, which was available in earlier versions but might not be in the latest.

View full review »

The payment plan could be improved.

Sophos XGS comes with mostly eight ports, excluding the five ports. It would be better if they could increase the eight ports to ten. Most times, we don't want to use two. I will need to get another switch if I have five ISPs. Sophos engineer should look into that.

There were issues while switching the firmware to an upgraded version.

View full review »

The time taken by Sophos XG's support team to respond to and resolve an issue is an area of concern where improvements are required.

View full review »

Having previously worked with the Astaro Security Gateway platform (now called Sophos UTM), I can attest that the configuration and dashboard for this older platform was easier to manage than that of both Sophos XG and XGS. If it were up to me, I would prefer to go back to the older SG dashboard. I am hoping that in future, the dashboard for Sophos XGS will be simpler and easier.

View full review »

The first time a person sets it up, they will need training.

We’d like to see an easy migration. They did an upgrade on VMware that might have affected things. We’d like them to return to something like they were running before from 2018 going to 2019.

The scalability could be better.

View full review »

In the new release 19, there should be the implementation of a cloud service that you can use to set up the IPSec tunnels, and the SD-WAN from the WAN dashboard, and then you can push that configuration out to every firewall that you have.

View full review »

There should be web caching to improve bandwidth utilization. It should have a very good caching feature. That's because we are in a very poor continent, and the connectivity cost is very high. We have low bandwidth, and the intensive usage of bandwidth is not easy here in Africa. If they improve services for web caching, it would be better.

It should also support a feature for Virtual Domains. Similar to FortiGate, we should be able to use a single device to create two or more virtual units. Such a feature is useful for separating the traffic between departments in a large enterprise.

When I try to use Sophos for Email Gateway, it's not easy to check a user in the LDAP directory. It's not as good as other products, such as HCL Domino. Sophos is good, but it is not so good. When we use the LDAP filter to select some users, we have small problems, but overall, Sophos is very good for me.

Their support in Africa is not so good, which is a problem. Their support can be improved.

View full review »

In my view, Sophos operates effectively in a reactive mode, focusing on static detection and forwarding traffic. However, Fortinet takes a more proactive approach, blocking both connection and route connections. While Sophos forwards any connection in both inbound and outbound traffic, I believe this is a positive aspect, especially in a country with various sizing considerations. This is my perspective, emphasizing the significance of Sophos XGS in software work.

View full review »

The renewal process for this box is too frequent. We purchased it five years ago, and it's expiring in 2025. So, I feel they expire it too quickly.

In future releases, this solution could have more graphical elements on the dashboard to make it easier to understand. While there are graphics and a good dashboard, there's always room for improvement.

View full review »

The solution could have a bit more functionality.

We'd like to have a log viewer. We'd like to have visibility to see what traffic has crossed the firewall. 

They need more local support and different language options available for when they need help.

View full review »

I recommend Sophos increase the user capacity of the firewall by 1.5 times. For example, say the firewall can accommodate 1,000 users now, then it should handle a load of 1,500 users.

View full review »

Sophos is good for a mid-level company, not a large-level one. If the user level is very large, Sophos is not capable of handling such a high level of users. It, therefore, needs to improve the devices so that they work in larger organizations and with a large number of users.

When we use the hardware level of the device, the RAM or other storage capacity is fixed. We could not change the memory or other capacity of this device. If we need some improvement in capacity, we get different types of problems. If RAM usage is too high or capacity moves higher, the Sophos device does not work properly.

Sophos has a number of additional features, however, the user graphical interface, the graphical interface when we are using CyberRoam, the user portal, or user interfaces, are so much smarter than Sophos. In Sophos, the user portal is not user-friendly. This needs to change, the UI.

View full review »

There are occasional issues when we update an operating firmware there's some lag time. Updating requires us to reboot the firewall, in this scenario 24/7 organization will be the most effective. In addition, I'd like to see more focus on customer support calls we were waiting for hours to connect with them. In some cases, Sophos's team is extraordinarily helpful to solve any issues in the firewall. Sophos needs to focus on customer support through a chatbot or call management quickly so we can find some help on the client side. Thank you

View full review »

Sophos XGS could improve by having a Network Access Control(NAC). This feature is a basic function in other firewalls and should be added, such as Palo Alto.

The SD-WAN functionality should be reviewed because there are some devices that don't work well. For example, in Palo Alto, the SD-WAN functionality is more efficient.

View full review »

Sometimes when you roll out a new firmware, you find that the rules you already have in place are broken, so it's difficult to migrate to a new firmware without going through release notes and user reviews. That's the only downside I've experienced in Sophos.

View full review »

The interface can bit a bit more user-friendly. For me, it's still user-friendly and I don't find it difficult to use. However, the configuration should be more user-based. As an example, IPSec is complex and a little bit difficult to configure. If it were more like Microsoft Azure and the way their online configuration works, it would be an improvement. As it is now, I have all of the settings inside the device, so I can clone them and use them for customers. But, on the customer's side, it is difficult for people to understand.

Our Wi-Fi network is not working as well as expected.

View full review »

The interface of Sophos XG could be improved. I would prefer the Sophos XG to have an interface for the technician who is setting it up similar to the Sophos SG. I felt the Sophos SG user interface was superior. however, in terms of the functionality of the product, Sophos XG is in many ways more powerful than the Sophos SG. I have no complaints about the quality of the product or the end result. For someone who has used both, I preferred the old interface to the new one.

View full review »

While it is a secure solution, I believe it could be improved.

View full review »

The VPN features can be improved. Due to covid-19, we have a lot of employees that work from home and we need better VPN capabilities.

We would like to be able to override policies set by the country. For example, VPN is banned in Egypt. If we could bypass this then it would be helpful because it would allow us to distribute our connections, or services, to other sites. 

After upgrading from version 17 to 18, not everything is in the same place in the interface. For example, the firewall rules are in a different place. Consequently, my IT team department cannot understand the portal and find it not user-friendly. They were used to the previous version.

Better training should be available because there is nothing on the Sophos website to assist with setting up VPN connections or VPN SSL certificates. For instance, there is nothing to explain how to configure the DDNS.

View full review »

The reporting needs to be much better. Sometimes I have a lot of trouble understanding what they mean.

Sometimes it misses websites. For example, websites the users shouldn't be able to enter, or sometimes these websites are not shown in this log viewer. It's just occasional misses here and there. 

Technical support could be more responsive and quicker in getting to a solution. 

View full review »

User management is the area that, by far, needs the most work. The way that they try to transparently utilize user groups from the active directory to the Sophos firewall is outdated.

I'd like to see them do a little bit better of a job with the content filtering. It has content filtering, however, it rarely works. Sometimes it just fails altogether. I'd like to see a better job done. 

I'd like to see better reporting. While the logs are great, the reports are not.

View full review »

We always strive for more features.

We could see the bandwidth use right away with the prior version, which was the SG version. The current bandwidth consumption is no longer shown in the XG and XGS.

They are nearly a complete solution. However, they are missing this feature with the ability to view the current bandwidth usage. We have requested this, but have not had a reply yet. It was in SG before but it was removed in XG.

View full review »

XG is at its end of life. People are moving to XGS. With those changes on the horizon, a client might end up in, maybe 10 years, having four or five appliances, which they might not use. I don't know what Sophos is doing to maybe change this. Right now, we've moved from XG to XGS.

Another feature, which might be good and which other vendors are maybe exploring is the NAC. Sophos doesn't have a NAC solution. 

Maybe they can improve on their WAF. Currently, they have the inbuilt. 

They could work on their SD-WAN solution. I have seen it. It's not that competitive compared to other vendors. We've had some device issues.

View full review »

In terms of the product, from the way that we have been utilizing it, we have noticed that the vendor has been able to continuously upgrade and upgrade and update the product with new features. You'd find that all the time a new release has come out, and we're actually happy with that. We don't find it inconvenient that we are constantly upgrading. 

I can't think of any downsides in terms of the features on offer.

I'd like the dashboard to be improved. It could be a bit more customizable. 

View full review »

Their support is fairly good, and they come back to me. I've had an issue once or twice where I couldn't understand what the support person was saying because those calls were probably routed to India. They were a bit difficult to understand, but it is generally not an issue.

View full review »

There is no specific features request right now really. I see that all the features that Sophos is implementing and is proposing on the market follow exactly what the market is asking. It's difficult to identify something that is missing compared with what the market can ask as one of the most important things that Sophos does is have the capability to anticipate in a certain way what the market expects. As a leader on the market, they tend to have the solution just before the market is asking them for it. 

The solution could offer a bit more integration with other systems, with other platforms - just to be able to extend the capability and to interface with other kinds of platforms or systems that I can find on the market as it gives the possibility to improve the level of integration.

View full review »

The solution could improve by using fewer hardware resources compared to other products like Palo Alto, which has better performance. 

Additionally, better integration of AI and machine learning for predictive analysis of potential threats could be beneficial. 

The technical support also needs improvement, including a better ticketing system and faster response times.

View full review »

The functionality of SD-WAN compared to other boxes is lacking. Certain aspects need improvement, particularly enhancing capabilities like SD-WAN. We should also focus on enhancing XDR and NDR functionality in the firewall boxes and provide more threat protection alerts to users.

View full review »

I do not get notifications regarding ISP downtime. It would be better if I could get notifications related to the critical errors occurring in Sophos. The product is difficult to use. The administrators must be notified of the errors occurring in the firewall through emails or messages. It will help organizations take proactive measures instead of taking action after the incident happens.

View full review »

The price should be cheaper. Xstream must be included in future releases.

View full review »

The product's technical support services could be better. 

View full review »

When it comes to improvements that the vendor can make, we see that the cloud integration for managing all the firewalls is essentially a replacement of the on-prem version we had. It's not mature yet, being still in its infancy stage. That would require some improvement. As I have many firewalls, having the ability to delegate access to use, such as exists with Microsoft CSP or other services, would be a nice feature to see. 

Also, as a tech person, I know that executives do not wish to receive complicated reports, so a simplified executive report for executives would be a nice improvement. This would save us from having to explain issues which are beyond the scope of their knowledge. 

View full review »

We've had issues with support. If they improved on the support part, that would be great.

They should customers who are facing issues with their product reviews; they found bots in it. If they can do their proper research and use the user analysis and testing, that would greatly help the clients.

The software release has been giving us problems.

Other firewalls provide better reporting. We need admin and activity logs to be populated for the firewall. 

View full review »

I have observed that there are some reliability issues with these products in regard to the hardware performance and RMS.

I've witnessed many devices go down - even three on the same day. I've never seen that, for example, with Fortinet.

The stability could be a bit better.

I would like to have a proper SD-WAN orchestration solution. They are working on it. However, it still needs some improvement. Apart from that, it would be better if they provide the email gateway and the WAF not as a feature in the existing XG but as a dedicated appliance. Barracuda and Fortinet, for example, are providing dedicated services for the WAF and email gateway. Compared to that, Sophos is not up to the same level.

View full review »

I would like to see a history of the monthly bandwidth utilization, the bandwidth consumption for a period of time. Right now, I know they have something where you can see the live bandwidth utilization when you go to reports. However, there is not a history where you can go back and say, "I want to see what was consumed during the last month." You can't get that history. I know there are other third-party tools that do that, but if Sophos could have it integrated into its file device, that would be cool. 

I would like to see them reduce the price.

View full review »

The application is a little slow; it takes five to ten seconds to respond to every click when configuring. If we need to do significant configuration, it can take a lot of time. This might be because we have a low-end machine, and it could be faster with a high-end one.

View full review »

If I could host my emails using an email transfer agent, hosting it, it would be ideal.

The configurations can be a bit complex. It may be a while before you understand the configuration process.

If you do not have any experience with the product, you may struggle to set it up.

I'd like to see more integrated services from Sophos so I can handle everything from one place without a third-party. I would like to have email hosting and management integrated into Sophos XGS.

View full review »

The customer service response time can be improved.

View full review »

It would be better if they made their own hardware like Palo Alto and Fortinet. They use their own ASICs and claim it is more secure. 

The SD-WAN can be improved. The traffic optimization somehow needs to be improved, or there is a scope for improvement in Sophos XG.

It would be better if they moved towards the cloud side of things. Now a lot of things are moving on to the cloud.

View full review »

The fabric solution, the access points, and the WiFi, is not being delivered to Egypt due to some regulations. It's hard to get any devices in Egypt right now.  I need one solution and one centralized interface to monitor all the switches, access points, firewalls, and everything. I found this in Fortinet. Sophos is falling short.

We'd like an interface that can monitor everything. 

The costs could be better. 

View full review »

The price of Sophos XGS could improve, it is high.

View full review »

In the next release, XGS should include mobile features like two-factor authorization.

View full review »

Sophos XGS would benefit from further development in the SD-WAN area. It would be great if they could give technical people access to all the WAN links that we are connecting to, including inside the SD-WAN. 

They should make available or round robin inside the SD-WAN. This would allow us to move to another link if one goes down.

View full review »

It works. However, Sophos configurations are a bit complex. It's not very user-friendly. I don't find it user-friendly when it comes to setting up the firewalls.

The user interface for the technical admin can be better. It should be set forward to configure a firewall. if a firewall has complexities. I don't know why they did that. However, you should be able to quickly set up a rule to minimize the mistakes that a security administrator or a firewall administrator can make and configure. If not, that becomes an issue. One mistake on a firewall could result in a bridge.

It should be more straightforward. If you compare it with GFI Carrier Control Firewall, which is very straightforward, you can see why it’s helpful when it's easier.

View full review »

There were certain lacking capabilities, for example, the searching of its settings et cetera, previously in Sophos XG. There have been some features that were not visible or unavailable compared to the one here on Sophos XGS. Right now, Sophos XGS is stable with its current firmware and hardware versions. It’s gotten better.

I can’t speak to which features could be added.

As long as they just maintain the stability of the firmware version, we will remain happy.

Support is great, however, it can always be improved.

View full review »

In version 18 of Sophos XGS, the log details are not very good. However, in version 19 they are more detailed. The Fortinet FortiGate has better detail overall compared to Sophos XGS. They provide updates to the solution frequently, but they do not fix the problems that exist.

In the next release, the searching inside of Sophos XGS needs to improve. It is difficult to learn about the functionality and the modules. Additionally, there needs to be more automatic or less manual operations.

View full review »

We've had many problems lately. We're having issues with its firmware, now, and we are trying to fix it with the supplier, the Sophos supplier in Turkey. 

It has recently started to suddenly block and crash. We don't know what will happen. We're not sure if it is the device or something else. We're trying to fix the problem with Sophos. 

It's not extremely scalable. 

View full review »

Sophos XGS needs improvement with the threshold values. Other solutions have the capacity to handle more users.

I would like to see virtualization security included in the next release.

View full review »

Better instructions should be provided as part of the technical support so that we can understand the functionalities. This will help us to troubleshoot faster.

View full review »

I'd like to see improved throughput performance in a box. It's already a cost effective solution but I'd like to see the cost further reduced for annual renewals.

View full review »

Authentication with Azure AD needs improvement. It would be better if it could work directly without using local AD server. For comparison Fortinet FortiGate allows to use SAML authentication with Azure AD and does not require any local server. It is currently unknown to me, if or when it will be implemented on Sophos.

Local DHCP service also needs improvement. Windows DHCP service offers more functionality and is more flexible and easier to use. SFOS v18.5.3 added DHCP option functionality in the GUI - which previously worked only from CLI. 

View full review »

Sophos XG could improve by making the remote access and VPN better.

View full review »

Over the last six months, we have noticed that the hardware is slow, especially the VPN connections.

Sophos would benefit if they could improve the integration with Active Directory. It does not function consistently and we have to reconfigure it to make it function again. 

Integration with IPA, which is like Active Directory for Linux servers, would be a nice feature to include.

View full review »

Sophos XG's user interface has some room for improvement. 

View full review »

The only area that requires improvement is scalability.

I understand why scalability is difficult in all firewalls. I understand why it is difficult in our firewalls. If you want to scale, you can scale vertically or horizontally. That is the world of scalability. However, you cannot do so for the firewall. It's a forklift, you have to buy a new appliance.

View full review »

I'm just a sole proprietor for IT support, and from my perspective, there could be better ways to educate a proprietor, such as myself, on how to set it up, program it, and manage it. They do tend to have support, but a lot of times, it is for larger networks. I need something simpler and more rudimentary to set up and configure the firewall, set up the rules, and that type of thing. So, if there is a missing component there, that would be it. 

Any firewall will need rules for how it protects the network against a variety of threats or various degrees of protection.  My comments are not aimed at Sophos specifically.  As a new person just learning about firewall protection, it would be helpful for any vendor to have an education area that runs through various scenarios and implements them in the firewall.  Videos would be helpful.  From my initial research on which firewall to choose,  Sophos appeared to have the most straightforward interface. 

I purchased the units from www.firewalls.com, and they worked with me to do the initial setup.  That was very helpful to get started

View full review »

I'm not seeing any such things that require any improvement. It's good. From time to time, some updates will come through. It's meeting our requirements right now.

The pricing has gotten much higher. 

View full review »

The reporting could be improved.

Many other firewalls give you the option to disconnect a user. For example, if an end-user is using too much bandwidth, you could right-click to disconnect this user, but Sophos XG does not support this feature.

Sophos XG does not have the ability to disconnect a user.

View full review »

Unfortunately, there are quite a few negatives with them.

Their tech support is not great. 

The features on offer are lacking.

Basically what they don't have is proper bandwidth management for multiple WAN ports and multiple WAN ports to multiple VPN WANs. Meaning, if I have it on both sides on both the main side and on the secondary side, two internet connections, I can't bond the two of them together into a single VPN and have bandwidth managed between the two of them.

If I want to go ahead and make a VPN, right now, I have two internet connections on each side. I have to make a failover a group of four VPNs for it to go ahead and failover between them.

You're getting into a lot of rules. It's a lot of extra rules, et cetera, that has to be done. They don't have simple pointing systems where you could go ahead and make rules saying, "Hey, here's the route". They're not fully route-based VPN rules yet. You literally have to take down all the routes all over the place in order to make updates. It's tedious. 

Basically, we had the problem where we moved certain ranges from one data center to another data center. It took us about an hour of downtime to do that. We had to go ahead and we had to reset VLANs and we had re-setup all the VPNs in all the different places we reconnected. We don't have two sites, we have 25 sites. It was a lot of work.

View full review »

Its price should be improved. Its features are pretty okay, but the price is the area where we have to fight more. They should do something about the price structure.

View full review »

We're always looking for the best products and the best pricing. Pricing is always a concern for us.

When they do updates, they could handle them a little bit better. We've only had one problem, however, I do prefer when updates come out a bit quicker. We do the patching and updates and different things, however, in terms of the patch and timing and the criticality of it, it could always be better.

View full review »

When upgrading the firewalls, the process could be easier. 

While we do have network control, we don't have network monitoring. If I have 200 nodes and I want to see what's happening, I don't have visibility, especially if people are working remotely. 

If we could control roaming users through the firewalls and make it so that it's more of a  complete security solution, which we prefer, that would be ideal. If we have to install some clients on these machines, that's fine. The only concern is the DLP. We want to protect our data from being stolen. We'd also like to monitor activities from the perspective of productivity. We want to be able to track and calculate what users are doing on their machines.

View full review »

I would like to see the technical support improve. They have the worst technical support I have ever seen in my whole life.

The initial setup, specifically when activating the license, is a nightmare and is quite difficult. 

View full review »

The logging side of it could definitely be better. Some of the logging lacks, and the information that they provide you, especially in the spam filtering section, could be better.

View full review »

Their reporting needs to be improved.

The initial setup is not straightforward.

Technical support could be improved as well.

Integration to the cloud is also a challenge. It's not straightforward, especially while I move my mail from on-premises to cloud 365. I had to go to the cloud to research certain routes with it.

View full review »

The VPN device could be improved upon.

The firewalls could be strengthened.

The solution could be more scalable.

View full review »

In terms of improvement, I think the UI could be faster. Sometimes the system freezes and there's a lag. It seems there were some issues with the firmware but it's not a big problem. The user interface could also be improved. It would be great if they could include a little bit more bandwidth management. If they would integrate FatPipe into their product, it would be closer to what Fortinet does.

View full review »

Its price should be improved. It should be cheaper. 

In terms of features, I am happy, and I don't need more features. The firewall is perfect, but the antivirus could be better. It would be useful if the antivirus was less heavy and had better performance.

View full review »

We are in the movie industry. We're a movie distribution company. Currently, we are affected badly by corona, since March of 2020. We are working from home, however, this solution is for on-premises tasks.

The pricing can be high unless you choose a longer contract.

View full review »

Cyberoam was extremely hard to develop. If this solution makes that process easier, we will be happy.

The solution should be lowered. It would help entice more clients. We'd like to pay a lower price.

We're concerned about the safety of our devices. We are worried if someone manages to hack the firewall, that they will be able to get past other protections and perhaps onto devices. We'd like Sophos to remain vigilant in its protective capabilities and to continuously update its solution to expand its security offering in order to better protect its customers.

It would be helpful if the solution offered some tutorial videos to help new users learn the system quickly.

There should be some trial on offer that allows users to try out the solution and learn it before implementing it.

View full review »

I would like to see in future releases a tool to scan for malicious packets and give the location of where they are coming from. Nowadays all over the world is suffering from ransomware threats. If they could map where those packets are coming from and make the packet monitoring more efficient it will be helpful to prevent more of these kinds of threats.

View full review »

The SD-WAN could be improved. It is not yet full-blown; it's only basic, really. They need to move on with the algorithm on how the SD-WAN works, and how it works in comparison to other brands of SD-WAN. Sophos should study those algorithms on how they do the SD-WAN to learn a few things that may help them build out their own solution.

View full review »

Its user interface is a little bit slow.

View full review »

Recently, I've had a problem with updating firmware. Updates should be more stable . The last update I did was not successful and ended in a unusable device. Also the support case i opened for it could have been more effective.

I don't use all of the features and therefore it would be difficult to evaluate if anything is missing.

View full review »

Technical support could be improved. They aren't as responsive as they could be.

It would be ideal if we could have a more populated and detailed knowledge base. Generally, the new features must be tested before applying them to the production side. I would like to see more case studies, more application notes, and so on.

We would like to see an improvement in mail management. When passing from FG Series to XG Series, some mail features have been lost. We would like to regain them.

View full review »

They can improve all indicators, all KPIs, all the scores, the consoles, and the monitors. These are all areas that need improvement.

These areas need to be more clear for the customers. You have to have good experience working with Sophos to know how to get to the forums and to get to the information that you want from the beginning.

It is complicated to get the reports if you are not experienced with Sophos. For example, if you want to get a report on what the firewall is doing, you have to be a very experienced engineer.

View full review »

Their updates can be faster and more regular. Right now, it's updated monthly. When I need to update the firmware, I want it done within weeks, not months. There are also some changes in version 18, like rules, that aren't needed.

View full review »

The solution could be improved if it offered more documentation or at least provided more information about the products themselves. If there was a virtual assistant of some kind that would help clients familiarize themselves with everything, that would be very helpful.

It would be helpful to get some insights into new features so that we are able to relay information to clients effectively.

View full review »

I used to work with Fortinet, and sometimes I see that the SD-WAN feature could be better because it's much easier in Fortinet. That area could be improved in Sophos XG as it's too complicated right now.

For example, I remember a case where the routers had to be configured by commands. It's not hard, but you have to read and investigate how to do that. The XG firewall works fine, but you have to read, and it takes some time to do it.

Sophos XG could also improve the floating area. I have more features in Fortinet, more visibility of the networking table, and the networking area. But in Sophos, you have to enter the CLA and display it. It'll also help if they offered more toll booths for VPN like Fortinet.

View full review »

When you utilize the processors, the device hangs. Many firewalls hang because of the high volume of loads.

If we are using the HP policy and the user policy at the same time, the firewall gets hung and it means that we cannot get clear reports.

We have mitigated the firewall with Palo Alto because Palo Alto is working on multiple environments. 

I would like to see the performance improved.

View full review »

The solution really needs some additional features like network access control. If they could incorporate some user profiling and present the analytics of the login user usage patterns, or a typical proper management dashboard to take a decision on the firewall rules, that would be useful. Basically, MI's and the dashboard could be more user friendly. The information is there but the dashboards are not in a graphical format. In short, I'd like to see network access control, user profiling and analytics dashboards. It would make the solution a more competitive product on the market. 

View full review »

It would be useful if Sophos XGS included DDNS-based features.

View full review »

The solution is expensive.

View full review »

Some firewall names like Palo Alto and FortiGate are very famous for security. People find them very secure. While Sophos is fairly secure, they aren't known for their security, and it's not an obvious selling point. Unfortunately, on Gartner, Magic Quadrant, and Forrester, Sophos doesn't have a good presence. They need to get better at marketing their abilities and expanding what they can do.

I would like to see them in third-party evaluation reports like Gartner, Magic Quadrant, or Forrester to make it easier for us to show our customers that Sophos is a leader in the market. It will be easier for us to sell them. Our market depends on what products are currently in Gartner and Forrester, and these platforms. 

View full review »

The licensing prices are too high.

There are a lot of false-positive cases. 

We'd like to see access point integration. 

View full review »

It would be nice to have features like the network access control (NAC) that Cisco has for Identity Services Engine.

In the next release, I would also like to see an increase in the performance of the processing units.

View full review »

The reporting could be better. 

View full review »

The reporting could always be improved upon. They need intelligent reporting, not just your simple, standard reports. 

View full review »

There was a hardware conflict with the software. Recently we did five RMA of Sophos hardware, and several customers said the hardware and firmware were faulty, so there is a dependency on the hardware. For some customers, EQuIS is also an issue, and when we claim RMA from Bangladesh, it takes almost one month to get the product. 

In addition, the firmware has some bugs because it continuously updates in 5.1, 5.3, and 5.7. So, if we randomly change the firmware, it's not fixable, and this should be improved. 

In Sophos XG Firewall, we can create a different zone, like LAN, DMZ, and MZ, but we cannot customize the WAN dual, so it would be good if we could do dual customization.

View full review »

Sophos XGS could improve the price.

View full review »

Sophos XGS's response to zero-day attacks could be improved. In the next release, Sophos XGS should include signature filtering, hybrid cloud support, and the ability to scale without replacing the hardware.

View full review »

The main thing that we would like to see improved is ransom. They could provide something better. We are not using a public IP. 

View full review »

Sophos XGS could be improved by adding a built-in hyper-converged solution.

View full review »

Sometimes, we haven't received proper support. They couldn't find the solutions that we required.

One thing that we need is an NTP server facility. The Sophos XGS device does not have this capacity or this feature.

View full review »

I think the earlier SG version was easier to configure and manage. The XG is a little different and somewhat more complicated. I'd like it to be easier to manage and configure.

View full review »

When it comes to different interfaces there is some speed issue that can be improved in Sophos XGS.

View full review »

Reporting could be improved. The structure could be better because most of the reports aren't detailed.

View full review »

Sophos XG could improve the connectivity with Microsoft 365 or Azure Active Directory(AD). It doesn't work directly as other solutions do, such as Fortinet FortiGate. The client needs a separate AD server which is a problem.

There is no endpoint software for Linux systems, only the server version runs on Linux.

View full review »

I would like to next release to be able to support on-premise deployment. The construction of the rules within the firewall could also use some improvement.

View full review »

All of the options should be available when I renew my subscription for the year. As it is now, there are some limitations.

View full review »

Sophos XGS could improve by having better integration with Active Directory.

View full review »

Sophos XG could improve by coming out with more innovative feature developments.

The solution is secure, but security could always be better, they should work on perfecting the security of Sophos XG.

View full review »

In the Sophos XG, the SD-WAN has all the rules done separately, such as net policy routing. In the previous version, they were all in a single rule and everything was done that way. The way it is now is difficult for us because we are not used to this newer version. The firewall rules should be easier to configure and create. Everything should be done with a single click.

In the next version, the solution would be more user-friendly overall.

View full review »

The security of Sophos XG could be improved.

Sophos wants to move all things to the cloud, including access to the end-user PCs and data from the cloud. What will be easier to hack for a customer with an outdated firewall, or the Sophos cloud could get hacked which has all the access and information from customers. With my experience, it's not a question of if they will hack it, but a question of when they will do it. I'm not happy with the direction Sophos is going on.

We have problems with the use of the user interface. You have a poor search engine for objects via which you can write new rules. You have to start at the beginning of the whole object name. With the Sophos UTM, you can start with a pattern, with part of the whole word. In Sophos UTM it will list you all the hits with parts of what you type, and that does not happen on the Sophos XG.

View full review »

Sophos XG should improve on the GDPR features involving data protection and encryption. Security regarding data protection is important.

View full review »

We are facing some problems on this firmware version, version 18, that require improvement. We want to improve the email security because it doesn't give proper security with the data protection. Also, our clients are facing some problems where most of the sites which they're accessing are getting blocked. I want to improve those sites, that email security, and the data protection on the Firmware version 18. Also, sometimes it gets frozen and we cannot access it. After we shut it down and restart, then it's perfect. That's a point that we want to improve. 

In the next release, I want them to please improve version 18 so that it has more features and is more user friendly and it should have a VRF option.

View full review »

The main problem with Sophos XG today is that it doesn't have a feature where you actually know the quality of an international link, which would allow us to we know if the link is operational or not. We need more information. It's losing packets on the network. It's high latency. So, we need more information to know if the link is really bad or really good, and today, we only know if it's working and this just isn't enough.

View full review »

This solution could be improved with more effective bandwidth. I found that when I enable DDoS detection for our clients, bandwidth is reduced. If DDoS detection is disabled, the bandwidth will be high, but it isn't secure. We recommend that customers enable DDoS detection, but if they need high bandwidth, we recommend Palo Alto and FortiGate instead of Sophos. 

View full review »

Support could be improved.

View full review »

I would like to see improvement with service and support. LAN inbound and outbound traffic requires more control and an additional stop. 

View full review »

Sophos XG could improve the policies, they are a bit confusing when creating them. There are many options that make it confusing and it could be simplified.

View full review »

Our clients use Karios, and while it integrates well with it, the integration could be improved.

View full review »

I would like to have a more efficient logging process & real time analisys. The logging, expecially with EDR subscription, is something that needs improvement.

I would like to see email management improved to have more features and options for integrating with other solutions, expecially cloud based.

View full review »

The user interface could be better.

We find that the solution takes too long to load. It's slow. 

View full review »

In light of all the firmware upgrades, maintenance, feature and general releases of firmware, I really appreciate the support offered by Sophos. It is really good. 

However, the response time could stand improvement, as I do not benefit from immediate support. There is a delay involved. This can be problematic when I need urgent support, such as when my device is in a production environment. 

View full review »

Some businesses require Dynamic IP. This feature would be useful if it worked.

View full review »

The solution could be more secure.

View full review »

For the moment, managing the Sophos interface is a little bit challenging. We have an external partner that helps me to comprehend. But it's new. It has to keep up with the market, and I understand that. But that's my personal problem at the moment. High-availability clusters have not been implemented, so we have only one firewall and one device. So should this device go down, there's no more internet access. But so far, we haven't had any problems. 

View full review »

The solution is very slow in comparison with SonicWall and FortiGate. It should have faster performance. 

The installation could be faster and is longer than that of other solutions, lasting more than a month instead of five minutes.  

View full review »

I'd like to see a more simplified functionality for our customers. We also had a negative experience with the sales team of Sophos, which offered a three-year renewal to our customer. We'd suggested one year, keeping the customer's cashflow in mind and Covid. The result was that it affected our credibility with the customer. These are some of the irritants in the sales policy.  

View full review »

The solution could improve by making the graphical interface better and increasing the performance. 

View full review »

I wish to see an antivirus feature added to the solution. 

View full review »

The box needs to be fixed

Moreover,the bugs need fixing. I also think that SD-WAN features should be added. The intelligence feature should be improved and Sophos needs upgrading and updating. 

View full review »

I think the management console could be improved. I also find the partner portal difficult to work with because it never functions correctly and it's exhausting to deal with. They should also improve the failover management and the reliability of failover, and there are sometimes issues with the WAF functionality, whereby a number of applications can't be used correctly. Finally, I think the support could be improved because when you open a ticket, there's a long wait time for a response. 

View full review »

Some of the firewall rules are complicated for us to understand, they should be simplified.

View full review »

The reporting could be improved in this solution by adding more details.

View full review »

Everything is working as expected at this moment, but the anti-spam solution in Sophos XG needs to be improved. It needs more granular features and more stability. The anti-spam solution currently doesn't have many features, and we would like to have more features. At this moment, there is no expression filter for anti-spam. We need something to be able to filter subjects or attachments in emails based on the keyword. Sometimes, there is an issue with anti-spam, and Sophos XG suddenly stops processing incoming or outgoing emails. The only solution for this issue is to restart the appliance.

Their support should be improved. It takes a long time to escalate a support case from level one to level two.

View full review »

I would like to have better SSL decryption and HTTPS decryption. There should be filtering of SSL and HTTPS traffic.

Sophos XG consumes a lot of endpoint resources. It consumes a lot of RAM and CPU resources, and they should look into this.

View full review »

We recently updated our previous version; now, the security licensing fee is quite high. I don't know if it's a bug in the OS, but it's not been very stable after we upgraded to the latest version.

View full review »

Support for this product is something that is really important, and it needs to improve.

View full review »

Technical support can be slow to respond, which is something that should be improved.

In the future, I would like to see the addition of artificial intelligence for identifying and controlling traffic.

View full review »

The recent changes of the policy compared to Cyberoam are a little bit less user-friendly and complicated. Cyberoam is much easier to use.

Security could be better.

In the next release, I would like to see improvements made to the policy and simplify the policy-making, as the complexity of it makes it really tough.

View full review »

The interface should be changed. It should be more user-friendly.

They should also update the policies and statistics because Fortinet is better, but Sophos could grow.

In the next release, I would like to see improvements to simplify the interface and more policy deployments.

View full review »

The manuals or guides we are given are too simple. When we are implementing the product, it is difficult for us as we don't have more detailed information. 

The technical support on offer is slow. When I have questions, they answer me very slowly. Sometimes within 24 hours, I have a response. However, it can be longer. In Mexico, Sophos doesn't have technical support locally. It's in Argentina or in other countries. It would be nice if support was available in the country.

View full review »

In feature releases of the solution, I would like there to be an increase in the detection capability. The detection is low compared to the other solution available in the market.

View full review »

They need to do more quality checks before they release firmware upgrades. Currently, a few Cyberoam firewall customers are facing some issues while upgrading the Cyberoam firmware to Sophos. After the new firmware is installed, they are seeing some performance issues, which require some bug fixes. The performance is fine after getting the required support. Customers who are already using Sophos hardware are quite satisfied with this solution. 

Their support should also be improved. We are facing difficulties getting support on time through email or phone.

View full review »

There's an IP address delivery for our VPN client and a limited range of IP addresses. So this is a problem in the latest firmware release, but rather than using homework scenarios, we need a lot of VPN clients.

View full review »

The GUI and support could be better. I think there are other products that we are going to deploy instead of Sophos. We have already upgraded a month ago because the interfaces and support for Sophos are really weak. But other products like Juniper, Cisco, or FortiGate are better than Sophos. It's also complicated, and the end-user or client does not understand it.

The interfaces and the GUI design are not easy, and when you do something, unrelated things are in the same configuration site. There are different sites to visit to configure Sophos. This is even more than other products. Many features can be improved, especially the VPN and web filtering features.

View full review »

I would like to explore network access control. I haven't seen that it is clearly deployed.

It might be something that is already in place, or if it is available on another device.

I would want the level of integration to have another device on your network that is also reliable.

View full review »

I am using the Azure Active Directory in my company and it was complicated to integrate this solution with Azure. I had to use an internal VPN and had to do many configurations to get it operating. This process should be easier to implement.

View full review »

I don't see any drawbacks to this solution at the moment. I know of other products that have more features and are more advanced stages, but ultimately, an organization's choice of software depends on its budget. If you have a small amount of money and you want to secure your network, Sophos XG can provide you with network security. Sophos ZG is a mid-range solution. There are solutions that are above it in terms of features on the market, but they cost more money. 

They could work on their technical support to make it more productive for the end customer. Some of my friends and colleagues have had unfavorable experiences with the tech support taking too long to close their ticket. However, I opened two cases this week and both have been resolved. 

View full review »

They made some changes to the firmware update sometime last year, which moved some of the policies from where they were before. Some of the policies, such as NAS policies, were separated, which made it a bit hard for people to trace the policies they had configured.

View full review »

They can simplify its interface so that it is mostly drag-and-drop. There was an SQL injection attack on some Sophos devices. They just need to harden their devices a little bit so that they can't be hacked very easily.

View full review »

An area of improvement would be the reporting as diagnostic graphs take a long time to load and refresh. If there could be an option to show only select graphs, it may speed up the graphics.

Most of the time we don't use the disk usage, memory or CPU graphs. The main graph we watch is the bandwidth usage.

Additionally, their previous update contained many bugs. They need to ensure that, before releasing a new version, there are not so many bugs.

View full review »

What I don't like about Sophos is that applying policies can sometimes take longer, and there can even be a bit of a network interruption. With FortiGate, it's just one click and then you go, but with Sophos, sometimes the wheel keeps spinning for several seconds.

The SD-WAN capability is not as good as it is in FortiGate, and is something that should be improved.

View full review »

Software updates always come with issues. For example, I just upgraded to the next version, 80.5, and it came with VPN issues. It started dropping my VPN users. So, I had to roll back to before the software update. I think that the main area for improvement is the quality assurance of the updates.

The management console is a little bit rigid.

Scalability can be improved.

I think that it performs a little bit slow when it comes to connectivity, and having the speed increased would be better.

View full review »

The first area that needs to be improved is customer support.

If I'm implementing a connection on the DMZ or WAN, I should be able to dive deep into the implementation, specifying what needs to be implemented or not. For example, I should be able to configure specific details for the DMZ, and not have to follow the templates that they provide.

We have had problems with the stability that affected business operations.

View full review »

In the Firewall, the Intrusion Prevention System can be improved. Now because COVID has come to stay, people tend to work from home, and cybersecurity has been on the high side. 

It can improve more on the security aspect of this so that it can combat any major threat or common bug. I am not saying that the security has become compromised, as it is usually active, but they can improve on it.

Local and technical support can be improved.

When firmware updates are complete, there were issues with connectivity and VPN users. Recently, I stopped updating the firmware because I didn't want to obstruct the connectivity of the staff working remotely at different locations. 

I have stopped doing any updates until the issue can be addressed.

View full review »

The number of ports, especially on the entry-level appliances, should be increased.

The price of adding ports should be reduced to make it more competitive.

The vendor needs to create materials to show the differences between Sophos products and those from other vendors.

Network management needs to be included in the package.

As it is now, it only supports ten multiple users, which is something that should be increased.

View full review »

I need to do a bit more research on the product. I can't think of any features that are missing.

The solution is tied to the US dollar. You need to pay whatever the equivalent is in your own currency, and, if the exchange is bad, it can really add to the cost.

View full review »

The security of the solution could be improved by making it more intuitive and it should have a background reputation service for classification of websites for content filtering. It's a service which defines the type of websites enabling me to do my content filtering in a much more effective and efficient way.

They really need to include some kind of a client app for mobiles so that firewalls and all the metrics can be accessed directly on the phone; some kind of administrative application on the phone, maybe on an iOS or Android.

View full review »

I think Sophos XG can improve some annex features. Like in DHCP, we can't make IP reservations in the range. We must reserve out of the range, which is not good. It will not be the same as the DHCP function in a Windows Server. We can't make an IP reservation in the range of the DHCP in the Sophos.

Better in the next release? I hope...

Sophos can also improve the debugging of the WAF function and provide a better resolution in the log, in the attached WEB log. The initial error doesn't appear. You must tail the console log to find the source pattern, cause of the error.

View full review »

With the proliferation of fiber connectivity becoming available at our homes, consumers should not have to go and buy another module for fiber to ethernet converters or another device to get the fiber options. I understand all UTM models should have direct SFP ports available so that FFTH is directly terminated to UTM for better management and uptime. 

View full review »

Some features are not available on the graphical interface. So you need to return to the command line to solve some issues that are faced by the customer. I used it for enterprise networks, I decided that it is not very good for enterprise networks. There is some issue with its hardware. I have faced two problems and that were resolved by Sophos earlier. They changed the appliance. In other products, I have not seen such problems in the hardware. So I think that the hardware is not heavy duty. You can say it's not heavy duty like other vendors. The performance is not as it says on the datasheet. They should improve the hardware. If they can do that, it would be a very good product.

View full review »

It is a very basic and entry-level firewall. It doesn't give very granular control over the traffic. It should have more granular control over the traffic. This feature should be there similar to Palo Alto and Cisco. It should have such advanced features.

View full review »

We are having challenges with social media because ever since this issue of COVID-19 came into existence, the idea of using online discussions has become relevant. Before this, they were not made the priority because they were not considered to be important. Now, we've discovered that we need to use a lot of these online applications.

We are having challenges when using Zoom with Sophos XG deployed. Our wireless network is not stable through the connection. More work needs to be done there, since the FW is doubling up as a wireless controller.

I would like to see improvements made to the display and visibility. I'm also using Sophos XG firewall as our wireless controller, but as it is now, I can't see my access points on the firewall. My wish is to see the Wireless network and reports also on this firewall cum- controller. 

View full review »

We feel that the GUI can be improved a bit because it has a lot of information and looks a bit outdated.

Nowadays, you hear a lot about next-generation firewalls, so some additional features can be added from an EI perspective. Products like FortiGate, for example, have a lot of features apart from the basic firewall. 

We would like to see integration with existing IPAM and IDAM products.

In the future, I would like to see new kinds of automations, as well as the inclusion of artificial intelligence-related features. A lot of other firewalls already have these now.

View full review »

Training on the devices is an area that needs improvement. Their training mechanisms are not perfect, and this is where you lose a good appreciation of the product.

The documentation for implementation is not good. For example, when you look up the details on a firewall rule to validate it, the details are not there.

If you click on the help file, they say a zone is an area where you can define specific logical network areas. This is where they stop, with nothing more. If you want to go further into the concept of it, which you know there is, you have nothing. Then you have to revert to the internet and go onto newsgroups to try to see if anybody has had your type of experience. Then you find someone, they explain it to you then say, "Oh, it only makes sense". So, then when you want to implement this, it's much easier at that time. So, that's the best-case scenario that I can explain.

There is an area that is very specific to our setup, where working tools you cannot easily establish a VPN between two internal networks.

When you want to establish a VPN with different wizards, they assume that you're always going through your internet link. 

If you want to create, with the zero-trust concept, which is where you don't trust anybody or any device, you want to make sure that everything on your network is segmented and everything is relative, depending on its flexibility, behind its firewall or a firewall segment. At some points, you might want to establish VPNs between certain network segments. 

Since you cannot establish VPN tunnels from the Sophos interfaces, plus if you are doing something that's going through the internet, then you lose flexibility. 

Currently, let's say we have a factory V-LAN and you don't want anybody within the factory V-LAN to be able to connect to another unless it is to a specific V-LAN, and you want to use VPN technology, you can't do it because you can't establish the connection again between two internal interfaces.

View full review »

When you are using it as a controller for the wireless access points, it doesn't perform well.

It is not suitable for the public cloud. It is more suitable for enterprise data. It is not really the equipment for cloud data centers. I am looking for a data center firewall.

View full review »

It would be helpful if they had a set of standard templates because it would assist in the beginning, when you are just getting started. They do have a template, but I mean specifically for different use cases. For example, an existing template for setting up a web page would suggest what kind of security we need to have in place. They do have help menus and videos, but additional templates would be useful.

View full review »

The main area that needs improvement is the documentation.

Sophos needs to be a little better at communicating with partners about changes, issues, patches, and so forth. 

The weakest point is the technical support because they are difficult to get into contact with.

View full review »

The cloud support needs to be improved. As it is, they only have support for Microsoft Azure. They should expand it to include providers like Amazon and Alibaba.

View full review »

They should expand their DDoS feature. It's basic. They need to enhance it.

Technical support needs to be improved.

The solution needs a mobile application for the administrator. Today, as an administrator, you cannot manage the solution from your tablet or from your mobile. You can only go through a web console. Other vendors have mobile apps. Some vendors also have the ability to manage and check the chart report and change some settings from a mobile application. This would be an excellent add-on for administrators who are traveling. It could help a lot. 

View full review »

Although I enjoy the reporting elements of the solution, it can still be improved. I still can't drill down. There is some information that I would really, really like to see, but I still can't access it.

On reports, they sometimes give a summary, but it lists different users as unknown. There are times that I really want to know which user or which IP is causing a problem. 

View full review »

The initial set up process can be a little tricky, especially when you are registering with Sophos and you have a poor internet connection. Setup is not necessarily complex, but it's not trouble-free. You do have connectivity issues at the initial setup with registering the device on the Sophos platform to access the advanced features. It doesn't always go through the first time around. That may be an issue with the quality of our connection. I'm not sure exactly what it is. 

The single sign-on client I get maybe a 60% success rate on. There are times when it will use single sign-on for verification of users to access Internet resources. It still doesn't always catch the user. The user gets sent to the web login. Even though the single sign-on is helping, it doesn't always work. 

I would like to see a better single sign-on performance. I'd like to see a more streamlined way of managing your licensing as well.

View full review »

There was a big issue with the Cyberoam and with the SG units as well, i.e. the previous Sophos UTM model. With Sophos XG, you get the chance to block what sites operate on SSL or that operate with HTTPS, without the need of extracting and distributing a certificate. 

On older Cyberoam and Sophos SG old versions, if you wanted to block something like YouTube or Facebook or any other websites that operate with HTTPS, you had to extract the certificate. Then you had to export that certificate. Then you had to re-import that certificate in all the user browsers. 

The only problem was if you needed to use an active directory where those certificates would be automatically thrown into the user browsers once they logged in to the domain. 

For a scenario like mine where you don't have a group policy, it is a disaster and ends up with you setting the rules to block certain websites with HTTPS on the firewall, even while they are not being blocked so that the user will still have access to them. This problem is now 100% sorted out with Sophos XG.

Now you can actually block whatever you want, whether it's using HTTPS or HTTP keys from the firewall without the need for extracting certificates. That's a major improvement. That problem with the HTTPS settings was a huge issue. 

I know other people must be enjoying that it's sorted out now. It was a serious and major issue for Sophos. The only issue that Sophos XG now needs to improve is the product's reporting capabilities.

View full review »

We are having a lot of issues with conflicts and user sessions, and Sophos has suggested that we change the device to the XG 400.

Aside from these issues with scalability, the email security features are good, but there are not many options. We would like to know why an email is being blocked, and how we can allow delivery. It does not keep emails in the queue for delivery. It can only log whether it is delivered or not delivered. If I need more details then I have to log in using SSH to get that information.

When an email comes in from the outside it is detected. When we check the log it only tells us that it is not delivered. We would like to create an exception, but there are not many options available for this. For example, a domain space is not allowed. Only the user name can be used to do that. We need a domain-based exception for email.

Next, the XG 210 is easy to configure, but when we are looking for more details then we can only get this information through SSH. It is quite difficult. If we can get all of those details then it would help us to understand, so this needs to be improved.

There are a lot of options and it gets confusing sometimes. If they can give limited options, with more information, then it would be good for the large sites.

View full review »

The technical support could be improved as it is currently not competent and pretty slow.

View full review »

Deployment could be easier.

View full review »

Sophos might discontinue the UTM features, as they've been promoting the newer XGS Series appliances. While the XGS offers great features like detailed logging and audit reports, it currently lacks essential functions in the UTM. For example, the XGS doesn't provide basic audit tracking for configuration changes, which is crucial for understanding who made modifications, what was changed, and when. Sophos claims they'll add this functionality later. Its absence significantly hinders the usability of the new firewall.

Additionally, while XGS offers decent day-to-day management, there's room for improvement. Many users transitioning from UTM find the XGS interface less intuitive, causing a learning curve.

View full review »

The speed of report generation could be improved.

View full review »

The solution's pricing and stability could be better.

View full review »

Level one technical support is not good at all and needs to be improved.

View full review »

There are some issues with conversion and user roles when upgrading to Cyberoam.

View full review »

Part of the web application firewalling could be improved.

We'd always like the solution to be a bit less in terms of cost.

View full review »

Our only issue is the price.

View full review »

The solution could improve inspection processes and troubleshooting for VPNs because this area is very weak. 

Improvement in VNET protection is also needed. 

View full review »

Sophos XGS could improve the automation system. It could be better if there was some level of automation, attacks automation, meaning if this happens, then it automatically executes a particular process.

View full review »

There are issues with some designs being able to work on high availability. We design our architecture in three tiers on the network. There is the core tier, the distribution tier, and the access tier. We haven't succeeded in our attempts to configure this and haven't been able to find documentation on how to go about it. Sophos has a single sign-on, but it requires configuration to communicate with the firewall and that is lacking. The configuration on Sophos is well described, but the configuration on the Windows system is not well described in relation to the Sophos knowledge base. It took a lot of my own research to figure out what was wrong. I'm a cyber security guy so it's very difficult for me to implement the solution.

View full review »

The VPN capability needs some improvement in Sophos XGS.

View full review »

There are some bugs relating to the product that allow VPN users to bypass the firewall.

View full review »

The SD-WAN feature isn't very good. It's there, but it doesn't work properly.

View full review »

I can't recall coming across any missing features. 

Support could be improved.

View full review »

Sophos XG could improve Data Loss Prevention(DLP).

View full review »

While it is possible to configure between two of the solution's devices in the same model, the high available usually fails. We are talking about when there are two devices running concurrently. When it comes to the traffic, there is a distribution of load balancing and the upworking. This is what is meant by high availability. 

View full review »

Areas for improvement would be the access points and the on-premise version, which is very bad.

View full review »

As with solutions like Palo Alto and other firewalls, the SD-WAN needs to be rigorously and aggressively improved because when we provide this solution to our customers, it often fails at the network security level. 

View full review »

Scalability could be improved. It could be better.

View full review »

Even though things work on the back end, we have encountered bugs in the solution. 

User interface and integration can stand improvement.

View full review »

There have been some issues when upgrading. For some reason, parts of the configuration become unconfigured, I then have to reconfigure it. I should not need to keep reconfiguring it after upgrades.

View full review »

It is not recommended for larger enterprise customers.

They need to improve the SD-WAN feature.

View full review »

It is already secure but it could be better in terms of other breaches that may occur.

View full review »

The reports could improve, they do not seem complete and more information could be added.

View full review »

The solution could improve by having better security.

View full review »

The support service level agreement in regard to the amount of time needed to upgrade things is too low. It should be higher.

View full review »

The technical support they offer is difficult to access. There is no direct number to call and when you do get hold of them and have confirmation, it takes a while to get a response.

View full review »

Data traffic analysis could be better. I think Fortinet products like FortiAnalyzer are very effective in analyzing data traffic. I think it's better than Sophos. It could also be more stable.

View full review »

Sophos XG's web server protection and log viewer could improve. They should also introduce sandboxing. 

View full review »

There are issues with electricity with this solution.

View full review »

The MTR feature has to be enhanced. There are some bugs on the ADL which need enhancing. 

View full review »

I have not used their SD-WAN product or the SD-WAN feature, so I don't know how scalable the SD-WAN is. But, I hope just that the SD-WAN is up to par with FortiGate.

The integration is an area that can improve a bit. One of the other solutions that I have used that is highly interoperable is Fortinet. It's easy to integrate with other products. 

Sophos can definitely improve with the interoperability between solutions.

View full review »

They can lower its price. It is very expensive. We are looking for a less expensive solution depending on our budget. They can also improve it in terms of firewall protection.

View full review »

I would like to have more artificial intelligence in the web monitoring service that comes with it. It should alert us when particular events happen. It has already got some of that. I know that it is more of a service, and Sophos is already looking at it. It is called SIEM.

View full review »

It's a problem that we are not able to investigate incidents, there is no tracking. Security is also lacking in this product. 

View full review »

Categorization or uncategorized websites is an area that needs improvement.  

Having a web portal where you could make requests for the categorization of non-categorized items, would be beneficial.

The DLP rules don't cover countries such as Serbia. You cannot make custom rules. That could be added so that we could detect content that is not supposed to leave the company via email, and so that the rules could be customized by the clients.

We only have predefined rules and most of them are not for Serbia or countries from the Region.

View full review »

The UI needs improvement because it can be a little weird at times.

View full review »

In terms of improvement, one of the features we are having a hard time getting a hang of is MAC addressing, like when we assign IP addresses to a specific MAC address. That is something that can be improved. For the next release, I think, it should have better feature integration.

View full review »

The interface could be improved by simplifying it and making it much smarter. I would also like to see an improvement in the diagnostic system graphs. They could be modified to provide individual graphs. The present page has all graphs in a single page and it slows things down and takes more time to refresh and load. 

Additional features they could consider including in any update would be symbols and tools. They could also include URL groups and all Office updates, the regular things that people do on a daily basis. 

View full review »

Sophos needs improvements made to the console, such as host entry or defining rules directly from it.

View full review »

In regards to email as an example, if you experience any malware, it is contained in the container but doesn't give you any information about the email, or what is contained in the email. You only have the option to reject it or to release it.

I need to open the email to see what it contains and the value of it before I know whether to access it or not.

Stability needs improvements.

View full review »

The behavior with the zones was a little bit tricky to understand and the beginning of the project.

Sophos XG is difficult to manage and it is difficult to understand when you first begin.

The reaction time of the GUI is terrible when compared to other manufacturers. 

View full review »

The VPN is in need of improvement. For us, it is hard to set up and it not working properly.

View full review »

The two main areas where this product needs improvement are routing and reporting.

The security can be improved, as well.

View full review »

The uploading and downloading of reports should be included.

We are looking for a firewall to block the uploads from the user, not the downloads. I would like to see this feature updated.

In the next release, I would like the uploading and downloading reports to be included.

View full review »

Their technical support needs improvement. I've been on hold with them for hours waiting for their support.

View full review »

It would be great if the user can have a portal to check on activities related to their account.

View full review »

Network security is in need of improvement.

View full review »

There needs to be a way that we can distinguish between educational institutions on Youtube and other Youtube videos. You can do this on Fortinet. Basically, they can block all other Youtube videos besides those that are from educational institutions. With Sophos, you either allow for all Youtube videos or none at all. They need to allow for more specification on different websites.

They only have one single location for training videos. They must offer them elsewhere as well. When the site goes down, everything stops, and you can't access the videos when you need them, so they need to diversify that. It's limiting.  

View full review »

It's easy to use, but it's harder to configure when you want detailed settings. They need to make it easier to access advanced features.

View full review »

Sometimes we experience difficulties with our server and that is usually due to a bug. Somehow bugs seem to find their way through Sophos' security. The issue is usually resolved when we contact technical support. In the next version, I would like to see an improvement in this. The developers should test everything after any update to ensure that bugs don't come though with the update.

View full review »

The UTM itself needs improvement. When you're navigating it seems like it takes forever to load anything. The hardware is okay. It's just the software that could be more responsive. 

View full review »

I would like to have remote access to clients using a static IP for a certain period of time. This would allow me to log in to any client, remotely, with a known and fixed IP address.

View full review »

The major problem that I am facing, and I know that others are facing as well, is with the HTTPS classic, in general, or any classic that works on Secure Socket Layers. Let's say I set up a rule to block users from accessing YouTube or Facebook. The rule will only block the HTTP traffic, which is non-secure traffic. But most websites right now, most of the reputable web services providers, for extra security for their own web servers and for the user's security, provide a connection over Secure Socket Layer.

The problem comes when you are trying to block, or allow, similar traffic that uses HTTPS. You have to create a certificate and import it into the users' web browsers, whatever they are using. Now, this is not a problem when you're dealing with users stationed and fixed in a specific site or location. They are using desktops, they will never take the desktops and go home with them, nor will they ever take the desktops and travel to another country, or another site with it. The problem occurs when you're dealing with roaming users who use laptops and have to move between different sites that have different types of policies applied to them. You have to import all sorts of certificates from each site into their browser. Doing so will most probably conflict with something else that is totally irrelevant and cause a problem.

A way around this is if you are using authentication with Active Directory. But most of the time, especially if you're operating in a remote site with a very slow internet connection, if it's available in the first place, authentication with Active Directory is impossible. 

So it needs an easier way to apply HTTPS filters, without importing certificates into users' browsers and without the need for using an Active Directory. There must be a way around it. There are workarounds. But with applied workarounds, it will work out once, it won't work out properly 10 other times. That is my only request.

Also, since Sophos took over Cyberoam, the online technical library and support library have become super messy. To get a piece of information is becoming a nightmare. They need to reorganize the online technical support and technical library. The easiest way to overcome this is to look at how the Cyberoam online technical library was structured and to build the Sophos technical library the same way. It is messy, totally unorganized, time-wasting. Instead of getting what you want in five minutes it takes half an hour.

View full review »

I would like the update process to be easier, to update the firmware of the boxes. I think it's much better automatically than having to do it manually: Download the file, do network discovery. If they can make the update process much more automatic that would help.

View full review »

It is performing well. However, the only challenges that we are facing are the effectiveness with blocking the proxy and tuneling applications, aside from  proxy and similar applications. So the application filter on the product is not really performing 100%. Every now and then there are some updates that are happening on such applications, and it takes time until it gets the appropriate updates and becomes capable of capturing such applications and blocking them.

A new feature I would really like to see would be some sort of an enhanced application filter with greater efficiency when it comes to the applications that can bypass firewall policies. These applications are really a nightmare. Once they are on the network and not detected, or the appliance is not really successful in capturing them and unblocking them, the bandwidth gets wasted all the time.

View full review »

It could offer other important functions such as a DNS Filter for blocking botnet networks.

View full review »

The VPN and central management need to be improved, but that's being nit-picky.

The IPsec VPNs are a little on the buggy side and you sometimes have to jump through hoops to get it to work. When I looked at them last, they were still in development for the centralized management of the firewalls, so when I saw it, it was very much in its infancy.

One more thing to add to what they can improve is the firewall policy presentation, they have their own special way of doing it which takes time for some to get used to, especially if you’re used to Cisco ASA.

View full review »

Sophos XG lacks link load balancing options like ratio and spill over, both useful in some scenarios.

I also think they might consider improving the RAM of some of the appliances, since there are processes that are very memory intensive.

Lastly, I would say packet monitor is another area for improvement as it lacks capabilities like exporting the capture from inside the GUI tool.

View full review »

Email Protection has room for improvement. It doesn’t have an intuitive rule base. I would much like it to be like the Sophos UTM software. The level of detail in the settings is much too low.

View full review »

I would like to see the possibility to add or block some content directly from the log interface or the live view of the interface so that if I see that an IP address is consuming a lot of bandwidth, I can right click on it and set some kind of policy. Everything else its perfect. 

View full review »

Sophos XG could improve by being more stable and for it to be able to be used for large enterprises.

View full review »