Sophos UTM OverviewUNIXBusinessApplication

Sophos UTM is the #1 ranked solution in top Unified Threat Management (UTM) tools. PeerSpot users give Sophos UTM an average rating of 8.2 out of 10. Sophos UTM is most commonly compared to pfSense: Sophos UTM vs pfSense. Sophos UTM is popular among the large enterprise segment, accounting for 48% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 20% of all views.
Sophos UTM Buyer's Guide

Download the Sophos UTM Buyer's Guide including reviews and more. Updated: May 2023

What is Sophos UTM?

Sophos UTM is a unified threat management platform designed to protect your businesses from known and emerging malware including viruses, rootkits and spyware. The solution provides a complete network security package with everything your organization needs in a single modular appliance.

Sophos UTM Features

Sophos UTM has many valuable key features. Some of the most useful ones include:

  • Web and Email Filtering
  • General Management
  • Network Protection
  • Network Routing and Services
  • Advanced Threat Protection
  • Authentication
  • Email Encryption and DLP
  • Web Policy
  • End-User Portal
  • VPN IPsec Client, VPN SSL Client, and Clientless VPN
  • Web Application Firewall Protection
  • UTM Endpoint Protection and Management
  • SEC Endpoint Integration
  • Logging and Reporting

Sophos UTM Benefits

There are many benefits to implementing Sophos UTM. Some of the biggest advantages the solution offers include:

  • Simplifies your IT security without the complexity of multiple point solutions
  • Intuitive interface to help you quickly create policies to control security risks
  • Provides clear, detailed reports to give you the insight you need to improve your network performance and protection
  • Complete control to block, allow, shape and prioritize applications
  • Two-factor authentication with one-time password (OTP)
  • Integrated wireless controller
  • Allows you to connect remote offices with easy VPN and Wi-Fi

Reviews from Real Users

Below are some reviews and helpful feedback written by PeerSpot users currently using the Sophos UTM solution.

PeerSpot user Dana B., Network Administrator at a manufacturing company, says “The web and email filtering are the two biggest and most valuable aspects of the solution for us. The solution overall has just been a good, cost-effective solution for us. The solution offers a lot of functionality. The solution scales well. We've found the technical support to be helpful. The stability and performance are quite good.”

A Technical Director at a security firm mentions, "Sophos SG UTM had all the basic functionality that you needed. It is user-friendly and easy to manage for any integrator."

Marek M., Senior Network Engineer at a computer software company, comments, “Sophos UTM is the simplest of these products to set up. If you follow the instructions using the wizard, which is just a few steps, then you will have a firewall to protect you and your customer.”

A Software Sales Manager at a tech services company explains, “The overall visibility of the console is what I find most valuable, plus it's very user-friendly. It can be integrated with other solutions such as SOAR, SIEM, etc., even when you have an existing firewall. I really like that the console can be integrated. You'll see everything on the same window, and the single window feature of the machine is so good. These are the features I really like.”

James D., IT Manager at Manual Workers Union, states, “The fact that it's on the cloud means we don't have to administer it on our network or deal with a physical machine, which saves us money. The solution has many great features. From the console, we can start different scannings on different machines. We enjoy the centralized reporting part of it. The initial setup is simple. We enjoy its general stability. The solution can scale. So far, the solution has been problem-free.”

Sophos UTM was previously known as Astaro.

Sophos UTM Customers

One Housing Group

Sophos UTM Video

Sophos UTM Pricing Advice

What users are saying about Sophos UTM pricing:
  • "The solution is very low cost compared to competitors. You have a good firewall, a lot of functions for less than the price of some omni firewall competitors."
  • "Although Sophos UTM is a good product, other products have more flexibility with their pricing. It is a very fine product, but when someone wants more relaxed pricing or more leverage in pricing, Sophos is more rigid."
  • "The problem with the Sophos is not the cost of the hardware but the cost of the modules, packages, and the subscription."
  • Sophos UTM Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Owner / Network Security Engineer at Texarkana IT
    Real User
    Top 10
    It's a highly stable platform with very few hardware issues
    Pros and Cons
    • "The packet filtering's great. You get out what you put into it. It works great as long as you know your security and configure everything adequately. If you just pop one in and it's not configured, then it's basically wide open. It kind of depends on the admin skill, but it's an excellent product."
    • "Email spam filtering only works if you have an on-prem Exchange server. It doesn't interface with Office 365 like the XG model. That would be one feature that they could improve. They're not going to do it because they're trying to push us all to XG."

    What is our primary use case?

    I deploy Sophos UTM FullGuard for each of my clients. It is a complete bundle of security subscriptions that include web filtering, dual inline antivirus, etc.

    What is most valuable?

    The packet filtering's great. You get out what you put into it. It works great as long as you know your security and configure everything adequately. If you just pop one in and it's not configured, then it's basically wide open. It kind of depends on the admin skill, but it's an excellent product.

    UTM has sand-storming, got dual inline virus scanning, filtering, DNAT, translations, etc. You can implement Google Safe Search for schools and stuff.

    What needs improvement?

    Email spam filtering only works if you have an on-prem Exchange server. It doesn't interface with Office 365 like the XG model. That would be one feature that they could improve. They're not going to do it because they're trying to push us all to XG.

    For how long have I used the solution?

    I have almost 30 years of experience in IT, and I've been deploying Sophos UTM and its predecessor for the last 14 years. Originally, the product was called Astaro ASG, which is short for "Astaro security gateway." Sophos bought Astaro in 2010 or 2011, and it became Sophos UTM.

    Buyer's Guide
    Sophos UTM
    May 2023
    Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: May 2023.
    710,326 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    I've been using this stuff forever, and I've only had to replace a couple. That was due to lightning strikes, power surges, and other things that are out of our control. It's a highly stable platform with very few hardware issues. As long as you set it up right. I have my solution scripted so I receive backups and nightly config files in the email. Each night, I look at the executive report to monitor the solution. As long as the administrator takes the time to set it up correctly, I think it's a highly stable product.

    What do I think about the scalability of the solution?

    The Sophos UTM and XG lines are highly scalable. It's the same OS and security across all modules. The scalability is based on the size of the hardware.  If you have a small network, then you go with an SG 115 or something. If you have a network of up to around 50 people, then you bump that up to a 210. If you have a couple of hundred people, you bump it up to a 310. To scale up, you increase the hardware for higher throughput and such.

    How was the initial setup?

    The initial setup is pretty easy for anyone with a security background. Sophos has a wizard that holds your hand through the initial setup to get you up and running, but an administrator needs to get in and fine-tune the solution after the fact. 

    The deployment time depends on the size and scope of the client. I've put a bunch of them in small networks of fewer than 10 machines. Those don't take more than a couple of hours. I've also done larger companies with 120-150 people and multiple departments. I like to lock everything down, so I know it's secure, and I create exemptions for things that don't work. It just depends on how many applications, end users, departments, etc. For a big customer, it's a one or two-day process.

    I started in corporate networking for large enterprise clients, but I've been running my own business for the last 13 years. A good rule of thumb is about 200 endpoints per technician. That's doing everything, including desktop support and security, etc. For security administration,  one person who knows what they're doing can set it up and administrate it fine.

    Now, I have a team of a couple of people underneath me because I have a lot of companies all over the place. It takes more than one person to keep everybody going. If I were the full-time IT guy for a company of 200 people, I could deploy it, manage it, and do it all by myself.

    What was our ROI?

    I run a managed service provider, and I put everybody on UTM appliances. Those licenses are all renewed annually, and I have to manage their networks. I get a great return on investment.  With the XG line, you can get into the Sophos Flex program, where I only get billed monthly for it. We charge the customer monthly for their security subscriptions, so we get a return every single month.

    I keep my prices reasonable. Lots of people charge twice what they pay, and they get a lot more money in their pocket, but I just don't like gouging people.

    What's my experience with pricing, setup cost, and licensing?

    Sophos is actually fairly expensive. When it was Astaro, it was the most expensive solution in the same tier as Cisco PX and Barracuda's line with multiple different blades to do different things. Astaro was the first solution to have unified threat management all in one blade. You don't need to get full-blown security at the top price. You can get the network security subscription or the web security subscription, etc.

    On a scale of one to five, I'd probably give it about a four for affordability because it's pretty expensive. It's good stuff. I've always been a firm believer that you get what you pay for.

    What other advice do I have?

    I rate Sophos UTM nine out of 10. I think Sophos UTM is pretty close to perfect.  I wish they weren't discontinuing the UTM line. They're forcing all of us partners to switch to XG. XG has a lot of AI integrated into it, so it's probably more secure, and there are more features. At the same time, it's a lot harder to work on, and I don't care for the UI. I like the way that the UTM is laid out.

    You get out of it what you put into it. That's true of any security appliance, whether Sophos, Barracuda, WatchGuard, Juniper Systems, etc. If you want to secure your networks, this is a great device, but you have to put some time into it. You need to understand your customer's environment. I like to lock it down and create exemptions for things that they need. That way I don't have to waste my time cleaning up viruses, ransomware, and all these threats that happen all the time.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Technical Director at a security firm with 1-10 employees
    Real User
    Top 5Leaderboard
    Plenty of functionality, highly stable, but lacking log reports
    Pros and Cons
    • "Sophos SG UTM had all the basic functionality that you needed. It is user-friendly and easy to manage for any integrator."
    • "There were a lot of features and functionality in Sophos SG UTM but nothing was state of the art in terms of technology. You did not get the latest functions. It was very monolithic as it was based on an old Linux PuTTY system."

    What is our primary use case?

    Sophos UTM is a virtual appliance used for network security.

    What is most valuable?

    Sophos SG UTM had all the basic functionality that you needed. It is user-friendly and easy to manage for any integrator.

    What needs improvement?

    There were a lot of features and functionality in Sophos SG UTM but nothing was state of the art in terms of technology. You did not get the latest functions. It was very monolithic as it was based on an old Linux PuTTY system.

    Everything has changed in the newer version of the solution from the SG to the XG. It was a completely new reborn version. You are not able to migrate from SG to XG using scripts. it is very difficult because of the differences. There was not a simple migration path from one to the other.

    In the Sophos SG UTM version, you cannot have any other functions. Sophos will tell you "It's a closed version. We will not have any more functions." However, in the new version, you have a lot of new functions, and every two or three months you have new features. For example, you can use Sophos Central to synchronize both strategy policies and even security, if you are equipped with Sophos antivirus on workstation and server. If your antivirus on the workstation finds a threat, your firewall will have the information of the station, what issue it had, and what other stations it communicated with.

    Sophos has to enable the Intercept X or an EDR function on the firewall because for the moment, the firewall is only equipped with sandboxing or something similar. Which, is quite good but there should be something easier for the user. For example, the logs at the moment are not as simple as they are in other solutions, such as Fortinet, it is very important to have a logging tool, log reporting, or a reporting engine. We need to see logs and find information within. However, 10 years ago, we do did not care about the logs but things have changed. We need them to analyze, to have a view of some of the layers but we do not have this. They could improve by providing better log functionality and features.

    For how long have I used the solution?

    I have been using this solution for approximately five years.

    What do I think about the stability of the solution?

    For the whole life of Sophos SG UTM, it has been highly stable.

    On the newer XG version, we have had a lot of small bugs on the very first version. We were having lots of small bugs on different functions and it had been a mess for a lot of integrators to make it work and to keep confidence in the XG. The XG had a lot of functions and all functions could have a lot of bugs. Even if everything is under control on one or several functions, there were some functions that had many, such as the VPN. However, in version 18 the stability was a lot better. 

    You rely on the stability of a firewall and if you have some bottlenecking from the communication from or to the internet. It is very difficult to be confident in Sophos and we lost some confidence in Sophos in the very earlier version.

    Overall, we had more problems with the XG than with the SG version.

    Which solution did I use previously and why did I switch?

    I have used other Sophos solutions, such as Sophos XG UTM.

    How was the initial setup?

    The installation of Sophos SG UTM is very easy. There are detailed manuals that can help with the installation if you run into difficulties. There is some basic transferring training you can take that is not complicated.

    It is very complicated to migrate everything you put in SG to another version. You need to redefine many aspects manually on the XG because you are not able to extract the configuration from a confidential file to import it into the XG. They are very different and will not work in the same way. It is very confusing for a new customer.

    If customers want to buy the XG because it is the new version and they want to migrate through a Sophos or integrator, it will take a lot of days for engineers from SG to XG to implement because it is not the same solution anymore. It is very much similar to if you were migrating from SG to a Fortinet or to a Palo Alto firewall. You have to recreate the configurations manually on your side, with no migration paths. It is a very important point. We do not have migration paths from one to another.

    What's my experience with pricing, setup cost, and licensing?

    The solution is very low cost compared to competitors. You have a good firewall, a lot of functions for less than the price of some omni firewall competitors.

    Which other solutions did I evaluate?

    I have evaluated other solutions, such as Sophos XGS.

    What other advice do I have?

    There are two versions of the Sophos UTM. The old one is the SG, and the newer ones are the XG and XGS UTM, the next-generation firewalls.

    Sophos UTM was a rebranded solution that was bought from the Astaro company. It was one of the first UTM and was a very stable solution. Everything was inside a small box, you could start to enable or disable some functions, such as TCP, HTTP proxy, or firewalling. It allowed you to manage everything you wanted in this Unified Threat Management solution. It was a very nice multi-functioning security tool. If you adapted to the way of working with the UTM you could do everything with it. 

    It was a nice solution. Sophos still allows the use of the SG UTM. For example, if you want to buy an XG Firewall, which is their new next-generation firewall, you still can purchase the older SG UTM. Sophos is able to still deliver this solution.

    I rate Sophos UTM a seven out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Buyer's Guide
    Sophos UTM
    May 2023
    Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: May 2023.
    710,326 professionals have used our research since 2012.
    Software Sales Manager at a tech services company with 51-200 employees
    Real User
    Top 20
    Stable and scalable user-friendly software which offers good integration with other solutions
    Pros and Cons
    • "Sophos UTM is very user-friendly and has good integration with other solutions."
    • "Flexibility in pricing could be improved. It's more rigid in its pricing compared to its competitor: Kaspersky."

    What is our primary use case?

    Mostly when we see that the client has no security product, we offer both of the products: firewall and endpoint security. We offer endpoint security solutions: EDR and XDR.

    Most of the time, we offer Sophos UTM and firewall products, but when we see that the customer has a firewall already deployed, we pitch endpoint security. If they're already using a different product, we cross-sell a product. For example, if someone has an environment with just endpoint security and doesn't have XDR or EDR, we'll suggest upgrading to XDR or we'll upsell XDR.

    What is most valuable?

    The overall visibility of the console is what I find most valuable, plus it's very user-friendly. It can be integrated with other solutions such as SOAR, SIEM, etc., even when you have an existing firewall. I really like that the console can be integrated. You'll see everything on the same window, and the single window feature of the machine is so good. These are the features I really like.

    What needs improvement?

    I have no suggestions for improvement for Sophos UTM. It's been a decade and it has been a very good product throughout the Pakistan market.

    Pricing could be improved. After-sales service is much better. Once you have a sales team and a technical team for any product, it definitely becomes very easy to pitch or get the revenues out of that product. Flexibility in pricing matters a lot.

    For how long have I used the solution?

    This is the fourth year we've been implementing this solution.

    What do I think about the stability of the solution?

    Sophos UTM is stable which is why I like it.

    What do I think about the scalability of the solution?

    I find Sophos UTM scalable and it is one of the reasons I like it.

    How are customer service and support?

    For Sophos support: the distributor is responsible for providing maintenance, support, and after-sales service. Most of the time, we try to have an agreement between the customer and affiliates which is binding for two or three years.

    The support team here is from the distributor. The first layer of support is really fine when compared to the support provided by other products, e.g. McAfee or Kaspersky. This means it doesn't go to the principal for resolution because the distributor or the partner experts try to fix it on their own before logging in to further complaints. We are good with this kind of solution for our customers, and we prefer those distributors who have their support team.

    This is why I really like Softech, although everyone does this, Sophos relies on the Softech technical team. They fix the issues most of the time, so it's very rare for us to go to the principal solution. This is the first line of support we have here in Pakistan.

    The principal response time is so quick. It took them only two or three hours maximum. I had the experience of addressing an issue to the principal and they were able to answer me in two or three hours maximum. They have a good TA team.

    What's my experience with pricing, setup cost, and licensing?

    Although Sophos UTM is a good product, other products have more flexibility with their pricing. It is a very fine product, but when someone wants more relaxed pricing or more leverage in pricing, Sophos is more rigid.

    For example, Kaspersky is successful in Fintechs because of its services, plus they offer flexible pricing to their end users. It's a comparative advantage here in Pakistan because Pakistan is a very price-conscious market. This is the reason why every time we pitch, we have to pitch more than one product here in Pakistan. They spend their money on SIEM and other kinds of security firewall, but for endpoint solutions, they say any low-budget product could easily be implemented. Most of the customers here in Pakistan like it this way.

    Which other solutions did I evaluate?

    We also implemented Kaspersky and McAfee.

    What other advice do I have?

    We are a partner for all these products. We market these products to the end customers or the end users. We are both selling and implementing these products. We're partners with Sophos. There's a distributor in Pakistan called Softech Microsystems, and we have a silver-level partnership with them.

    We've been working with Sophos since 2019.

    In the financial market, however, Kaspersky is being used more than Sophos because of its credibility, integration, and extra features offered by Kaspersky. We always try to recommend Sophos as it's what we want, but sometimes, because we also carry a Kaspersky partnership, when a customer demands for Kaspersky, we have to let the customer test it and we have to give them a quote for Kaspersky. We also carry another product, e.g. McAfee, aside from Kaspersky and Sophos. Sophos UTM is a product I want to go further. I try to pitch Sophos UTM rather than Kaspersky or McAfee.

    I'm giving this solution a nine out of ten.

    Whenever we go for the public tenders, because there's no price flexibility, most of the time I find other products win. Although we have completed our POCs and all that, convincing customers to go with our product, but when it goes to the tenders: in the tenders they mention specification rather than mentioning a particular product, so we'll have to qualify. We qualify technically, but when it comes to the commercial opening or the financial opening, we fail.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    SherifFouad - PeerSpot reviewer
    ICT Manager at Capital Limited
    Real User
    Gives us the ability to manage our firewalls from the cloud and deploy a unified configuration onto them
    Pros and Cons
    • "It gives us the ability to manage our firewalls from the cloud and deploy a unified configuration onto them. Other competitors like Meraki have that ability, but they fail to optimize it in the way that Sophos has."
    • "Last year, Sophos had some major internal management changes that negatively impacted their support."

    What is our primary use case?

    We have deployed Sophos UTM on cloud and on-premises. The cloud provider is Azure.

    There are about 200 people who are using this solution in my organization.

    What is most valuable?

    From Cyberoam and the early builds of Sophos SG, they have developed higher integration between Sophos UTM and the computers' endpoint antiviruses. We can isolate the infected machine from the network, but an IT technician or cybersecurity professional can remove it from the machine and disinfect it. 

    It has the capability of blocking HTTPS traffic, but you need the Sophos Central Intercept X subscription for that. It gives us the ability to manage our firewalls from the cloud and deploy a unified configuration onto them. Other competitors like Meraki have that ability, but they fail to optimize it in the way that Sophos has.

    What needs improvement?

    Last year, Sophos had some major internal management changes that negatively impacted their support. 

    I would like to see better reporting and better alerting.

    What do I think about the stability of the solution?

    I would rate the stability as nine out of ten.

    What do I think about the scalability of the solution?

    The scalability is the same as support and the initial setup. The scalability depends on the person who is doing the initial design. If I choose a device that will serve 10 users and my users jump to 50, then I definitely have a big problem. If I choose a firewall that has 30 GBs of throughput, and all of a sudden I jump to 50 GBs throughput, it's my problem because I didn't do the initial design properly. It's not a problem with the device.

    If you do a proper design, assume growth, and buy a model or brand that can digest that growth, then it's scalable. Sophos can handle more requests and requirements than what is in the data sheet.

    I would rate the scalability as nine out of ten.

    How are customer service and support?

    I would rate technical support as three out of five.

    The level of support might be acceptable for a smaller company. My organization works in mining and drilling, and we operate in 18 countries and five continents. We needed a better response time, especially in regards to cyber security.

    Which solution did I use previously and why did I switch?

    I've used multiple other solutions. At one point in time, we were going to replace all of our Sophos units with Meraki, but I canned that completely because they're incomparable. I also compared the Sophos firewall with other virtual firewalls, but that's a bit unfair because that's an on-premises device and the others are virtual. I've used Microsoft Azure Firewall and Sophos Azure Firewall, but I canceled Microsoft Azure Firewall.

    We compared Sophos with Cisco Meraki, and we chose Sophos. On the virtual side as a UTM, I compared Sophos XG for Azure with the Microsoft firewall for Azure. Sophos won on the cost side, which I consider to be a minor cost. 

    In terms of benefits, features, and ease of configuration, Sophos won.

    How was the initial setup?

    Compared to other solutions, initial setup is very simple, but it depends on the configuration design that you want. That's where the complexity is.

    First, you get the firewall or the router, connect it to the LAN pool, do the initial setup, and then setup the LAN, WAN, and the basic tools. It's the same for FortiGate, IBM ISS, Cisco, Meraki, IronPort, and Websense. Across all those products, the setup is very easy. If there's any problem with initial setup, It has more to do with the lack of experience from the technician setting it up than the complexity of the hardware. 

    The only interaction we do with Sophos units is when we are adding new users, removing users, and for other administration tasks. There are two people involved with maintenance, upgrading the firewalls, and testing new scenarios.

    My whole team does administration. Comparing Cyberoam to Sophos, the overhead of troubleshooting performance issues is at a minimum. The only time I need to replace a firewall is when it gets burnt out because of a power problem, which is usually something major and doesn't have to do with the product itself.

    What's my experience with pricing, setup cost, and licensing?

    I would rate the pricing as 2.5 out of 5.

    The problem with the Sophos is not the cost of the hardware but the cost of the modules, packages, and the subscription.

    What other advice do I have?

    I would rate this solution as eight out of ten.

    Which deployment model are you using for this solution?

    Hybrid Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Microsoft Azure
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    IT Manager at Manual Workers Union
    Real User
    Top 20
    Great features with easy centralized reporting and good performance
    Pros and Cons
    • "So far, the solution has been problem-free."
    • "We'd like to see them offer their services on mobile devices like tablets. I'm not sure if that's an option or not."

    What is our primary use case?

    The features that we're currently using are mainly just for the endpoint protection, which is for the service and the workstations. We basically use it for the servers, the main servers, and then from there for the client, which is basically the laptops and the PCs.

    How has it helped my organization?

    The fact that it's not heavy on the machines has really helped. It's basically lightweight. One advantage is that we, having a cloud solution, do not require a physical machine that we have to administer on our network.

    What is most valuable?

    The fact that it's on the cloud means we don't have to administer it on our network or deal with a physical machine, which saves us money.

    The solution has many great features.

    From the console, we can start different scannings on different machines. We enjoy the centralized reporting part of it. 

    The initial setup is simple.

    We enjoy its general stability.

    The solution can scale.

    So far, the solution has been problem-free.

    What needs improvement?

    We don't need any extra features. We only use it for the servers and the workstations. We'd like to see them offer their services on mobile devices like tablets. I'm not sure if that's an option or not.

    For how long have I used the solution?

    I've been using the solution for over a year now.

    What do I think about the stability of the solution?

    It's been very stable. In fact, we haven't had any complaints or any issues with it. There are no bugs or glitches. It doesn't crash or freeze. The performance is great.

    What do I think about the scalability of the solution?

    The scalability is quite good.

    Right now, we have 40 users.

    We will definitely scale in the future. As we get new employees, we just request additional licenses.

    How are customer service and support?

    I've never had any issues.

    Which solution did I use previously and why did I switch?

    I also use FortiGate.

    How was the initial setup?

    The implementation process was straightforward. What basically happens is that you just have to pick that certain client from the console and then you just install it on the machines. From there, of course, you handle connectivity after that. It's pretty straightforward.

    A full deployment on one machine took less than 20 minutes. The thing is, if you have fast internet, it can even be much less.

    Maintenance is very simple. Support is inbuilt from the manufacturer's side. Therefore, internally, if there are any issues on the client machine, you just reinstall it. There isn't much to do really, in terms of maintenance, except maybe the licenses. It's hosted on the cloud and updates are automatic, and are available from the portal.

    What about the implementation team?

    We did not need a reseller or consultant's assistance. It was all handled internally.

    What was our ROI?

    I haven't really explored ROI. I only have worked with it for slightly over a year. Maybe we need to start looking at it. 

    That said, so far, we are protected and we haven't been hit so far. We're getting the returns from it in that sense.

    What's my experience with pricing, setup cost, and licensing?

    Having a cloud option is a real cost saving. 

    In terms of licensing, we pay on yearly basis. From there, what happens, in the last month, we request a quotation for renewal, and then from there we just pay through the local reseller. 

    We're thinking of maybe dealing with the supplier, the manufacturer, directly, however, right now, we're still using the local supplier for licensing and payments. 

    What other advice do I have?

    We are on the latest version of the solution.

    We are customers.

    I would rate the solution at a nine out of ten. We are very happy with it. I would recommend it to others.

    I'd advise new users that, if they are going to go with the cloud option, that issues related to maintenance is actually handled within the cloud. The rollout is pretty smooth.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Account Executive at a tech services company with 11-50 employees
    MSP
    Top 10
    Highly granular, communicates with other Sophos solutions, and offers good performance
    Pros and Cons
    • "The initial setup is pretty straightforward."
    • "I don't really have any notes for improvements."

    What is our primary use case?

    We primarily use the solution for firewalls. 

    What is most valuable?

    The firewall in general is very good. It is comparable to other firewalls. 

    Since any environment needs a firewall, it's been helpful in its ability to be highly granular in its configurations. 

    Sophos is a security-focused company, which I like. I like that all Sophos products can essentially talk to each other. For example, if a computer has the Sophos antivirus, and it detects something, it actually talks to the Sophos firewall and says, "Hey, I think something is going wrong on this computer." Then, the firewall goes, "You know what? I'm going to shut it down for a while. I'm going to close off all incoming and outgoing connections from that unit until an IT admin comes in and tells me to release it."

    It's very scalable.

    The solution is stable. 

    The initial setup is pretty straightforward. 

    What needs improvement?

    I don't really have any notes for improvements. I don't need additional features. 

    For how long have I used the solution?

    I've been using the solution for three or more years. 

    What do I think about the stability of the solution?

    The solution's stability is excellent, and it is reliable. There are no bugs or glitches, and it doesn't crash or freeze. 

    What do I think about the scalability of the solution?

    The solution is very scalable and easily expands. 

    Which solution did I use previously and why did I switch?

    I'm also familiar with Meraki. Sophos, however, has the ability to talk to other Sophos products. 

    Meraki would be all isolated, meaning you have a different antivirus. It'll try to block and scan and do its thing, however, the firewall will always allow the connection to go through. Nothing is stopping it from isolating it. From a Sophos perspective, every single thing talks to each other, whether it's Sophos Central, Sophos email security, Sophos antivirus, or Sophos firewall.

    They all talk to each other and look at how attackers come in because attackers don't just, poof, appear on a computer. There's a route it needs to take and different layers of protection it has to go through. If all of your layers, your roads, and everything is all Sophos, they all jive, and that's great.

    How was the initial setup?

    The ease of setup is dependent on the level of technical expertise. If you are a qualified tech, all firewalls should be pretty simple to deploy, depending on the environment. It's simple enough to implement in general. 

    What was our ROI?

    We have witnessed a positive ROI while using the solution. 

    What's my experience with pricing, setup cost, and licensing?

    Price-wise, you get the bang for your buck. You get a huge value set. Ask for HA, high availability, since a lot of Sophos resellers sell two firewalls, the second one being free. Then, you only pay for one license. If your first firewall fails, the license migrates to the second one.

    What other advice do I have?

    We are using a variety of different versions of the solution right now. 

    It's really, really cool to look into Sophos. I highly recommend it. From an infrastructure, stability, and security perspective in terms of configuring in a granular way, Sophos does it all. It's a really good product and something to look into. 

    It's also a lot cheaper than Meraki. It does way more than Meraki. Dollar to dollar, Sophos will likely beat Meraki. For example, with Meraki, you're going to be paying two or three times more for nothing spectacular, nothing different. You just get a portal. It's okay. With Sophos, you do have to know what you're doing, however, any network admin should be able to figure it out. It's not like an ancient hieroglyphic language. It's quite straightforward.

    I'd rate it nine out of ten. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    IT Administrator at Vegol
    Real User
    Top 20
    User-friendly with lots of online documentation and the ability to expand
    Pros and Cons
    • "The solution is stable."
    • "The support could be better."

    What is our primary use case?

    The solution is used mainly for user management and access control. 

    What is most valuable?

    It's a little bit easier to use. It's user-friendly, and then there's a lot of documentation for it online, so it's easy to manage without necessarily dealing with a big learning curve. It is easy to understand, basically.

    If you need to troubleshoot, everything is basically on Google. 

    The solution is stable. 

    It's a scalable product.

    What needs improvement?

    The support could be better.

    They need to improve their email protection. Their email protection is horrible. They have an email protection license that is paid for. However, they need to improve on email protection capabilities.

    They need to have proper reporting. What they offer no is weird. I need to get another application to give me a clear diagram of my network. This should instead come directly from Sophos. 

    For how long have I used the solution?

    I've been using the solution for two years now. 

    What do I think about the stability of the solution?

    The product is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. 

    It is redundant enough. I don't have any issues with it.

    What do I think about the scalability of the solution?

    The solution scales well. 

    We have about 500 people on the product right now. We also have 100 users on the VPN.

    How are customer service and support?

    It is better to Google rather than use technical support. 

    They are slow to respond and then the response doesn't exactly give you what you want.

    I understand they can't give you a solution to something that you'd expect them to. They try to give you something. You're going to go to Google and find the information on Google faster and easier anyway. 

    Which solution did I use previously and why did I switch?

    We worked with Cisco mainly in the past. When we went to renew with Cisco, we found the pricing to be quite high. We're happy now with Sophos. We have no interest in switching to anything else.

    How was the initial setup?

    The initial setup is very easy. The interface makes it simple.

    I'm not sure how long the deployment took exactly.

    We have four people that are able to handle maintenance. 

    What about the implementation team?

    I was able to set it up myself, however, you do really need to know it or work with someone who does.

    What's my experience with pricing, setup cost, and licensing?

    The cost could be considered reasonable based on other plans. However, when I was looking at when you renew our licenses, the pricing is a little bit weird. When you renew your license, the licenses are at the cost of buying a new device in your plan. I haven't renewed yet. However, I would need to figure out that aspect. 

    I can't recall the exact costs of the product as it's been a while since we originally licensed it. 

    Compared to Juniper, the difference is the pricing. It's more affordable than Cisco or Juniper, actually.

    What other advice do I have?

    I'm a user and a consultant.

    I'd advise potential new users that they should let someone that knows how to do it set it up fast. You should work with someone that knows how to do it.

    I'd rate it an eight out of ten. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    sugoi - PeerSpot reviewer
    Server analyst at EJCLME Inc.
    Reseller
    Top 20
    Very strong firewall with a streamlined interface that treats everything like an object
    Pros and Cons
    • "The firewall itself is very strong and provides great security."
    • "The solution needs better integration with captive portals and XGs."

    What is our primary use case?

    Our company is a partner and reseller of the solution. We lease, sell, and license boxes for our clients. Use cases are rather unique and not uniform. 

    We provide support for a few SMBs around the country. 

    Some customers are heavy users, with involved configurations, and the setup may include high availability configured with two boxes. 

    Others use it as just a gateway between their infrastructure and the internet with very simple configurations that don't include web filtering. 

    Active directory integration domain is used for some, but not all customers. Common items include DNATs and SSL VPN. Most customers use VPNs, and site-to-site connections (REDs or IPsec).

    We also use virtualized UTMs for LABs.

    What is most valuable?

    The firewall itself is very strong and provides great security for the internet. Some clients don't use any other special feature but all customers depend on the firewall as a secure gateway.

    A lot of thinking went into the user experience because the UTM interface is streamlined, good, and feels like a web application. It does have hiccups here and there but effectively treats everything as an object. You can quickly see where objects are being used or referred to and change them. 

    What needs improvement?

    The UTMs are end-of-life so the web interface is not top-notch and needs more speed. There is still support for the UTMs so they are the best we have right now. 

    The solution needs better captive portals and they could have faster UIs. 

    An improvement to the transparent proxy would help. A user should be able to open a webpage and be redirected to the captive portal like with WIFI or XGs. From there, the user should be able to log in with a username and password to gain internet access. Many clients migrate to XG due to this missing feature. 

    For how long have I used the solution?

    I have been actively using the solution for a some time.

    What do I think about the stability of the solution?

    The stability is pretty good and better than XG. We don't have any issues directly related to the solution.

    Stability is rated a ten out of ten. 

    What do I think about the scalability of the solution?

    The solution scales pretty well. Even with a heavy load, the solution shows no issues. 

    Scalability is rated an eight out of ten. 

    How are customer service and support?

    Technical support is not stellar. We have some good experiences and some not so good experiences. We do not have a lot of support requests for the solution.

    Support is rated a seven out of ten. 

    How would you rate customer service and support?

    Neutral

    How was the initial setup?

    The setup is straightforward.

    What about the implementation team?

    We implement the solution for customers. We have a specialist, an architect, and four analysts who handle implementations and maintenance. 

    What other advice do I have?

    I recommend you complete the solution's training because it is pretty good. Rely on the documentation and any tech training available.

    I rate the solution a nine out of ten. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Download our free Sophos UTM Report and get advice and tips from experienced pros sharing their opinions.
    Updated: May 2023
    Buyer's Guide
    Download our free Sophos UTM Report and get advice and tips from experienced pros sharing their opinions.