Sophos UTM Reviews

• Providing the firewall to my small business office. We run it on a fanless PC and a supporting 50Mb/s VDSL connection.
• Supports 10 devices and has 40 rules.
• Using UTM and IPS extensively.

• Using the Home version to help Sophos develop the XG. I have not used the earlier UTM, which colleagues have recommended.
• The UTM features are reasonably strong and the patterns are updated on a regular basis
• Supports all the traditional firewall components

Not applicable.

• The lack of import/export functions for network and service options drives me mad.
• No route to NULL
• No Dshield.org integration

No.

Not applicable. 

Not applicable.

Originally Cisco 871 IOS IP Advanced Security, then Juniper SSG20, which was getting old and service contracts were too expensive.

Slow because of GUI and lack of .csv style object import.

In-house

Not applicable.

If you can afford it, go for a small Check Point, as it is easier to manage.

Linux ipchains and modern equivalents.

Takes awhile to build a comprehensive rule set because of the relatively slow Web GUI.

If you build, backup, restore and reconfig between the boxes.

The IPS and endpoint protection function.

A standard Firewall of an access router, monitoring up to OSI level 4, is unacceptable anymore these days. The endpoint protection solution is integrated, thus running along with the notification function.

All the necessary functions being incorporated into one solution with notifications configured, I know I am secure against threats from the internet. (Up to the limits of the solution in the constantly evolving and dangerous Internet).

• A cleaning up function to remove unused references.
• A dashboard to show that the various parts of the solution really do their tasks and not only have been activated or configured (e.g., From the live log of the IPS function it is difficult to understand if the solution (snort) is running or experiences a problem and has stopped working.
• The possibility to add the sandbox (and possible future) function, paid for, to the free Home version.

I've used this solution for three years.

Some with the IPS function (snort).

In my case, when restarting the system (because of an update), I doubt that snort starts correctly and do a manual restart of the IPS function (see my answer for 'Room for Improvement').

No, I use the solution in a VMware environment with Intel Network interface cards.

As a free home user, I have not used the support services up until now.

Once, I did upload an Office document that appeared to give a false positive, but never got a notification. I understand this because of the priorities that have to be given, but I would have liked to receive a (even small) reaction.

I did take a look at other open source solutions, but found the Sophos UTM, being the best professional free for Home UTM solutions, full blown, and updated daily, to be the best solution.

The setup wizard provided me with just enough insight into the basics of the solution -- to be able to start using the solution fully after some self-study and exploration of the various knowledge bases and forums.

I looked at some open source variants but being able to use the best professional (free for the home version) product with regular updates -- convinced me to use the Sophos UTM solution at Home.

The instability and best effort service of a community of the open source solution did not give the right trust to depend on in the battle against the negative sides of the worldwide internet

Start simple and step-by-step, and start using the product fully.

We use this product for network security and implement using a Sophos SD-RED device. 

The solution is easy to handle and configure. 

The product also offers remote deployment capability with a Sophos SD-RED device. 

The reporting could be a lot better and technical support could be improved.

We have been using this solution for two years.

The solution is stable. 

The solution is relatively scalable, we have over 500 users in our company and use three people for maintenance. 

In our experience it has been hard to get to customer support, even premium support doesn't offer much availability.  

The initial setup is quite simple. 

The price is comparable to other products of this kind. 

We considered implementing a SonicWall product, but went with Sophos UTM because it is easier to handle and configure.  

I would rate this solution a nine out of ten. 

We are satisfied with Sophos UTM and will continue implementing it for the foreseeable future. 

We use Sophos UTM to protect our infrastructure.

There are things missing when it comes to policies.

The web filtering capability should be improved.

Anti-phishing functionality should be improved.

We have been using Sophos Unified Threat Management (UTM) for two years.

This is a very stable product.

Scaling this solution works fine.

The initial setup is complex.

Our licensing fees are paid on a monthly basis.

Overall, this product is very good and I recommend it for other users.

I would rate this solution a seven out of ten.

We replace customers' old and expensive devices such as firewalls, anti-spam, etc. with Sophos, as it has all these features. You don't need four boxes if you can have all these features in one box.

The most valuable features are

• Web Protection - Protects you against problems originating from the internet.
• Advanced protection (Sophos Sandstorm) - Protects against crypto viruses in real-time.
• Email Protection - Really strong anti-spam.
• REDs (Remote Ethernet Device)  - Connects you from a remote workplace to your source network.

There is still room for improvement in wireless protection. I don't mean their WiFi device is bad, but there are still things to improve on, such as WiFi roaming.

No issues with stability.

No, everything works perfectly.

They have consultants who can help you quickly.

 You can use the wizard which will guide you through all the initial settings.

Sometimes more is less, meaning if you want more than three features, take the FullGuard licence.

We do not use this on AWS.

Before implementing the SG appliance, completely prepare the rules for your network; know what and where you want to implement.

I am using it for security, antivirus, and malware detection.

It has helped by identifying threats within the company. If there are computers or servers that are compromised, then we are able to identify them right away in the system.

It can identify threats quickly, then find the affected devices and quarantine them.

It ease of use: The GUI is easy to maneuver through; it is not complicated.

The support needs improvement.

It has been stable. We haven't had issues. It does what it is supposed to do.

Since it is cloud-based, scalability works great. We have around 300 users in our environment.

The technical support only communicates via email. I would prefer to communicate directly with someone.

We also considered Symantec and McAfee. We did not chose them because we had experience with both of them and were not happy with their platforms.

We chose Sophos for its ease of use and it detects malware and viruses that other companies can't detect.

The product works. It helps you identify threats within the environment.

We were able to integrate it with different devices and the installation is straightforward.

We are using the cloud-based version, but it is through Sophos directly. We are not using AWS. A lot of this stuff is also on-premise.

I mainly use UTM for app filters.

Sophos UTM's most valuable features are profiling and its simple configuration.

There's an issue that when we deploy UTM on fiber, it automatically upgrades to the latest version without giving an option to stay on the current one.

I've been working with Sophos UTM for over four years.

UTM is stable.

UTM is scalable.

Sophos' technical support is good.

The initial setup is simple.

I would rate Sophos UTM as seven out of ten.

Our primary use cases include: 

• Remote SSL connection
• Web-filtering
• Web server protection
• WAF application.
• Firewall rules

We have securely deploy systems accesible only behind encrypted ssl vpn and all user can access without the risk of data exposure.

The most valuable feature is the price. I've been requesting prices all over these years between different solutions like Fortinet, Palo Alto, and Check Point and Sophos has been the cheapest and the best of all of them that I have tried. I have been working with Fortinet, it's a fact that the sophos price is surprisingly better.

I have also worked with Check Point and it's not far enough from what Sophos can do. In terms of quality and functionality, Sophos is very useful and better than the competition.

Sophos should improve its ability to check something like bandwidth consumption for users or something more real-time.

real time trafic graph most show specific info from user, ip and bandwith, in my personal opinion i have seen better traffic graphs in open source firewalls.

I have been using Sophos UTM for six years.

It's very stable. In all the time I have been using it, I haven't seen it fail or gets stuck.

Scalability is not a complex issue and is something you can do within 20 minutes. I've been managing three UTMs, one with 50 users, another one with around 150, and the biggest one has 3,000 users.

i used PFSense, the capabilities of UTM sophos y very much higher and powerfull.

The initial setup was straightforward. It depends on the rules, but a basic setup can take up to seven to 15 minutes max.

Based on cost compare with other vendor who bill per license and OTP users, the ROI have been set as far as 6 moths.

SOphos is the best alternative in features, specifications and lower price.

yes i did, Fortinet, Checkpoint, Palo Alto, Meraki.

It's a good solution, I would say to go for it. 

I would rate Sophos UTM a nine out of ten.