Sophos UTM Reviews

The primary use case for using this product is as a firewall.

It has ease-of-use and it fits the purpose of our firewall protection needs.

The most valuable feature is that it is easy to administer. 

The price is an issue to consider for improvement.

The stability of the product is good.

We are not a very big organization, so we do not see any issues going into the future. We feel that it will continue to scale appropriately for our organization's needs.

We have experience with Sophus, as well.

The price is something that one will need to consider.

My primary use case is as a VPN, a firewall and a web filter.

We have a better level of protection and we have the ability for our devices to be more of a self-sustained type of resource.

The most valuable features are:

• Firewall protection
• Intrusion detection

The memory and processing were problematic. The interface could be better.

I have no problem with the cost or licensing of this solution. This is a primary reason whay I wanted this solution. It does the same thing cheaper than other name brands.

It helps us with protection, with concurrent use of the VPN.

This solution improved our firewall capability. We installed an identity process, and this is extremely helpful.

The security is the most important, and without security, we cannot use our network on a weekly basis.

During initial configuration, I encountered a few issues.

The stability is very good.

The initial setup of this solution was easy. It was not complex. 

When considering a product, I think support from the solution is very important.

We did not have experience with a firewall prior to installing this solution.

We use Sophos UTM as our main firewall with all its features included. Mainly, it controls all of our network perimeter security: firewall, IDS/IPS, and web application firewall (including VoIP).

Web application firewall (WAF): We removed our old internal reverse proxy, and it now controls all the security aspects of our web servers with Sophos UTM WAF.

• Ease of use
• Rapid deployment with great logging and analysis features

Reporting: We have had to work manually in many of our reports.

Currently, we are using the product on-premise. However, in the future, we would like to deploy an AWS instance too.

This product helped us a lot in having a greater visibility into the network traffic coming inside and passing away from the company. The Sophos’s unique RED devices helped us a lot to build up extremely, easy Layer 2 VPN connections.

• Email and web proxy: for filtering unwanted emails and spam, and for web content and malicious url filtering
• SSL VPN and two-factor authentication: for secure remote access
• Layer 7 app control: for blocking P2P (ex. BitTorrent) and media streaming content 
• WAF/reverse proxy: for securely publishing web applications and protecting Exchange services 
• WAN load balancing: for multiple Internet connection management

• Certificate management (ex. Let’s Encrypt support)
• VPN: IKEv2 Support

We have not encountered any issues with stability.

The Sophos UTM solution is very scalable. You can build a hardware cluster with up to 10 nodes. 

Technical issues addressed to support team have been solved quickly.

Before we were using Cisco solutions, we switched because of the lack of UTM features.

The initial configuration is straightforward thanks to the web GUI. In 30 minutes, you can have a running firewall with UTM protection enabled.

The pricing for Sophos UTM is quite acceptable compared to other UTM vendors. If you would like to run an active-passive HA system, you only need to buy an additional hardware without subscription. At other vendors, you need subscription for both devices.

In the case of a software/virtual appliance subscription, you pay by protecting user/IP addresses. You can do this to as much hardware resources as you like.

We evaluated SonicWall, WatchGuard, and Stormshield (Netasq) solutions.

We highly recommend this solution for SMBs for its reasonable pricing and wide range of network services.

We give customers a device that can handle next-gen security threats, which is way better than a typical router.

They are all good, but most-used are the Network Protection and Web Filtering licenses.

VPN needs IKEv2, but it’s in the roadmap.

All other new, cool features will only come to the new Sophos XG Firewall.

There are no more stability issues than with other vendors, so I would say it's very stable.

Scaling out cannot be easier, as there are many migration paths.

It’s satisfactory.

No previous solution. For next-gen firewalls, I began with Sophos.

It is straightforward. There is a wizard running at first boot, making it easy for you to select the level of protection you want.

For under 50 users, MSP licensing is profitable.

We don't use Sophos UTM on AWS.

I would recommend Sophos UTM. But also look at its successor, Sophos XG Firewall, as we do not know how many years Sophos UTM will "live." (Note that it will be free to migrate from UTM to XG).

We have been rolling out the Sophos UTM platform to our clients over the past two years. About 80% of our managed clients have been moved to Sophos UTM. We have been migrating them mostly from SonicWall and Cisco ASA.

We do not use Sophos UTM in AWS. However, we have deployed a few Sophos XGs in an Azure environment.

The UTM product has definitely improved the way our organization functions. We have set a standard across clients and engineers. Everyone is trained on the product and knows how to manage the devices. UTM is probably the most complete all-in-one firewall that I have used to date. Having the UTM Manager has probably made the most impact, with over 150 firewalls in our portal, management and monitoring have never been easier.

The most valuable to features are: Web Application Firewall, Sophos UTM Manager, IDS/IPS, Remote Access, and RED.

1. WAF: This is excellent for hardening web servers. The firewall will reverse proxy your web servers, eliminating the need to open ports. Instead the firewall will run an instance of Apache and proxy all traffic to and from the real web servers. (This is also handy when you have a single public IP.)
2. SUM: The Sophos UTM Manager is a must have for any MSP. The SUM is a centralized portal for quick access to all the firewalls you manage. This also keeps track of who logs into the firewall by AD account. It is great for keeping track of a help desk, and who is making changes.
3. IDS/IPS: General Intrusion Prevention and detection. It works very well.
4. Remote Access: VPN access is always a need, and the UTM includes this free with all their license models. A very nice feature that I use a lot is the HTML5 portal. The portal allows you to have web-based access to resources behind the firewall. The best use for this would be when a client does not have any servers on-site. You can set up the HTML5 portal with SSH/Telnet to manage switches on-site, all done through the browser.
5. RED: REDs simplify the setup for multi-location clients. A license is not required for a RED, and only one UTM is needed. REDs are great for mobile sites, as they can be tossed in a bag and can run off 4G/LTE. Configuration is effortless, and they create a direct tunnel back to the main office, getting you up and online in no time.

This product could use some improvement with web filtering. It takes a lot of time and effort to set up and maintain.

I have never come across any major stability issues. I have seen some bugs on newer firmware releases which have only affected units configured in HA. Sophos is usually quick to fix these bugs.

You should never come across a scalability issue if you follow Sophos’ sizing guidelines. Finding this information can actually be difficult. Also, Sophos does not make it clear what they mean by “users” when you are sizing a firewall, which then leads to undersized implementations.

I am going to flat out say technical support is terrible. I will admit that it has gotten better over the past year. Previously, hold times would be 45 minutes at minimum. After the long hold times, you would receive an extremely under qualified engineer. The knowledge of engineers has definitely increased over the year and the time on hold has gone way down. 

Being a Platinum level customer, I am not happy with the support.

SonicWall used to be our primary choice of firewall. I am just an engineer and I do not have control over which products we use. We started using Sophos Antivirus, then they eventually sold us on firewalls, encryption, mobile control, and a lot more of their products. The synchronized security model is really what was sold flexible to the product.

Initial configuration was super simple. I am a network engineer, so simple to me may not be simple to someone who does not understand routing and switching. When we were told we were switching to Sophos UTM, I downloaded a trial of the virtual firewall and was able to get it up and running in about an hour with no prior training. After actually going to the training courses provided by Sophos, configuration became even easier.

I am not in sales and cannot comment on this. I design and implement network configurations. 

I would recommend to follow Sophos’ sizing guidelines for choosing which license and model to use. Sophos has their own way of going about this and supplies partners with all the information required. If you follow their documentation and guidelines, there should be zero questions about licensing and sizing. 

Sophos also offers free training when selling their products from within the partner portal.

As a networking engineer, all new products in this category interest me. I find myself testing a lot of different products personally. Here at Flexible Systems, I did not try any other products prior to switching to Sophos. Since we are an MSP, we have had plenty of exposure to many brands of firewalls (Cisco ASA, SonicWall, WatchGuard, Fortinet, ADTRAN, and Edgewater). I personally would choose the Sophos UTM over any other product, including the Sophos XG platform.

I can’t recommend this product more! 

Though, stay away from the wireless models, since you cannot put them in HA. They start to give you some weird issues once you start getting into multiple SSIDs and networks. The number one piece of advice is to read and follow the sizing guide, if you do not, you will undersize the firewall. 

Just to reiterate:

• Configuration could not be made any easier.
• The product is extremely intuitive.
• It does not take much effort or thinking to understand how it works.

My company has rolled out devices as small as the SG 105 and as large as the SG 330. I personally have an SG 210 in my home. I have gone through all the training involved for configuration and implementation. I also use the product at home and have been extremely happy with Sophos UTM overall. 

We use to use a sort of "security as a service," and I had all kinds of issues getting visibility into the system to see if there were issues with my network. That is no longer a problem, I can now see every packet that passes in and out of my network.

To me it is the Web Server Protection, it is not an easy task to protect your web servers from the big bad internet. This solution does it elegantly and, if configured correctly, even hides the server's base system from prying eyes.

The UI can be cumbersome and, sometimes, features are not where you think they should be.

No stability issues at all.

Our current use of the product doesn't need any scaling out.

Their support is prompt and will find the issue for you.

We were using an offsite solution that was at least 20 times the cost over a year.

Go to a vendor and let them assess your needs so you can get a right-sized device.

I use it in a self-hosted implementation.