Sophos UTM Reviews

We have deployed Sophos UTM on cloud and on-premises. The cloud provider is Azure.

There are about 200 people who are using this solution in my organization.

From Cyberoam and the early builds of Sophos SG, they have developed higher integration between Sophos UTM and the computers' endpoint antiviruses. We can isolate the infected machine from the network, but an IT technician or cybersecurity professional can remove it from the machine and disinfect it. 

It has the capability of blocking HTTPS traffic, but you need the Sophos Central Intercept X subscription for that. It gives us the ability to manage our firewalls from the cloud and deploy a unified configuration onto them. Other competitors like Meraki have that ability, but they fail to optimize it in the way that Sophos has.

Last year, Sophos had some major internal management changes that negatively impacted their support. 

I would like to see better reporting and better alerting.

I would rate the stability as nine out of ten.

The scalability is the same as support and the initial setup. The scalability depends on the person who is doing the initial design. If I choose a device that will serve 10 users and my users jump to 50, then I definitely have a big problem. If I choose a firewall that has 30 GBs of throughput, and all of a sudden I jump to 50 GBs throughput, it's my problem because I didn't do the initial design properly. It's not a problem with the device.

If you do a proper design, assume growth, and buy a model or brand that can digest that growth, then it's scalable. Sophos can handle more requests and requirements than what is in the data sheet.

I would rate the scalability as nine out of ten.

I would rate technical support as three out of five.

The level of support might be acceptable for a smaller company. My organization works in mining and drilling, and we operate in 18 countries and five continents. We needed a better response time, especially in regards to cyber security.

I've used multiple other solutions. At one point in time, we were going to replace all of our Sophos units with Meraki, but I canned that completely because they're incomparable. I also compared the Sophos firewall with other virtual firewalls, but that's a bit unfair because that's an on-premises device and the others are virtual. I've used Microsoft Azure Firewall and Sophos Azure Firewall, but I canceled Microsoft Azure Firewall.

We compared Sophos with Cisco Meraki, and we chose Sophos. On the virtual side as a UTM, I compared Sophos XG for Azure with the Microsoft firewall for Azure. Sophos won on the cost side, which I consider to be a minor cost. 

In terms of benefits, features, and ease of configuration, Sophos won.

Compared to other solutions, initial setup is very simple, but it depends on the configuration design that you want. That's where the complexity is.

First, you get the firewall or the router, connect it to the LAN pool, do the initial setup, and then setup the LAN, WAN, and the basic tools. It's the same for FortiGate, IBM ISS, Cisco, Meraki, IronPort, and Websense. Across all those products, the setup is very easy. If there's any problem with initial setup, It has more to do with the lack of experience from the technician setting it up than the complexity of the hardware. 

The only interaction we do with Sophos units is when we are adding new users, removing users, and for other administration tasks. There are two people involved with maintenance, upgrading the firewalls, and testing new scenarios.

My whole team does administration. Comparing Cyberoam to Sophos, the overhead of troubleshooting performance issues is at a minimum. The only time I need to replace a firewall is when it gets burnt out because of a power problem, which is usually something major and doesn't have to do with the product itself.

I would rate the pricing as 2.5 out of 5.

The problem with the Sophos is not the cost of the hardware but the cost of the modules, packages, and the subscription.

I would rate this solution as eight out of ten.

We use Sophos UTM for our organization's network security.

The most valuable feature of Sophos UTM is the endpoint protection feature.

The technical support team’s response time could be improved.

I have been using Sophos UTM since 2018.

I rate the solution ten out of ten for stability.

We use the solution daily in our organization.

I rate the solution ten out of ten for scalability.

I previously used Kaspersky. I switched to Sophos UTM because of the features that it is offering.

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution’s initial setup ten out of ten.

The solution's deployment took a week for the first time because our organization is big and has over 300 endpoint equipment. It takes a few hours to do the renewals now. We deployed Sophos UTM from the Active Directory. Three people were involved when we deployed the solution for the first time.

You cannot really say that the solution is expensive, given the protection it gives.

Sophos UTM has improved our network's threat detection and response. It has been good so far because we don't have many attacks. We use the solution's web filtering feature for our organization's security. We use the firewall to protect our endpoint equipment and protect against any infiltration in our network. We also use the solution’s VPN feature.

Around one or two people are required for the solution’s maintenance. I would recommend the solution to other users because it has helped us. The solution's installation and deployment are seamless, and its protection is secure.

Overall, I rate the solution ten out of ten.

I deploy Sophos UTM FullGuard for each of my clients. It is a complete bundle of security subscriptions that include web filtering, dual inline antivirus, etc.

The packet filtering's great. You get out what you put into it. It works great as long as you know your security and configure everything adequately. If you just pop one in and it's not configured, then it's basically wide open. It kind of depends on the admin skill, but it's an excellent product.

UTM has sand-storming, got dual inline virus scanning, filtering, DNAT, translations, etc. You can implement Google Safe Search for schools and stuff.

Email spam filtering only works if you have an on-prem Exchange server. It doesn't interface with Office 365 like the XG model. That would be one feature that they could improve. They're not going to do it because they're trying to push us all to XG.

I have almost 30 years of experience in IT, and I've been deploying Sophos UTM and its predecessor for the last 14 years. Originally, the product was called Astaro ASG, which is short for "Astaro security gateway." Sophos bought Astaro in 2010 or 2011, and it became Sophos UTM.

I've been using this stuff forever, and I've only had to replace a couple. That was due to lightning strikes, power surges, and other things that are out of our control. It's a highly stable platform with very few hardware issues. As long as you set it up right. I have my solution scripted so I receive backups and nightly config files in the email. Each night, I look at the executive report to monitor the solution. As long as the administrator takes the time to set it up correctly, I think it's a highly stable product.

The Sophos UTM and XG lines are highly scalable. It's the same OS and security across all modules. The scalability is based on the size of the hardware.  If you have a small network, then you go with an SG 115 or something. If you have a network of up to around 50 people, then you bump that up to a 210. If you have a couple of hundred people, you bump it up to a 310. To scale up, you increase the hardware for higher throughput and such.

The initial setup is pretty easy for anyone with a security background. Sophos has a wizard that holds your hand through the initial setup to get you up and running, but an administrator needs to get in and fine-tune the solution after the fact. 

The deployment time depends on the size and scope of the client. I've put a bunch of them in small networks of fewer than 10 machines. Those don't take more than a couple of hours. I've also done larger companies with 120-150 people and multiple departments. I like to lock everything down, so I know it's secure, and I create exemptions for things that don't work. It just depends on how many applications, end users, departments, etc. For a big customer, it's a one or two-day process.

I started in corporate networking for large enterprise clients, but I've been running my own business for the last 13 years. A good rule of thumb is about 200 endpoints per technician. That's doing everything, including desktop support and security, etc. For security administration,  one person who knows what they're doing can set it up and administrate it fine.

Now, I have a team of a couple of people underneath me because I have a lot of companies all over the place. It takes more than one person to keep everybody going. If I were the full-time IT guy for a company of 200 people, I could deploy it, manage it, and do it all by myself.

I run a managed service provider, and I put everybody on UTM appliances. Those licenses are all renewed annually, and I have to manage their networks. I get a great return on investment.  With the XG line, you can get into the Sophos Flex program, where I only get billed monthly for it. We charge the customer monthly for their security subscriptions, so we get a return every single month.

I keep my prices reasonable. Lots of people charge twice what they pay, and they get a lot more money in their pocket, but I just don't like gouging people.

Sophos is actually fairly expensive. When it was Astaro, it was the most expensive solution in the same tier as Cisco PX and Barracuda's line with multiple different blades to do different things. Astaro was the first solution to have unified threat management all in one blade. You don't need to get full-blown security at the top price. You can get the network security subscription or the web security subscription, etc.

On a scale of one to five, I'd probably give it about a four for affordability because it's pretty expensive. It's good stuff. I've always been a firm believer that you get what you pay for.

I rate Sophos UTM nine out of 10. I think Sophos UTM is pretty close to perfect.  I wish they weren't discontinuing the UTM line. They're forcing all of us partners to switch to XG. XG has a lot of AI integrated into it, so it's probably more secure, and there are more features. At the same time, it's a lot harder to work on, and I don't care for the UI. I like the way that the UTM is laid out.

You get out of it what you put into it. That's true of any security appliance, whether Sophos, Barracuda, WatchGuard, Juniper Systems, etc. If you want to secure your networks, this is a great device, but you have to put some time into it. You need to understand your customer's environment. I like to lock it down and create exemptions for things that they need. That way I don't have to waste my time cleaning up viruses, ransomware, and all these threats that happen all the time.

My company deals with eight clients who use Sophos UTM. My company's clients mainly use Sophos UTM for protection against threats and for other purposes like content filtering, web filtering, and VPNs.

The most valuable features of the solution are application filtering and web filtering.

Sophos UTM needs to streamline the VPN configuration. It also needs to fix the concerns related to the solution's Port Address Translation (PAT) rule.

In the future, I want Sophos UTM to provide users with sandboxing features.

The scalability of the product is an area with certain shortcomings where improvements are required. Sophos should give some flexibility to users, especially when you run low on things like memory and storage.

The support team's turnaround time is an area of concern where improvements are required.

I have been using Sophos UTM since 2018. My company has a partnership with Sophos UTM.

It is a stable solution. Stability-wise, I rate the solution an eight out of ten.

Scalability-wise, I rate the solution a five out of ten.

With Sophos UTM, I have noticed that you cannot upgrade the physical devices, meaning you cannot change the memory or the hardware. If you want an upgrade, then you have to go to select the next model or a bigger model offered by Sophos.

One of my company's clients uses the tool in an environment consisting of 20 people, while another client uses the tool in an environment consisting of 20,000 people.

Whenever my company contacts the support team of Sophos, we get really good support.

I rate the technical support a seven out of ten.

Neutral

I have experience with Fortinet FortiGate, Check Point, and Cisco ASA. My company uses different products depending on the preferences of our customers.

The product's initial setup phase was relatively easy. I rate the product's initial setup phase a six out of ten.

The solution is deployed on an on-premises model.

The solution can be deployed in three days, depending on the size of an organization. If it's a small company, you can finish the deployment process in a day, but if it's a big company with a lot of requirements, it could even take a week to do the full deployment. The product's initial deployment takes a few hours, but the customization to be carried out to suit an organization's structure takes time, and it depends on how big the company is and what customizations the customer wants in terms of modules.

Sophos UTM is a reasonably priced product.

I rate the product's price a five on a scale of one to ten, where one is cheap, and ten is expensive.

Sophos UTM is a good tool, especially for SMBs. Sophos UTM has a lot of features that enterprise-sized businesses ask for, but they don't really work very well. For SMBs, the product's features are very good. The setup phase of Sophos UTM can be carried out quickly. In Sophos UTM, it is easy to troubleshoot.

I rate the overall tool a seven out of ten.

We primarily use the solution for firewall security.

The protection on offer is pretty good.

Direct controller management has been quite useful.

It offers reasonable pricing.

The scalability is good.

It is stable. 

Technical support has been fine. 

I don't have any notes for improvements at this time.

I'd like to see some filter features added in the next release. 

There can be a delay when it comes to reaching out to technical support. 

I've been using the solution for one year. 

The solution is stable. I'd rate it nine out of ten in terms of reliability. There are no bugs or glitches, and it doesn't crash or freeze. 

We have about 1,000 users on the solution at this time. The solution is very scalable. I'd rate it nine out of ten. 

We use the solution quite extensively. 

Technical support has been fine. They are helpful and responsive. That said, sometimes, there is a delay when we try to reach out to them. 

Positive

It is very simple to set up. I'd rate the ease of implementation nine out of ten. 

I cannot recall how long the original deployment took. 

We did not use any outside assistance. We handled the setup ourselves. 

I'd rate the affordability of the solution seven out of ten. The pricing is decent. 

We're a customer and end-user.

I'm not sure which version of the solution we're using. I do not have the version number on hand. 

Overall, I would rate the solution eight out of ten. I'd recommend the solution to others. 

It's easy to use.

I didn't like it much. It suits only small businesses. It isn't scalable and reliable. There is a very critical issue with the power supply.

I've been using this solution for four years.

Its stability is very bad. It needs to be improved. The power supply issue that I faced is a very critical one.

I feel that the hardware itself needs to be improved. We have about 50 users. 

Their support is very bad. They don't respond at all.

It's easy to set up. One day is enough for its full implementation.

We implemented it in-house. We had two administrators for its implementation.

It's expensive. It has a yearly license.

I'd not recommend this solution. I'd rate it a four out of ten.

This solution can be deployed on-premise and on the cloud.

The most valuable feature of Sophos UTM is reporting, it is flexible. I can monitor the end user's devices, even when they are not on my network. It has good drill-down capabilities.

The reporting could improve by providing information on where, or from which device attacks are coming from. We are already given the country where the attack is coming from but more information would be beneficial.

I have been using Sophos UTM for approximately five years.

The stability of Sophos UTM is good.

I rate the stability of Sophos UTM an eight out of ten.

Sophos UTM is scalable.

I rate the scalability of Sophos UTM an eight out of ten.

I have used the support from Sophos UTM a few times. My experience was good. However, the resolution time can improve.

I rate the support of Sophos UTM a seven out of ten.

Neutral

The initial setup of Sophos UTM is simple. It can be down within one hour.

I rate the initial setup of Sophos UTM a seven out of ten.

The solution is affordable compared to others, such as FortiGate. The price is important.

I rate the price of Sophos UTM a seven out of ten.

I rate Sophos UTM an eight out of ten.

We use all features of Sophos UTM, for example, application control and URL filtering.

What I like about Sophos UTM is that it improves my company's security. The solution is easy to set up, which I like, and it's very stable.

An area for improvement in Sophos UTM is load balancing because my company cannot use it currently. If Sophos could release a new configuration for the load balancing feature to work for my company, that would be great. My team has requested this through the Sophos portal.

Another issue with Sophos UTM is that I cannot monitor YouTube or WhatsApp. I need to block videos and images, but I cannot do that over Sophos UTM.

I've been using Sophos UTM for four years.

Sophos UTM is very stable. It's an eight for me, stability-wise, on a scale of one to ten.

Sophos UTM offers excellent support, so it's an eight out of ten, support-wise.

Positive

Before Sophos UTM, my company used Cyberoam. Sophos UTM has more than one feature, such as VPN, application access, NAT, and SSL inspection. It has more features than Cyberoam, and I can find all that I need in Sophos UTM compared to Cyberoam.

Setting up Sophos UTM was very simple. I configured the solution more than once and found the process very simple.

Pricing for Sophos UTM is OK. Here in Egypt, many companies use the solution because of its price and features.

My company pays the Sophos UTM license fee yearly.

I have experience with Sophos UTM and all its versions within my company.

My rating for Sophos UTM is eight out of ten. I'm not giving the solution a perfect score because of load balancing and social media scanning issues.

My company is a Sophos customer.