Try our new research platform with insights from 80,000+ expert users
sugoi - PeerSpot reviewer
Server analyst at EJCLME Inc.
Reseller
Very strong firewall with a streamlined interface that treats everything like an object
Pros and Cons
  • "The firewall itself is very strong and provides great security."
  • "The solution needs better integration with captive portals and XGs."

What is our primary use case?

Our company is a partner and reseller of the solution. We lease, sell, and license boxes for our clients. Use cases are rather unique and not uniform. 

We provide support for a few SMBs around the country. 

Some customers are heavy users, with involved configurations, and the setup may include high availability configured with two boxes. 

Others use it as just a gateway between their infrastructure and the internet with very simple configurations that don't include web filtering. 

Active directory integration domain is used for some, but not all customers. Common items include DNATs and SSL VPN. Most customers use VPNs, and site-to-site connections (REDs or IPsec).

We also use virtualized UTMs for LABs.

What is most valuable?

The firewall itself is very strong and provides great security for the internet. Some clients don't use any other special feature but all customers depend on the firewall as a secure gateway.

A lot of thinking went into the user experience because the UTM interface is streamlined, good, and feels like a web application. It does have hiccups here and there but effectively treats everything as an object. You can quickly see where objects are being used or referred to and change them. 

What needs improvement?

The UTMs are end-of-life so the web interface is not top-notch and needs more speed. There is still support for the UTMs so they are the best we have right now. 

The solution needs better captive portals and they could have faster UIs. 

An improvement to the transparent proxy would help. A user should be able to open a webpage and be redirected to the captive portal like with WIFI or XGs. From there, the user should be able to log in with a username and password to gain internet access. Many clients migrate to XG due to this missing feature. 

For how long have I used the solution?

I have been actively using the solution for a some time.

Buyer's Guide
Sophos UTM
August 2025
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: August 2025.
867,370 professionals have used our research since 2012.

What do I think about the stability of the solution?

The stability is pretty good and better than XG. We don't have any issues directly related to the solution.

Stability is rated a ten out of ten. 

What do I think about the scalability of the solution?

The solution scales pretty well. Even with a heavy load, the solution shows no issues. 

Scalability is rated an eight out of ten. 

How are customer service and support?

Technical support is not stellar. We have some good experiences and some not so good experiences. We do not have a lot of support requests for the solution.

Support is rated a seven out of ten. 

How would you rate customer service and support?

Neutral

How was the initial setup?

The setup is straightforward.

What about the implementation team?

We implement the solution for customers. We have a specialist, an architect, and four analysts who handle implementations and maintenance. 

What other advice do I have?

I recommend you complete the solution's training because it is pretty good. Rely on the documentation and any tech training available.

I rate the solution a nine out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
IT Administrator at Vegol
Real User
User-friendly with lots of online documentation and the ability to expand
Pros and Cons
  • "The solution is stable."
  • "The support could be better."

What is our primary use case?

The solution is used mainly for user management and access control. 

What is most valuable?

It's a little bit easier to use. It's user-friendly, and then there's a lot of documentation for it online, so it's easy to manage without necessarily dealing with a big learning curve. It is easy to understand, basically.

If you need to troubleshoot, everything is basically on Google. 

The solution is stable. 

It's a scalable product.

What needs improvement?

The support could be better.

They need to improve their email protection. Their email protection is horrible. They have an email protection license that is paid for. However, they need to improve on email protection capabilities.

They need to have proper reporting. What they offer no is weird. I need to get another application to give me a clear diagram of my network. This should instead come directly from Sophos. 

For how long have I used the solution?

I've been using the solution for two years now. 

What do I think about the stability of the solution?

The product is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. 

It is redundant enough. I don't have any issues with it.

What do I think about the scalability of the solution?

The solution scales well. 

We have about 500 people on the product right now. We also have 100 users on the VPN.

How are customer service and support?

It is better to Google rather than use technical support. 

They are slow to respond and then the response doesn't exactly give you what you want.

I understand they can't give you a solution to something that you'd expect them to. They try to give you something. You're going to go to Google and find the information on Google faster and easier anyway. 

Which solution did I use previously and why did I switch?

We worked with Cisco mainly in the past. When we went to renew with Cisco, we found the pricing to be quite high. We're happy now with Sophos. We have no interest in switching to anything else.

How was the initial setup?

The initial setup is very easy. The interface makes it simple.

I'm not sure how long the deployment took exactly.

We have four people that are able to handle maintenance. 

What about the implementation team?

I was able to set it up myself, however, you do really need to know it or work with someone who does.

What's my experience with pricing, setup cost, and licensing?

The cost could be considered reasonable based on other plans. However, when I was looking at when you renew our licenses, the pricing is a little bit weird. When you renew your license, the licenses are at the cost of buying a new device in your plan. I haven't renewed yet. However, I would need to figure out that aspect. 

I can't recall the exact costs of the product as it's been a while since we originally licensed it. 

Compared to Juniper, the difference is the pricing. It's more affordable than Cisco or Juniper, actually.

What other advice do I have?

I'm a user and a consultant.

I'd advise potential new users that they should let someone that knows how to do it set it up fast. You should work with someone that knows how to do it.

I'd rate it an eight out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Sophos UTM
August 2025
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: August 2025.
867,370 professionals have used our research since 2012.
IT Engineer at Wise Communication
Real User
The graphics are very intuitive and the log provides a lot of information
Pros and Cons
  • "An easy solution to learn because the graphics are very intuitive."
  • "Doesn't provide antivirus for individual computers."

What is our primary use case?

We mostly use UTM for the protection of our network and the web. Some of our customers use it for email protection. We work mainly with governmental organizations. Our company was initially a distributor of the forerunner to UTM, a company called Astaro. We provide UTM to our customers and we are now partners with Sophos. 

What is most valuable?

It's an easy solution to learn because the graphics are very intuitive. I really like the log because of the amount of information it provides.

What needs improvement?

Sophos' new generation firewall is missing the link that provides antivirus for each computer. It would be helpful if they could add that element. The technical support used to be excellent but recently they don't seem to be able to solve our problems. 

For how long have I used the solution?

I've been using this solution for 20 years. 

What do I think about the stability of the solution?

The solution is stable. 

What do I think about the scalability of the solution?

The solution is scalable although we generally work with smaller organizations. 

How are customer service and support?

The technical support used to be excellent but it's no longer as good as it was and we've had some problems getting solutions to the issues that we're having.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is straightforward. We provide one or two engineers for implementation as well as ongoing support following deployment. 

What's my experience with pricing, setup cost, and licensing?

Licensing can be purchased for one, two, or three years but I'm unaware of the cost. The solution can be downloaded for free if it's for home use which is a good way of testing before implementation.

What other advice do I have?

I recommend testing this product before purchase. It's a good solution and I rate it 10 out of 10. 

Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
Fathi Kharfi - PeerSpot reviewer
Head Of Network & Technical Support at Tadhamon International Islamic Bank
Real User
Straightforward, easy to manage, and simple to install
Pros and Cons
  • "The solution is scalable."
  • "They could use more SSL VPN support."

What is our primary use case?

We primarily use the solution for security purposes. 

We use it as a WAF with an application firewall.

We can use it for VPN SSL as a remote-access VPN. We have used it on the internet for applications and web servers.

What is most valuable?

The product is easy to manage and easy to install. It's straightforward to manage.

It is stable.

The solution is scalable. 

What needs improvement?

They could use more SSL VPN support.

We'd like the setup to be even easier, if possible. 

For how long have I used the solution?

I've been using the solution for four to five years.

What do I think about the stability of the solution?

It is stable and reliable. The performance is good. There aren't bugs or glitches. It doesn't crash.

What do I think about the scalability of the solution?

The product can scale well.

We have about 500 users on the solution. We don't have plans to increase usage at this time. 

How are customer service and support?

We have three years of support services. 

Which solution did I use previously and why did I switch?

We have the Juniper SRX firewall, for local zones, process zones, and server zones.

How was the initial setup?

The initial setup is very straightforward. It's not complex at all. 

It takes about two hours to set up. 

We have three to five engineers that are able to handle deployment and maintenance tasks. 

What about the implementation team?

We handled the implementation ourselves. 

What's my experience with pricing, setup cost, and licensing?

We have a three-year license and have support services as well. 

What other advice do I have?

I'd recommend the solution to others.

I would rate it nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
CEO at Tomans Consulting
Real User
Seamless scalability, robust, and flexible
Pros and Cons
  • "The stability of Sophos UTM is very good. The solution has been stable since Sophos took over Cyberoam which was the original company providing this solution."
  • "The initial setup was straightforward. The full deployment takes approximately two days which could be simplified to reduce the time. The major part of the process is the configuration and the policy setup."

What is our primary use case?

We use Sophos UTM as a firewall and access control. The firewall has web filtering and anti-fishing tools. We synced Sophos UTM with our Microsoft Windows Active Directory.

What is most valuable?

Sophos UTM is a robust solution and it provides flexibility.

For how long have I used the solution?

I have been using Sophos UTM for approximately five years.

What do I think about the stability of the solution?

The stability of Sophos UTM is very good. The solution has been stable since Sophos took over Cyberoam which was the original company providing this solution.

What do I think about the scalability of the solution?

The scalability of Sophos UTM is seamless if you have the right UTM device. However, for every device there are limitations, we have 150 users on it at this time.

How are customer service and support?

The support from Sophos is very helpful. We raise a support ticket on the portal and we receive a response.

How was the initial setup?

The initial setup was straightforward. The full deployment takes approximately two days which could be simplified to reduce the time. The major part of the process is the configuration and the policy setup.

What about the implementation team?

We did the implementation of Sophos UTM using our internal team. We have certified engineers that can handle the process. If there are any issues we can reach out to the support of Sophos.

We have two people that handle the maintenance for the solutions.

What's my experience with pricing, setup cost, and licensing?

There is a license for the device and for the software. We pay annually for the solution and the cost is competitive.

What other advice do I have?

Sophos has an aggressive 360-degree security deployment. They are securing your mobile phone and data, both data security and also device security. They're on the cloud too, if you look at the company they really working hard on a 360 approach for security. The coverages they offer makes them robust. You can always start from somewhere, and then you scale up. You can start with their device management solution, or with their firewall, and then you begin to scale up with other features seamlessly. The flexibility they provide is also very good with Sophos, I can recommend Sophos confidently.

I rate Sophos UTM a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
IT Manager at Manual Workers Union
Real User
Great features with easy centralized reporting and good performance
Pros and Cons
  • "So far, the solution has been problem-free."
  • "We'd like to see them offer their services on mobile devices like tablets. I'm not sure if that's an option or not."

What is our primary use case?

The features that we're currently using are mainly just for the endpoint protection, which is for the service and the workstations. We basically use it for the servers, the main servers, and then from there for the client, which is basically the laptops and the PCs.

How has it helped my organization?

The fact that it's not heavy on the machines has really helped. It's basically lightweight. One advantage is that we, having a cloud solution, do not require a physical machine that we have to administer on our network.

What is most valuable?

The fact that it's on the cloud means we don't have to administer it on our network or deal with a physical machine, which saves us money.

The solution has many great features.

From the console, we can start different scannings on different machines. We enjoy the centralized reporting part of it. 

The initial setup is simple.

We enjoy its general stability.

The solution can scale.

So far, the solution has been problem-free.

What needs improvement?

We don't need any extra features. We only use it for the servers and the workstations. We'd like to see them offer their services on mobile devices like tablets. I'm not sure if that's an option or not.

For how long have I used the solution?

I've been using the solution for over a year now.

What do I think about the stability of the solution?

It's been very stable. In fact, we haven't had any complaints or any issues with it. There are no bugs or glitches. It doesn't crash or freeze. The performance is great.

What do I think about the scalability of the solution?

The scalability is quite good.

Right now, we have 40 users.

We will definitely scale in the future. As we get new employees, we just request additional licenses.

How are customer service and support?

I've never had any issues.

Which solution did I use previously and why did I switch?

I also use FortiGate.

How was the initial setup?

The implementation process was straightforward. What basically happens is that you just have to pick that certain client from the console and then you just install it on the machines. From there, of course, you handle connectivity after that. It's pretty straightforward.

A full deployment on one machine took less than 20 minutes. The thing is, if you have fast internet, it can even be much less.

Maintenance is very simple. Support is inbuilt from the manufacturer's side. Therefore, internally, if there are any issues on the client machine, you just reinstall it. There isn't much to do really, in terms of maintenance, except maybe the licenses. It's hosted on the cloud and updates are automatic, and are available from the portal.

What about the implementation team?

We did not need a reseller or consultant's assistance. It was all handled internally.

What was our ROI?

I haven't really explored ROI. I only have worked with it for slightly over a year. Maybe we need to start looking at it. 

That said, so far, we are protected and we haven't been hit so far. We're getting the returns from it in that sense.

What's my experience with pricing, setup cost, and licensing?

Having a cloud option is a real cost saving. 

In terms of licensing, we pay on yearly basis. From there, what happens, in the last month, we request a quotation for renewal, and then from there we just pay through the local reseller. 

We're thinking of maybe dealing with the supplier, the manufacturer, directly, however, right now, we're still using the local supplier for licensing and payments. 

What other advice do I have?

We are on the latest version of the solution.

We are customers.

I would rate the solution at a nine out of ten. We are very happy with it. I would recommend it to others.

I'd advise new users that, if they are going to go with the cloud option, that issues related to maintenance is actually handled within the cloud. The rollout is pretty smooth.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Owner / Network Security Engineer at Texarkana IT
Real User
You can lock networks down tight with this if you know what you're doing
Pros and Cons
  • "The intrusion prevention is great, and I like dual virus scanning on the network layer because we scan it through Avira and Sophos. Web filtering is also a fantastic option for clients who want to really lock down internet access."
  • "When we call support, we get put on hold for a long time."

What is our primary use case?

We use Sophos UTM as an on-premise firewall.

What is most valuable?

All of Sophos UTM's features are valuable. The intrusion prevention is great, and I like dual virus scanning on the network layer because we scan it through Avira and Sophos. Web filtering is also a fantastic option for clients who want to really lock down internet access. And of course, it has the basic firewall features like port blocking and all of the stuff that most standard firewalls include.

For how long have I used the solution?

I've been using Sophos UTM for over 12 years. I started using the solution before it became Sophos. It was originally called the Astaro Security Gateway, and then Sophos acquired Astaro and renamed it Sophos UTM.

What do I think about the stability of the solution?

Very stable. Very good.

What do I think about the scalability of the solution?

I have Sophos UTM deployed for all my IT clients. There are 40 of them in the field serving about 500 users total.

How are customer service and support?

We get put on hold for a long time. Otherwise, I'm not unhappy with their support at all. 

How was the initial setup?

If you have a networking background and understand how to configure it, it's very straightforward. Somebody off the street can't just come in and do it, but yeah, it's pretty straightforward.

What other advice do I have?

I would rate Sophos UTM a strong eight. I'm not giving it a ten because they're putting all their efforts into the XG model, so the UTM model will probably be phased out before long. I love the security of the XG. It's better with artificial intelligence and all of this type of stuff, and you can manage it from the Sophos Central Cloud. But Astaro ASG, now Sophos UTM, was the first unified threat management system and everybody else was copycatted it. I think its web filtering's great. If there are any security vulnerabilities, it's the fault of the administrator configuring the product, not the solution itself. You can lock networks down tight with this if you know what you're doing.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
IT Head at Dee Development
Real User
Very user friendly and simple to implement; easy to separate rules
Pros and Cons
  • "Efficient and effective - it's easy to separate rules."
  • "The classification segregation of applications lacks sufficient definition."

What is our primary use case?

I'm IT head at our company in India and we are customers of Sophos UTM.

What is most valuable?

The solution has many good features. There was a steep learning curve moving to version 18 but we're now at a point where the solution is more efficient and effective. When talking about VLANs the solution makes it easy to separate rules for everything. The solution is easy to use with simple implementation.  

What needs improvement?

The application server needs to be improved because currently, the classification segregation of applications needs to be more defined. Also, we used to be able to open the firewall using LAN IPS but that's no longer possible and needs to be solved. I'd like to see an improvement in central categorizing. These days with all the applications and threats, getting everything filtered down needs to be a finer, more granular process. There are times when you find that a website seems to be legit, but there is a code running behind it that can act as a proxy or some kind of a bot. The sites are always logged on, but at times we have to open for a few clients or a few sites and in that time they're open to attack.

For how long have I used the solution?

We've been using this solution for at least six years. 

What do I think about the stability of the solution?

This solution is absolutely stable. 

What do I think about the scalability of the solution?

The solution is scalable; we jumped from 135 to 230 users without any problems at all. 

How are customer service and support?

Technical support used to be good but it's lagging a bit now. Support staff was better trained and more efficient than they are now. It could be because of Covid but it's a bit of a challenge at the moment. 

Which solution did I use previously and why did I switch?

We worked with SonicWall many years ago. We then switched to Cyberoam and then we primarily used Cisco Firepower. There were support issues with Cisco and it wasn't easy to find the KB articles and training was lacking. Even the training personnel had problems when we had issues with implementation. The same thing happened when we used Palo Alto with the support being the biggest problem. It was so unstructured and I hope that has changed in the last 12 months. When it comes to firewalls we are happy with two products; Fortinet is our preference but when you take cost into account, we prefer Sophos. 

How was the initial setup?

The initial setup was relatively straightforward. 

What's my experience with pricing, setup cost, and licensing?

The licensing costs for Sophos are reasonable. It's clear to me that there are no full solutions, you can't win it all, and the cost is always an issue. We're on the winning side with Sophos in that respect. We renew our license every three years. 

What other advice do I have?

I rate the solution eight out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Download our free Sophos UTM Report and get advice and tips from experienced pros sharing their opinions.
Updated: August 2025
Buyer's Guide
Download our free Sophos UTM Report and get advice and tips from experienced pros sharing their opinions.