IT Manager at Manual Workers Union
Real User
Great features with easy centralized reporting and good performance
Pros and Cons
  • "So far, the solution has been problem-free."
  • "We'd like to see them offer their services on mobile devices like tablets. I'm not sure if that's an option or not."

What is our primary use case?

The features that we're currently using are mainly just for the endpoint protection, which is for the service and the workstations. We basically use it for the servers, the main servers, and then from there for the client, which is basically the laptops and the PCs.

How has it helped my organization?

The fact that it's not heavy on the machines has really helped. It's basically lightweight. One advantage is that we, having a cloud solution, do not require a physical machine that we have to administer on our network.

What is most valuable?

The fact that it's on the cloud means we don't have to administer it on our network or deal with a physical machine, which saves us money.

The solution has many great features.

From the console, we can start different scannings on different machines. We enjoy the centralized reporting part of it. 

The initial setup is simple.

We enjoy its general stability.

The solution can scale.

So far, the solution has been problem-free.

What needs improvement?

We don't need any extra features. We only use it for the servers and the workstations. We'd like to see them offer their services on mobile devices like tablets. I'm not sure if that's an option or not.

Buyer's Guide
Sophos UTM
March 2024
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.

For how long have I used the solution?

I've been using the solution for over a year now.

What do I think about the stability of the solution?

It's been very stable. In fact, we haven't had any complaints or any issues with it. There are no bugs or glitches. It doesn't crash or freeze. The performance is great.

What do I think about the scalability of the solution?

The scalability is quite good.

Right now, we have 40 users.

We will definitely scale in the future. As we get new employees, we just request additional licenses.

How are customer service and support?

I've never had any issues.

Which solution did I use previously and why did I switch?

I also use FortiGate.

How was the initial setup?

The implementation process was straightforward. What basically happens is that you just have to pick that certain client from the console and then you just install it on the machines. From there, of course, you handle connectivity after that. It's pretty straightforward.

A full deployment on one machine took less than 20 minutes. The thing is, if you have fast internet, it can even be much less.

Maintenance is very simple. Support is inbuilt from the manufacturer's side. Therefore, internally, if there are any issues on the client machine, you just reinstall it. There isn't much to do really, in terms of maintenance, except maybe the licenses. It's hosted on the cloud and updates are automatic, and are available from the portal.

What about the implementation team?

We did not need a reseller or consultant's assistance. It was all handled internally.

What was our ROI?

I haven't really explored ROI. I only have worked with it for slightly over a year. Maybe we need to start looking at it. 

That said, so far, we are protected and we haven't been hit so far. We're getting the returns from it in that sense.

What's my experience with pricing, setup cost, and licensing?

Having a cloud option is a real cost saving. 

In terms of licensing, we pay on yearly basis. From there, what happens, in the last month, we request a quotation for renewal, and then from there we just pay through the local reseller. 

We're thinking of maybe dealing with the supplier, the manufacturer, directly, however, right now, we're still using the local supplier for licensing and payments. 

What other advice do I have?

We are on the latest version of the solution.

We are customers.

I would rate the solution at a nine out of ten. We are very happy with it. I would recommend it to others.

I'd advise new users that, if they are going to go with the cloud option, that issues related to maintenance is actually handled within the cloud. The rollout is pretty smooth.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Dana Bailes - PeerSpot reviewer
Network Administrator at a manufacturing company with 51-200 employees
Real User
Great web and email filtering with reasonable pricing
Pros and Cons
  • "We've found the technical support to be helpful."
  • "The ease of use could be a bit better."

What is our primary use case?

We primarily use the solution for a number of use cases, including the firewall, web filtering, email filtering, and email encryption. UTM does it all. The only thing that we don't use it for is web application and protection. We don't really have any web servers in-house.

What is most valuable?

The web and email filtering are the two biggest and most valuable aspects of the solution for us.  

The solution overall has just been a good, cost-effective solution for us.

The solution offers a lot of functionality.

The solution scales well.

We've found the technical support to be helpful.

The stability and performance are quite good.

What needs improvement?

The ease of use could be a bit better. It's something they could work on.

The ease of configuration could be improved. It's not as simple as it could be just yet. However, it's kind of the nature of it.

They're kind of difficult to get set up sometimes.

Some of the detail in the web filter and the email filtering could be better outlined in the reporting. It is not as good as the two separate standalone solutions we used previously. However, it does also gives us a lot of other stuff that those two solutions didn't. It's a trade-off.

For how long have I used the solution?

I've been using the solution for the last five years at this point.

What do I think about the stability of the solution?

The stability and performance are good. The solution is reliable. There are no bugs or glitches. It doesn't crash or freeze. It's good.

What do I think about the scalability of the solution?

We've been using the same hardware for five years and it's always had a very good performance. I would say it scales pretty well. We have around 80 users on the solution currently. We've had double that. Actually, until COVID hit, we did have double that, as of a year ago.

How are customer service and technical support?

We've been very happy with Sophos, despite the fact that most of their support is based out of Europe. When you get them on the phone, they're actually very good. Their support is very good. We've been happy with them, and have no concerns about renewing the maintenance.

Which solution did I use previously and why did I switch?

We currently use a few Cusco solutions. We had a SurfControl web filter previously - a standalone server for that. We also had an email filtering package, that was on a separate server by itself. We found that the Sophos UTM did both of those things, and it gave us a firewall, and it saved us money. That's largely why we switched. The downside to Sophos is the reporting wasn't as good, however, everything else was better.

There was nothing wrong with the other solutions that we had other than it would cost us twice as much money to get a lot fewer capabilities. We don't really have the manpower to fully utilize those other solutions in great detail, which is why a simple web filter and email filter that was built into the Sophos solution worked for us. Plus, it does a lot more than that. We could run everything through it. We could - and we may do this - move away from using the Cisco solutions altogether, and just use the two Sophos firewalls. Once we get the XG up and running, we can upgrade the UTM to XG also and have the two XG firewalls in our two locations, and use it for the LAN connection between the locations. I don't know that we'll do that, however, it's definitely something that we can do. It's just a lot of additional capability and flexibility. 

How was the initial setup?

While the configuration can sometimes be tricky, it was pretty much straightforward to initially set everything up. It helped that we had paid support through Sophos, so their technicians helped us get it up and running.

The deployment took a couple of weeks in total. It wasn't too big of a deal.

We don't really have any staff dedicated to deployment and maintenance. I tend to handle those aspects myself.

I've watched a few webinars, even on implementation, and it's just that a lot of the stuff is really different. You need to work on it a bit to get the hang of everything.

What about the implementation team?

We had Sophos directly assist us. They were great at helping us implement everything. We physically got it in place, and then got it up and running, and then finished it off with some assistance from Sophos.

What's my experience with pricing, setup cost, and licensing?

We've found the solution to be cost-effective overall.

Normally we do a three-year license with maintenance on a firewall.

Beyond the standard maintenance fee, the solution doesn't require any other licensing costs.

What other advice do I have?

We are a manufacturing company. We're not a technology company. We don't need to have the very latest state-of-the-art technology, however, we want to try to be close to it. For us, Sophos is perfect.

We also plan to use Sophos XG, however, we haven't implemented it yet. We're hoping it might be easier to configure and set up than UTM.

Our antivirus, actually, was the antivirus that was managed by the UTM. Now they've since retired that capability, and they've gone to endpoint security software being managed in the cloud. Sophos Central can manage all of the Sophos security products, including all the firewalls, the endpoint security. Basically, you end up with one web interface for all of your security stuff. That's actually going to be a big feature, especially moving forward with XG, due to the fact that, if XG detects anything fishy going on, you can shut down individual client networks, and not allow any traffic to go through.

 Our Exchange ActiveSync is actually behind a Cisco firewall. We have a Cisco ASA also.

We use the latest version of the solution.

I'd rate the solution at an eight out of ten. We've largely been satisfied with the product.

As a company, you're looking to get the best solution out there. Once you have something in place, and it's worked well for you, and it hasn't cost you any excess money, you don't need to have too much contact with anyone. I rarely contact Sophos. That's a good indication of how good the product is working for us. If I was looking for something new, or if when maintenance comes up, and we've had hardware that's been in operation for a while, maybe we just need something new. Then you look and see if there's something out there that works better for you. That's basically it. We're not looking for anything new. We've actually been very happy with Sophos. I liked the way that there's a lot of good stuff there.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Sophos UTM
March 2024
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Pre-sales manager at National Information Technology Company
Real User
Top 20
Has a solid state hard drive and can boot in less than sixty seconds
Pros and Cons
  • "Sophos UTM has improved the porting section. It has improved security by seeing the gaps. For example, when you discover that an entry has been using a certain application, with Sophos UTM acting as a Layer 7 firewall, you can block the application, not the port."
  • "With Sophos UTM, there is a general rule in the firewall when the country blocking can block some countries from accessing your data. In the current version, you still need to add it by putting in the IP range. This feature would be helpful for administrators and it gives them the advantage to block stuff in less time."

What is our primary use case?

We are partners with Palo Alto and several IT certificate vendors, like Sophos. We deploy Sophos UTM for customers.

Internally we use Sophos, but we deploy solutions including both Sophos and Palo Alto Networks to our customers. We are an IT integration company. Our services include the deployment of security appliances.

Our environment includes Sophos UTM for internal use, which means it is protecting the network. It is protecting our environment.

We publish our services like the help desk, mail server, and other servers. Sophos UTM offers us protection for publishing and the VPN.

How has it helped my organization?

When we started with Sophos UTM, we were using Microsoft Threat Management Gateway (TMG) which formed part of the firewall. It's not anymore there, it has been discontinued. 

Sophos UTM is an SSD appliance. It has a solid state hard drive and can boot in less than sixty seconds. It is an appliance that has more stability than software solutions. It all depends on which hardware you have installed.

Sophos UTM has improved the porting section. It has improved security by seeing the gaps. For example, when you discover that an entry has been using a certain application, with Sophos UTM acting as a Layer 7 firewall, you can block the application, not the port.

In the application firewall, you can block the next update for Bitcoin or for Facebook. It has settings to block a port or wifi or just block the application and firewall. Sophos UTM will be able to detect the application type and filter network users.

Sophos UTM did help us a lot on the throughput of the internet because at that time we were using ADSL. Now it is fiber, which means we are able to manage the throughput of the firewall by also putting the quality of service first. 

For example, we are able to configure 2MB for YouTube or 5MB are guaranteed for the service which is published. In the past, with TMG you had to buy third-party tools that also did not have the same functionality.

Currently, Sophos UTM and XG are helping our customers. The features available in the UTM and XG are a combination of all the firewalls in the market which means all the features.

The IT Admin or IT Security in any organization would like to have Sophos UTM because it is full of all the features you think about for enterprise. 

Sophos UTM normally will deploy a batch or an upgrade and add more features, every six to eight months based on the RMD.

What is most valuable?

To be quite honest, from my personal experience all the features of Sophos UTM are useful, which includes publishing templates and the ease of publishing any servicing needs. 

From the VPN side, all the VPN protocols are available so you can choose from SSVPN to PPTP to other versions of VPN, and it's easy to deploy within minutes.

The firewall includes very good logging where you can see what's hacking your network. The IDS and IPS settings are based on your reliance and also alerts you if there is an attack. 

We're happy with Sophos and we also have an XG version being used for other services, because we are a company that provides services. We have two versions, we have the XG and the latest one. 

The Sophos UTM which is the previous version but still being in production is our main firewall for the company.

We happy with all the features, we have no negative comments on any of the features except that the XG has more ability to block based on countries.

On the previous model, the blocking of countries we had a problem with, i.e. if you use the NAT feature, you can't block countries. You have to enter the IP network. 

With the XG version, you can just select when you publish via NAT not via WAF. You can select the countries. 

That is the only difference between XG and the UTM which we did not really like, but other than that its all cool.

What needs improvement?

There is definitely room for improvement with Sophos UTM. For the SG version of Sophos UTM, they can add blocking of countries in the NAT section, not only in the firewall section. 

When you are mapping, they should also add the ability to block countries in that section. That's not available right now. It's only available in the firewall if you want to block incoming traffic.

With Sophos UTM, there is a general rule in the firewall when the country blocking can block some countries from accessing your data. In the current version, you still need to add it by putting in the IP range. 

This feature would be helpful for administrators and it gives them the advantage to block stuff in less time. 

The web filter needs additional enhancement but that's the point of the XG upgrade. If they're going to continue with the production of the XG, then they will not add the same features to the basic version of Sophos UTM.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

With the ability of the hardware, we haven't experienced any problems with Sophos UTM so far. Neither have our customers. 

At the beginning of the XG version, three years back, they had hardware issues. After that Sophos deployed division two, three, and four as hardware appliances.

Sophos fixed the hardware issue for the lower models, i.e. the 525, the XG 125, and the XG 85. All of the larger Sophos UTM models were fine.

Now, all are stable, all are fine. We haven't seen any crash. One of our customers had a DDoS attack. Since he had the proper rules, we did not record any incident. 

Sophos UTM blocked the DDoS. Although it is not a dedicated anti-DDoS solution, Sophos UTM has the features. 

Sophos UTM is stable. I haven't seen any claims or issue tickets from our customers regarding stability.

What do I think about the scalability of the solution?

Sophos UTM has different aspects. If you have an HA distribution, high availability, you can scale up.

When you go and purchase Sophos UTM, you have to plan and say what the environment is. This planning has to be done before buying. If you buy a small appliance and after two years, you are 50 or 70 employees there are upgrade options. 

It should be between you and Sophos. They can give you a free appliance if you subscribe for three years on subscription, for example.

If you have an existing subscription and you want to have HA, this means another device has to be set as redundant. The only downside is that it has to be the same version and the same model. 

In my company, we have around 35 loyal customers. These customers have purchased and are redeeming Sophos UTM with us. Altogether, we are 55 employees. Most of them are at the office. Concurrently around 35 others are on site at other clients. We have around 35 servers. 

We have the published Sophos UTM on the main server, help desk, share point, etc. We've got around nine published services, plus 10 VPNs running concurrently for our support engineers to connect and work on our internal infrastructure for the allotment servers. 

We have 50 Sophos UTM installations at least that are actively browsing, downloading, and being protected by the web filter and other features there.

It depends on the organization, but for us we only require one person to manage this solution, even working remotely at home.

How are customer service and technical support?

We don't have much need to speak with the vendor because we are educated and experienced with Sophos UTM. We are an integrator company.

For our customers, in the beginning, we give them training. After a week we do expect to have some calls because they are not yet educated or they're not yet used to it. 

After that, that's it. They already told us if they are ready or not. Sophos' support is better than others because Sophos also can sell endpoint solutions.

If one of our customers has an issue and Sophos did support and send their team for the investigation it could be conflicting.

For example, one of our customers had an endpoint which is an antivirus and they had an issue. We have teams that were actively taking care of the customer based on our relationship with the client and their Sophos UTM device license.

We have no comment on the Sophos UTM support which we have seen at our customer sites because it was only with a government customer. 

The customer told us that the Sophos UTM representative mentioned that they wanted to have the vendor take care of this issue.

Other than that, I have had no negative experiences with Sophos' technical support.

How was the initial setup?

The initial setup of Sophos UTM is straightforward for both versions, the XG & UTM. In addition, they both provide a proper manual.

In the beginning, seven years back, Sophos UTM wasn't straightforward for beginners. You had to be already excellent in security. Now, it is very easy because you install the IP address, you log in, and you do the initial setup by routine. 

These days its much easier than in the past but not everyone that has a firewall is secured. If you do it properly by choosing the right network, the right topology, and the right firewall rules, Sophos UTM will work.

There are orders for most of the rules. For example, if you put a deny rule below an allow rule, you are not going to have the proper result. 

Sophos UTM requires knowledge. It's easy to deploy but also there is a responsibility on the person who is deploying to understand. 

You must have the knowledge of security and networking, to make sure that the solution is working properly. Sophos UTM is very easy compared to other vendors somehow.

In our environment, we have defined previously the VLAN rules on our sheets because we had another firewall. In the beginning, we just copied the current rules and then enhanced them slowly so deployment took place quickly.

After fixing the appliance physically on the rack, it took one hour to be up and running and ready based on the rules. If you are a small environment that would take you less than 20 minutes. 

It all depends on how many rules you have, how many demands, how many users, and public services. For example: if you have five websites, the main server, and a starter business, you might need more time because you would need to define the rules properly. 

It all depends on how complex your environment is. Sophos UTM is easy and straightforward for me and for somebody who is certified on security levels.

What about the implementation team?

We haven't opened a ticket with Sophos for 60 days, but we still have support. All our customers use us as the first level of support, even if they have to chase it. 

Sophos UTM comes with a license. We are very aware and updated on Sophos solutions. We have good experience with it.

Although we sell other solutions, we are looking forward to building, selling, and integrating Sophos XG/UTM versus other vendors because of the ease of use.

We are more focused now. Our entire team is certified in Sophos Enterprise, while other vendors would likely still have just one or two members who are certified.

We feel more comfortable using Sophos equipment and solutions.

What was our ROI?

I can't mention anything on ROI because I'm more focused on the technical part. I'm not needed in the financial part. In our company, we have saved bandwidth and lots of network hardware waste. 

The Sophos UTM solution did help us because we were depending on a software base from Microsoft. Microsoft is a great company but they are not great for our security. Now they have improved. When you go out and buy something, buy it from the specialists.

For example, if you go for virtualization, VMware is a company that only does virtualization. Go for specialized people. Don't go for people who are doing everything at once. 

It's like when you go to a physician or a doctor and you have a problem with certain things. i.e you have a problem with the bones. Go to the doctor that is specialized in the bones, not a general doctor. 

What's my experience with pricing, setup cost, and licensing?

The Sophos UTM license is annual or you have a choice for a two or three-year term.

The Sophos UTM licensing is based on if you have an appliance. There are several layers of subscription you can take:

  • Sophos UTM Full Guard includes everything but a few features.
  • Sophos UTM Full Guard Plus includes all the most used features, i.e Wifi, ITF, ITS, web publishing WAF, etc. 

There is a huge price list. The prices in the MENA area (the Middle East and North Africa) is completely different than North America.

The products are completely different in the MENA area from the United States. Each region has its own scheme of pricing based on the VAT and the tax refund. 

The price might be different for the people who are in the United States and the UK.

After you select the level of subscription, you pay once.

Which other solutions did I evaluate?

We tried and tested Fortigate from Fortinet. We tested several appliances about six years back. Not Palo Alto at that time, only Fortinet. 

We evaluated other open-source Linux software but not appliances. We decided to go with Sophos UTM based on several factors related to the tests we did at that time.

Evaluation is very important so that you can see what are you buying and what you are going to face in the future.

What other advice do I have?

My recommendation is that businesses should go for the XG version, not the SG because the XG version of Sophos offers next-generation firewall support and has more improvements.

Sophos XG is the next generation firewall that is not available on the UTM version. The difference is in the features between the two and how you deploy them. 

Sophos XG version covers what is in the SG version plus additional bonuses: the dashboard, the heartbeat between the firewall and the input, etc. 

I advise first evaluate, know your network, know your needs, and plan for the upcoming two or three years before you purchase. 

Get in touch with the vendors because these days every vendor wants to sell. They are willing to help the customers and willing to show them what they will get. 

Make sure you evaluate properly many platforms. Don't just go with one vendor. Go with two or three vendors. Evaluate and then short-list and choose the best for you.

The rating has to have criteria: 

  • On performance, I would give Sophos UTM a 10 out of 10 rating. 
  • On price, it is a long discussion because you can get a discounted price if you are an integrator. 
  • As a user and a customer, I would give Sophos UTM a 9 out of 10 rating.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT Head at Dee Development
Real User
Very user friendly and simple to implement; easy to separate rules
Pros and Cons
  • "Efficient and effective - it's easy to separate rules."
  • "The classification segregation of applications lacks sufficient definition."

What is our primary use case?

I'm IT head at our company in India and we are customers of Sophos UTM.

What is most valuable?

The solution has many good features. There was a steep learning curve moving to version 18 but we're now at a point where the solution is more efficient and effective. When talking about VLANs the solution makes it easy to separate rules for everything. The solution is easy to use with simple implementation.  

What needs improvement?

The application server needs to be improved because currently, the classification segregation of applications needs to be more defined. Also, we used to be able to open the firewall using LAN IPS but that's no longer possible and needs to be solved. I'd like to see an improvement in central categorizing. These days with all the applications and threats, getting everything filtered down needs to be a finer, more granular process. There are times when you find that a website seems to be legit, but there is a code running behind it that can act as a proxy or some kind of a bot. The sites are always logged on, but at times we have to open for a few clients or a few sites and in that time they're open to attack.

For how long have I used the solution?

We've been using this solution for at least six years. 

What do I think about the stability of the solution?

This solution is absolutely stable. 

What do I think about the scalability of the solution?

The solution is scalable; we jumped from 135 to 230 users without any problems at all. 

How are customer service and support?

Technical support used to be good but it's lagging a bit now. Support staff was better trained and more efficient than they are now. It could be because of Covid but it's a bit of a challenge at the moment. 

Which solution did I use previously and why did I switch?

We worked with SonicWall many years ago. We then switched to Cyberoam and then we primarily used Cisco Firepower. There were support issues with Cisco and it wasn't easy to find the KB articles and training was lacking. Even the training personnel had problems when we had issues with implementation. The same thing happened when we used Palo Alto with the support being the biggest problem. It was so unstructured and I hope that has changed in the last 12 months. When it comes to firewalls we are happy with two products; Fortinet is our preference but when you take cost into account, we prefer Sophos. 

How was the initial setup?

The initial setup was relatively straightforward. 

What's my experience with pricing, setup cost, and licensing?

The licensing costs for Sophos are reasonable. It's clear to me that there are no full solutions, you can't win it all, and the cost is always an issue. We're on the winning side with Sophos in that respect. We renew our license every three years. 

What other advice do I have?

I rate the solution eight out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
CEO, Technologist with 51-200 employees
Vendor
Comprehensive UTM Product, scale-able, fast, understandable user interface

What is most valuable?

Proven UTM technology, excellent security and threat management are valuable features. The fact that I can provide scalable solutions for a SoHo environment on a small appliance, run on my own PC/server or even a virtualized environment allows me to accommodate almost any business, regardless of size. The software works in the same way across all the models. I have managed all my clients via the Sophos UTM Manager, a centralized console. I am a MSP, so having a centralized system to managed and maintain all of my client UTM firewalls is just gravy.

Customers appreciate the extensive built in reporting, rock solid IPS and security features. Coupled with a centralized Wireless and Remote Ethernet Device (RED) Device extends my service offerings. Lastly, the Total Protect bundle offers an affordable, comprehensive solution for the SMB market.

How has it helped my organization?

Using the SUM (Sophos UTM Manager) Central Console, each client UTM is configured to report to my RMM and CRM system for monitoring, SLA, ticketing, and support. We can administer a majority of our management such as firmware updates from our Sophos UTM manager. With many other products, this needs to be done and case by case basis.

We also schedule weekly automatic backups of the clients UTM configuration. These backups are emailed to our support portal and preserved. We keep spare/loaner equipment in stock so if a client’s UTM has a catastrophic failure, we prep a spare unit, apply their most recent configuration, and within 5 minutes have a functioning loaner unit we can deliver while their warranty replacement is processed. A simple drive to the client’s location and a swap out is done which gets them back in business on the same day. You can also get a 30 day full trial license for appliance or software. My sales staff can place a 30 day trial of fully functional unit as part of a proof of concept.

What needs improvement?

The unit offers great failover and load balancing features that can be complex to understand, some streamlining of the process would help. More predefined port rules would help the novice user/technician as well.

For how long have I used the solution?

I have been a Sophos/Astaro Partner for over 10 years. I started with Astaro v6 and have continued with them following their acquisition by Sophos a few years ago. The product keep getting better and better. I have over 200 units I have installed and managed. I am currently selling the SG Series with UTM v9.309. The SG series have models that fit small business up to large enterprise environments.

Alongside the hardware versions, we also use a virtualized version running UTM 9.

What was my experience with deployment of the solution?

The only issues I have, have been due to human error.

What do I think about the stability of the solution?

The solution is very stable if you size the unit to the environment. An SG125 is great for a 25 person office with web, email filtering, application control, etc. but it would not work well in a 100 person office. You need to know the proper sizing prior to deployment.

What do I think about the scalability of the solution?

As stated, unit needs to be scaled to the environment. So if I don’t do my job of understanding the client's environment, it is possible to undersize the unit just like every other product. For clients who are planning major growth, we tend to sell either a virtualized UTM or software base unit. Then it is simply a matter of adding license capacity, RAM, CPU, etc. when needed.

How are customer service and technical support?

Customer Service:

They have a great account team and customer service is solid. 85% of the time the issues are resolved on the same day, and 97% by the next business day.

Technical Support:

They have excellent technical support. I can submit a ticket request via their portal, with a call, etc. I can get someone 24/7 and usually within an hour. They also have a great escalation procedure.

Which solution did I use previously and why did I switch?

I have used many, such as SonicWALL, Cisco, Juniper, WatchGuard, and FortiGate. Sophos is consistent and deep in their solutions and I like a consistent platform and support.

How was the initial setup?

Simple small offices are a breeze. We have some template configurations, which only require us to stage and activate a license(s), install a basic template and modify the interfaces to meet client specifics and then add the unique definitions. More complex setups start with a basic template which even my technicians can load, and then require an engineer or security specialist to finish off.

What about the implementation team?

We are a managed service provider (MSP) so we do it in-house for clients. We provide our customers with basic training and complete documentation package.

What was our ROI?

As with most hardware, margins could always be better. I can get competitive pricing on larger deals. Our biggest ROI is the monthly management fee, which is very reasonable for our clients. Since we do all of our management (updates, reports, etc.) from the SUM we spend very little time on this and a technician can do it. It has a very good economy scaling and the annual subscription renewals are pretty standard with not much of a margin. This solution fits the MSP model very well due to it being a centralized control/management solution.

What's my experience with pricing, setup cost, and licensing?

A SoHo setup takes about an hour, which is US$125 and the monthly management/maintenance is US$30, but it all adds up.

Which other solutions did I evaluate?

We have evaluated many

  • WatchGuard
  • SonicWALL
  • Cisco
  • FortiGate
  • Smoothwall, etc.

What other advice do I have?

The product has a shallow and a deep end. Getting a small business/SoHo running up quickly and reliably is straight forward, but the deep end takes some technical skills, just like any solution. What I really like is that my Tier One guys can get a quick status update, have a look very quickly, and then resolve most basic issues. Tiers two and three are not as involved unless there is a major issue or complexity. Also, when buying the product, get the audit/chance tracking built in too!

Disclosure: My company has a business relationship with this vendor other than being a customer: My company is a business partner.
PeerSpot user
IT Technician at Wm tech
Real User
User-friendly interface, useful documentation, and great support
Pros and Cons
  • "The most valuable feature of Sophos UTM is the simple-to-use interface."
  • "Sophos UTM could improve if there was no limitation on users."

What is our primary use case?

I am an implementor and I provide support for customers' use cases. The solution is used as a load balancer, and for VPN access.

What is most valuable?

The most valuable feature of Sophos UTM is the simple-to-use interface.

What needs improvement?

Sophos UTM could improve if there was no limitation on users.

For how long have I used the solution?

I have been using Sophos UTM for approximately six months.

What do I think about the stability of the solution?

I rate the stability of Sophos UTM a ten out of ten.

What do I think about the scalability of the solution?

I rate the scalability of Sophos UTM a ten out of ten.

How are customer service and support?

The support from Sophos UTM is good.

I rate the support of Sophos UTM an eight out of ten.

How would you rate customer service and support?

Positive

How was the initial setup?

The implementation of Sophos UTM is simple. The documentation of the solution is satisfactory.

I rate the initial setup of Sophos UTM an eight out of ten.

What about the implementation team?

We use two engineers for the deployment of Sophos UTM.

What's my experience with pricing, setup cost, and licensing?

The price of the solution is high. The price from USD to my currency is expensive.

I rate the price of Sophos UTM a five out of ten.

What other advice do I have?

This is a good solution and they should try it.

I rate Sophos UTM a ten out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: implementer
PeerSpot user
CEO at Tomans Consulting
Real User
Seamless scalability, robust, and flexible
Pros and Cons
  • "The stability of Sophos UTM is very good. The solution has been stable since Sophos took over Cyberoam which was the original company providing this solution."
  • "The initial setup was straightforward. The full deployment takes approximately two days which could be simplified to reduce the time. The major part of the process is the configuration and the policy setup."

What is our primary use case?

We use Sophos UTM as a firewall and access control. The firewall has web filtering and anti-fishing tools. We synced Sophos UTM with our Microsoft Windows Active Directory.

What is most valuable?

Sophos UTM is a robust solution and it provides flexibility.

For how long have I used the solution?

I have been using Sophos UTM for approximately five years.

What do I think about the stability of the solution?

The stability of Sophos UTM is very good. The solution has been stable since Sophos took over Cyberoam which was the original company providing this solution.

What do I think about the scalability of the solution?

The scalability of Sophos UTM is seamless if you have the right UTM device. However, for every device there are limitations, we have 150 users on it at this time.

How are customer service and support?

The support from Sophos is very helpful. We raise a support ticket on the portal and we receive a response.

How was the initial setup?

The initial setup was straightforward. The full deployment takes approximately two days which could be simplified to reduce the time. The major part of the process is the configuration and the policy setup.

What about the implementation team?

We did the implementation of Sophos UTM using our internal team. We have certified engineers that can handle the process. If there are any issues we can reach out to the support of Sophos.

We have two people that handle the maintenance for the solutions.

What's my experience with pricing, setup cost, and licensing?

There is a license for the device and for the software. We pay annually for the solution and the cost is competitive.

What other advice do I have?

Sophos has an aggressive 360-degree security deployment. They are securing your mobile phone and data, both data security and also device security. They're on the cloud too, if you look at the company they really working hard on a 360 approach for security. The coverages they offer makes them robust. You can always start from somewhere, and then you scale up. You can start with their device management solution, or with their firewall, and then you begin to scale up with other features seamlessly. The flexibility they provide is also very good with Sophos, I can recommend Sophos confidently.

I rate Sophos UTM a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Director of Cloud Technology at Avalere Health\Inovalon
Real User
It has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewalls from one place
Pros and Cons
  • "Sophos has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewall from one place."
  • "I would like them to move from the Classic Load Balancer to the Network Load Balancer. This would make it easier to do certain things with Amazon. They are able to do some enhancements with Network Load Balancer that they are unable to do with Classic Load Balancer."

What is our primary use case?

Every single Virtual Private Cloud (VPC) has Sophos in front of it. I also use it for Outbound Gateways in my WorkSpaces environment.

How has it helped my organization?

Our company trusts Sophos without even seeing it, as it provides us comfortability while allowing for flexibility.

What is most valuable?

Its scaling capability.

Sophos has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewall from one place, which is huge for me. When you have multiple VPCs and multiple accounts, it becomes too cumbersome to use a product that you have to look at individually. With Sophos, I can look at one place and see everything: my logs, filters, firewall rules, etc.

What needs improvement?

I would like them to move from the Classic Load Balancer to the Network Load Balancer. This would make it easier to do certain things with Amazon. They are able to do some enhancements with Network Load Balancer that they are unable to do with Classic Load Balancer.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

I have never had a stability issue with Sophos. It self-heals.

What do I think about the scalability of the solution?

I have not run into a scalability issue since it is scalable past my license.

How is customer service and technical support?

I have had great technical support. The only issues that I have experienced with technical support are when I get a Tier 1 support person who knows about the on-premise product, not the AWS side of the product.

What about the implementation team?

The implementation and configuration through AWS is easy. They have cloud configuration templates, which are easy to deploy.

What's my experience with pricing, setup cost, and licensing?

We originally purchased the solution through the AWS Marketplace. I started my proof of concept doing pay-as-you-go, then moved to a VAR for a 'Bring Your Own Licence' (BYOL) licensing model. The BYOL license still requires you to accept the terms of the AWS Marketplace to deploy.

It is easy to purchase through the AWS Marketplace. In addition, if you have a budget for the AWS Marketplace, then your purchases will appear on your regular Amazon bill, which makes things even easier.

Which other solutions did I evaluate?

I went and looked at Check Point eight years ago, because back then, I loved Check Point. They also weren't many solutions like this back then. AWS Marketplace did not even exist eight years ago!

After comparing Check Point and Sophos pricing, I questioned whether the decimal for Sophos was in the wrong spot. Sophos's competitors were so much higher in price. 

Originally, cost sold me because Check Point and Sophos had the same features. Now, Sophos has surpassed Check Point's features.

What other advice do I have?

If you haven't tried it, do so.

Amazon has their products (e.g., Amazon GuardDuty). However, when you are working in a multiple VPC environment along with digital enhancements and features, some of those enhancements and features are not always available with Amazon, but are with Sophos.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Sophos UTM Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2024
Buyer's Guide
Download our free Sophos UTM Report and get advice and tips from experienced pros sharing their opinions.