Sophos UTM Reviews

We have quite a lot of web service hosting, either websites or hosting APIs. We use Sophos as a two-factor authentication process. So, if they are outside or working in a remote office, they will need to use the Sophos VPN, which is gotten from the Sophos UTM, then ideally they will be developers. However, they can also be BI guys, DevOps people, etc. 

Sophos UTM allows you to compartmentalize different sections or different people, having those people connect to different services.

We use it for primarily for two-factor authentication, for VPN to allow employees security access the servers and to ensure people do not access things they should not have access to.

• It has allowed us to have one solution for our AWS needs.
• It allows our developers to be able to securely log into servers to deploy and manage software.
• It has allowed us to design a bespoke cloud space for our clients, while still having an excellent level of protection.

• The combination of server protection
• Seamless incorporation with AWS
• Its VPN feature

You (currently) need to buy the Sophos software per availability, zone, and per VPC. It should offer an account-based solution.

When you buy a Sophos license, you have to buy a license for each location. We have clients in the US. We have clients in Ireland. We have clients in the UK. With GD-PI coming, the clients' data needs to stay in-house, so when you buy the Sophos license, it only works for the UK. Then, you have to buy another in the USA and another one in Ireland, then you have to have a VPN tunnel between all of them to have them talk to each other because Sophos blocks them talking to each other.

So, ideally, a multi-VPC or a multi-talented Sophos would be great because it would take away the fact that you need to build a tunnel and you have one management console for all your different locations. Instead of having three different locations with three different IP addresses and having to add users to probably two out of three, sometimes all three, having just one centralized location would be good.

No, we did not. Backups were done daily, and its Linux backend gave us no issues.

Adding new servers was seamless. Adding new users and allowing for VPN access was also fantastic.

For the AWS version, it was atrocious. None really. For the bespoke cloud space that we designed though, they were very good.

To further clarify, there is absolutely no support when using AWS. If you buy the on-premise Sophos solution, you get support and you get all the stuff. Whereas if you are using the AWS version, you do not. So, you kind of have to research. There's something simple really which affects Sophos quite a bit during setup. 

No, we didn't. It was our first choice and it was definitely a good one.

For a user who hasn't done it before, it may be a bit complex but with a general understanding of networks, it was fine.

However, when you build everything up using the AWS version (setup), it actually does not work until you write it on the Sophos UTM and in the networking, you have to change the source destination check. You have to do that at the end of it, but there is nowhere in the documentation or anything where it tells you that. It was just somebody happened to find that out. It is a pretty straightforward setup, but it should be some sort of documentation that takes you step-by-step to help set it up for your VPC. There really is not that much difference setting it up in different VPCs, but there is not enough information out there. It is a very good solution that a lot of people would be using more of except you are doing different things, and you have to try and figure it out yourself. 

The support, there is none; AWS themselves, they support it the best, because they have some knowledge of it, but they do not fully support it because it is not their product. It is a third-party product.

Licensing is a bit complicated, as it is based on products -- so define your requirements and find what best suits you, as you do not need the whole suite of software they provide.

For AWS, it is pretty straightforward. You buy it, then you have all your licenses that you need, approximately 60 or 70, or it might even be unlimited. However, that is for one margin to expand to different margins. If you have an on-premise AWS, or one of our clients wanted on-premise AWS Assistant, the problem is to build the Sophos UTM on it. We get the software, then the licensing was not explained well because when you buy the licenses, you buy five (or 50) licenses, that is for the first module. So if you expand to second module, you have to buy more licenses of that. 

Again, it is one of those things where it is not well explained. Unless you are in the United States, or you have to use Sophos, you can't contact Sophos directly. You have to use a third-party company, and they all have different ways of how they explain their licensing. So, we have clients that want the database on-premise, and we went to get the Sophos licensing system and stuff like that. It was just they were doing it a different way to who we had in Ireland, so the conformity is a bit iffy. 

It is one of those things where it is not very well explained, so it is a lot of grunt work, a lot research has to be done before you progress, and there are the pitfalls that you encounter. There are quite a few of them. Once you get it working, it is a fantastic product. It is just getting it that is the issue. 

We looked at a few, but I can't remember right now.

Great product which works without issues or downtime.

We use this solution for IPsec & site-to-site SSL VPN.

My environment involves connecting all of our branches with the head office through one Sophos XG 210 device. This is done using IPsec and SSL VPN, after which we apply a web filter, as well as an application filter to ensure that we are getting a secure connection.

It allows me to easily connect with more than forty-five remote sites and more than fifty remote users between IPsec and SSL VPN, applying the web filter and application filter to ensure a secure connection.

This solution also gives me varieties of VPN policies for good data encryption.

The most valuable features of this solution are:

• High Availability between IPsec site tunnels provides a valid continuous connection and ensures we have no downtime affecting our business.
• Log Viewer allows me to monitor all incoming and outgoing traffic, as well as view and block vulnerabilities.

I would like to see the SD-WAN feature improved. I want to manage many lines and load-balance them, getting high availability by making SLA tests according to:

1. Check interval.
2. Failures before inactive.
3. Restore link after.
4. SD-WAN Rules to control bandwidth, download and upload stream.

I switched to Sophos as it is more reliable.

This solution is less expensive than FortiGate. 

We did not evaluate other solutions prior to choosing this one.

We use Sophos UTM for multi-site VPN, quarantine, sandboxing, and IPF. It blocks malware and other unauthorized apps. 

I've been using Sophos UTM for more than four years.

Sophos UTM is stable and ready for customization. 

Sophos UTM is scalable. We have around 100 users, including engineers, managers, and computer scientists. We plan to increase our usage in the future. 

Sophos customer support could use some improvement. 

We were using something else, but we switched to Sophos because it's politically neutral. 

Installing Sophos UTM is straightforward. The deployment itself doesn't take long, but you have to spend some time planning and waiting for the hardware to be delivered. 

Sophos UTM should be more open-source and reduce its license cost. 

I rate Sophos UTM 10 out of 10. If you're considering Sophos UTM, I would say go for it. 

During the pandemic, telework grew, however, so did attacks. There was a higher degree of ransomware and so on. With Sophos, we have not had any incidents this year. The security provided has been good. It has proven to be okay for our needs.

The initial setup is very simple.

The solution is stable.

the scalability is good.

The solution needs to do better at covering mobile devices, although they may have an integrated solution for that purpose. 

I don't really know how it behaves when it comes to web server protection. We have no web servers of our own. I don't know how it behaves if we open our servers to the outside. My sense is that the degree of protection must be higher.

We haven't used the solution for very long. We've been using it for less than a year at this point. 

The stability has been good. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

The scalability on offer is quite good. If a company needs to expand, it can do so. 

We are not a big company. We have about 70 or so people. 

Technical support is okay. It is provided by a local company, not Sophos directly.

Previously we did not have any integrated solutions. We had an antivirus of one kind, and a firewall of another. It was a good step for us to integrate all these features into one solution.

The initial setup was simple and straightforward. The deployment was fast. It only took about a week or so, maybe less. 

The pricing is reasonable. Of course, the customer would always like it to be lower, however, the quality to price ratio is positive.

I'm also aware of Fortinet options, however, they are more expensive if you look at Fortinet vs Sophos. 

We are customers and end-users. We came into the pandemic situation needing a VPN and the one offered by the Sophos behaves quite well. From the point of view of our users, it has been a positive experience.

I don't quite know by heart the version of the solution, however, it's quite recent. It's not the newest one. I saw that the brand new one which came out this year and we don't have that.

I'd rate the solution at an eight out of ten.

We use this solution as a firewall, for DCP filtering, applications, and training.

We need to speed up the support.

We have been using this solution for three years.

It's a stable solution.

It is a scalable solution but the only disadvantage is that when we use a proxy, we can bypass Sophos.

We have 50 customers. The maximum number of users in one device is approximately 4,000. It's a large network.

The support is okay, but it takes time to connect to the support team.

It is easy to install.

We only require one engineer to deploy and maintain this solution.

The appliance should be purchased and there is a fee for the license.

There is an option for a yearly licensing fee or for three years.

We recommend this solution. We complete between 20 and 30 installations per month.

I would rate Sophos UTM a nine out of ten.

Valuable Features include Sophos Remote Access VPN, Country Based Firewall, Web Application Firewall, Ease of access (via browser) and Reporting.

Sophos UTM helps us to control incoming and outgoing network traffic. It also helps employees connect to the AWS VPC environment from remote locations. Web application firewall protects applications from different hacking attempts like SQL Injection, Cross site scripting, Cookie signing, URL hardening etc. On top of that, it also helps the organization adhere to compliance rules and provides an audit trail of the environment.

Sophos UTM is not a highly available and scalable product. Till now, it is a single point of failure.

2.5 years.

No issues encountered. We had a very smooth deployment.

No issues with stability.

Yes. Sophos UTM on AWS is not an scalable product. Sophos is actively working on scalability part from using a UTM manager which can control configuration deployment on multiple UTM's

Customer service level is top notch.

Very Good. All our queries were properly answered on time.

Yes. Earlier, we had used Checkpoint. But the deployment procedure and user interface for Checkpoint was very complicated. The amount of time to invest in checkpoint is nearly 2x than Sophos. Checkpoint requires tool to be installed on your system while Sophos is a browser based tool.

It was a very straightforward setup. As it is a browser based tool, it helps administrator to access it from different location and system. We don't have to download desktop clients on our local system. Also, we can access this product from different operating systems (linux, windows and Mac).

We deployed it in-house.

ROI for the product is very high. The cost of the product is based on the number of users and the licensing is not too expensive.

On AWS, instances/servers are charged on hourly basis. The yearly licensing cost for 10 years is nearly around $200-300.

While we were looking for deployment of UTM product on AWS in year 2011, there were only 2 stable products available in market i.e., Sophos and Checkpoint. We choose to go ahead with Sophos.

Easy to use, Easy to access, good for compliance. It is a very good product as compared to others available on AWS.

Sophos UTM provides security for our network here and access through a VPN connection for our remote users. It also offers the flexibility to create different tools for accessibility.

I would like to see Sophos UTM add support for all the new threat-detection technologies and the ability to respond to novel security threats that come along every day.

I'm in the process of switching every UTM device in all branches to Sophos, so I need visibility into each branch to see the activity. I need alerts for any threat that enters the network. If there is unauthorized access or some specific action that can threaten my network, I want to be notified.

We've been using Sophos UTM for the last three years.

Sophos UTM is stable so far. 

I haven't had the need to scale up Sophos UTM so far, but I believe it's scalable.

We have excellent technical support. The company that supports us is highly experienced with Sophos.

We previously had Cyberoam. After Sophos acquired Cyberoam, we purchased new Sophos hardware devices.

Sophos UTM is priced in the middle range. Okay. It's a good value and a far better price than many competing solutions.

I rate Sophos UTM seven out of 10.