Sophos UTM Reviews

I use the solution in my home premises to protect my internal network. I am a customer of Sophos. 

Sophos has great security features and does a good job of protecting my network. The firewall feature is very, very good. 

I think the interface configuration could be improved. It's very complex for now. They need to provide more videos and have more documentation. I think that's missing at the moment. By chance, I found something on a video that wasn't in the documentation and it was a lifesaver. I upgraded my hardware from 100 megabytes to 1,000 megabytes and had many problems. I had to start from scratch and get someone to help me with it.

I've been using this solution for seven years. 

The solution is stable. 

I only use the community support.

The initial setup is very, very difficult. When I installed the new Sophos and tried to restore the backups, the restore process did not work. I tried more than 20 times, and in the end, implemented a fresh install which required a lot of work. It was too difficult. It took me a long couple of days. It's worth checking the YouTube videos, they really saved me. 

I'm using the free version. 

I rate this solution eight out of 10. 

Our datacenter cloud services such as email, and web services for internal and external use, had to be protected with different systems and the web services where left really unprotected, since we used an standard IPS/IDS to protect ourselves from web attacks (from the outside) which nowadays are really sophisticated. Also, we had to employ many work hours to have a protected, standardized network. With Sophos EndPoint and Sophos UTM, we simplified and also protected our network at the same time, with less work force.

The web filter and the ATP (Advanced Threat Protection) are great and easy to manage, and the integrated WAF (Web Application Firewall) allows the administrator to seamlessly protect HTTP/S services without having to pay thousands of dollars. The just introduced Sandstorm system for protection, is awesome as well.

Sophos UTM has many improvements that I would suggest, but the main one is for the Application Control to be managed with users as well, and with timeframes (schedules) for the administrator to allow certain apps outside an specific timeframe, or vice versa.

No issues encountered.

The scalability is awesome as when you need the network protection systems to grow immediately, you just activate and license the exact same box, and configure it in cluster mode for Active-Active mode in Cluster/High Availability.

This is where Sophos vendor outclasses every other vendor. They have grown so much throughout the last four to five years, but they have grown as well in their capability to attend support cases. We've had some really advanced cases, and we have never been forgotten or left behind.

We used a commercial product, Untangle, with our own brand called Rhino Box. Untangle did not invest in the development of features as we expected, such as the adoption of IPSec VPNs (they had it but very limited), and IPv6. This was what made us do research for our SMB/Enterprise market offering. We tried out Sophos UTM (recently purchased as Astaro UTM) and it was really easy to deploy and came with Sophos Support, which is awesome.

The initial setup is straightforward. Sophos brand is well known in the market for being a unique and powerful tool that is simple to deploy and manage. This is what makes it different from any other vendors. The Sophos UTM, comes with a deployment "Wizard for Dummies" since it show the wizard at the initial setup, and in less than three minutes, you can have your box up and running. Also for Policies deployment, you are clicks away to customize your security settings.

We always deploy by ourselves, so that way we can test how the customer will see the initial implementation. Our main advice, is to read the manual, and follow the wizards that comes with each tool. Also, it is strongly recommended to have a professional firm contracted for the initial setup, and support, as we are, to can design, and help with any kind of implementation issues.

The ROI is in 12-16 months, since with this kind of tool, we deliver the best of breed protection, and increment the focus of the end user, in being productive.

I recommend you get the three year licenses, since Sophos offers three years for the price of two. I would also recommend that you acquire any Sophos Licensing with Professional Services added, that way, you'll have the best experience possible.

They have supported our business venture since 2010, and will do for many years. We have studied closely the different product portfolio, and each one of them, are carefully developed.

We are using as a firewall product.

It helped to connect our satellite offices to the main Amazon infrastructure in a circular way.

It provides a solid firewall.

We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work. 

It's pretty stable. For our usage, it has been pretty good.

We are a small company with a small infrastructure. For our infrastructure, it is perfectly solid. I don't have experience using it on a larger scale.

They could definitely improve on the support, especially in other countries. Right now, it is just average. For example, we have a team in India. When they face issues, they have to go to Australia or talk to somebody in the US to receive support. They should be more responsive and have more local offices.

AWS has been pretty good. It is well integrated and pretty user-friendly. Initially, we experienced issues with the configuration because Sophos provided us a CloudFormation template, which caused us some back and forth. By now, the process may have improved.

Purchasing it through the AWS Marketplace went smoothly. We did not have any issues and the pricing was decent.

We decided to purchase through the AWS Marketplace because of the integration with the AWS infrastructure, firing it up and configuring it was very seamless.

We originally considered Barracuda and another solution.

We chose Sophos because we thought that it provided superior service. Also, they have a long history in the market, and I received a recommendation from one of my consultants.

I would recommend to take a look a product, as it is a good product apart from the improvements that I mentioned. We are very happy with the product so far.

It is used as a standalone. We don't integrate it with other systems.

We are using the AWS version of this product.

Sophos UTM gives good visibility and prevention against ransomware attacks because they focus on unknown threats, so it's successful in protecting customers.

Sophos UTM's best feature is SIM in the cloud, which combines the gateway solution and endpoint solution to send telemetry data to the cloud and provides full contact visibility regarding security.

Sophos UTM's firewall is a bit weak, and some of its features lack depth compared to other products like F5.

I've been using Sophos UTM for about eight years.

Sophos UTM is quite stable.

Sophos UTM is quite simple to scale.

Sophos' technical support is good.

The initial setup takes around seven to nine days.

I would rate our ROI from Sophos UTM as three to four out of five.

Sophos UTM's pricing is on the cheaper side.

I would advise starting with the basic firewall before adding other features. I would give Sophos UTM a rating of seven out of ten.

We primarily use the solution for perimeter security in order to protect content. We also use it for the XG firewall.

The content filtering is the solution's most valuable aspect.

The initial setup is pretty easy.

The solution is pretty easy to manage.

There needs to be some improvement in the IPsec VPN. There is implementation only support. I have version one. I'd be most interested in having IP version two from the protocol.

I've been using the solution for about five years or so at this point.

The stability of the product is quite good. We haven't had any issues with bugs or glitches. It doesn't crash or freeze on us. We trust its reliability.

We don't really have scalability in mind right now. I need proof of all that. It's a single device that we have.

We don't plan on increasing usage with this device. In fact, we're considering a switch to Sophos XG.

We've never directly worked with Sophos' technical support. We've always dealt with the Sophos partners.

We also don't really have any experience with online community support or documentation.

I previously worked with Microsoft BMG. At the time we switched, Sophos was the better option. We needed a solution that was easy to manage and Sophos fit the bill in that sense. Microsoft didn't really offer any support. Sophos also was integrated with a directory and a single sign-on.

We're actually looking at switching to Sophos XG in the near future. The main difference between the two lines of Sophos products is the level of support provided. XG offers more of what we need. We may also eventually move to a Huawei firewall.

The initial implementation is not complex. We found it to be very straightforward. It was easy.

The deployment took approximately one week. It didn't take too long.

We had two people on staff that handle deployment and maintenance.

We had a consultant help us manage the implementation. hey were very good and quite knowledgable. We were satisfied with the assistance they provided to our team.

We pay for the service on a yearly basis. The last time we paid was in June, for a year. At the time, it was about $20,000.

There are no costs above a standard licensing fee.

We're just customers. We don't have a business relationship with Sophos.

I can't remember the exact version of the solution I am currently using, however, I believe it to be around version 9.

It's a good product, and I would recommend it, however, I would advise other potential users to instead maybe consider Sophos XG.

Overall, I would rate the solution at an eight out of ten.

SMB firewall.

Protected it against malware and allowed us to serve our servers safely.

Application layer filtering.

Setup: Getting an exchange server to work behind Sophos is incredibly difficult with rules invoked that are simple numbers (e.g. 9054).

Currently, we are using the product on-premise. However, in the future, we would like to deploy an AWS instance too.

This product helped us a lot in having a greater visibility into the network traffic coming inside and passing away from the company. The Sophos’s unique RED devices helped us a lot to build up extremely, easy Layer 2 VPN connections.

• Email and web proxy: for filtering unwanted emails and spam, and for web content and malicious url filtering
• SSL VPN and two-factor authentication: for secure remote access
• Layer 7 app control: for blocking P2P (ex. BitTorrent) and media streaming content 
• WAF/reverse proxy: for securely publishing web applications and protecting Exchange services 
• WAN load balancing: for multiple Internet connection management

• Certificate management (ex. Let’s Encrypt support)
• VPN: IKEv2 Support

We have not encountered any issues with stability.

The Sophos UTM solution is very scalable. You can build a hardware cluster with up to 10 nodes. 

Technical issues addressed to support team have been solved quickly.

Before we were using Cisco solutions, we switched because of the lack of UTM features.

The initial configuration is straightforward thanks to the web GUI. In 30 minutes, you can have a running firewall with UTM protection enabled.

The pricing for Sophos UTM is quite acceptable compared to other UTM vendors. If you would like to run an active-passive HA system, you only need to buy an additional hardware without subscription. At other vendors, you need subscription for both devices.

In the case of a software/virtual appliance subscription, you pay by protecting user/IP addresses. You can do this to as much hardware resources as you like.

We evaluated SonicWall, WatchGuard, and Stormshield (Netasq) solutions.

We highly recommend this solution for SMBs for its reasonable pricing and wide range of network services.

• Firewall
• NAT
• Intrusion prevention
• Site-to-Site VPN
• Web filter
• Anti-virus

Before using the Sophos appliance, we consistently struggled with users clicking on things they shouldn't be. This led to virus/malware infections that seemed to propagate through the network at an alarming speed. Since we incorporated the appliance into our network, we don't have to worry as much since it does in-line virus checking, and if a computer does get infected the Sophos appliance lets us know via it's Advanced Threat Protection so we can get a much faster response time.

I wish the internet failover worked better. As it stands right now, when we have an internet failure on WAN1, it takes several minutes before our WAN2 connection picks up the traffic, with many things not working until I manually fail over to the other WAN.

I've used it for seven years.

Initially, we had issues configuring the web filter and getting the right policies applied to the right users. After several calls to Sophos, they were able to assist us in getting to where we wanted to be. Other than that, deployment was easy as long as you pay attention to what you are doing and have the setup guide handy for any questions you have.

The appliance has been very stable, only being rebooted to apply patches for security vulnerabilities, which fortunately is not very often.

The UTM 220 has served our purposes very well, it has allowed us to scale up on the computing side as well as the server side with no issues at all.

Their customer service is fantastic.

I have never had an issue go unanswered when I've had to involve Sophos technical support. Above all, it's their technical expertise that truly sets them apart from other vendors we have tried.

We did originally try to use PFSense. The software was hard to use, and the level of technical expertise was not good. Ultimately, after several demos of both products, we decided that Astaro (at the time we purchased our original device) was the right vendor to work with. Since that time, Sophos purchased Astaro and it would appear that they kept a lot of the same people working on these devices because the transition was smooth, and the level of knowledge never faltered.

The initial setup was very straightforward. I will say that you do need to have a certain level of knowledge to set up the more advanced functions. Configuring the network was the easiest part, and the firewall was very straightforward once you figured out exactly what rules you needed to put in place. NAT was a bit confusing to start with, but once you went through the process it was easy. Intrusion prevention was easy to set up, flip the switch to the on position and decide what rules you want to apply. Web filtering took a few calls to Sophos to set up properly, as we were trying to set up filtering policies based on Active Directory groups, and were not successful in the initial configuration, but we did finally get this implemented.

I implemented the product in-house. The one bit of advice that I can give is to organize yourself prior to deployment. Determine what services you want to utilize in your environment, and focus your learning to those parts of the guide, this will make your deployment much easier.

Our return on investment is the fact that we are protecting the business' data, lowering administrative costs, and are better able to manage every bit of our network security.

The licensing model is very straightforward, it's a bit pricey, but for what you get, it's well worth it.