Sophos UTM Reviews

All the features are valuable.

• Web protection: Allows me to control unnecessary web traffic into the company network.
• Email protection: Protects the company from spam and malicious emails.
• RED and VPN: Provides an easy and secure way to connect branch offices so I can easily control them.
• WAF and DMZ: Provides an easy and very secure way to publish your internal servers. Enables you to have more than one WAN and to use them for load balancing and controlling the traffic through them.

Before implementing Sophos UTM, we had a lot of problems with:

• Malicious URLs
• Spam
• Unnecessary internet traffic
• difficulties in connecting and controlling branch offices

After implementing Sophos UTM, the percentage of infected computers because of bad URLs was been reduce by 90%. A lot of spam emails were blocked. Additionally, I created a whitelist for company emails and a blacklist for unnecessary emails.

Branch offices have the same protection like the main office and communication between offices is very easy. We created rules for one-way communication for some branch offices and two-way communication for another office. You have got a lot of abilities for different configurations between offices.

But after migrating to Sophos XG and the new XG OS, things got easier, more secure, and more interesting. Specifically, we had the ability to generate different reports for different protection types, different end users, or different services.

With the new XG OS, I have better control of my network and I can easily detect malicious and unnecessary traffic.

We used UTM for four years, and XG for one year.

At the beginning, there were stability issues, due to a poorly configured switch. I had problems with HA, but after that, there were no stability issues.

I only contacted technical support five or six times. They were very professional. I will rate them as excellent.

We did not use a different solution before this one.

The initial setup, at the beginning, was very complex. After some time, everything got clear. I did the migration of UTM to the new OS XG by myself and I didn't need help from technical support.

Think twice when you are choosing your Sophos UTM/XG. I made a mistake the first time because I needed more powerful hardware for my network. I did not choose very well. The price and the license are definitely elements for which you must think twice. I had excellent cooperation with the Sophos sales team and my mistake was quickly resolved.

We evaluated SonicWall, Palo Alto, and Untangle.

I love all Sophos products, but the combination of Sophos XG, Sophos RED, and Sophos advanced endpoint protection with intercept X is something that all IT professionals and security officers will love and want to have.

Firewall and Web Protection

Advanced Threat Protection is a good "dashboard" feature to see if there is any network issues

Its a key point of keeping your network secure which once setup requires minimal ongoing monitoring. Also this unit can act as the whole security suite so everything in your network is protected.

Its identification of users without the need of setting up Proxies or Identity software could be better, that is probably the trickiest section to setup.

2 years

No issues other than ensuring what has been configured matches the requirement of the company/client.

The only stability issue we have encountered was an update caused the unit to over process things. Everything kept running but it did slow down Internet access because of this.

I have only done basic High Availability setup which is very good but not Scalable solutions. However, as long as you follow the sizing guides and get the right UTM for the company there has been no issues.

Excellent

Not outstanding but I have noticed significant improvements over the last 12 months

We used to use SonicWall. I still think its a good product though its web filtering and SMTP filtering were no where near as good as Sophos UTM. The reason we switched was the partner relationship between Dell and the IT Solutions company soured.

You can setup the unit in simple mode and get 90% of what you want done. That is very straightforward

You can also setup each component manually. This requires understanding of the unit but even that is not difficult.

Probably the only difficult part of the Sophos UTM is the WebControl as this can be setup many ways. Ensuring you have mapped out a solution that is adaptable to the company is probably the most complex part.

As we are a supplier, we bounce off ideas with their sales engineers. They are excellent.

Unsure as I don't deal in the money side of things but I think the clients get excellent returns as their security is totally covered if they include EndPoint protection.

Most companies I have dealt with handing them a unit find they don't have to do much ongoing work on the unit. Once its working, its working and adjustments to rules and policies are easy.

No, we had a good relationship with Sophos and after comparing it to our previous solution (SonicWall) we were convinced it was a good product.

If you are a IT Consultant shop, become a partner and do the training.

If you are the IT of a company, you can either get a IT Service company to set the unit up for you or if you are confident with firewalls you can purchase premium support to get assistance for troubleshooting purposes.

We use Sophos UTM to secure Internet connection inside our company and to provide secure remote access to the in-office network.

I like the web filtering options and the link to Sophos antivirus (Close all connections from-to infected PC).

I would like some features that are available in other brands. For example, I sometimes a person is using too much bandwidth, and it isn't easy to find this information in Sophos. Also, we have to switch connections manually when we are using a VPN and lose the MPLS connection. It isn't automatic. 

I have used Sophos UTM for five years.

I rate Sophos support seven out of 10. 

Neutral

Sophos UTM is a little pricey, but it's reasonable if I compare it to Fortinet. 

I rate Sophos UTM eight out of 10. 

I mainly use Sophos UTM to provide network security.

Sophos UTM's best feature is synchronized security.

Sophos UTM's internet security could be better.

I've been using Sophos UTM for three years.

I would rate Sophos UTM's stability eight out of ten.

Sophos UTM is easy to scale.

Sophos's technical support is very good and easy to connect to.

The initial setup was simple.

Sophos UTM is moderately priced, but it could be improved.

I evaluated Fortinet, but Sophos UTM is easier to manage and more efficiently priced.

I would rate Sophos UTM eight out of ten.

Mostly when we see that the client has no security product, we offer both of the products: firewall and endpoint security. We offer endpoint security solutions: EDR and XDR.

Most of the time, we offer Sophos UTM and firewall products, but when we see that the customer has a firewall already deployed, we pitch endpoint security. If they're already using a different product, we cross-sell a product. For example, if someone has an environment with just endpoint security and doesn't have XDR or EDR, we'll suggest upgrading to XDR or we'll upsell XDR.

The overall visibility of the console is what I find most valuable, plus it's very user-friendly. It can be integrated with other solutions such as SOAR, SIEM, etc., even when you have an existing firewall. I really like that the console can be integrated. You'll see everything on the same window, and the single window feature of the machine is so good. These are the features I really like.

I have no suggestions for improvement for Sophos UTM. It's been a decade and it has been a very good product throughout the Pakistan market.

Pricing could be improved. After-sales service is much better. Once you have a sales team and a technical team for any product, it definitely becomes very easy to pitch or get the revenues out of that product. Flexibility in pricing matters a lot.

This is the fourth year we've been implementing this solution.

Sophos UTM is stable which is why I like it.

I find Sophos UTM scalable and it is one of the reasons I like it.

For Sophos support: the distributor is responsible for providing maintenance, support, and after-sales service. Most of the time, we try to have an agreement between the customer and affiliates which is binding for two or three years.

The support team here is from the distributor. The first layer of support is really fine when compared to the support provided by other products, e.g. McAfee or Kaspersky. This means it doesn't go to the principal for resolution because the distributor or the partner experts try to fix it on their own before logging in to further complaints. We are good with this kind of solution for our customers, and we prefer those distributors who have their support team.

This is why I really like Softech, although everyone does this, Sophos relies on the Softech technical team. They fix the issues most of the time, so it's very rare for us to go to the principal solution. This is the first line of support we have here in Pakistan.

The principal response time is so quick. It took them only two or three hours maximum. I had the experience of addressing an issue to the principal and they were able to answer me in two or three hours maximum. They have a good TA team.

Although Sophos UTM is a good product, other products have more flexibility with their pricing. It is a very fine product, but when someone wants more relaxed pricing or more leverage in pricing, Sophos is more rigid.

For example, Kaspersky is successful in Fintechs because of its services, plus they offer flexible pricing to their end users. It's a comparative advantage here in Pakistan because Pakistan is a very price-conscious market. This is the reason why every time we pitch, we have to pitch more than one product here in Pakistan. They spend their money on SIEM and other kinds of security firewall, but for endpoint solutions, they say any low-budget product could easily be implemented. Most of the customers here in Pakistan like it this way.

We also implemented Kaspersky and McAfee.

We are a partner for all these products. We market these products to the end customers or the end users. We are both selling and implementing these products. We're partners with Sophos. There's a distributor in Pakistan called Softech Microsystems, and we have a silver-level partnership with them.

We've been working with Sophos since 2019.

In the financial market, however, Kaspersky is being used more than Sophos because of its credibility, integration, and extra features offered by Kaspersky. We always try to recommend Sophos as it's what we want, but sometimes, because we also carry a Kaspersky partnership, when a customer demands for Kaspersky, we have to let the customer test it and we have to give them a quote for Kaspersky. We also carry another product, e.g. McAfee, aside from Kaspersky and Sophos. Sophos UTM is a product I want to go further. I try to pitch Sophos UTM rather than Kaspersky or McAfee.

I'm giving this solution a nine out of ten.

Whenever we go for the public tenders, because there's no price flexibility, most of the time I find other products win. Although we have completed our POCs and all that, convincing customers to go with our product, but when it goes to the tenders: in the tenders they mention specification rather than mentioning a particular product, so we'll have to qualify. We qualify technically, but when it comes to the commercial opening or the financial opening, we fail.

We mainly use it for web filtration — we have a number of small websites. It's also a VPN — that's filtering, firewalling, and IPS.

Within our organization, there are roughly 250 people using Sophos UTM. Also, we have around 15 XG users.

We plan on using XG for the next few years, but we are going to stop using UTM on our main site.

I think the behavior with the zones was a little bit tricky to understand at the beginning of this project. It can be hard to manage at first, but overall, we don't have many problems with this solution.

I have been using this solution for one and a half years.

It's stable, but the reaction time of the GUI is terrible; however, in my opinion, UTM is more stable than XG.

Sometimes, It can be quite a time-consuming process to book a session with Sophos' support.

The initial setup was not straightforward because we had experience with UTM, but not with XG. It's a completely different system. 

We had it up and running within one week.

We installed it on our own.

I would recommend UTM over XG because it's easier to manage.

On a scale from one to ten, I would give XG a rating of 6. Conversely, I would give UTM a rating of nine.

We use it for antivirus.

It meets our compliance needs in an elastic computer environment.

It meets our compliance needs for antivirus.

The printed provisioning is the primary thing that needs improvement.

It is a little too CPU resource intensive, so we would like to see improvements there.

We are running about a couple hundred EC2 instances. Overall, the AWS Marketplace product should be a better fit, but it is a little pricier.

When we need technical support, we just engage the vendor, then figure out what our requirements are from there.

The integration and configuration of this product on our AWS environment is a little clunky right now.

The product is a standalone in terms of integration.

Going forward, we need to look at the provisioning pieces and the resource utilization.

The AWS version is easier to provision than the on-premise version.

• Firewalls
• Developer access
• VPN traffic
• Rerouting and routing.

I am using it to route traffic for developer access or regular traffic for my instances. I have a web application, and I control access to and from it in one of my environments.

All my needs are met at the moment.

Our policy is launch and forget. It works well without any maintenance. So far, it has worked pretty well regardless of the traffic.

The product could be simplified and made more self-explanatory.

I am stressing it quite a bit, and the stability is great. I haven't performed any maintenance on the instances in quite a while now. It works. I am happy because everything works well.

My throughput is moderate versus high throughput applications.

I am always holding a predefined number of instances, so I haven't had any issues.

I have not used the technical support.

The configuration was pretty complex on my side compared to OpenVPN. However, this might imply that Sophos has more use cases and capabilities. It depends.

I am also using OpenVPN. 

Partially, for historic reasons, things were built prior to me being able to evaluate stuff. At the moment, we are using both solutions. In terms of pricing, when I need to spin up anything small with smaller requirements, I am using the free OpenVPN instead of Sophos UTM.

Do your homework. Compare products. Use what you need depending on your needs.

We are only using the AWS version of the product.