We use Sophos UTM as an on-premise firewall.
Owner / Network Security Engineer at Texarkana IT
You can lock networks down tight with this if you know what you're doing
Pros and Cons
- "The intrusion prevention is great, and I like dual virus scanning on the network layer because we scan it through Avira and Sophos. Web filtering is also a fantastic option for clients who want to really lock down internet access."
- "When we call support, we get put on hold for a long time."
What is our primary use case?
What is most valuable?
All of Sophos UTM's features are valuable. The intrusion prevention is great, and I like dual virus scanning on the network layer because we scan it through Avira and Sophos. Web filtering is also a fantastic option for clients who want to really lock down internet access. And of course, it has the basic firewall features like port blocking and all of the stuff that most standard firewalls include.
For how long have I used the solution?
I've been using Sophos UTM for over 12 years. I started using the solution before it became Sophos. It was originally called the Astaro Security Gateway, and then Sophos acquired Astaro and renamed it Sophos UTM.
What do I think about the stability of the solution?
Very stable. Very good.
Buyer's Guide
Sophos UTM
November 2023

Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: November 2023.
745,341 professionals have used our research since 2012.
What do I think about the scalability of the solution?
I have Sophos UTM deployed for all my IT clients. There are 40 of them in the field serving about 500 users total.
How are customer service and support?
We get put on hold for a long time. Otherwise, I'm not unhappy with their support at all.
How was the initial setup?
If you have a networking background and understand how to configure it, it's very straightforward. Somebody off the street can't just come in and do it, but yeah, it's pretty straightforward.
What other advice do I have?
I would rate Sophos UTM a strong eight. I'm not giving it a ten because they're putting all their efforts into the XG model, so the UTM model will probably be phased out before long. I love the security of the XG. It's better with artificial intelligence and all of this type of stuff, and you can manage it from the Sophos Central Cloud. But Astaro ASG, now Sophos UTM, was the first unified threat management system and everybody else was copycatted it. I think its web filtering's great. If there are any security vulnerabilities, it's the fault of the administrator configuring the product, not the solution itself. You can lock networks down tight with this if you know what you're doing.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Director with 11-50 employees
Secure and stable with an easy initial setup
Pros and Cons
- "With Sophos, we have not had any incidents this year. The security provided has been good. It has proven to be okay for our needs."
- "The solution needs to do better at covering mobile devices, although they may have an integrated solution for that purpose."
What is most valuable?
During the pandemic, telework grew, however, so did attacks. There was a higher degree of ransomware and so on. With Sophos, we have not had any incidents this year. The security provided has been good. It has proven to be okay for our needs.
The initial setup is very simple.
The solution is stable.
the scalability is good.
What needs improvement?
The solution needs to do better at covering mobile devices, although they may have an integrated solution for that purpose.
I don't really know how it behaves when it comes to web server protection. We have no web servers of our own. I don't know how it behaves if we open our servers to the outside. My sense is that the degree of protection must be higher.
For how long have I used the solution?
We haven't used the solution for very long. We've been using it for less than a year at this point.
What do I think about the stability of the solution?
The stability has been good. There are no bugs or glitches. It doesn't crash or freeze. It's reliable.
What do I think about the scalability of the solution?
The scalability on offer is quite good. If a company needs to expand, it can do so.
We are not a big company. We have about 70 or so people.
How are customer service and support?
Technical support is okay. It is provided by a local company, not Sophos directly.
Which solution did I use previously and why did I switch?
Previously we did not have any integrated solutions. We had an antivirus of one kind, and a firewall of another. It was a good step for us to integrate all these features into one solution.
How was the initial setup?
The initial setup was simple and straightforward. The deployment was fast. It only took about a week or so, maybe less.
What's my experience with pricing, setup cost, and licensing?
The pricing is reasonable. Of course, the customer would always like it to be lower, however, the quality to price ratio is positive.
Which other solutions did I evaluate?
I'm also aware of Fortinet options, however, they are more expensive if you look at Fortinet vs Sophos.
What other advice do I have?
We are customers and end-users. We came into the pandemic situation needing a VPN and the one offered by the Sophos behaves quite well. From the point of view of our users, it has been a positive experience.
I don't quite know by heart the version of the solution, however, it's quite recent. It's not the newest one. I saw that the brand new one which came out this year and we don't have that.
I'd rate the solution at an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Sophos UTM
November 2023

Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: November 2023.
745,341 professionals have used our research since 2012.
IT Head at Dee Development
Very user friendly and simple to implement; easy to separate rules
Pros and Cons
- "Efficient and effective - it's easy to separate rules."
- "The classification segregation of applications lacks sufficient definition."
What is our primary use case?
I'm IT head at our company in India and we are customers of Sophos UTM.
What is most valuable?
The solution has many good features. There was a steep learning curve moving to version 18 but we're now at a point where the solution is more efficient and effective. When talking about VLANs the solution makes it easy to separate rules for everything. The solution is easy to use with simple implementation.
What needs improvement?
The application server needs to be improved because currently, the classification segregation of applications needs to be more defined. Also, we used to be able to open the firewall using LAN IPS but that's no longer possible and needs to be solved. I'd like to see an improvement in central categorizing. These days with all the applications and threats, getting everything filtered down needs to be a finer, more granular process. There are times when you find that a website seems to be legit, but there is a code running behind it that can act as a proxy or some kind of a bot. The sites are always logged on, but at times we have to open for a few clients or a few sites and in that time they're open to attack.
For how long have I used the solution?
We've been using this solution for at least six years.
What do I think about the stability of the solution?
This solution is absolutely stable.
What do I think about the scalability of the solution?
The solution is scalable; we jumped from 135 to 230 users without any problems at all.
How are customer service and support?
Technical support used to be good but it's lagging a bit now. Support staff was better trained and more efficient than they are now. It could be because of Covid but it's a bit of a challenge at the moment.
Which solution did I use previously and why did I switch?
We worked with SonicWall many years ago. We then switched to Cyberoam and then we primarily used Cisco Firepower. There were support issues with Cisco and it wasn't easy to find the KB articles and training was lacking. Even the training personnel had problems when we had issues with implementation. The same thing happened when we used Palo Alto with the support being the biggest problem. It was so unstructured and I hope that has changed in the last 12 months. When it comes to firewalls we are happy with two products; Fortinet is our preference but when you take cost into account, we prefer Sophos.
How was the initial setup?
The initial setup was relatively straightforward.
What's my experience with pricing, setup cost, and licensing?
The licensing costs for Sophos are reasonable. It's clear to me that there are no full solutions, you can't win it all, and the cost is always an issue. We're on the winning side with Sophos in that respect. We renew our license every three years.
What other advice do I have?
I rate the solution eight out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Technical Director at a security firm with 1-10 employees
Plenty of functionality, highly stable, but lacking log reports
Pros and Cons
- "Sophos SG UTM had all the basic functionality that you needed. It is user-friendly and easy to manage for any integrator."
- "There were a lot of features and functionality in Sophos SG UTM but nothing was state of the art in terms of technology. You did not get the latest functions. It was very monolithic as it was based on an old Linux PuTTY system."
What is our primary use case?
Sophos UTM is a virtual appliance used for network security.
What is most valuable?
Sophos SG UTM had all the basic functionality that you needed. It is user-friendly and easy to manage for any integrator.
What needs improvement?
There were a lot of features and functionality in Sophos SG UTM but nothing was state of the art in terms of technology. You did not get the latest functions. It was very monolithic as it was based on an old Linux PuTTY system.
Everything has changed in the newer version of the solution from the SG to the XG. It was a completely new reborn version. You are not able to migrate from SG to XG using scripts. it is very difficult because of the differences. There was not a simple migration path from one to the other.
In the Sophos SG UTM version, you cannot have any other functions. Sophos will tell you "It's a closed version. We will not have any more functions." However, in the new version, you have a lot of new functions, and every two or three months you have new features. For example, you can use Sophos Central to synchronize both strategy policies and even security, if you are equipped with Sophos antivirus on workstation and server. If your antivirus on the workstation finds a threat, your firewall will have the information of the station, what issue it had, and what other stations it communicated with.
Sophos has to enable the Intercept X or an EDR function on the firewall because for the moment, the firewall is only equipped with sandboxing or something similar. Which, is quite good but there should be something easier for the user. For example, the logs at the moment are not as simple as they are in other solutions, such as Fortinet, it is very important to have a logging tool, log reporting, or a reporting engine. We need to see logs and find information within. However, 10 years ago, we do did not care about the logs but things have changed. We need them to analyze, to have a view of some of the layers but we do not have this. They could improve by providing better log functionality and features.
For how long have I used the solution?
I have been using this solution for approximately five years.
What do I think about the stability of the solution?
For the whole life of Sophos SG UTM, it has been highly stable.
On the newer XG version, we have had a lot of small bugs on the very first version. We were having lots of small bugs on different functions and it had been a mess for a lot of integrators to make it work and to keep confidence in the XG. The XG had a lot of functions and all functions could have a lot of bugs. Even if everything is under control on one or several functions, there were some functions that had many, such as the VPN. However, in version 18 the stability was a lot better.
You rely on the stability of a firewall and if you have some bottlenecking from the communication from or to the internet. It is very difficult to be confident in Sophos and we lost some confidence in Sophos in the very earlier version.
Overall, we had more problems with the XG than with the SG version.
Which solution did I use previously and why did I switch?
I have used other Sophos solutions, such as Sophos XG UTM.
How was the initial setup?
The installation of Sophos SG UTM is very easy. There are detailed manuals that can help with the installation if you run into difficulties. There is some basic transferring training you can take that is not complicated.
It is very complicated to migrate everything you put in SG to another version. You need to redefine many aspects manually on the XG because you are not able to extract the configuration from a confidential file to import it into the XG. They are very different and will not work in the same way. It is very confusing for a new customer.
If customers want to buy the XG because it is the new version and they want to migrate through a Sophos or integrator, it will take a lot of days for engineers from SG to XG to implement because it is not the same solution anymore. It is very much similar to if you were migrating from SG to a Fortinet or to a Palo Alto firewall. You have to recreate the configurations manually on your side, with no migration paths. It is a very important point. We do not have migration paths from one to another.
What's my experience with pricing, setup cost, and licensing?
The solution is very low cost compared to competitors. You have a good firewall, a lot of functions for less than the price of some omni firewall competitors.
Which other solutions did I evaluate?
I have evaluated other solutions, such as Sophos XGS.
What other advice do I have?
There are two versions of the Sophos UTM. The old one is the SG, and the newer ones are the XG and XGS UTM, the next-generation firewalls.
Sophos UTM was a rebranded solution that was bought from the Astaro company. It was one of the first UTM and was a very stable solution. Everything was inside a small box, you could start to enable or disable some functions, such as TCP, HTTP proxy, or firewalling. It allowed you to manage everything you wanted in this Unified Threat Management solution. It was a very nice multi-functioning security tool. If you adapted to the way of working with the UTM you could do everything with it.
It was a nice solution. Sophos still allows the use of the SG UTM. For example, if you want to buy an XG Firewall, which is their new next-generation firewall, you still can purchase the older SG UTM. Sophos is able to still deliver this solution.
I rate Sophos UTM a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Information Security Senior Expert at Wafaassurance
Stable with great technical support and an easy initial setup process
Pros and Cons
- "Technical support is very responsive."
- "The integration capabilities could be better."
What is our primary use case?
We implemented the solution into our infrastructure here in the insurance company, to protect the flow between the company and its partner.
What is most valuable?
The solution is quite stable.
The scalability has been great.
The initial setup is straightforward.
Technical support is very responsive.
What needs improvement?
The integration capabilities could be better.
For how long have I used the solution?
I originally implemented the solution when it was Cyberoam. After that, we migrated to Sophos UTM. I've used the solution since 2011.
What do I think about the stability of the solution?
The solution is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze.
What do I think about the scalability of the solution?
The scalability is great. If a company needs to expand it, it can do so. It's not a problem.
We currently have 800 people using the solution.
How are customer service and technical support?
We do pay for Sophos' support and we find them to be quite helpful and responsive. We're satisfied with the level of assistance we receive.
Which solution did I use previously and why did I switch?
We have used other solutions. We have various levels of firewalls.
How was the initial setup?
The implementation process is straightforward. It's not overly difficult. A company shouldn't have any issues with the process.
It's a good idea if you are migrating from another solution, to do a review of security policy. That way, you can better optimize for security when you set everything up.
We have a team of six that can handle implementation and maintenance duties. We have two managers. One covers organizational security and the other cover operational security.
What's my experience with pricing, setup cost, and licensing?
We do pay extra for Sophos support services.
The license is easy to acquire and implement.
Which other solutions did I evaluate?
I'm currently performing a benchmarking of the other solutions against Sophos.
What other advice do I have?
We're a custoer and an end-user.
When Cyberoam was acquired by Sophos, we migrated to the new hardware and new solution in Sophos.
We've been very happy with its capabilities. We would rate the solution at a nine out of ten.
I'd recommend, if a company sincerely wants to try out Sophos, that they test everything before implementation. It will help them understand what the solution can do and how to implement it into their infrastructure.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Manager at a consultancy with 51-200 employees
Stable with good documentation and fair pricing
Pros and Cons
- "The cost of the solution is very reasonable."
- "The initial setup may be difficult for those not familiar with the product."
What is our primary use case?
We primarily used the solution to replace Cyberoam. For a client recently, we replaced their old SD device with the latest version, XG 210.
What is most valuable?
At the moment we have deployed the web filtering application as they have their own web servers and their email protection. The web filtering is great. At the moment, we haven't heard any negative feedback from the client.
There is plenty of documentation that can help you check scenarios or different situations that might you have.
The stability is great.
The cost of the solution is very reasonable.
What needs improvement?
I can't recall dealing with any missing features.
Lately, I've dealt more with Fortinet, and haven't focused too much on Sophos.
The initial setup may be difficult for those not familiar with the product.
For how long have I used the solution?
If I recall correctly, I've been dealing with the solution for about five or so years. It's been a while at this point.
What do I think about the stability of the solution?
The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable.
What do I think about the scalability of the solution?
We are actually in the process of discussing scaling with a client. We're working on the business planning aspect right now. We're looking at opportunities on how to protect their network, besides just the webserver and the email servers.
How are customer service and technical support?
I haven't made any request for technical support previously. That is due to the fact that even the local authorized distributor here in the Philippines is very helpful in deploying and configuring the product. Therefore, we have no need to contact Sophos directly.
There's also lots of documentation to reference.
Which solution did I use previously and why did I switch?
Recently, I've used a lot of Fortinet products.
How was the initial setup?
Although I hadn't done a setup in a while, I quickly recalled the steps taken. If you've handled a setup before, you're likely to find the implementation process rather straightforward. I found I was able to adapt quickly and figure out the necessary configurations.
What's my experience with pricing, setup cost, and licensing?
In terms of licensing, here in the Philippines, we just pay on a yearly basis. The renewal is up for this year in Q3. We are talking now with the distributor where we purchased the hardware for a possible renewal with the client.
Overall, they provide very reasonable pricing.
What other advice do I have?
My company is a reseller of Sophos.
I haven't deployed one of their latest solutions yet. We just had a recent project for a basic firewall, and they were actually 210. That's the last project I had with Sophos.
We are in the process of taking up certification exams for Sophos.
I definitely recommend Sophos. It's one of our top products in the company.
I'd rate the solution at a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
System Analyst at Abbey Mortgage Bank
Good protection, scalable, easy to setup, and it has good local vendor support
Pros and Cons
- "The most valuable feature is ransomware protection."
- "I think that additional metrics features are needed to be able to monitor other areas or to monitor as much as you can, at a fine-grain resolution."
What is our primary use case?
I use this solution for my severs.
How has it helped my organization?
At some point in time, it seemed to be ravaging organizations around us and we couldn't definitely outrightly isolate ourselves from it. While we were attacked, I want to believe that it was solely because there was that in addition to the fact that there are triggers.
We also know very well that Sophos is proactive in monitoring and protecting against malware and brute-force attacks.
It's one of the things that it is quite good for.
What is most valuable?
The most valuable feature is ransomware protection. It is known for ransomware protection.
In terms of additional features, I'm still getting to understand more about how it works.
What needs improvement?
I'm still exploring the features and I haven't used them in totality.
I think that additional metrics features are needed to be able to monitor other areas or to monitor as much as you can, at a fine-grain resolution. This would be good. Somewhat similar to what Darktrace can do.
Proactively understand and using AI intelligence to monitor and see activities that are away from the norm and then proactively see how they can either isolate the quarantine system and inject it back into the system upon validation.
They could explore most of the products in Symantec's and Fresh Services and run from the same file to see what additional feature one is offering.
I would also like it if they could work on the price because it is expensive.
For how long have I used the solution?
I have been using Sophos UTM for approximately three years.
What do I think about the stability of the solution?
I understand that it's had a couple of releases too frequently but I want to believe that it's relatively stable.
I still believe that in terms of stability, Symantec is better, so this can be improved.
What do I think about the scalability of the solution?
Sophos UTM is quite scalable.
How are customer service and technical support?
I haven't had any reason to contact support directly because I have MacBytes, which happens to be a local vendor that we have been using. It's been pretty good.
They are very good at supporting us technically when the need arises.
Which solution did I use previously and why did I switch?
I am currently using Symantec for my own workstations and I use Sophos for my server Endpoint protection.
How was the initial setup?
The initial setup is relatively straightforward.
What's my experience with pricing, setup cost, and licensing?
The prices can be better, they could make it a lot cheaper.
What other advice do I have?
You are on the right track with Sophos UTM, but you should keep up with the trends as they become available.
I would rate Sophos UTM a nine out of ten.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
IT Manager at Cartlis
Stable with an easy initial implementation and a very nice user interface
Pros and Cons
- "The stability, overall, is excellent. I haven't had a problem in the last two years."
- "It would be nice if it had basic features, such as DLP (Data Loss Prevention)."
What is most valuable?
The solution's user interface is very user-friendly. It's very easy to navigate.
They have an all-in-one product for small businesses. Basically, I do not want to manage the firewall for four products. I'll take it all in one. It makes everything easier to manage.
It's really good and it's been working really well over the last few years.
The initial setup has been very simple and straightforward.
The stability, overall, is excellent. I haven't had a problem in the last two years.
What needs improvement?
It is a fine product, however, I need more endpoint protection.
They should release a license for more than 50 IPs. As of now I have had some discussion about with management, and we need to do some planning and around that to see if we can change things.
The pricing is too high. There are other options that are less expensive, such as Bitdefender. In fact, Bitdefender is very good, aside from lacking a firewall such as this. Beyond that, it's a very good product with central management on-premises.
It would be nice if it had basic features, such as DLP (Data Loss Prevention).
For how long have I used the solution?
I've only been using the solution for about two years or so at this point.
What do I think about the stability of the solution?
The stability has been excellent. It doesn't crash or freeze. There are no bugs or glitches. It's very good and very reliable.
What do I think about the scalability of the solution?
This solution is perfect for small businesses.
How are customer service and technical support?
I don't have too much experience with technical support. I only recall one case where I had to contact them directly. I recall them being very helpful and responsive. I had a good experience and was satisfied with their level of service.
Which solution did I use previously and why did I switch?
The solution is being discontinued. Hopefully, whatever they replace it with will be very good for small businesses as well.
How was the initial setup?
The initial setup was not complex. It was very simple and very straightforward. It was not difficult at all. A company shouldn't have any trouble with the process. Specifically, if you have experience in IT, you will find it very easy to deploy these products.
What other advice do I have?
I am a Sophos customer.
I'm using UTM for home use only. It's only four 50 IPS.
I'd rate the solution at a ten out of ten. Overall, it's worked really really well. Everything from the updates to the signatures has been very helpful for our business.
I would recommend this product to other users and other organizations.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Technical Manager at Digital World
Easy to install, scalable, and stable
Pros and Cons
- "It's a stable solution."
- "We need to speed up the support."
What is our primary use case?
We use this solution as a firewall, for DCP filtering, applications, and training.
What needs improvement?
We need to speed up the support.
For how long have I used the solution?
We have been using this solution for three years.
What do I think about the stability of the solution?
It's a stable solution.
What do I think about the scalability of the solution?
It is a scalable solution but the only disadvantage is that when we use a proxy, we can bypass Sophos.
We have 50 customers. The maximum number of users in one device is approximately 4,000. It's a large network.
How are customer service and technical support?
The support is okay, but it takes time to connect to the support team.
How was the initial setup?
It is easy to install.
We only require one engineer to deploy and maintain this solution.
What's my experience with pricing, setup cost, and licensing?
The appliance should be purchased and there is a fee for the license.
There is an option for a yearly licensing fee or for three years.
What other advice do I have?
We recommend this solution. We complete between 20 and 30 installations per month.
I would rate Sophos UTM a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Science Technician at a government with 201-500 employees
Simple to use, good technical support, but not scalable
Pros and Cons
- "What I like about the solution is the ease of use."
- "The solution is not scalable."
What is our primary use case?
The primary use of the solution is to create a firewall, web filters, and load balance. We also use it as an IPS.
What is most valuable?
What I like about the solution is the ease of use.
What needs improvement?
In the next release, the solution should contain an administration security user to access the interface.
For how long have I used the solution?
I have used the solution for one year.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
The solution is not scalable. In my organization, we have approximately 500 employees using it.
How are customer service and technical support?
The technical support of the solution is good.
How was the initial setup?
The installation of the solution is easy. It can be finalized in approximately five hours.
What about the implementation team?
The deployment of the solution was completed by a consultant. We have three technicians and two administrators that oversee the solution.
What's my experience with pricing, setup cost, and licensing?
It is necessary to pay for a licence to use the solution, but it is not very expensive.
What other advice do I have?
I will continue to use and recommend the solution.
I rate Sophos UTM a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network Administrator at a manufacturing company with 51-200 employees
Great web and email filtering with reasonable pricing
Pros and Cons
- "We've found the technical support to be helpful."
- "The ease of use could be a bit better."
What is our primary use case?
We primarily use the solution for a number of use cases, including the firewall, web filtering, email filtering, and email encryption. UTM does it all. The only thing that we don't use it for is web application and protection. We don't really have any web servers in-house.
What is most valuable?
The web and email filtering are the two biggest and most valuable aspects of the solution for us.
The solution overall has just been a good, cost-effective solution for us.
The solution offers a lot of functionality.
The solution scales well.
We've found the technical support to be helpful.
The stability and performance are quite good.
What needs improvement?
The ease of use could be a bit better. It's something they could work on.
The ease of configuration could be improved. It's not as simple as it could be just yet. However, it's kind of the nature of it.
They're kind of difficult to get set up sometimes.
Some of the detail in the web filter and the email filtering could be better outlined in the reporting. It is not as good as the two separate standalone solutions we used previously. However, it does also gives us a lot of other stuff that those two solutions didn't. It's a trade-off.
For how long have I used the solution?
I've been using the solution for the last five years at this point.
What do I think about the stability of the solution?
The stability and performance are good. The solution is reliable. There are no bugs or glitches. It doesn't crash or freeze. It's good.
What do I think about the scalability of the solution?
We've been using the same hardware for five years and it's always had a very good performance. I would say it scales pretty well. We have around 80 users on the solution currently. We've had double that. Actually, until COVID hit, we did have double that, as of a year ago.
How are customer service and technical support?
We've been very happy with Sophos, despite the fact that most of their support is based out of Europe. When you get them on the phone, they're actually very good. Their support is very good. We've been happy with them, and have no concerns about renewing the maintenance.
Which solution did I use previously and why did I switch?
We currently use a few Cusco solutions. We had a SurfControl web filter previously - a standalone server for that. We also had an email filtering package, that was on a separate server by itself. We found that the Sophos UTM did both of those things, and it gave us a firewall, and it saved us money. That's largely why we switched. The downside to Sophos is the reporting wasn't as good, however, everything else was better.
There was nothing wrong with the other solutions that we had other than it would cost us twice as much money to get a lot fewer capabilities. We don't really have the manpower to fully utilize those other solutions in great detail, which is why a simple web filter and email filter that was built into the Sophos solution worked for us. Plus, it does a lot more than that. We could run everything through it. We could - and we may do this - move away from using the Cisco solutions altogether, and just use the two Sophos firewalls. Once we get the XG up and running, we can upgrade the UTM to XG also and have the two XG firewalls in our two locations, and use it for the LAN connection between the locations. I don't know that we'll do that, however, it's definitely something that we can do. It's just a lot of additional capability and flexibility.
How was the initial setup?
While the configuration can sometimes be tricky, it was pretty much straightforward to initially set everything up. It helped that we had paid support through Sophos, so their technicians helped us get it up and running.
The deployment took a couple of weeks in total. It wasn't too big of a deal.
We don't really have any staff dedicated to deployment and maintenance. I tend to handle those aspects myself.
I've watched a few webinars, even on implementation, and it's just that a lot of the stuff is really different. You need to work on it a bit to get the hang of everything.
What about the implementation team?
We had Sophos directly assist us. They were great at helping us implement everything. We physically got it in place, and then got it up and running, and then finished it off with some assistance from Sophos.
What's my experience with pricing, setup cost, and licensing?
We've found the solution to be cost-effective overall.
Normally we do a three-year license with maintenance on a firewall.
Beyond the standard maintenance fee, the solution doesn't require any other licensing costs.
What other advice do I have?
We are a manufacturing company. We're not a technology company. We don't need to have the very latest state-of-the-art technology, however, we want to try to be close to it. For us, Sophos is perfect.
We also plan to use Sophos XG, however, we haven't implemented it yet. We're hoping it might be easier to configure and set up than UTM.
Our antivirus, actually, was the antivirus that was managed by the UTM. Now they've since retired that capability, and they've gone to endpoint security software being managed in the cloud. Sophos Central can manage all of the Sophos security products, including all the firewalls, the endpoint security. Basically, you end up with one web interface for all of your security stuff. That's actually going to be a big feature, especially moving forward with XG, due to the fact that, if XG detects anything fishy going on, you can shut down individual client networks, and not allow any traffic to go through.
Our Exchange ActiveSync is actually behind a Cisco firewall. We have a Cisco ASA also.
We use the latest version of the solution.
I'd rate the solution at an eight out of ten. We've largely been satisfied with the product.
As a company, you're looking to get the best solution out there. Once you have something in place, and it's worked well for you, and it hasn't cost you any excess money, you don't need to have too much contact with anyone. I rarely contact Sophos. That's a good indication of how good the product is working for us. If I was looking for something new, or if when maintenance comes up, and we've had hardware that's been in operation for a while, maybe we just need something new. Then you look and see if there's something out there that works better for you. That's basically it. We're not looking for anything new. We've actually been very happy with Sophos. I liked the way that there's a lot of good stuff there.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Manager at New Outlook Group
A great network security package with everything you need in a single modular appliance
Pros and Cons
- "Sophos is a unified solution. We have anti-virus protection, firewall rules, knotting, and DACC all in one box."
What is most valuable?
Sophos is a unified solution. We have anti-virus protection, firewall rules, knotting, and DACC all in one box. With Fortinet, everything is separate with multiple devices and solutions.
What needs improvement?
We are very happy with Sophos. I can't think of any pressing issues that need to be addressed.
For how long have I used the solution?
We have been using this solution for roughly five to six years.
What do I think about the stability of the solution?
Both the stability and scalability are great.
How are customer service and technical support?
We don't need to contact their technical support. We have our own skilled team of IT experts.
How was the initial setup?
The initial setup is very simple.
What's my experience with pricing, setup cost, and licensing?
I think the pricing of Sophos is very fair.
What other advice do I have?
Sophos is good for small and mid-sized organizations. Big companies need solutions with layered security.
Overall, on a scale from one to ten, I would give Sophos a rating of eight.
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Senior Network Engineer at a computer software company with 11-50 employees
Simple to set up, comprehensive, free for home users, and there is lots of support available online
Pros and Cons
- "Sophos UTM is the simplest of these products to setup."
- "The logs are not clear, which means that you need an additional piece of software in order to read them clearly."
What is our primary use case?
We are a solution provider and I am the architect of solutions that employ Sophos UTM.
How has it helped my organization?
Sophos was one of the first firewall products that were free, so you can install it at home and test it. Then when you have the experience, you can recommend it to customers.
What is most valuable?
Sophos UTM is the simplest of these products to setup. If you follow the instructions using the wizard, which is just a few steps, then you will have a firewall to protect you and your customer.
What needs improvement?
Sophos UTM is sensitive when it comes to setting up the SSL VPN, with the certificate.
The bandwidth speeds are limited, although this could be because they're doing web filtering. They need to have the time to filter all of the traffic.
The logs are not clear, which means that you need an additional piece of software in order to read them clearly. This is the main issue with Sophos UTM. Essentially, you need to spend time looking through the logs and if you want quicker access then you need to have third-party software.
For how long have I used the solution?
I have been working with Sophos UTM for eight years.
What do I think about the stability of the solution?
This is a stable product. In my experience, I have only seen one case where, after four years, a customer's UTM was completely dead. The motherboard just died.
This customer had a license, so they contacted Sophos and within one week, they had a replacement.
What do I think about the scalability of the solution?
It is easy to scale. You can set up a failover with a second Sophos device, where the second one is available as a backup. You have the option to set up Sophos Lite, which is a small device from Sophos that can link with your main unit.
For example, if you have remote offices, you can have the main Sophos device in your main office, and then all the branch offices connected using the lite model. All of the traffic goes to your main site, and it will provide all the web filtering.
How are customer service and technical support?
The quality of technical support depends on who answers the call. When you reach the proper support person, they are really good and know what they're doing.
There is a lot of information available online, partly because Sophos is the old Cyberoam. Most of the time, I try to solve problems by myself. However, if I can't, I contact Sophos.
How was the initial setup?
I am a certified Sophos architect, so I help to create the solution.
I have never had any trouble setting it up. There are some things that you have to do from the command line, but that's how Sophos and other products work. It is the same with Meraki and FortiGate.
For the most part, it's straightforward and you just follow the wizard. The questions regard your internet connection, what service you expect Sophos to provide, and of course, the main one is the license because, for home users, it is free.
What's my experience with pricing, setup cost, and licensing?
This product is free for home users. There is a limitation to the number of devices that can be connected, but nobody expects at home that there will be more than 50 devices connected to the firewall.
For business users, if you have the proper license, it will provide full protection not only as a firewall, but will protect your web server, Exchange Server, network, and provider web filtering capabilities. These days, that is really important. You don't want somebody to get in, or when a user clicks a link, they could lose some information.
The more expensive products have better performance. If you have fast broadband then you will need a bigger device, otherwise, it will slightly reduce the speed of your throughput. For example, if you have a gigabit connection with the cheapest model, perhaps a UTM 320, then it will cut the speed by approximately 50% to 500 megabits.
Which other solutions did I evaluate?
We sell the Meraki MX solution to protect some of our customers, and we are resellers of FortiGate as well.
Sophos is easier to set up than Meraki.
When it comes to reading the logs of other devices, it is much easier with Meraki, FortiGate, or even the Sophos XG firewall.
At the moment, all of the firewalls on the market are doing the same thing. Once you buy the license, it will cover everything.
What other advice do I have?
Sophos UTM is a comprehensive product that does the job that it should. They have another product now, called the XG firewall, that covers everything that UTM does not. The best part about this is that you can run the XG firewall on the same hardware where UTM is installed. This means that if you're thinking that Sophos UTM is not good for you, you can always migrate to the XG firewall. That said, I have never had a problem setting up UTM and can't think of a problem that I couldn't solve with it.
Overall, UTM is good, but if you want something better that can handle more complex rules then you can use the XG firewall. My only complaint is that they limit the bandwidth, depending on the model.
The suitability of this product depends on the customer's needs. If they don't need really complicated firewall rules, yet want to protect the network and want really good web filtering, then I recommend using Meraki. If on the other hand, they have a really complicated setup and want better filtering, then Sophos is the better option.
Also, if you have your own web server or mail server on-site, then I recommend Sophos. If instead, you have a normal office network with mail stored in the cloud, then I recommend Meraki.
I would rate this solution a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
IT Director at a manufacturing company with 201-500 employees
Good firewall applications, easy to setup, responsive technical support
Pros and Cons
- "The most valuable features of this solution are the firewall application and application control."
- "Monitoring and reporting are areas that need improvement."
- "Monitoring and reporting are areas that need improvement."
What is most valuable?
The most valuable features of this solution are the firewall application and application control.
What needs improvement?
Monitoring and reporting are areas that need improvement.
For how long have I used the solution?
I have been using Sophos UTM for five years.
What do I think about the stability of the solution?
It's a stable solution for 90% of the time.
There are some things that are not quite 100% and it could be improved.
How are customer service and technical support?
Technical support is very responsive.
How was the initial setup?
The initial setup was straightforward.
What's my experience with pricing, setup cost, and licensing?
It's reasonably priced.
What other advice do I have?
This is a good product but there is always room for improvement.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior IT Specialist at Shabana Group
Stable with good technical support, but the web filtering should be improved
Pros and Cons
- "This is a very stable product."
- "Anti-phishing functionality should be improved."
What is our primary use case?
We use Sophos UTM to protect our infrastructure.
What needs improvement?
There are things missing when it comes to policies.
The web filtering capability should be improved.
Anti-phishing functionality should be improved.
For how long have I used the solution?
We have been using Sophos Unified Threat Management (UTM) for two years.
What do I think about the stability of the solution?
This is a very stable product.
What do I think about the scalability of the solution?
Scaling this solution works fine.
How was the initial setup?
The initial setup is complex.
What's my experience with pricing, setup cost, and licensing?
Our licensing fees are paid on a monthly basis.
What other advice do I have?
Overall, this product is very good and I recommend it for other users.
I would rate this solution a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
President at a tech vendor with 1-10 employees
Very good basic firewall functions with advanced firewall scanning
Pros and Cons
- "Good basic firewall functions with advanced firewall scanning."
- "Updates come out agonizingly slowly, a trickle."
What is our primary use case?
We use this solution ourselves and we also deploy to our clients. It is a capable, general-purpose firewall with VPN tunneling built in, and a lot of web features if you're hosting a website. We are resellers of Sophos and I'm a partner in our company.
How has it helped my organization?
We haven't changed our procedures as a result of using this product but maybe the flip side is the case. We haven't had to change our procedure because we have this great tool that keeps the bad guys away.
What is most valuable?
I would say the email for sure and the basic firewall functions are great features. It also has advanced firewall scanning. If you receive a file, you can have it scanned through Sophos. It's a really complete product.
What needs improvement?
Sophos has a very small crew of people who continue to work on enhancing the UTM. At some point, they had actually stopped enhancing it and the word on the street was that they weren't going to enhance it any more because everybody was going to go over to XG, but they found that 50% of their users were still on the UTM and that was five years after they'd come out with the XG line. They decided they were going to rebuild some core parts of XG, and that would take a while. It's been six years and they're still not there. The updates come out agonizingly slowly. They just trickle out and when there's a problem with an update it takes a while to sort out. It's still a viable product but the more they improve XG, the less you have a need to stick with SG.
For how long have I used the solution?
I've been using this solution for 15 years.
What do I think about the stability of the solution?
There are some legacy things that were probably fine back in the day when it was invented in Germany, things like the IPS, the Intrusion Protection engine. It's terrific and it works really well, but it can be a little bit slow. Because of the way that some pieces are built, for example the core for the IPS runs on only core, even if you have a multi-core CPU. 15 years ago that wasn't a big deal because your weak link was going to be your computer. But nowadays, you could have a fast enough computer if they could just let it work with multi-cores. They clearly aren't interested in rewriting large portions of the code because they're going to the XG so all they do is fix it or maybe add a feature that's in the marketplace. Over time, they've been adding more ways to do a VPN tunnel but some things they need haven't been added because it would require a big rewrite and they don't want to go there.
What do I think about the scalability of the solution?
The scalability has worked great for us. Everyone in our company uses it even though some may not know that they're using it. One of our larger clients, with a super computing center and some of the fastest computers in the world, use Sophos, so I would say that it does the job.
How are customer service and technical support?
Technical support have been very good. They are very knowledgeable but it can take too long to make contact. They're great once you do get hold of them. They've solved every problem we've had.
Which solution did I use previously and why did I switch?
We've tried numerous other solutions. Cisco, and some of the other major ones that were out there, but once we started using this, it was so much better in so many ways, we just dumped all the others.
How was the initial setup?
The initial setup is pretty straightforward. They have a template which takes you through and asks what you want protected. There's still a lot to do after that because there are variations which require more work. For example, if I have clients who need to block certain email addresses, I have to go through and set those up. If I need to allow conversations which require specific ports open in order to get to a particular business or credit card processing, that has to be set up. There is a lot of HIPAA detail in it and it also has credit card compliance things which require a manual set up. The setup requires a knowledge base.
What's my experience with pricing, setup cost, and licensing?
The solution is 100% free. You can just download the software for up to 50 IP addresses. It is a hundred percent free. Throw it on your own machine. Right, it's a native Linux product, a hardened Linux product and it's free for that sort of user.
What other advice do I have?
The solution has email firewall built in with all sorts of functionality, it is an absolutely excellent firewall, the logging is really good, you get great information about what's going on. It does things like GeoIP tracking and you can make decisions based on where people are coming from. It's just really a complete firewall. I would say if you're just starting right now, get the XG. Not that the UPM isn't outstanding, but it's disappearing. You might as well learn the XG. The product still works really well, although it's getting a bit long in the tooth. The sooner that they come out with the XG that can do everything that the UTM does, the faster the rest of the world will make the jump.
I would rate this solution an eight out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Digital Transformation and Technological Innovation Manager at a educational organization with 501-1,000 employees
Easy to manage with good content filtering and an easy initial setup
Pros and Cons
- "The initial setup is pretty easy."
- "There needs to be some improvement in the IPsec VPN. There is implementation only support. I have version one. I'd be most interested in having IP version two from the protocol."
What is our primary use case?
We primarily use the solution for perimeter security in order to protect content. We also use it for the XG firewall.
What is most valuable?
The content filtering is the solution's most valuable aspect.
The initial setup is pretty easy.
The solution is pretty easy to manage.
What needs improvement?
There needs to be some improvement in the IPsec VPN. There is implementation only support. I have version one. I'd be most interested in having IP version two from the protocol.
For how long have I used the solution?
I've been using the solution for about five years or so at this point.
What do I think about the stability of the solution?
The stability of the product is quite good. We haven't had any issues with bugs or glitches. It doesn't crash or freeze on us. We trust its reliability.
What do I think about the scalability of the solution?
We don't really have scalability in mind right now. I need proof of all that. It's a single device that we have.
We don't plan on increasing usage with this device. In fact, we're considering a switch to Sophos XG.
How are customer service and technical support?
We've never directly worked with Sophos' technical support. We've always dealt with the Sophos partners.
We also don't really have any experience with online community support or documentation.
Which solution did I use previously and why did I switch?
I previously worked with Microsoft BMG. At the time we switched, Sophos was the better option. We needed a solution that was easy to manage and Sophos fit the bill in that sense. Microsoft didn't really offer any support. Sophos also was integrated with a directory and a single sign-on.
We're actually looking at switching to Sophos XG in the near future. The main difference between the two lines of Sophos products is the level of support provided. XG offers more of what we need. We may also eventually move to a Huawei firewall.
How was the initial setup?
The initial implementation is not complex. We found it to be very straightforward. It was easy.
The deployment took approximately one week. It didn't take too long.
We had two people on staff that handle deployment and maintenance.
What about the implementation team?
We had a consultant help us manage the implementation. hey were very good and quite knowledgable. We were satisfied with the assistance they provided to our team.
What's my experience with pricing, setup cost, and licensing?
We pay for the service on a yearly basis. The last time we paid was in June, for a year. At the time, it was about $20,000.
There are no costs above a standard licensing fee.
What other advice do I have?
We're just customers. We don't have a business relationship with Sophos.
I can't remember the exact version of the solution I am currently using, however, I believe it to be around version 9.
It's a good product, and I would recommend it, however, I would advise other potential users to instead maybe consider Sophos XG.
Overall, I would rate the solution at an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cyber Security Officer at Grupo Vision
Has good quality and functionality
Pros and Cons
- "The most valuable feature is the price. I've been requesting prices all over these years between different solutions like Fortinet, Palo Alto, and Check Point and Sophos has been the cheapest and the best of all of them that I have tried. I have been working with Fortinet, it's a fact that the price is surprisingly better."
- "Sophos should improve its ability to check something like bandwidth consumption for users or something more real-time."
What is our primary use case?
Our primary use cases include:
- Remote SSL connection
- Web-filtering
- Web server protection
- WAF application.
- Firewall rules
How has it helped my organization?
We have securely deploy systems accesible only behind encrypted ssl vpn and all user can access without the risk of data exposure.
What is most valuable?
The most valuable feature is the price. I've been requesting prices all over these years between different solutions like Fortinet, Palo Alto, and Check Point and Sophos has been the cheapest and the best of all of them that I have tried. I have been working with Fortinet, it's a fact that the sophos price is surprisingly better.
I have also worked with Check Point and it's not far enough from what Sophos can do. In terms of quality and functionality, Sophos is very useful and better than the competition.
What needs improvement?
Sophos should improve its ability to check something like bandwidth consumption for users or something more real-time.
real time trafic graph most show specific info from user, ip and bandwith, in my personal opinion i have seen better traffic graphs in open source firewalls.
For how long have I used the solution?
I have been using Sophos UTM for six years.
What do I think about the stability of the solution?
It's very stable. In all the time I have been using it, I haven't seen it fail or gets stuck.
What do I think about the scalability of the solution?
Scalability is not a complex issue and is something you can do within 20 minutes. I've been managing three UTMs, one with 50 users, another one with around 150, and the biggest one has 3,000 users.
Which solution did I use previously and why did I switch?
i used PFSense, the capabilities of UTM sophos y very much higher and powerfull.
How was the initial setup?
The initial setup was straightforward. It depends on the rules, but a basic setup can take up to seven to 15 minutes max.
What about the implementation team?
What was our ROI?
Based on cost compare with other vendor who bill per license and OTP users, the ROI have been set as far as 6 moths.
What's my experience with pricing, setup cost, and licensing?
SOphos is the best alternative in features, specifications and lower price.
Which other solutions did I evaluate?
yes i did, Fortinet, Checkpoint, Palo Alto, Meraki.
What other advice do I have?
It's a good solution, I would say to go for it.
I would rate Sophos UTM a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Presales & Implementation Engineer at a tech services company with 11-50 employees
Offers good threat monitoring features
Pros and Cons
- "It is a very good product. The threat monitoring process is the most valuable feature."
- "Sophos should be more user-friendly, have more dashboards, and an easier implementation."
What is most valuable?
It is a very good product. The threat monitoring process is the most valuable feature.
What needs improvement?
Sophos is good for endpoint security but Trend Micro is better than Sophos. APEX is better than Sophos because it has a friendly, usable dashboard, and the implementation is very easy.
Sophos should be more user-friendly, have more dashboards, and an easier implementation.
What's my experience with pricing, setup cost, and licensing?
It is the cheapest product available. It's good if you have a low budget.
What other advice do I have?
I would rate Sophos UTM a ten out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior System Engineer at a real estate/law firm with 51-200 employees
Easy to manage but five-factor authentication needs improvement
Pros and Cons
- "It is easy to manage."
- "The five-factor authentication needs improvement."
What is our primary use case?
We use it for email security, malware protection, IPS, and filtering.
What is most valuable?
It is easy to manage.
What needs improvement?
The five-factor authentication needs improvement.
It needs central management.
For how long have I used the solution?
I have been using Sophos UTM for a few years.
What do I think about the stability of the solution?
It is stable.
What do I think about the scalability of the solution?
We have around 400 users.
How are customer service and technical support?
We offer certified support.
How was the initial setup?
The initial setup was straightforward. We had a problem with the multi-factor authentication.
What other advice do I have?
I would recommend Sophos, it is easy besides for the five-factor authentication. It is good for my needs.
I would rate it a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
System Administrator Server and Networks at a manufacturing company with 201-500 employees
Provides all of the network security you need in a single modular appliance
Pros and Cons
- "I would recommend UTM over XG because it's easier to manage."
- "It's stable, but the reaction time of the GUI is terrible."
What is our primary use case?
We mainly use it for web filtration — we have a number of small websites. It's also a VPN — that's filtering, firewalling, and IPS.
Within our organization, there are roughly 250 people using Sophos UTM. Also, we have around 15 XG users.
We plan on using XG for the next few years, but we are going to stop using UTM on our main site.
What needs improvement?
I think the behavior with the zones was a little bit tricky to understand at the beginning of this project. It can be hard to manage at first, but overall, we don't have many problems with this solution.
For how long have I used the solution?
I have been using this solution for one and a half years.
What do I think about the stability of the solution?
It's stable, but the reaction time of the GUI is terrible; however, in my opinion, UTM is more stable than XG.
How are customer service and technical support?
Sometimes, It can be quite a time-consuming process to book a session with Sophos' support.
How was the initial setup?
The initial setup was not straightforward because we had experience with UTM, but not with XG. It's a completely different system.
We had it up and running within one week.
What about the implementation team?
We installed it on our own.
What other advice do I have?
I would recommend UTM over XG because it's easier to manage.
On a scale from one to ten, I would give XG a rating of 6. Conversely, I would give UTM a rating of nine.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Architect at a consultancy with 11-50 employees
Feature rich and provides good security for SMB
Pros and Cons
- "We find all of the features valuable because together they fit the needs of our customers."
- "We would like to have unique viewable IDs for rules and in the packet filter logfile, for easier debugging of old log files."
What is our primary use case?
We primarily use this solution for:
- VLAN separated network
- Proxy / SSL-Interception
- VPN (IPsec and SSL)
- Reverse Proxy / Webserver Security
- Email Security / Mail gateway
- HA (Hot-Standby)
- IPS / ATP
How has it helped my organization?
This is a very good security solution for SMB, so this solution is a good fit for many of our customers.
What is most valuable?
We find all of the features valuable because together they fit the needs of our customers.
What needs improvement?
We would be happy with fewer new features over the same time, but with more stable updates!
We would like to have unique viewable IDs for rules and in the packet filter logfile, for easier debugging of old log files.
Sophos UTM shouldn't die.
For how long have I used the solution?
I have been using this solution for fifteen years.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Network & Hardware Administrator at Nile Projects & Trading Co.
Creates secure IPsec and SSL VPN high availability connections between head office and branches
Pros and Cons
- "It allows me to easily connect with more than forty-five remote sites and more than fifty remote users between IPsec and SSL VPN, applying the web filter and application filter to ensure a secure connection."
- "I would like to see the SD-WAN feature improved."
What is our primary use case?
We use this solution for IPsec & site-to-site SSL VPN.
My environment involves connecting all of our branches with the head office through one Sophos XG 210 device. This is done using IPsec and SSL VPN, after which we apply a web filter, as well as an application filter to ensure that we are getting a secure connection.
How has it helped my organization?
It allows me to easily connect with more than forty-five remote sites and more than fifty remote users between IPsec and SSL VPN, applying the web filter and application filter to ensure a secure connection.
This solution also gives me varieties of VPN policies for good data encryption.
What is most valuable?
The most valuable features of this solution are:
- High Availability between IPsec site tunnels provides a valid continuous connection and ensures we have no downtime affecting our business.
- Log Viewer allows me to monitor all incoming and outgoing traffic, as well as view and block vulnerabilities.
What needs improvement?
I would like to see the SD-WAN feature improved. I want to manage many lines and load-balance them, getting high availability by making SLA tests according to:
- Check interval.
- Failures before inactive.
- Restore link after.
- SD-WAN Rules to control bandwidth, download and upload stream.
For how long have I used the solution?
We have been using this solution for more than four years.
Which solution did I use previously and why did I switch?
I switched to Sophos as it is more reliable.
What's my experience with pricing, setup cost, and licensing?
This solution is less expensive than FortiGate.
Which other solutions did I evaluate?
We did not evaluate other solutions prior to choosing this one.
Disclosure: My company has a business relationship with this vendor other than being a customer: Sophos XG
Owner at Robert Obrinsky Industries, LLC
A powerful and flexible user interface makes remote client support easy
Pros and Cons
- "Configuration troubleshooting is eased by the use of the color-coded, live firewall log."
- "Support for IKEv2 is needed in this solution."
What is our primary use case?
I use this solution in both the home and office, and I am also a reseller of the product. It is used for Unified Threat Management for SMB to Mid-Size companies. It provides VPN solutions for our clients, and it has the absolute best UI in the industry.
How has it helped my organization?
This solution makes remote support of clients extremely easy and flexible. Modifications can be made in minutes. New definitions of network objects, users, groups, etc. can be made from anywhere in the UI.
What is most valuable?
The most valuable feature is the user interface, which is flexible, powerful, and easy to understand. Configuration troubleshooting is eased by the use of the color-coded, live firewall log. Live logs for most features are also available.
What needs improvement?
Support for IKEv2 is needed in this solution. But, the handwriting is on the wall that Sophos will probably stop development in favor of their XG Firewall. No timeframe on that yet though.
Which solution did I use previously and why did I switch?
We have been using this solution since it was the Astaro Security Gateway (/products/sophos-utm-reviews ).
Disclosure: My company has a business relationship with this vendor other than being a customer: I am a reseller of this product, and I also use it in my home and office. It is by far the best firewall/UTM solution I have tested or worked with in my career.
CEO at NG
Offers secure and Scalable Firewall Security
Pros and Cons
- "The features that I've known to be most valuable are both the web security features as well as the web firewall capabilities. As a partner of Sophos firewall, we have some clients and they are using Sophos firewall UTM and we are using it as well."
- "The only time we face a problem or issues is when we place a ticket. We have found that response is very slow."
What is our primary use case?
We use this solution for communication endpoint, encryption, and network security. We are focused on providing security software to the small to mid-market enterprises; the essence of our delivery is internet security.
What is most valuable?
The features that I've known to be the most valuable are both the web security features as well as the web firewall capabilities. As a partner of Sophos firewall, we have some clients that are using Sophos firewall UTM and we use it as well.
What needs improvement?
One additional feature that should be included in the next release is
synchronized security, which would enable all the security to work together as a system. Another suggestion is to add advanced threat protection (ATP) to defend against sophisticated Malware. Seeing these additional improvements would be a great thing going forward.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
The product is stable. It's a product that our clients are able to use and enjoy. We haven't had many complaints about the product at all. Internally we haven't experienced any problems.
What do I think about the scalability of the solution?
The scalability is also fine. Currently, we have 20 employees using the product to date and only one employee needed to maintain the product. At the moment we don't have any plans to increase usage in the company. Not now, next year maybe.
How are customer service and technical support?
We train our employee's on technical support. I don't need any outside technical support.
The only time we faced a problem or issue is when we place a ticket. We have found that the response is very slow. That seems to be our biggest problem.
Which solution did I use previously and why did I switch?
We previously used Cyberoam but Sophos acquired Cyberoam. That's why we migrated to Sophos.
How was the initial setup?
The initial setup was done with our engineers, they also set up that server firewall. The setup was straightforward.
What about the implementation team?
The deployment took one month. We're a support base reseller. Our in-house team took care of it. We don't use anyone from the outside, we can deploy the product on our own.
What's my experience with pricing, setup cost, and licensing?
Everything involving pricing and licensing is maintained by our Bangladesh Sophos country managers. The pricing is okay and the licensing is also included in the price.
What other advice do I have?
Sophos UTM is a good product for security purposes and maybe if Sophos provided another company option to implement their products then I would say that Sophos UTM is great.
On a scale of one to ten with 10 being the best, I would give this solution a nine out of 10.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Owner at Technologies International
Application layer filtering is a vital feature
What is our primary use case?
SMB firewall.
How has it helped my organization?
Protected it against malware and allowed us to serve our servers safely.
What is most valuable?
Application layer filtering.
What needs improvement?
Setup: Getting an exchange server to work behind Sophos is incredibly difficult with rules invoked that are simple numbers (e.g. 9054).
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Pre-sales manager at National Information Technology Company
Has a solid state hard drive and can boot in less than sixty seconds
Pros and Cons
- "Sophos UTM has improved the porting section. It has improved security by seeing the gaps. For example, when you discover that an entry has been using a certain application, with Sophos UTM acting as a Layer 7 firewall, you can block the application, not the port."
- "With Sophos UTM, there is a general rule in the firewall when the country blocking can block some countries from accessing your data. In the current version, you still need to add it by putting in the IP range. This feature would be helpful for administrators and it gives them the advantage to block stuff in less time."
What is our primary use case?
We are partners with Palo Alto and several IT certificate vendors, like Sophos. We deploy Sophos UTM for customers.
Internally we use Sophos, but we deploy solutions including both Sophos and Palo Alto Networks to our customers. We are an IT integration company. Our services include the deployment of security appliances.
Our environment includes Sophos UTM for internal use, which means it is protecting the network. It is protecting our environment.
We publish our services like the help desk, mail server, and other servers. Sophos UTM offers us protection for publishing and the VPN.
How has it helped my organization?
When we started with Sophos UTM, we were using Microsoft Threat Management Gateway (TMG) which formed part of the firewall. It's not anymore there, it has been discontinued.
Sophos UTM is an SSD appliance. It has a solid state hard drive and can boot in less than sixty seconds. It is an appliance that has more stability than software solutions. It all depends on which hardware you have installed.
Sophos UTM has improved the porting section. It has improved security by seeing the gaps. For example, when you discover that an entry has been using a certain application, with Sophos UTM acting as a Layer 7 firewall, you can block the application, not the port.
In the application firewall, you can block the next update for Bitcoin or for Facebook. It has settings to block a port or wifi or just block the application and firewall. Sophos UTM will be able to detect the application type and filter network users.
Sophos UTM did help us a lot on the throughput of the internet because at that time we were using ADSL. Now it is fiber, which means we are able to manage the throughput of the firewall by also putting the quality of service first.
For example, we are able to configure 2MB for YouTube or 5MB are guaranteed for the service which is published. In the past, with TMG you had to buy third-party tools that also did not have the same functionality.
Currently, Sophos UTM and XG are helping our customers. The features available in the UTM and XG are a combination of all the firewalls in the market which means all the features.
The IT Admin or IT Security in any organization would like to have Sophos UTM because it is full of all the features you think about for enterprise.
Sophos UTM normally will deploy a batch or an upgrade and add more features, every six to eight months based on the RMD.
What is most valuable?
To be quite honest, from my personal experience all the features of Sophos UTM are useful, which includes publishing templates and the ease of publishing any servicing needs.
From the VPN side, all the VPN protocols are available so you can choose from SSVPN to PPTP to other versions of VPN, and it's easy to deploy within minutes.
The firewall includes very good logging where you can see what's hacking your network. The IDS and IPS settings are based on your reliance and also alerts you if there is an attack.
We're happy with Sophos and we also have an XG version being used for other services, because we are a company that provides services. We have two versions, we have the XG and the latest one.
The Sophos UTM which is the previous version but still being in production is our main firewall for the company.
We happy with all the features, we have no negative comments on any of the features except that the XG has more ability to block based on countries.
On the previous model, the blocking of countries we had a problem with, i.e. if you use the NAT feature, you can't block countries. You have to enter the IP network.
With the XG version, you can just select when you publish via NAT not via WAF. You can select the countries.
That is the only difference between XG and the UTM which we did not really like, but other than that its all cool.
What needs improvement?
There is definitely room for improvement with Sophos UTM. For the SG version of Sophos UTM, they can add blocking of countries in the NAT section, not only in the firewall section.
When you are mapping, they should also add the ability to block countries in that section. That's not available right now. It's only available in the firewall if you want to block incoming traffic.
With Sophos UTM, there is a general rule in the firewall when the country blocking can block some countries from accessing your data. In the current version, you still need to add it by putting in the IP range.
This feature would be helpful for administrators and it gives them the advantage to block stuff in less time.
The web filter needs additional enhancement but that's the point of the XG upgrade. If they're going to continue with the production of the XG, then they will not add the same features to the basic version of Sophos UTM.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
With the ability of the hardware, we haven't experienced any problems with Sophos UTM so far. Neither have our customers.
At the beginning of the XG version, three years back, they had hardware issues. After that Sophos deployed division two, three, and four as hardware appliances.
Sophos fixed the hardware issue for the lower models, i.e. the 525, the XG 125, and the XG 85. All of the larger Sophos UTM models were fine.
Now, all are stable, all are fine. We haven't seen any crash. One of our customers had a DDoS attack. Since he had the proper rules, we did not record any incident.
Sophos UTM blocked the DDoS. Although it is not a dedicated anti-DDoS solution, Sophos UTM has the features.
Sophos UTM is stable. I haven't seen any claims or issue tickets from our customers regarding stability.
What do I think about the scalability of the solution?
Sophos UTM has different aspects. If you have an HA distribution, high availability, you can scale up.
When you go and purchase Sophos UTM, you have to plan and say what the environment is. This planning has to be done before buying. If you buy a small appliance and after two years, you are 50 or 70 employees there are upgrade options.
It should be between you and Sophos. They can give you a free appliance if you subscribe for three years on subscription, for example.
If you have an existing subscription and you want to have HA, this means another device has to be set as redundant. The only downside is that it has to be the same version and the same model.
In my company, we have around 35 loyal customers. These customers have purchased and are redeeming Sophos UTM with us. Altogether, we are 55 employees. Most of them are at the office. Concurrently around 35 others are on site at other clients. We have around 35 servers.
We have the published Sophos UTM on the main server, help desk, share point, etc. We've got around nine published services, plus 10 VPNs running concurrently for our support engineers to connect and work on our internal infrastructure for the allotment servers.
We have 50 Sophos UTM installations at least that are actively browsing, downloading, and being protected by the web filter and other features there.
It depends on the organization, but for us we only require one person to manage this solution, even working remotely at home.
How are customer service and technical support?
We don't have much need to speak with the vendor because we are educated and experienced with Sophos UTM. We are an integrator company.
For our customers, in the beginning, we give them training. After a week we do expect to have some calls because they are not yet educated or they're not yet used to it.
After that, that's it. They already told us if they are ready or not. Sophos' support is better than others because Sophos also can sell endpoint solutions.
If one of our customers has an issue and Sophos did support and send their team for the investigation it could be conflicting.
For example, one of our customers had an endpoint which is an antivirus and they had an issue. We have teams that were actively taking care of the customer based on our relationship with the client and their Sophos UTM device license.
We have no comment on the Sophos UTM support which we have seen at our customer sites because it was only with a government customer.
The customer told us that the Sophos UTM representative mentioned that they wanted to have the vendor take care of this issue.
Other than that, I have had no negative experiences with Sophos' technical support.
How was the initial setup?
The initial setup of Sophos UTM is straightforward for both versions, the XG & UTM. In addition, they both provide a proper manual.
In the beginning, seven years back, Sophos UTM wasn't straightforward for beginners. You had to be already excellent in security. Now, it is very easy because you install the IP address, you log in, and you do the initial setup by routine.
These days its much easier than in the past but not everyone that has a firewall is secured. If you do it properly by choosing the right network, the right topology, and the right firewall rules, Sophos UTM will work.
There are orders for most of the rules. For example, if you put a deny rule below an allow rule, you are not going to have the proper result.
Sophos UTM requires knowledge. It's easy to deploy but also there is a responsibility on the person who is deploying to understand.
You must have the knowledge of security and networking, to make sure that the solution is working properly. Sophos UTM is very easy compared to other vendors somehow.
In our environment, we have defined previously the VLAN rules on our sheets because we had another firewall. In the beginning, we just copied the current rules and then enhanced them slowly so deployment took place quickly.
After fixing the appliance physically on the rack, it took one hour to be up and running and ready based on the rules. If you are a small environment that would take you less than 20 minutes.
It all depends on how many rules you have, how many demands, how many users, and public services. For example: if you have five websites, the main server, and a starter business, you might need more time because you would need to define the rules properly.
It all depends on how complex your environment is. Sophos UTM is easy and straightforward for me and for somebody who is certified on security levels.
What about the implementation team?
We haven't opened a ticket with Sophos for 60 days, but we still have support. All our customers use us as the first level of support, even if they have to chase it.
Sophos UTM comes with a license. We are very aware and updated on Sophos solutions. We have good experience with it.
Although we sell other solutions, we are looking forward to building, selling, and integrating Sophos XG/UTM versus other vendors because of the ease of use.
We are more focused now. Our entire team is certified in Sophos Enterprise, while other vendors would likely still have just one or two members who are certified.
We feel more comfortable using Sophos equipment and solutions.
What was our ROI?
I can't mention anything on ROI because I'm more focused on the technical part. I'm not needed in the financial part. In our company, we have saved bandwidth and lots of network hardware waste.
The Sophos UTM solution did help us because we were depending on a software base from Microsoft. Microsoft is a great company but they are not great for our security. Now they have improved. When you go out and buy something, buy it from the specialists.
For example, if you go for virtualization, VMware is a company that only does virtualization. Go for specialized people. Don't go for people who are doing everything at once.
It's like when you go to a physician or a doctor and you have a problem with certain things. i.e you have a problem with the bones. Go to the doctor that is specialized in the bones, not a general doctor.
What's my experience with pricing, setup cost, and licensing?
The Sophos UTM license is annual or you have a choice for a two or three-year term.
The Sophos UTM licensing is based on if you have an appliance. There are several layers of subscription you can take:
- Sophos UTM Full Guard includes everything but a few features.
- Sophos UTM Full Guard Plus includes all the most used features, i.e Wifi, ITF, ITS, web publishing WAF, etc.
There is a huge price list. The prices in the MENA area (the Middle East and North Africa) is completely different than North America.
The products are completely different in the MENA area from the United States. Each region has its own scheme of pricing based on the VAT and the tax refund.
The price might be different for the people who are in the United States and the UK.
After you select the level of subscription, you pay once.
Which other solutions did I evaluate?
We tried and tested Fortigate from Fortinet. We tested several appliances about six years back. Not Palo Alto at that time, only Fortinet.
We evaluated other open-source Linux software but not appliances. We decided to go with Sophos UTM based on several factors related to the tests we did at that time.
Evaluation is very important so that you can see what are you buying and what you are going to face in the future.
What other advice do I have?
My recommendation is that businesses should go for the XG version, not the SG because the XG version of Sophos offers next-generation firewall support and has more improvements.
Sophos XG is the next generation firewall that is not available on the UTM version. The difference is in the features between the two and how you deploy them.
Sophos XG version covers what is in the SG version plus additional bonuses: the dashboard, the heartbeat between the firewall and the input, etc.
I advise first evaluate, know your network, know your needs, and plan for the upcoming two or three years before you purchase.
Get in touch with the vendors because these days every vendor wants to sell. They are willing to help the customers and willing to show them what they will get.
Make sure you evaluate properly many platforms. Don't just go with one vendor. Go with two or three vendors. Evaluate and then short-list and choose the best for you.
The rating has to have criteria:
- On performance, I would give Sophos UTM a 10 out of 10 rating.
- On price, it is a long discussion because you can get a discounted price if you are an integrator.
- As a user and a customer, I would give Sophos UTM a 9 out of 10 rating.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Specialist at Arnett Carbis Toothman LLP
Sophos SUM allows us to manage over 50 devices from a central management console
What is our primary use case?
- Network border protection for clients and internal company
- It is used for small to medium-sized businesses and networks.
How has it helped my organization?
Sophos SG has provided us with the tools to protect our networks, detect malicious activity, and customize security to our clients' needs.
What is most valuable?
- Sophos UTM Manager (SUM): It allows us to manage over 50 Sophos UTM devices from a central management console.
- Creating rules, exceptions, and managing most features from SUM, and pushing to all or a section of devices as needed.
What needs improvement?
- SUM cannot manage app control
- Improve app control system as a whole
- Extend support for SG until XG has improved significantly.
For how long have I used the solution?
Three to five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Security Specialist at a tech services company with 11-50 employees
It is a good source for IDS and IPS
Pros and Cons
- "The most valuable feature is the IPS. It also protects us from malware."
- "The solution could be improved by adding cloud soundboxing."
What is our primary use case?
Our primary use case of this solution is IDS and IPS. We also use it for application availability.
What is most valuable?
The most valuable feature is the IPS. It also protects us from malware.
What needs improvement?
The solution could be improved by adding cloud soundboxing.
For how long have I used the solution?
Less than one year.
What do I think about the stability of the solution?
The stability is OK.
What do I think about the scalability of the solution?
The scalability is not something I have experience with because our organization is pretty lean.
How is customer service and technical support?
I have not used technical support.
How was the initial setup?
It was easy to set up and quite straightforward.
What other advice do I have?
When considering a new solution, I always make sure that there is good technical support. Also, the pricing is an important aspect.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Sophos UTM has offered cloud sandboxing for several years. Sandstorm matured in 2017 and now would be a valuable addition to your company's security.
Info Sec Consultant at Size 41 Digital
Allows our client to use cross-region AWS VPCs to connect remote dev offices
Pros and Cons
- "UTM 9 brings along IPSec as well as iPhone and iPad support. This seems small but it’s useful."
- "We didn’t find any issues but I know there have been some in the last few years."
What is our primary use case?
A client wanted to trial Sophos UTM 9 before deploying it into a production environment because, historically, Sophos has not had the best of reputations in AWS. The client had used Sophos in other environments, hence they wanted to stick to what they know.
How has it helped my organization?
The solution allows the client to use cross-region AWS VPCs to connect remote dev offices.
What is most valuable?
Classic defence in depth, with layered features.
- SPI (stateful packet inspection)
- IPS
- WAF
- VPN capability with built-in load balancer
Nothing out of the ordinary these days, but the fact Sophos has such a big name and good support was a big plus for the client who already had a relationship with Sophos support. Also, auto-scaling of UTM workers using EC2 is a nice and handy feature.
UTM 9 brings along IPSec as well as iPhone and iPad support. This seems small but it’s useful.
Finally, Cold Standby CloudFormation script to one node, with persistent info in S3, is a convenient feature.
What's my experience with pricing, setup cost, and licensing?
We procured this solution via the AWS Marketplace because of BYOL (bring your own licence). That was the driving force behind the choice. In addition, they had test and production environments in AWS already so it was easy to get a sign-off.
What other advice do I have?
We didn’t find any issues but I know there have been some in the last few years. I can’t comment about Sophos on AWS previously but they seem fine now. There were no problems for our client so all I can comment on is the experience they had. I think it’s taken a little while for Sophos to get experience in solving problems with their product in the AWS environment, but they do seem to go the extra mile.
This solution rates an eight out of ten, based on our experience. Support was good. You will always find problems with installations so it does hinge on support.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Manager IT and Security at Health Street
Enables us to fully isolate an infected server or workstation with the click of a button
Pros and Cons
- "The isolation of infected machines is a big feature. Also, the ability to detect external sources that change files on a file server is really big."
- "It does have built-in policies, which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them."
What is our primary use case?
Threat management for servers is our primary use case. We're not using it on all workstations, just a few. We're primarily using it on servers.
The version we're using is fully in the cloud, not on-prem.
How has it helped my organization?
We don't have to worry about viruses anymore. Before Sophos, we didn't have anti-virus at all because we're a newer company and we're just now starting to get into business-level stuff. When we installed it on a few of the users' machines, we saw that they did have very minor infections - they downloaded something they shouldn't have, something that could have hurt the computer. We were able say, "Well, we're glad they didn't click on that."
What is most valuable?
The isolation of infected machines is a big feature. Also, the ability to detect external sources that change files on a file server is really big.
The third key feature is something called EDR. It's a type of advanced file analysis. If you aren't sure what a file is you can click on it and it will upload a sample to Sophos and it will respond saying, "That's malicious," or "Not malicious." You can see every individual file and registry key that that file has ever interacted with, and what they did. It will show you every single thing it's done to the machine so you can clean up everything or check everything that it has ever touched. You don't have to worry about, "Oh, did I clean everything up?"
What needs improvement?
It does have built-in policies which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them.
For how long have I used the solution?
Less than one year.
What do I think about the stability of the solution?
In terms of stability, it's definitely top-notch, a market leader. The ability to do things and the availability of it being online aren't an issue.
What do I think about the scalability of the solution?
It seems very scalable. All you do is install the client, and it pulls it in. You don't have to actually have more Sophos servers running. It all goes back to their central, cloud-based platform, which is nice.
How is customer service and technical support?
I haven't had to use Sophos' technical support.
How was the initial setup?
The initial integration and configuration of Sophos in our AWS environment was incredibly easy. They give you a license key and a file. You download that file on the operating system type that you're trying to install it on. Install it and it's done. There's nothing else at all to do. It gets auto-configured for you.
What was our ROI?
We haven't seen ROI because we just got it two or three months ago. Over time we will.
What's my experience with pricing, setup cost, and licensing?
The biggest issue with Sophos is the pricing. It's definitely more expensive. We looked at Webroot, which is a big alternative, and Sophos was almost three times the price of Webroot. That's a pretty big difference.
We actually went with both Webroot and Sophos. We went with Webroot for most of the client machines. We're only using Sophos for the servers and the really important client machines, like the ones the managers use. That way, we can split our cost up a little bit.
Which other solutions did I evaluate?
We looked at Webroot, primarily. That was pretty much the only one we evaluated that was even close to being a competitor. We did look at a few others, but we didn't even do the trials because \Webroot and Sophos offered so much more.
Webroot seemed really nice for Windows, but we have a lot of Macs. Our servers are Windows, and we definitely went with Sophos for the servers because it has a little bit more capability with Webroot.
An example would be that if you have a file server, it will actually detect if a source is changing stuff on the file server. Suppose that a client was connected to them. That client wouldn't even need protection. Sophos is smart enough to understand, "Hey, a client just uploaded this virus." Webroot wouldn't do that. Sophos also lets us do full isolations of the servers or workstations. So if something gets infected, we can isolate that machine with the click of a button, clean it up, and then release it back into the network. That's not something Webroot was capable of handling either. Those were two big things to us because both of those features stop viruses from spreading.
Everyone's going to get infected at some point. We just want to stop the spread as soon as possible.
What other advice do I have?
If you're running a full Windows-based shop you're going to have a lot more options, so make sure you shop around. If you're running a Mac-based shop like we are, Sophos is definitely the way to go. Just make sure you can afford it.
Regarding how well Sophos integrates with other products, so far we haven't integrated it with anything. We have it on the servers and we have it scanning our Amazon accounts, but that's it. The integration with Amazon is cool. Maybe they could work on that because it seems like a newer feature. You can see what's available but not really do anything yet.
For the features, how well it works, and how easy it is to use, I would give Sophos a ten out of ten. Overall, I would give it a nine because it is very costly compared to all competitors.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
CEO & Co-Founder at Advisor Consulting Group
Application Control should be able to be managed with users; however, we now have a protected, standardized network.
How has it helped my organization?
Our datacenter cloud services such as email, and web services for internal and external use, had to be protected with different systems and the web services where left really unprotected, since we used an standard IPS/IDS to protect ourselves from web attacks (from the outside) which nowadays are really sophisticated. Also, we had to employ many work hours to have a protected, standardized network. With Sophos EndPoint and Sophos UTM, we simplified and also protected our network at the same time, with less work force.
What is most valuable?
The web filter and the ATP (Advanced Threat Protection) are great and easy to manage, and the integrated WAF (Web Application Firewall) allows the administrator to seamlessly protect HTTP/S services without having to pay thousands of dollars. The just introduced Sandstorm system for protection, is awesome as well.
What needs improvement?
Sophos UTM has many improvements that I would suggest, but the main one is for the Application Control to be managed with users as well, and with timeframes (schedules) for the administrator to allow certain apps outside an specific timeframe, or vice versa.
What do I think about the stability of the solution?
No issues encountered.
What do I think about the scalability of the solution?
The scalability is awesome as when you need the network protection systems to grow immediately, you just activate and license the exact same box, and configure it in cluster mode for Active-Active mode in Cluster/High Availability.
How are customer service and technical support?
This is where Sophos vendor outclasses every other vendor. They have grown so much throughout the last four to five years, but they have grown as well in their capability to attend support cases. We've had some really advanced cases, and we have never been forgotten or left behind.
Which solution did I use previously and why did I switch?
We used a commercial product, Untangle, with our own brand called Rhino Box. Untangle did not invest in the development of features as we expected, such as the adoption of IPSec VPNs (they had it but very limited), and IPv6. This was what made us do research for our SMB/Enterprise market offering. We tried out Sophos UTM (recently purchased as Astaro UTM) and it was really easy to deploy and came with Sophos Support, which is awesome.
How was the initial setup?
The initial setup is straightforward. Sophos brand is well known in the market for being a unique and powerful tool that is simple to deploy and manage. This is what makes it different from any other vendors. The Sophos UTM, comes with a deployment "Wizard for Dummies" since it show the wizard at the initial setup, and in less than three minutes, you can have your box up and running. Also for Policies deployment, you are clicks away to customize your security settings.
What about the implementation team?
We always deploy by ourselves, so that way we can test how the customer will see the initial implementation. Our main advice, is to read the manual, and follow the wizards that comes with each tool. Also, it is strongly recommended to have a professional firm contracted for the initial setup, and support, as we are, to can design, and help with any kind of implementation issues.
What was our ROI?
The ROI is in 12-16 months, since with this kind of tool, we deliver the best of breed protection, and increment the focus of the end user, in being productive.
What's my experience with pricing, setup cost, and licensing?
I recommend you get the three year licenses, since Sophos offers three years for the price of two. I would also recommend that you acquire any Sophos Licensing with Professional Services added, that way, you'll have the best experience possible.
What other advice do I have?
They have supported our business venture since 2010, and will do for many years. We have studied closely the different product portfolio, and each one of them, are carefully developed.
Disclosure: My company has a business relationship with this vendor other than being a customer: We have been a Gold Partner since 2010.
Data Department Manager at BTC Networks
As both a firewall and UTM it's perfect, however, sometimes with setting up the spam filters there is an issue.
How has it helped my organization?
As we are a solution provider and not product oriented, we give the best solution for our customers, with a good price. We are the number one company in the region, BTC, and operate in Egypt, Iraq, Jordan, Lebanon, and Saudi Arabia.
What is most valuable?
As both a firewall and UTM it's perfect.
What do I think about the scalability of the solution?
No issues encountered.
How are customer service and technical support?
Customer Service:
For me, the customer satisfaction, and awareness, is the most important thing. I usually train all my clients on their chosen system.
Technical Support:10/10.
Which solution did I use previously and why did I switch?
As we are a service provider, we offer various other products to our customer:
- Astaro ASG
- Avaya/Netscreen
- Fortinet
- HP Switches & WiFi
- Juniper SSG
- Juniper SRX 210 & 240
- Juniper WXC
- Sophos next generation SG, including RED, SG, and WiFi
- Telindus Crocus E1Q
How was the initial setup?
For me, the installation and setup is simple. I work hard to do the simulation for the customer, and discuss all the requirements before implementation with the client.
What about the implementation team?
In one project I implemented Sophos for was a bank. I had to involve the Sophos team as the client was asking for WAF in transparent mode with HTTPS inspection. They were 10/10.
Which other solutions did I evaluate?
Prior to Sophos, it was mainly Juniper and Fortinet.
What other advice do I have?
Give us 10 minutes of your time, and we will show you the differences. When I do presentations, I give potential clients demo access to the solution(s) I am presenting.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Asst General Manager(C&IT) at NMDC Ltd
It improved bandwidth utilization and provided link load balancing features for internet and intranet lease lines
Pros and Cons
- "It improved bandwidth utilization and provided link load balancing features for internet and intranet lease lines."
- "Initially, there were issues with the wireless network as wireless access points were disappearing from the dashboard after some time."
What is our primary use case?
We were looking for a solution which provided a single view for both a wired and wireless network. We were previously using the Cyberoam 200ia firewall appliance and wanted an appliance which could support 1500 to 3000 corporate users. The solution also required a wireless access controller scalable to at least a 125 second wave 802.11 ac wireless access point. We purchased a Sophos XG 450 appliance with Sophos wireless access points.
How has it helped my organization?
It improved bandwidth utilization and provided link load balancing features for internet and intranet lease lines. It also provided good security for internal users.
What is most valuable?
- A good package overall
- A nice UTM appliance with a good GUI and reports.
- Configuring web access controls in the appliance is a bit typical and requires debarring and listing separately. Once configured, the solution works beautifully.
What needs improvement?
Initially, there were problems of wireless access points not getting detected and lease lines were getting disconnected after one hour. Sophos replaced the appliance, but the issue was not resolved . The matter got escalated to their international support and the issue was identified as a bug where long distance fiber connections are used over single mode fiber. The patch was shipped by Sophos with a promise to fix the issue in the next release.
Now, the appliance is working fine. The issue of wireless access points was due to some compatibility issues with the D-Link switch. I provided the Cisco 2900 series switches to connect to the wireless access points by creating a separate wireless LAN port on the firewall.
For how long have I used the solution?
Less than one year.
What do I think about the stability of the solution?
Initially, there were issues with the wireless network as wireless access points were disappearing from the dashboard after some time. Later issues were resolved by connecting the wireless access points through Cisco switches.
What do I think about the scalability of the solution?
No scalability issues.
How are customer service and technical support?
Support is very good.
Which solution did I use previously and why did I switch?
We used to use Cyberoam 200ia. It required to an upgrade due to end of life and the changed requirement of its organisation.
How was the initial setup?
The initial setup was complex as different VLANs had to be created for the business network, wireless network for corporate users, wireless network for guest users, and a separate VLAN for the communications network and the VC. QoS had to be enabled for different type of services. In addition, link load balancing was also configured and tested for internet lease lines and intranet MPLS lease lines.
What about the implementation team?
We implemented through a vendor team, and their expertise level was good.
What was our ROI?
ROI has yet to be calculated.
What's my experience with pricing, setup cost, and licensing?
We purchased the appliance with five years onsite support and licenses.
Which other solutions did I evaluate?
FortiGate 1000D.
What other advice do I have?
In India Cyberoam, which has been taken over by Sophos, has a vast support network and loyal user base. Migration to Sophos was the logical path. Further, pricing for the upgrade was very competitive as Sophos wanted to retain existing customers.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT SM & Security Consultant at a tech services company with 1,001-5,000 employees
Sandstorm protects against crypto viruses in real-time
Pros and Cons
- "Advanced protection (Sophos Sandstorm) - Protects against crypto viruses in real-time."
- "There is still room for improvement in wireless protection. I don't mean their WiFi device is bad, but there are still things to improve on, such as WiFi roaming."
How has it helped my organization?
We replace customers' old and expensive devices such as firewalls, anti-spam, etc. with Sophos, as it has all these features. You don't need four boxes if you can have all these features in one box.
What is most valuable?
The most valuable features are
- Web Protection - Protects you against problems originating from the internet.
- Advanced protection (Sophos Sandstorm) - Protects against crypto viruses in real-time.
- Email Protection - Really strong anti-spam.
- REDs (Remote Ethernet Device) - Connects you from a remote workplace to your source network.
What needs improvement?
There is still room for improvement in wireless protection. I don't mean their WiFi device is bad, but there are still things to improve on, such as WiFi roaming.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
No issues with stability.
What do I think about the scalability of the solution?
No, everything works perfectly.
How is customer service and technical support?
They have consultants who can help you quickly.
How was the initial setup?
You can use the wizard which will guide you through all the initial settings.
What's my experience with pricing, setup cost, and licensing?
Sometimes more is less, meaning if you want more than three features, take the FullGuard licence.
What other advice do I have?
We do not use this on AWS.
Before implementing the SG appliance, completely prepare the rules for your network; know what and where you want to implement.
Disclosure: My company has a business relationship with this vendor other than being a customer: Gold Partner.
Global Network Security Admin at a consumer goods company with 201-500 employees
It can identify threats quickly, then find the affected devices and quarantine them
Pros and Cons
- "It has helped by identifying threats within the company. If there are computers or servers that are compromised, then we are able to identify them right away in the system."
- "The technical support only communicates via email. I would prefer to communicate directly with someone."
What is our primary use case?
I am using it for security, antivirus, and malware detection.
How has it helped my organization?
It has helped by identifying threats within the company. If there are computers or servers that are compromised, then we are able to identify them right away in the system.
What is most valuable?
It can identify threats quickly, then find the affected devices and quarantine them.
It ease of use: The GUI is easy to maneuver through; it is not complicated.
What needs improvement?
The support needs improvement.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
It has been stable. We haven't had issues. It does what it is supposed to do.
What do I think about the scalability of the solution?
Since it is cloud-based, scalability works great. We have around 300 users in our environment.
How is customer service and technical support?
The technical support only communicates via email. I would prefer to communicate directly with someone.
Which other solutions did I evaluate?
We also considered Symantec and McAfee. We did not chose them because we had experience with both of them and were not happy with their platforms.
We chose Sophos for its ease of use and it detects malware and viruses that other companies can't detect.
What other advice do I have?
The product works. It helps you identify threats within the environment.
We were able to integrate it with different devices and the installation is straightforward.
We are using the cloud-based version, but it is through Sophos directly. We are not using AWS. A lot of this stuff is also on-premise.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Architect at a financial services firm with 501-1,000 employees
We like the ease of deployment and the dashboards are good
Pros and Cons
- "The implementation with the AWS environment was good."
- "They could reduce the price."
What is our primary use case?
It is used as an antivirus.
What is most valuable?
- Ease of deployment
- Licensing
- The dashboards are good.
What needs improvement?
They could reduce the price.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
The stability is good.
What do I think about the scalability of the solution?
The scalability is good for us. We are only a company of about 400, so it is perfect.
How is customer service and technical support?
I have not used the technical support.
How was the initial setup?
The implementation with the AWS environment was good.
We haven't had any issues with deployment.
What's my experience with pricing, setup cost, and licensing?
The pricing and licensing are both good and better than Sophos's competitors. This is why we went with the product.
Which other solutions did I evaluate?
We looked at Symantec, but liked Sophos's licensing better.
What other advice do I have?
Consider the product, as it seems to be one of the top four.
We use the both the AWS and on-premise versions. They are both good and about the same.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Solutions Architect at National Renewable Energy Laboratory
It meets our compliance needs for antivirus, but the printed provisioning needs improvement.
Pros and Cons
- "It meets our compliance needs in an elastic computer environment."
- "It is a little too CPU resource intensive, so we would like to see improvements there."
What is our primary use case?
We use it for antivirus.
How has it helped my organization?
It meets our compliance needs in an elastic computer environment.
What is most valuable?
It meets our compliance needs for antivirus.
What needs improvement?
The printed provisioning is the primary thing that needs improvement.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
It is a little too CPU resource intensive, so we would like to see improvements there.
What do I think about the scalability of the solution?
We are running about a couple hundred EC2 instances. Overall, the AWS Marketplace product should be a better fit, but it is a little pricier.
How is customer service and technical support?
When we need technical support, we just engage the vendor, then figure out what our requirements are from there.
How was the initial setup?
The integration and configuration of this product on our AWS environment is a little clunky right now.
The product is a standalone in terms of integration.
What other advice do I have?
Going forward, we need to look at the provisioning pieces and the resource utilization.
The AWS version is easier to provision than the on-premise version.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
It works well without any maintenance
Pros and Cons
- "It works well without any maintenance. So far, it has worked pretty well regardless of the traffic."
- "The product could be simplified and made more self-explanatory."
What is our primary use case?
- Firewalls
- Developer access
- VPN traffic
- Rerouting and routing.
I am using it to route traffic for developer access or regular traffic for my instances. I have a web application, and I control access to and from it in one of my environments.
How has it helped my organization?
All my needs are met at the moment.
What is most valuable?
Our policy is launch and forget. It works well without any maintenance. So far, it has worked pretty well regardless of the traffic.
What needs improvement?
The product could be simplified and made more self-explanatory.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
I am stressing it quite a bit, and the stability is great. I haven't performed any maintenance on the instances in quite a while now. It works. I am happy because everything works well.
What do I think about the scalability of the solution?
My throughput is moderate versus high throughput applications.
I am always holding a predefined number of instances, so I haven't had any issues.
How is customer service and technical support?
I have not used the technical support.
How was the initial setup?
The configuration was pretty complex on my side compared to OpenVPN. However, this might imply that Sophos has more use cases and capabilities. It depends.
Which other solutions did I evaluate?
I am also using OpenVPN.
Partially, for historic reasons, things were built prior to me being able to evaluate stuff. At the moment, we are using both solutions. In terms of pricing, when I need to spin up anything small with smaller requirements, I am using the free OpenVPN instead of Sophos UTM.
What other advice do I have?
Do your homework. Compare products. Use what you need depending on your needs.
We are only using the AWS version of the product.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Architecture and DevOps at hc1.com
It has allowed us to have a solution that we can maintain and not have to babysit all the time
Pros and Cons
- "It has made our organization more secure, because we are using a VPN. We are not accessing services directly. It allows us to segregate some of the traffic for individuals which may be more of a developer role rather than an operational role needing access to developer resources, but not necessarily production operational resources."
- "It makes it a lot easier for us to maintain things. Prior to it, things were more difficult. This means less time on us. We can focus on other things. The recovery is more in man-hours for us than anything else."
- "The documentation during the AWS integration was a little fuzzy on getting it to work with how the whole public exposure versus private exposure, then routing some of the traffic."
What is our primary use case?
Our Sophos UTM provides a secure VPN solution. It allows us to have a VPN solution that limits access to certain sensitive areas in our environment.
How has it helped my organization?
It has made our organization more secure, because we are using a VPN. We are not accessing services directly. It allows us to segregate some of the traffic for individuals which may be more of a developer role rather than an operational role needing access to developer resources, but not necessarily production operational resources.
Previously, it was all intermixed, and access was kept under control by other means. This makes it easier and more streamlined.
What is most valuable?
- The VPN side of it.
- The ease of configuration of the VPN.
- Some of the end user self-serviceability of it without having to have a whole lot of touch from our operational group
What needs improvement?
The UI on it could stand a little improvement. In some areas, it is a little slow and clunky. It is sometimes not easy to find something. However, once you get used to it, it is pretty normal to use.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
We haven't had an issue with it yet.
Any given day, we have easily ten to 15 users on it constantly, plus some other ancillary services which go across the VPN to access resources in our environment.
What do I think about the scalability of the solution?
It works for what we have, as we only need a couple of them. Scalability-wise, we don't need a whole lot.
How is customer service and technical support?
We have used technical support one time for a weird upgrade issue. Their response was good.
How was the initial setup?
It integrated well with AWS. The documentation was a little fuzzy on getting it to work with how the whole public exposure versus private exposure, then routing some of the traffic. However, once you read the documentation carefully, it comes out well. This goes back to the UI issue.
What was our ROI?
It makes it a lot easier for us to maintain things. Prior to it, things were more difficult. This means less time on us. We can focus on other things. The recovery is more in man-hours for us than anything else.
What's my experience with pricing, setup cost, and licensing?
Purchasing through the AWS Marketplace is pretty straightforward. Because were entirely on AWS and don't have anything anywhere else. It made the most sense for us as a one stop shop.
The pricing is pretty reasonable. I don't think that it is overly expensive.
Which other solutions did I evaluate?
We looked at a couple other products. However, overall, Sophos UTM seemed to fit the bill. It has allowed us to have a solution that we can maintain and not have to babysit all the time.
What other advice do I have?
It is definitely worth looking at. It is a pretty good product.
It is integrated with our LDAP solution, and that integration is okay. Any LDAP integration can be hit or miss. It doesn't matter what it is, because it's LDAP. Since we use LDAP as a service, it's a little different, but it does work well.
We use it for the AWS version.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
CIO at Quartesian
It provides a solid firewall, but they could improve on the support
Pros and Cons
- "It helped to connect our satellite offices to the main Amazon infrastructure in a circular way."
- "We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work."
- "They could definitely improve on the support, especially in other countries."
What is our primary use case?
We are using as a firewall product.
How has it helped my organization?
It helped to connect our satellite offices to the main Amazon infrastructure in a circular way.
What is most valuable?
It provides a solid firewall.
What needs improvement?
We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
It's pretty stable. For our usage, it has been pretty good.
What do I think about the scalability of the solution?
We are a small company with a small infrastructure. For our infrastructure, it is perfectly solid. I don't have experience using it on a larger scale.
How is customer service and technical support?
They could definitely improve on the support, especially in other countries. Right now, it is just average. For example, we have a team in India. When they face issues, they have to go to Australia or talk to somebody in the US to receive support. They should be more responsive and have more local offices.
What about the implementation team?
AWS has been pretty good. It is well integrated and pretty user-friendly. Initially, we experienced issues with the configuration because Sophos provided us a CloudFormation template, which caused us some back and forth. By now, the process may have improved.
What's my experience with pricing, setup cost, and licensing?
Purchasing it through the AWS Marketplace went smoothly. We did not have any issues and the pricing was decent.
We decided to purchase through the AWS Marketplace because of the integration with the AWS infrastructure, firing it up and configuring it was very seamless.
Which other solutions did I evaluate?
We originally considered Barracuda and another solution.
We chose Sophos because we thought that it provided superior service. Also, they have a long history in the market, and I received a recommendation from one of my consultants.
What other advice do I have?
I would recommend to take a look a product, as it is a good product apart from the improvements that I mentioned. We are very happy with the product so far.
It is used as a standalone. We don't integrate it with other systems.
We are using the AWS version of this product.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Director of Cloud Technology at Avalere Health\Inovalon
It has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewalls from one place
Pros and Cons
- "Sophos has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewall from one place."
- "I would like them to move from the Classic Load Balancer to the Network Load Balancer. This would make it easier to do certain things with Amazon. They are able to do some enhancements with Network Load Balancer that they are unable to do with Classic Load Balancer."
What is our primary use case?
Every single Virtual Private Cloud (VPC) has Sophos in front of it. I also use it for Outbound Gateways in my WorkSpaces environment.
How has it helped my organization?
Our company trusts Sophos without even seeing it, as it provides us comfortability while allowing for flexibility.
What is most valuable?
Its scaling capability.
Sophos has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewall from one place, which is huge for me. When you have multiple VPCs and multiple accounts, it becomes too cumbersome to use a product that you have to look at individually. With Sophos, I can look at one place and see everything: my logs, filters, firewall rules, etc.
What needs improvement?
I would like them to move from the Classic Load Balancer to the Network Load Balancer. This would make it easier to do certain things with Amazon. They are able to do some enhancements with Network Load Balancer that they are unable to do with Classic Load Balancer.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
I have never had a stability issue with Sophos. It self-heals.
What do I think about the scalability of the solution?
I have not run into a scalability issue since it is scalable past my license.
How is customer service and technical support?
I have had great technical support. The only issues that I have experienced with technical support are when I get a Tier 1 support person who knows about the on-premise product, not the AWS side of the product.
What about the implementation team?
The implementation and configuration through AWS is easy. They have cloud configuration templates, which are easy to deploy.
What's my experience with pricing, setup cost, and licensing?
We originally purchased the solution through the AWS Marketplace. I started my proof of concept doing pay-as-you-go, then moved to a VAR for a 'Bring Your Own Licence' (BYOL) licensing model. The BYOL license still requires you to accept the terms of the AWS Marketplace to deploy.
It is easy to purchase through the AWS Marketplace. In addition, if you have a budget for the AWS Marketplace, then your purchases will appear on your regular Amazon bill, which makes things even easier.
Which other solutions did I evaluate?
I went and looked at Check Point eight years ago, because back then, I loved Check Point. They also weren't many solutions like this back then. AWS Marketplace did not even exist eight years ago!
After comparing Check Point and Sophos pricing, I questioned whether the decimal for Sophos was in the wrong spot. Sophos's competitors were so much higher in price.
Originally, cost sold me because Check Point and Sophos had the same features. Now, Sophos has surpassed Check Point's features.
What other advice do I have?
If you haven't tried it, do so.
Amazon has their products (e.g., Amazon GuardDuty). However, when you are working in a multiple VPC environment along with digital enhancements and features, some of those enhancements and features are not always available with Amazon, but are with Sophos.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Solutions Specialist at centerprise international
It has ease-of-use and fits the purpose of our firewall protection needs.
Pros and Cons
- "The most valuable feature is that it is easy to administer."
- "The pricing is an issue."
What is our primary use case?
The primary use case for using this product is as a firewall.
How has it helped my organization?
It has ease-of-use and it fits the purpose of our firewall protection needs.
What is most valuable?
The most valuable feature is that it is easy to administer.
What needs improvement?
The price is an issue to consider for improvement.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
The stability of the product is good.
What do I think about the scalability of the solution?
We are not a very big organization, so we do not see any issues going into the future. We feel that it will continue to scale appropriately for our organization's needs.
Which solution did I use previously and why did I switch?
We have experience with Sophus, as well.
What's my experience with pricing, setup cost, and licensing?
The price is something that one will need to consider.
Disclosure: My company has a business relationship with this vendor other than being a customer: I am a reseller.
We have a better level of protection and we have the ability for our devices to be more of a self-sustained type of resource.
Pros and Cons
- "I have no problem with the cost or licensing of this solution. This is a primary reason whay I wanted this solution. It does the same thing cheaper than other name brands."
- "The memory and processing were problematic. The interface could be better."
What is our primary use case?
My primary use case is as a VPN, a firewall and a web filter.
How has it helped my organization?
We have a better level of protection and we have the ability for our devices to be more of a self-sustained type of resource.
What is most valuable?
The most valuable features are:
- Firewall protection
- Intrusion detection
What needs improvement?
The memory and processing were problematic. The interface could be better.
What's my experience with pricing, setup cost, and licensing?
I have no problem with the cost or licensing of this solution. This is a primary reason whay I wanted this solution. It does the same thing cheaper than other name brands.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cloud Network Administrator at a tech services company with 11-50 employees
We cannot use our network on a weekly basis without it.
Pros and Cons
- "It helps us with protection, with concurrent use of the VPN."
- "During initial configuration, I encountered a few issues."
What is our primary use case?
It helps us with protection, with concurrent use of the VPN.
How has it helped my organization?
This solution improved our firewall capability. We installed an identity process, and this is extremely helpful.
What is most valuable?
The security is the most important, and without security, we cannot use our network on a weekly basis.
What needs improvement?
During initial configuration, I encountered a few issues.
For how long have I used the solution?
Less than one year.
What do I think about the stability of the solution?
The stability is very good.
How was the initial setup?
The initial setup of this solution was easy. It was not complex.
What was our ROI?
When considering a product, I think support from the solution is very important.
Which other solutions did I evaluate?
We did not have experience with a firewall prior to installing this solution.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
CEO with 501-1,000 employees
Rapid deployment with great logging and analysis features
Pros and Cons
- "It now controls all the security aspects of our web servers with Sophos UTM WAF."
- "We use Sophos UTM as our main firewall with all its features included. Mainly, it controls all of our network perimeter security: firewall, IDS/IPS, and web application firewall (including VoIP)."
- "Reporting: We have had to work manually in many of our reports."
What is our primary use case?
We use Sophos UTM as our main firewall with all its features included. Mainly, it controls all of our network perimeter security: firewall, IDS/IPS, and web application firewall (including VoIP).
How has it helped my organization?
Web application firewall (WAF): We removed our old internal reverse proxy, and it now controls all the security aspects of our web servers with Sophos UTM WAF.
What is most valuable?
- Ease of use
- Rapid deployment with great logging and analysis features
What needs improvement?
Reporting: We have had to work manually in many of our reports.
For how long have I used the solution?
More than five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Brings greater visibility into the network traffic coming inside and passing away from the company
Pros and Cons
- "The initial configuration is straightforward thanks to the web GUI. In 30 minutes, you can have a running firewall with UTM protection enabled."
- "Brings greater visibility into the network traffic coming inside and passing away from the company."
- "Needs to improve the certificate management (ex. Let's Encrypt support)."
What is our primary use case?
Currently, we are using the product on-premise. However, in the future, we would like to deploy an AWS instance too.
How has it helped my organization?
This product helped us a lot in having a greater visibility into the network traffic coming inside and passing away from the company. The Sophos’s unique RED devices helped us a lot to build up extremely, easy Layer 2 VPN connections.
What is most valuable?
- Email and web proxy: for filtering unwanted emails and spam, and for web content and malicious url filtering
- SSL VPN and two-factor authentication: for secure remote access
- Layer 7 app control: for blocking P2P (ex. BitTorrent) and media streaming content
- WAF/reverse proxy: for securely publishing web applications and protecting Exchange services
- WAN load balancing: for multiple Internet connection management
What needs improvement?
- Certificate management (ex. Let’s Encrypt support)
- VPN: IKEv2 Support
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
We have not encountered any issues with stability.
What do I think about the scalability of the solution?
The Sophos UTM solution is very scalable. You can build a hardware cluster with up to 10 nodes.
How are customer service and technical support?
Technical issues addressed to support team have been solved quickly.
Which solution did I use previously and why did I switch?
Before we were using Cisco solutions, we switched because of the lack of UTM features.
How was the initial setup?
The initial configuration is straightforward thanks to the web GUI. In 30 minutes, you can have a running firewall with UTM protection enabled.
What's my experience with pricing, setup cost, and licensing?
The pricing for Sophos UTM is quite acceptable compared to other UTM vendors. If you would like to run an active-passive HA system, you only need to buy an additional hardware without subscription. At other vendors, you need subscription for both devices.
In the case of a software/virtual appliance subscription, you pay by protecting user/IP addresses. You can do this to as much hardware resources as you like.
Which other solutions did I evaluate?
We evaluated SonicWall, WatchGuard, and Stormshield (Netasq) solutions.
What other advice do I have?
We highly recommend this solution for SMBs for its reasonable pricing and wide range of network services.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller and System Integrator.
It Forum Gruppen A/S
Network Protection and Web Filtering help us provide next-gen threat handling
Pros and Cons
- "They are all good, but most-used are Network Protection and Web Filtering."
- "Scaling out cannot be easier, as there are many migration paths."
- "VPN needs IKEv2, but it’s in the roadmap. Also, all new, cool features will only come to the new Sophos XG Firewall."
How has it helped my organization?
We give customers a device that can handle next-gen security threats, which is way better than a typical router.
What is most valuable?
They are all good, but most-used are the Network Protection and Web Filtering licenses.
What needs improvement?
VPN needs IKEv2, but it’s in the roadmap.
All other new, cool features will only come to the new Sophos XG Firewall.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
There are no more stability issues than with other vendors, so I would say it's very stable.
What do I think about the scalability of the solution?
Scaling out cannot be easier, as there are many migration paths.
How are customer service and technical support?
It’s satisfactory.
Which solution did I use previously and why did I switch?
No previous solution. For next-gen firewalls, I began with Sophos.
How was the initial setup?
It is straightforward. There is a wizard running at first boot, making it easy for you to select the level of protection you want.
What's my experience with pricing, setup cost, and licensing?
For under 50 users, MSP licensing is profitable.
What other advice do I have?
We don't use Sophos UTM on AWS.
I would recommend Sophos UTM. But also look at its successor, Sophos XG Firewall, as we do not know how many years Sophos UTM will "live." (Note that it will be free to migrate from UTM to XG).
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Project Engineer
Initial configuration was super simple. Management and monitoring have never been easier.
Pros and Cons
- "It does not take much effort or thinking to understand how it works."
- "The product is extremely intuitive."
- "Configuration could not be made any easier."
- "With over 150 firewalls in our portal, management and monitoring have never been easier."
- "This product could use some improvement with web filtering. It takes a lot of time and effort to set up and maintain."
- "Finding information about Sophos’ sizing guidelines can actually be difficult. Also, Sophos does not make it clear what they mean by “users” when you are sizing a firewall, which then leads to undersized implementations."
- "I am going to flat out say technical support is terrible. Being a Platinum level customer, I am not happy with the support."
- "Stay away from the wireless models, since you cannot put them in HA. They start to give you some weird issues once you start getting into multiple SSIDs and networks."
What is our primary use case?
We have been rolling out the Sophos UTM platform to our clients over the past two years. About 80% of our managed clients have been moved to Sophos UTM. We have been migrating them mostly from SonicWall and Cisco ASA.
We do not use Sophos UTM in AWS. However, we have deployed a few Sophos XGs in an Azure environment.
How has it helped my organization?
The UTM product has definitely improved the way our organization functions. We have set a standard across clients and engineers. Everyone is trained on the product and knows how to manage the devices. UTM is probably the most complete all-in-one firewall that I have used to date. Having the UTM Manager has probably made the most impact, with over 150 firewalls in our portal, management and monitoring have never been easier.
What is most valuable?
The most valuable to features are: Web Application Firewall, Sophos UTM Manager, IDS/IPS, Remote Access, and RED.
- WAF: This is excellent for hardening web servers. The firewall will reverse proxy your web servers, eliminating the need to open ports. Instead the firewall will run an instance of Apache and proxy all traffic to and from the real web servers. (This is also handy when you have a single public IP.)
- SUM: The Sophos UTM Manager is a must have for any MSP. The SUM is a centralized portal for quick access to all the firewalls you manage. This also keeps track of who logs into the firewall by AD account. It is great for keeping track of a help desk, and who is making changes.
- IDS/IPS: General Intrusion Prevention and detection. It works very well.
- Remote Access: VPN access is always a need, and the UTM includes this free with all their license models. A very nice feature that I use a lot is the HTML5 portal. The portal allows you to have web-based access to resources behind the firewall. The best use for this would be when a client does not have any servers on-site. You can set up the HTML5 portal with SSH/Telnet to manage switches on-site, all done through the browser.
- RED: REDs simplify the setup for multi-location clients. A license is not required for a RED, and only one UTM is needed. REDs are great for mobile sites, as they can be tossed in a bag and can run off 4G/LTE. Configuration is effortless, and they create a direct tunnel back to the main office, getting you up and online in no time.
What needs improvement?
This product could use some improvement with web filtering. It takes a lot of time and effort to set up and maintain.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
I have never come across any major stability issues. I have seen some bugs on newer firmware releases which have only affected units configured in HA. Sophos is usually quick to fix these bugs.
What do I think about the scalability of the solution?
You should never come across a scalability issue if you follow Sophos’ sizing guidelines. Finding this information can actually be difficult. Also, Sophos does not make it clear what they mean by “users” when you are sizing a firewall, which then leads to undersized implementations.
How are customer service and technical support?
I am going to flat out say technical support is terrible. I will admit that it has gotten better over the past year. Previously, hold times would be 45 minutes at minimum. After the long hold times, you would receive an extremely under qualified engineer. The knowledge of engineers has definitely increased over the year and the time on hold has gone way down.
Being a Platinum level customer, I am not happy with the support.
Which solution did I use previously and why did I switch?
SonicWall used to be our primary choice of firewall. I am just an engineer and I do not have control over which products we use. We started using Sophos Antivirus, then they eventually sold us on firewalls, encryption, mobile control, and a lot more of their products. The synchronized security model is really what was sold flexible to the product.
How was the initial setup?
Initial configuration was super simple. I am a network engineer, so simple to me may not be simple to someone who does not understand routing and switching. When we were told we were switching to Sophos UTM, I downloaded a trial of the virtual firewall and was able to get it up and running in about an hour with no prior training. After actually going to the training courses provided by Sophos, configuration became even easier.
What's my experience with pricing, setup cost, and licensing?
I am not in sales and cannot comment on this. I design and implement network configurations.
I would recommend to follow Sophos’ sizing guidelines for choosing which license and model to use. Sophos has their own way of going about this and supplies partners with all the information required. If you follow their documentation and guidelines, there should be zero questions about licensing and sizing.
Sophos also offers free training when selling their products from within the partner portal.
Which other solutions did I evaluate?
As a networking engineer, all new products in this category interest me. I find myself testing a lot of different products personally. Here at Flexible Systems, I did not try any other products prior to switching to Sophos. Since we are an MSP, we have had plenty of exposure to many brands of firewalls (Cisco ASA, SonicWall, WatchGuard, Fortinet, ADTRAN, and Edgewater). I personally would choose the Sophos UTM over any other product, including the Sophos XG platform.
What other advice do I have?
I can’t recommend this product more!
Though, stay away from the wireless models, since you cannot put them in HA. They start to give you some weird issues once you start getting into multiple SSIDs and networks. The number one piece of advice is to read and follow the sizing guide, if you do not, you will undersize the firewall.
Just to reiterate:
- Configuration could not be made any easier.
- The product is extremely intuitive.
- It does not take much effort or thinking to understand how it works.
My company has rolled out devices as small as the SG 105 and as large as the SG 330. I personally have an SG 210 in my home. I have gone through all the training involved for configuration and implementation. I also use the product at home and have been extremely happy with Sophos UTM overall.
Disclosure: My company has a business relationship with this vendor other than being a customer: Platinum partner.
Network Administrator at a government with 11-50 employees
Web Server Protection is an elegant solution and can even hide the server's base system
Pros and Cons
- "It is not an easy task to protect your web servers from the big bad internet. The Web Server Protection in this solution does it elegantly and, if configured correctly, even hides the server's base system from prying eyes."
- "The UI can be cumbersome and, sometimes, features are not where you think they should be."
How has it helped my organization?
We use to use a sort of "security as a service," and I had all kinds of issues getting visibility into the system to see if there were issues with my network. That is no longer a problem, I can now see every packet that passes in and out of my network.
What is most valuable?
To me it is the Web Server Protection, it is not an easy task to protect your web servers from the big bad internet. This solution does it elegantly and, if configured correctly, even hides the server's base system from prying eyes.
What needs improvement?
The UI can be cumbersome and, sometimes, features are not where you think they should be.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
No stability issues at all.
What do I think about the scalability of the solution?
Our current use of the product doesn't need any scaling out.
How are customer service and technical support?
Their support is prompt and will find the issue for you.
Which solution did I use previously and why did I switch?
We were using an offsite solution that was at least 20 times the cost over a year.
What's my experience with pricing, setup cost, and licensing?
Go to a vendor and let them assess your needs so you can get a right-sized device.
What other advice do I have?
I use it in a self-hosted implementation.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Snr Dev Ops Engineer at a tech services company
Define your requirements and find what best suits you
Pros and Cons
- "It allows our developers to be able to securely log into servers to deploy and manage software."
- "It has allowed us to design a bespoke cloud space for our clients, while still having an excellent level of protection."
- "There is absolutely no support when using AWS. If you buy the on-premise Sophos solution, you get support."
- "It is a pretty straightforward setup, but it should be some sort of documentation that takes you step-by-step to help set it up for your VPC."
What is our primary use case?
We have quite a lot of web service hosting, either websites or hosting APIs. We use Sophos as a two-factor authentication process. So, if they are outside or working in a remote office, they will need to use the Sophos VPN, which is gotten from the Sophos UTM, then ideally they will be developers. However, they can also be BI guys, DevOps people, etc.
Sophos UTM allows you to compartmentalize different sections or different people, having those people connect to different services.
We use it for primarily for two-factor authentication, for VPN to allow employees security access the servers and to ensure people do not access things they should not have access to.
How has it helped my organization?
- It has allowed us to have one solution for our AWS needs.
- It allows our developers to be able to securely log into servers to deploy and manage software.
- It has allowed us to design a bespoke cloud space for our clients, while still having an excellent level of protection.
What is most valuable?
- The combination of server protection
- Seamless incorporation with AWS
- Its VPN feature
What needs improvement?
You (currently) need to buy the Sophos software per availability, zone, and per VPC. It should offer an account-based solution.
When you buy a Sophos license, you have to buy a license for each location. We have clients in the US. We have clients in Ireland. We have clients in the UK. With GD-PI coming, the clients' data needs to stay in-house, so when you buy the Sophos license, it only works for the UK. Then, you have to buy another in the USA and another one in Ireland, then you have to have a VPN tunnel between all of them to have them talk to each other because Sophos blocks them talking to each other.
So, ideally, a multi-VPC or a multi-talented Sophos would be great because it would take away the fact that you need to build a tunnel and you have one management console for all your different locations. Instead of having three different locations with three different IP addresses and having to add users to probably two out of three, sometimes all three, having just one centralized location would be good.
What do I think about the stability of the solution?
No, we did not. Backups were done daily, and its Linux backend gave us no issues.
What do I think about the scalability of the solution?
Adding new servers was seamless. Adding new users and allowing for VPN access was also fantastic.
How are customer service and technical support?
For the AWS version, it was atrocious. None really. For the bespoke cloud space that we designed though, they were very good.
To further clarify, there is absolutely no support when using AWS. If you buy the on-premise Sophos solution, you get support and you get all the stuff. Whereas if you are using the AWS version, you do not. So, you kind of have to research. There's something simple really which affects Sophos quite a bit during setup.
Which solution did I use previously and why did I switch?
No, we didn't. It was our first choice and it was definitely a good one.
How was the initial setup?
For a user who hasn't done it before, it may be a bit complex but with a general understanding of networks, it was fine.
However, when you build everything up using the AWS version (setup), it actually does not work until you write it on the Sophos UTM and in the networking, you have to change the source destination check. You have to do that at the end of it, but there is nowhere in the documentation or anything where it tells you that. It was just somebody happened to find that out. It is a pretty straightforward setup, but it should be some sort of documentation that takes you step-by-step to help set it up for your VPC. There really is not that much difference setting it up in different VPCs, but there is not enough information out there. It is a very good solution that a lot of people would be using more of except you are doing different things, and you have to try and figure it out yourself.
The support, there is none; AWS themselves, they support it the best, because they have some knowledge of it, but they do not fully support it because it is not their product. It is a third-party product.
What's my experience with pricing, setup cost, and licensing?
Licensing is a bit complicated, as it is based on products -- so define your requirements and find what best suits you, as you do not need the whole suite of software they provide.
For AWS, it is pretty straightforward. You buy it, then you have all your licenses that you need, approximately 60 or 70, or it might even be unlimited. However, that is for one margin to expand to different margins. If you have an on-premise AWS, or one of our clients wanted on-premise AWS Assistant, the problem is to build the Sophos UTM on it. We get the software, then the licensing was not explained well because when you buy the licenses, you buy five (or 50) licenses, that is for the first module. So if you expand to second module, you have to buy more licenses of that.
Again, it is one of those things where it is not well explained. Unless you are in the United States, or you have to use Sophos, you can't contact Sophos directly. You have to use a third-party company, and they all have different ways of how they explain their licensing. So, we have clients that want the database on-premise, and we went to get the Sophos licensing system and stuff like that. It was just they were doing it a different way to who we had in Ireland, so the conformity is a bit iffy.
It is one of those things where it is not very well explained, so it is a lot of grunt work, a lot research has to be done before you progress, and there are the pitfalls that you encounter. There are quite a few of them. Once you get it working, it is a fantastic product. It is just getting it that is the issue.
Which other solutions did I evaluate?
We looked at a few, but I can't remember right now.
What other advice do I have?
Great product which works without issues or downtime.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Consultant at a manufacturing company with 1,001-5,000 employees
Supports all the traditional firewall components, but the install was slow due to the GUI
Pros and Cons
- "The UTM features are reasonably strong and the patterns are updated on a regular basis"
- "The lack of import/export functions for network and service options drives me mad."
What is our primary use case?
- Providing the firewall to my small business office. We run it on a fanless PC and a supporting 50Mb/s VDSL connection.
- Supports 10 devices and has 40 rules.
- Using UTM and IPS extensively.
What is most valuable?
- Using the Home version to help Sophos develop the XG. I have not used the earlier UTM, which colleagues have recommended.
- The UTM features are reasonably strong and the patterns are updated on a regular basis
- Supports all the traditional firewall components
How has it helped my organization?
Not applicable.
What needs improvement?
- The lack of import/export functions for network and service options drives me mad.
- No route to NULL
- No Dshield.org integration
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
No.
What do I think about the scalability of the solution?
Not applicable.
How are customer service and technical support?
Not applicable.
Which solution did I use previously and why did I switch?
Originally Cisco 871 IOS IP Advanced Security, then Juniper SSG20, which was getting old and service contracts were too expensive.
How was the initial setup?
Slow because of GUI and lack of .csv style object import.
What about the implementation team?
In-house
What was our ROI?
Not applicable.
What's my experience with pricing, setup cost, and licensing?
If you can afford it, go for a small Check Point, as it is easier to manage.
Which other solutions did I evaluate?
Linux ipchains and modern equivalents.
What other advice do I have?
Takes awhile to build a comprehensive rule set because of the relatively slow Web GUI.
If you build, backup, restore and reconfig between the boxes.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network Engineer II at a legal firm with 1,001-5,000 employees
Configuring the network was the easiest part of implementation, but the internet failover needs to work better.
Pros and Cons
- "If a computer does get infected the Sophos appliance lets us know via it's Advanced Threat Protection so we can get a much faster response time."
- "As it stands right now, when we have an internet failure on WAN1, it takes several minutes before our WAN2 connection picks up the traffic"
What is most valuable?
- Firewall
- NAT
- Intrusion prevention
- Site-to-Site VPN
- Web filter
- Anti-virus
How has it helped my organization?
Before using the Sophos appliance, we consistently struggled with users clicking on things they shouldn't be. This led to virus/malware infections that seemed to propagate through the network at an alarming speed. Since we incorporated the appliance into our network, we don't have to worry as much since it does in-line virus checking, and if a computer does get infected the Sophos appliance lets us know via it's Advanced Threat Protection so we can get a much faster response time.
What needs improvement?
I wish the internet failover worked better. As it stands right now, when we have an internet failure on WAN1, it takes several minutes before our WAN2 connection picks up the traffic, with many things not working until I manually fail over to the other WAN.
For how long have I used the solution?
I've used it for seven years.
What was my experience with deployment of the solution?
Initially, we had issues configuring the web filter and getting the right policies applied to the right users. After several calls to Sophos, they were able to assist us in getting to where we wanted to be. Other than that, deployment was easy as long as you pay attention to what you are doing and have the setup guide handy for any questions you have.
What do I think about the stability of the solution?
The appliance has been very stable, only being rebooted to apply patches for security vulnerabilities, which fortunately is not very often.
What do I think about the scalability of the solution?
The UTM 220 has served our purposes very well, it has allowed us to scale up on the computing side as well as the server side with no issues at all.
How are customer service and technical support?
Customer Service:
Their customer service is fantastic.
Technical Support:I have never had an issue go unanswered when I've had to involve Sophos technical support. Above all, it's their technical expertise that truly sets them apart from other vendors we have tried.
Which solution did I use previously and why did I switch?
We did originally try to use PFSense. The software was hard to use, and the level of technical expertise was not good. Ultimately, after several demos of both products, we decided that Astaro (at the time we purchased our original device) was the right vendor to work with. Since that time, Sophos purchased Astaro and it would appear that they kept a lot of the same people working on these devices because the transition was smooth, and the level of knowledge never faltered.
How was the initial setup?
The initial setup was very straightforward. I will say that you do need to have a certain level of knowledge to set up the more advanced functions. Configuring the network was the easiest part, and the firewall was very straightforward once you figured out exactly what rules you needed to put in place. NAT was a bit confusing to start with, but once you went through the process it was easy. Intrusion prevention was easy to set up, flip the switch to the on position and decide what rules you want to apply. Web filtering took a few calls to Sophos to set up properly, as we were trying to set up filtering policies based on Active Directory groups, and were not successful in the initial configuration, but we did finally get this implemented.
What about the implementation team?
I implemented the product in-house. The one bit of advice that I can give is to organize yourself prior to deployment. Determine what services you want to utilize in your environment, and focus your learning to those parts of the guide, this will make your deployment much easier.
What was our ROI?
Our return on investment is the fact that we are protecting the business' data, lowering administrative costs, and are better able to manage every bit of our network security.
What's my experience with pricing, setup cost, and licensing?
The licensing model is very straightforward, it's a bit pricey, but for what you get, it's well worth it.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Quality Officer at a tech services company with 10,001+ employees
I know I am secure against threats from the internet
What is most valuable?
The IPS and endpoint protection function.
A standard Firewall of an access router, monitoring up to OSI level 4, is unacceptable anymore these days. The endpoint protection solution is integrated, thus running along with the notification function.
How has it helped my organization?
All the necessary functions being incorporated into one solution with notifications configured, I know I am secure against threats from the internet. (Up to the limits of the solution in the constantly evolving and dangerous Internet).
What needs improvement?
- A cleaning up function to remove unused references.
- A dashboard to show that the various parts of the solution really do their tasks and not only have been activated or configured (e.g., From the live log of the IPS function it is difficult to understand if the solution (snort) is running or experiences a problem and has stopped working.
- The possibility to add the sandbox (and possible future) function, paid for, to the free Home version.
For how long have I used the solution?
I've used this solution for three years.
What do I think about the stability of the solution?
Some with the IPS function (snort).
In my case, when restarting the system (because of an update), I doubt that snort starts correctly and do a manual restart of the IPS function (see my answer for 'Room for Improvement').
What do I think about the scalability of the solution?
How are customer service and technical support?
As a free home user, I have not used the support services up until now.
Once, I did upload an Office document that appeared to give a false positive, but never got a notification. I understand this because of the priorities that have to be given, but I would have liked to receive a (even small) reaction.
Which solution did I use previously and why did I switch?
I did take a look at other open source solutions, but found the Sophos UTM, being the best professional free for Home UTM solutions, full blown, and updated daily, to be the best solution.
How was the initial setup?
The setup wizard provided me with just enough insight into the basics of the solution -- to be able to start using the solution fully after some self-study and exploration of the various knowledge bases and forums.
What's my experience with pricing, setup cost, and licensing?
I looked at some open source variants but being able to use the best professional (free for the home version) product with regular updates -- convinced me to use the Sophos UTM solution at Home.
Which other solutions did I evaluate?
The instability and best effort service of a community of the open source solution did not give the right trust to depend on in the battle against the negative sides of the worldwide internet
What other advice do I have?
Start simple and step-by-step, and start using the product fully.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network & System Engineer at a tech services company
Sophos is number two on the market, and from my experience, even if there are some drawbacks, they have workaround solutions in the product.
What is most valuable?
RED remote Ethernet Device layer 2 site-to-site tunnel.
RED is a layer 2 tunnel based on SSL protocol that you can establish tunnel, with or without static public IP form provider and this is a feature you will not see among another vendor.
How has it helped my organization?
I have done hundreds of setups of this solution.
What needs improvement?
Sophos is number two on the market, and from my experience, even if there are some drawbacks, they have workaround solutions in the product. Every day, Sophos makes developments in the firmware that are free if you have a valid license.
For how long have I used the solution?
I've used this solution for five years.
What do I think about the stability of the solution?
No.
What do I think about the scalability of the solution?
No, correct sizing will fit.
How is customer service and technical support?
Fast response time. Easy management, good support.
What's my experience with pricing, setup cost, and licensing?
Pricing is competitive.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Business Owner at a tech services company with 1-10 employees
The technical support is really good and the representatives are very responsive.
What is most valuable?
Reverse proxy, SSL VPN, web & email protection
For me, those features were most valuable from a security point of view;
• Reverse proxy is very important for shielding application frameworks.
• For VPN, we all knew that PPTP was broken and is not secure anymore. For Ipsec, you need to have opened ports, and if you are in a hotel who only has ports 80 and 443 opened, you can’t do anything.
SSLVPN is one of the solutions. Yes, you can use DirectAccess, but there are some limitations, too.
For DirectAccess, you need to have all those computers joined in one domain.
• Web & email protection is a nice feature because you have all of those controls in one dashboard. This is of course for small and maybe some mid-size companies. For larger and enterprise, it’s another story.
How has it helped my organization?
Less and faster administration, full control of traffic, and a lot of futures included in the base price.
What needs improvement?
The goal for small companies is to have one administration dashboard -- from where you can manage antivirus for computers, firewalls, IDS, IPS, mobile phones, tablets, etc.
Sophos UTM is on the right path to getting there.
For how long have I used the solution?
Sophos UTM 135 = two years.
Sophos UTM 115 = one year.
What do I think about the stability of the solution?
No problems with stability.
What do I think about the scalability of the solution?
No problems with scalability.
How are customer service and technical support?
The technical support is really good and the representatives are very responsive.
Which solution did I use previously and why did I switch?
Cisco (didn’t achieve expectations), Microsoft TMG (end of life).
How was the initial setup?
The setup is straightforward, but I suggest hiring an expert for integration. This is your first line of defense, and there is no room for mistakes.
What's my experience with pricing, setup cost, and licensing?
Sophos UTM’s are not the cheapest but they are not the most expensive. Create a checklist of what you need, and go through it with a sales representative. They will advise the right license for your company and I’m sure you can get some discount.
Which other solutions did I evaluate?
Cisco, CheckPoint UTM-1
What other advice do I have?
Create a checklist with your requirements, test the solution, and if it passes everything, implement it.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Infrastructure Architect at a retailer with 10,001+ employees
A firewall that allows for web filtering and application control.
How has it helped my organization?
The Sophos UTM planform has allowed us to improve or implement the following security practices:
- Details Web filtering and user access Control
- SaaS QoS
- Network segmentation with firewall and IPS
- WiFi protection
- Web Application Proxy everywhere, inside and out
- WAN expansion with SSL VPN and IPsec VPN over the Internet
- Two Factor Authentication requirement for PCI compliance
- Reduced the need for expensive MPLS deployments
What is most valuable?
The UTM/SG platform starts off with the basic functionality of being a good Firewall, adding the additional modules opens up the products set and allows for full web filtering and application control, reverse proxy, APT detection, IPS, VPNs, User portal etc.
The licensing model works very nicely to allow you to get the right protection at the right price point for the right deployment size.
In the increasingly cloud focused word the Sophos UTM’s ability to deliver Safe web access, Web Filter and Cloud Application control has gone from being a nice to have to being a must have for any size company or organization. The rich access logs it records allows you to get real insight into what your users and devices are accessing on the cloud. Native reporting is basic, but can easily be improved by adding Fastvue Sophos Reporter.
What needs improvement?
At Enterprise level the SUM (UTM Manager) needs to be updated to reflect all of the capabilities
At the Reporting level for user internet browsing the On-box Reporting is very basic and even adding the Sophos iView only give you limited improvement. Having said that, Fastvue’s Sophos Reporter provides all of this and more and integrates seamlessly with the UTM platform to unlock all of the log data’s value.
The SG platform does however not scale to a large enterprise deployment. You can deploy at scale but this is where the platform shows its age and limitations. For Large and Enterprise the better option is to go with the Sophos XG Platform.
What do I think about the stability of the solution?
Major firmware release can sometimes be buggy initially but are soon pathed and stabilized. My advice would be to sit tight for 9.x release for about a week before implementing 9.x.yyy releases often fix bug without introducing stability issues.
What do I think about the scalability of the solution?
The platform scales-out in a great way, if your deployment is basic and you do not exceed the capabilities of the current SUM. Several companies run large UTM connected networks with hundreds of site across multiple countries.
The platform scales up admirably in the format of the large tin deployments such as the SG550 or SG650 models. They are ably to handles massive throughput rates on the firewall modules but the Proxy and WAF modules cap out at a 10 000+ users or devices depending on the traffic, of course.
How was the initial setup?
For anyone with Proxy and firewall experience the setup is pretty straight forward with a wizard that will get you up and running in no time. The UTM / SG is also available in Hardware Software / Hyper-V/ AWS / ESXi / Oracle Virtual Box so you can set up a test or lab environment on almost anything to get started.
What's my experience with pricing, setup cost, and licensing?
The licensing options with virtual are great and scaling up and down is typically not an issue if you reseller is involved. Sometimes buying the hardware makes more sense than going virtual. The hardware is great and unlike the virtual licensing is unrestricted by user numbers. There are huge numbers of OS models that range from very small to very large. You will likely find a good fit for your deployment.
A great benefit is that you can migrate your Sophos SG license to a Sophos XG license in the future. You can safely Deploy on SG and later migrate over to the newer XG platform when you are ready. It offers a great feature set at a good price point.
Which other solutions did I evaluate?
Various other platforms were evaluated before choosing the Sophos SG including CheckPoint – UTM1, FortiGate, and Sophos XG (Beta – at the time). All have their own areas where they shine and should be short listed candidate for anyone looking to implement a UTM.
What other advice do I have?
Sophos is a great security partner for any organization. Investing in their suite of products gives you a good cohesive strategy for security. Adding Fastvue Sophos Reporter allows you to get better visibility into how well your UTM is protecting your environment as well as adding the ability to add real time alerts. It really adds additional features to the product without increasing the cost much and a relatively short ROI is often realized.
Disclosure: My company has a business relationship with this vendor other than being a customer: Through various methods, I have business relationship with Sophos and their reseller network. They are great guys who care more about making the internet a safer place than just extracting the maximum amount of revenue from you. Sophos listens to their customers and adds features as we request them. It really makes you feel like you have a security partner and not just a product supplier.
Senior IT Support Engineer at a religious institution with 51-200 employees
The email alert on event triggers is a valuable feature. The ability to disconnect the VPN connection needs to improve.
What is most valuable?
The most valuable features are:
- Ease of configuration of the firewall rules and routing.
- The email alert on event triggers.
- Internal storage for logging, as you do not have to get another server to store the logs.
What needs improvement?
The ability to disconnect the VPN connection needs to improve. Currently, in order to disconnect an existing VPN connection of a device, the admin needs to change the password of the user.
For how long have I used the solution?
I have used this solution for two and a half years.
What do I think about the stability of the solution?
We encountered stability issues more on the Web Filtering feature where certain valid websites are blocked or the video cannot be played and it requires extra exceptional configuration.
What do I think about the scalability of the solution?
There were no scalability issues.
How are customer service and technical support?
I would rate the technical support a 8/10.
Which solution did I use previously and why did I switch?
Previously, we were using WatchGuard UTM. The pricing and ease of use of the configuration were the reasons as to why we moved over to this solution.
How was the initial setup?
Setup is straightforward.
What's my experience with pricing, setup cost, and licensing?
From time to time, there is a promotion and it is more cost effective to get the 3 years subscription licensing upfront.
Which other solutions did I evaluate?
We looked at Fortinet.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Head of IT at a construction company with 201-500 employees
Some of the valuable features are web and email protection and VPN.
What is most valuable?
All the features are valuable.
- Web protection: Allows me to control unnecessary web traffic into the company network.
- Email protection: Protects the company from spam and malicious emails.
- RED and VPN: Provides an easy and secure way to connect branch offices so I can easily control them.
- WAF and DMZ: Provides an easy and very secure way to publish your internal servers. Enables you to have more than one WAN and to use them for load balancing and controlling the traffic through them.
How has it helped my organization?
Before implementing Sophos UTM, we had a lot of problems with:
- Malicious URLs
- Spam
- Unnecessary internet traffic
- difficulties in connecting and controlling branch offices
After implementing Sophos UTM, the percentage of infected computers because of bad URLs was been reduce by 90%. A lot of spam emails were blocked. Additionally, I created a whitelist for company emails and a blacklist for unnecessary emails.
Branch offices have the same protection like the main office and communication between offices is very easy. We created rules for one-way communication for some branch offices and two-way communication for another office. You have got a lot of abilities for different configurations between offices.
But after migrating to Sophos XG and the new XG OS, things got easier, more secure, and more interesting. Specifically, we had the ability to generate different reports for different protection types, different end users, or different services.
With the new XG OS, I have better control of my network and I can easily detect malicious and unnecessary traffic.
For how long have I used the solution?
We used UTM for four years, and XG for one year.
What do I think about the stability of the solution?
At the beginning, there were stability issues, due to a poorly configured switch. I had problems with HA, but after that, there were no stability issues.
How are customer service and technical support?
I only contacted technical support five or six times. They were very professional. I will rate them as excellent.
Which solution did I use previously and why did I switch?
We did not use a different solution before this one.
How was the initial setup?
The initial setup, at the beginning, was very complex. After some time, everything got clear. I did the migration of UTM to the new OS XG by myself and I didn't need help from technical support.
What's my experience with pricing, setup cost, and licensing?
Think twice when you are choosing your Sophos UTM/XG. I made a mistake the first time because I needed more powerful hardware for my network. I did not choose very well. The price and the license are definitely elements for which you must think twice. I had excellent cooperation with the Sophos sales team and my mistake was quickly resolved.
Which other solutions did I evaluate?
What other advice do I have?
I love all Sophos products, but the combination of Sophos XG, Sophos RED, and Sophos advanced endpoint protection with intercept X is something that all IT professionals and security officers will love and want to have.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Systemadministrator at MCON Group GmbH
It is for beginners and hardcore professionals.
What is most valuable?
All the features are similar; we are real, hardcore users of the Sophos UTMs.
How has it helped my organization?
This product is for beginners and for hardcore professionals; beginners can get their feet wet and professionals can easily look into the product.
What needs improvement?
Certificate Management should be improved.
For how long have I used the solution?
I have used this solution since 2014, i.e. for around three years.
What do I think about the stability of the solution?
We have over 30 Sophos UTMs running. There are some that are not stable, because of the bridges used or ISP used (Cisco vPCs/Dell MLAGs etc.).
What do I think about the scalability of the solution?
The Sophos UTM Internal DB sometimes has problems which affect its scalability.
How are customer service and technical support?
Technical support is very good, but only to the distributor. Support is poor if the distributor escalates to the vendor or we complain directly to the vendor.
Which solution did I use previously and why did I switch?
It was not a change; in general, we have used many firewall vendors, but no one is as good as Sophos UTM.
How was the initial setup?
The initial setup is easy.
What's my experience with pricing, setup cost, and licensing?
Unfortunately, the pricing is very expensive, but for licensing, there are some "cheap" options for some scenarios.
What other advice do I have?
If you'd like to look into a system which is very robust and hardcore, then select Sophos UTM.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior IT Consultant at a tech services company with 51-200 employees
Great security and logging.
What is most valuable?
Great security and logging. Easy GUI.
What needs improvement?
It really needs to update IPSec to enable IKEv2.
For how long have I used the solution?
Two years.
What was my experience with deployment of the solution?
No.
What do I think about the stability of the solution?
No.
What do I think about the scalability of the solution?
No.
How are customer service and technical support?
Customer Service:
Customer service is great and responds really fast.
Technical Support:Technical support might be a bit better and there are not enough easily accessible guides.
Which solution did I use previously and why did I switch?
Previously used the OpenSource pfSense which works great, but Sophos adds the little extra that is needed in security.
How was the initial setup?
Straightforward.
What about the implementation team?
In-house.
Which other solutions did I evaluate?
I evaluated pfSense, and still go with pfSense where IPSec to AzurePack services are needed because Sophos does not support IKEv2.
What other advice do I have?
At first I did not like Sophos UTM but after second setup and config I liked it a lot and now recommend it to all my customers. It has great security features, and together with Sophos Endpoint Protection it works perfectly.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT and Data Security Manager at a tech services company
An Excellent Product, easy to understand for an experienced engineer
The Sophos UTM products helped us manage and a global network of more than 20 sites.
Their ability to firewall, filter and monitor network traffic and provide VPN connectivity really helped us day to day with such a complex network.
We chose the product initially because the user interface was simple to understand and made sense without requiring a long training course for an experienced network engineer to utilise.
Central Management is made easy with the Sophos UTM Manager which allows you to set configurations, see patch status and pull reports from all your estate.
While the product was originally with Astaro the low end (1xx) units had serious reliability issues and support was extremely challenging to engage with. However, once Sophos took over their world class technical support teams soon brought responsiveness up to the level I would expect from a premium product. And the newer hardware is much better quality.
The ability to have either software, hardware or virtual appliances allows excellent freedom of choice.
High Availability is easy to configure and works really well, with options to have either active \ active or active \ passive depending on your needs and budget.
The fact you can use the full product for Free at home is a wonderful idea for engineers to become more familiar with the product and keep their skills up to date.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Technical Consultant with 51-200 employees
Sophos UTM vs. Fortinet FortiGate
I have used both Sophos and Fortinet products in production and I have found the Sophos UTM appliances (hardware and virtual) to be a better fit most of the time -- with a few caveats which I will touch on below. In both instances, the transition from TMG will be mostly straightforward. The main hang-ups will be with the VIP/load balancing and SSL. For some reason that completely escapes me, both of these vendors make getting valid certificates onto their boxes unnecessarily difficult -- the Fortinet appliances more so than the Sophos UTM appliances. At one point a Fortinet engineer had to write an entire manual on how to get an SSL certificate uploaded successfully on the 4.x firmware.
Sophos: The one feature that is missing (and this makes some amount of sense) from the Sophos appliance is BITS caching for updates. Other than that, Sophos offers a full replacement for TMG on UTM9. The XG platform also offers a replacement for the TMG; however, some of the rumblings about upcoming releases suggests that Sophos is going to give XG the Apple iOS treatment and "streamline" the interface...potentially cutting out/hiding some functionality. On the effectiveness of the NGFW, Sophos is mostly good but has a few issues blocking all pieces of an application. For instance, we had to build custom blocking rules for OpenVPN (the vpn was being used to bypass the content filter) because the default Application Control wasn't effectively blocking the application.
Fortinet: If it wasn't for Fortinet's terrible tech support we would still be deploying Fortigates exclusively. So perhaps that answers your last question right upfront. FortiWeb is not absolutely required for what you are proposing; however, the FortiWeb does make the transition from TMG much easier as the FortiWeb is purpose-built to do what you are requiring. Related, the AD-integration used with Fortinet is one of the strongest implementations we have used: The SSO agents ability to poll data from the DCs without an agent allows the use of SSO with non-Windows machines that are bound to AD, which we have used extensively at both educational institutions and shops running CentOS. Transitioning to Fortinet is relatively simple: The UI makes a lot more sense than it did in the old 4.x releases, the firewall rules are straight-forward, and the reverse proxy settings are well-documented.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Technical Consultant at a tech services company
It's provided us with unified threat management as well as comprehensive lists of reports, although we can't currently run 2.4 Ghz and 5 Ghz bands simultaneously.
What is most valuable?
- Firewall
- Intrusion Prevention
- Web Filtering
- SMTP Proxy
- Red (VPN Appliance Box for remote sites)
How has it helped my organization?
The product has provided us with unified threat management as well as comprehensive list of reports.
What needs improvement?
Their new product range which is the new SG Series UTMs, especially the wireless versions, should at least include two radios for 2.4 Ghz and 5 Ghz bands. Currently we can only run one or the other, but not both.
For how long have I used the solution?
I've used it for around 18 months.
What was my experience with deployment of the solution?
No at this stage.
What do I think about the stability of the solution?
Only thing we have noticed as of late was that their firmware updates break something else that was working in a previous version. Only noticing this on some customers though not all customers.
How are customer service and technical support?
They're great.
Which solution did I use previously and why did I switch?
I’ve used other products like NetboxBlue, SonicWALL in my previous roles. We chose the Sophos UTM because of pricing, rich feature set and the fact that it can be either a Virtual App or Hardware Appliance.
How was the initial setup?
The initial setup was very straightforward. It was done through a wizard and there not much needed doing while setting up the UTM.
What about the implementation team?
We are a reseller so we use the same product that we sell to our customers. That’s how much we love the product.
Disclosure: My company has a business relationship with this vendor other than being a customer: We're a Sophos Gold Partner.
Senior Expert for Microsoft infrastructure at a computer software company with 51-200 employees
It provides firewall, proxy, and VPN in one solution, but be prepared to follow the Zeroeth Rule during implementation.
What is most valuable?
- SSL VPN
- HTML5 VPN portal
- Application control
- Reverse proxy
- Web filtering
How has it helped my organization?
We used several vendor products before UTM, and now it is all in one box - firewall, proxy, and VPN. Sophos is much easier to manage and configure.
What needs improvement?
Every product has room for improvement.
For how long have I used the solution?
I have used it for three years actively with several projects utilizing UTM.
What was my experience with deployment of the solution?
No issues encountered.
What do I think about the stability of the solution?
No issues encountered.
What do I think about the scalability of the solution?
No issues encountered.
How are customer service and technical support?
We don't have direct contact with Sophos support so I can’t rate the level of customer service and technical support properly.
Which solution did I use previously and why did I switch?
I did. Sophos UTM is far more easier to configure and it is very intuitive with configuration.
How was the initial setup?
Setup is easy and straightforward. It is a browser based tool, so you can access it from every location, and with different operating systems.
What about the implementation team?
We did it in-house.
What other advice do I have?
I have some technical advice, but generally, always prepare steps to implement Sophos UTM and test your implementation before using it in production environment.
The Zeroeth Rule:
Start with a hostname that is an FQDN resolvable in public DNS to your public IP. If you didn't do that, start over with a factory reset; it will save you hours of frustration.
- Whenever something seems strange, always check the Intrusion Prevention, Application Control and Firewall logs
- In general, a packet arriving at an interface is handled only by one of the following, in order, DNATs first, then VPNs and proxies and, finally, manual routes and manual Firewall rules, which are considered only if the automatic Routes and rules coming before hadn't already handled the traffic
- Never create a Host/Network definition bound to a specific interface. Always leave all definitions with 'Interface
- When creating DNATs for traffic arriving from the internet, in "Going to:" always use the "(Address)" object created by WebAdmin when the interface or the Additional Address was defined. Using a regular Host object will cause the DNAT to fail as the packets won't qualify for the traffic selector.
- In NAT rules, it is a good habit to leave a field blank when not making a change. In the case of a service with a single destination port, this makes no difference. In the case of a service with multiple ports, or a Group, repeating the service makes the NAT rule ineffective.
- There are only four reasons to sync users from AD to the ASG/UTM:
- The user should be able to log on to a Remote Access VPN that uses certificates to authenticate the user
- Email Protection is enabled and the user should receive Quarantine Reports and be able to manage personal black/whitelists and/or use Email Encryption/Signing
- You want to do Reporting by Department for Web Protection (and I consider it a bug to require this when doing AD-SSO)
- You want to use the Authentication Agent to populate "username (User Network)" objects
- There's no other reason to sync users to WebAdmin - certainly not with AD-SSO
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Systems Engineer at Base-2 ICT Services Ltd
The reliability of the equipment makes it possible to provide stable connections but IPSEC site-to-site VPN connectivity needs to be improved.
What is most valuable?
- Reliability
- Usability
- Number of features that fully cover goals
- Perfect support
- Possibility to get “under the hood”
How has it helped my organization?
The Sophos solution provides a branch to head office distributed network for a construction company across New Zealand, and the reliability of the equipment makes it possible to provide stable connections and is easy to implement and support.
What needs improvement?
Would be great if it would be possible to improve IPSEC site-to-site VPN connectivity over slow/unstable internet connections.
For how long have I used the solution?
This particular configuration has been in use for about two and a half years.
What was my experience with deployment of the solution?
No issues encountered.
What do I think about the stability of the solution?
Very rare cases of appliance lost admin password or web-service hangs.
What do I think about the scalability of the solution?
No issues encountered.
How are customer service and technical support?
Customer Service:
Since I’m an engineer, I probably cannot evaluate this aspect, however as far as I know equipment order and upgrade was always fine
Technical Support:4.99 out of 5 – support is very helpful, only once there were misunderstanding about licensing and number of supported Sophos WAPs and that was resolved promptly and fully.
Which solution did I use previously and why did I switch?
For this project, the Sophos infrastructure has been planned and deployed from the start and there has been no need to change it
How was the initial setup?
It's logically straightforward and the transparent interface made possible a quick deployment. However, a little time was needed to get familiarized with the interface.
What about the implementation team?
It was implemented in house.
What other advice do I have?
Nothing is perfect, but with Sophos those are really small – sometimes it is incorrect firmware upgrade paths, or rare log in problems (device forgetting admin password). All those though can be fixed, there is plenty information in the Internet and support is usually awesome. Also, you need to plan the solution and costs involved, while having in mind potential growth of users/connections; e.g. creating virtual appliances and allocating resources (RAM, CPU, NICs) minding potential workload.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Hi PatrikS, it was ASG120, had to reset it connecting via com port and using monitor connected to the unit.
IT Security & Audit Manager at a tech services company with 51-200 employees
It is full of options, but the web filtering engine needs to be improved.
What is most valuable?
They are all valuable, but the most valuable is the uplink balancing. This is very useful when dealing with more than one ISP, and the wireless capability for our guests.
How has it helped my organization?
It's scalable and easy to manage.
What needs improvement?
The web filtering engine needs to be improved as, sometimes, the service hangs for a while and restarts randomly. Alas, there was an issue with authorizing Lync traffic but it's all good now.
For how long have I used the solution?
I've used it for eight years.
What was my experience with deployment of the solution?
No issues encountered.
What do I think about the stability of the solution?
Rarely.
What do I think about the scalability of the solution?
No issues encountered.
How are customer service and technical support?
Customer Service:
It's good.
Technical Support:It's acceptable because sometimes there are delays with answering our requests. We are using the regular support, so we don't have the ability to contact Sophos directly.
Which solution did I use previously and why did I switch?
We did, and we switched due to the costs and the functionalities.
How was the initial setup?
It was very easy.
What about the implementation team?
We used a vendor team to implement it.
What other advice do I have?
It's a nice product that is full of interesting options.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Had done POC for 2 months but can't able to justify as per our prospect.
Support Engineer at a tech services company with 51-200 employees
RED appliances and APs make a difference, however, performance is suffering under high traffic usage.
Valuable Features
I think the RED appliances and APs make a difference, and add value to Sophos. Also, it is easy to configure, robust and is a stable appliance. The licensing is great, because you don't have to pay the same license fee for a standby appliance.
Improvements to My Organization
Actually, we were not used to firewalls in our organization, but I was working at a distributor previously so I had a chance to do many demos. The customers like its GUI because it's easy to manage and RED takes attention of the customer which has distributed locations like shops, cafes, fast food stores etc.
Room for Improvement
They should have more powerful appliances. The appliances throughput and performance is suffering under high traffic usage. Also, I think they need better appliances for enterprise and high end customers.
Use of Solution
I've used it for one year.
Deployment Issues
Because we have local laws about logging, we had to get permission to develop a logging mechanism. Also, we had lots of requests to improve URL filtering categories.
Stability Issues
I had an issue with transparent mode in a demo, but mostly it is a very stable appliance and software.
Scalability Issues
Sophos has a sizing guide which is a great during the planning phase in ensuring you are getting the sizing right. I have used it many times when I preparing customer demands. I haven't had any problems yet.
Customer Service and Technical Support
Customer Service:
I was working with Sophos' Germany office, and they always supported me. It was really great working with them.
Technical Support:They're 6/10. I had many cases, but they don't like to do a remote session immediately. To be honest, I have worked with better support teams from other vendors,.
Initial Setup
It is very easy.
Implementation Team
I implemented it but got help from the vendor when I got stuck wit something. They are great.
Other Advice
It is great solution for customers who have small, branch offices. I would advise you get Sophos for distributed locations (with RED and APs).
Disclosure: I am a real user, and this review is based on my own experience and opinions.
I agree with Patrik. Specially SG series devices running on Sophos UTM 9.3 are amazingly performing devices. If they are correctly sized and scoped, I gurantee they match even out perform many of their competition. They offer 360 degree Security peace of mind. Still though, my favaroutes are WatchGuard M series UTMs for SMBs.
Regards,
Serhat
Consultant at a tech services company with 51-200 employees
Sophos's web filtering & SMTP filtering is much better than SonicWall which we previously used.
What is most valuable?
Firewall and Web Protection
Advanced Threat Protection is a good "dashboard" feature to see if there is any network issues
How has it helped my organization?
Its a key point of keeping your network secure which once setup requires minimal ongoing monitoring. Also this unit can act as the whole security suite so everything in your network is protected.
What needs improvement?
Its identification of users without the need of setting up Proxies or Identity software could be better, that is probably the trickiest section to setup.
For how long have I used the solution?
2 years
What was my experience with deployment of the solution?
No issues other than ensuring what has been configured matches the requirement of the company/client.
What do I think about the stability of the solution?
The only stability issue we have encountered was an update caused the unit to over process things. Everything kept running but it did slow down Internet access because of this.
What do I think about the scalability of the solution?
I have only done basic High Availability setup which is very good but not Scalable solutions. However, as long as you follow the sizing guides and get the right UTM for the company there has been no issues.
How are customer service and technical support?
Customer Service:
Excellent
Technical Support:Not outstanding but I have noticed significant improvements over the last 12 months
Which solution did I use previously and why did I switch?
We used to use SonicWall. I still think its a good product though its web filtering and SMTP filtering were no where near as good as Sophos UTM. The reason we switched was the partner relationship between Dell and the IT Solutions company soured.
How was the initial setup?
You can setup the unit in simple mode and get 90% of what you want done. That is very straightforward
You can also setup each component manually. This requires understanding of the unit but even that is not difficult.
Probably the only difficult part of the Sophos UTM is the WebControl as this can be setup many ways. Ensuring you have mapped out a solution that is adaptable to the company is probably the most complex part.
What about the implementation team?
As we are a supplier, we bounce off ideas with their sales engineers. They are excellent.
What was our ROI?
Unsure as I don't deal in the money side of things but I think the clients get excellent returns as their security is totally covered if they include EndPoint protection.
What's my experience with pricing, setup cost, and licensing?
Most companies I have dealt with handing them a unit find they don't have to do much ongoing work on the unit. Once its working, its working and adjustments to rules and policies are easy.
Which other solutions did I evaluate?
No, we had a good relationship with Sophos and after comparing it to our previous solution (SonicWall) we were convinced it was a good product.
What other advice do I have?
If you are a IT Consultant shop, become a partner and do the training.
If you are the IT of a company, you can either get a IT Service company to set the unit up for you or if you are confident with firewalls you can purchase premium support to get assistance for troubleshooting purposes.
Disclosure: My company has a business relationship with this vendor other than being a customer: We are a business partner with Sophos
IT/Telecom Specialist at Prewest
The web application firewall is a good feature, despite it limiting you to only using ports 80 and 443.
What is most valuable?
The web application firewall and web filtering. We are using the UTM to be the gateway for the private cloud solutions we offer.
How has it helped my organization?
Easy management of the firewall, with one URL to control the firewall/web filters for our entire cloud.
What needs improvement?
HA needs to be improved for the software appliance because if Sophos is deployed in ESXI/Hyper-V then the HA is unstable. Also, the web application firewall only allows the use of ports 80 and 443, and if we could use others ports than that would be a welcome addition.
For how long have I used the solution?
For two years now in our datacenter, and also several deployments at some of our customers.
What was my experience with deployment of the solution?
Setting up the link aggregation group (NIC teaming) gave us some problems with the ethernet VLAN option for WAN, but after a firmware update, the issue was resolved.
What do I think about the stability of the solution?
If you enable the intrusion prevention option in the firewall any Wordpress deployments on a Plesk server behind the firewall slows down to a crawl, and there is no fix yet. The current workaround is disabling the intrusion prevention option at the moment.
What do I think about the scalability of the solution?
No issues yet.
How are customer service and technical support?
Customer Service:
7/10. Getting a new license for the SG220 sometimes takes a long time, but they will give you a 30 day demo license to compensate for it.
Technical Support:9/10. Any question or issue is solved within minutes after calling technical support.
Which solution did I use previously and why did I switch?
SonicWALL was our previous product, and we switched to Sophos because of its ease of use.
How was the initial setup?
When you start the initial setup you`re helped with wizards, but if you use the software appliance and make a mistake by selection wrong interfaces in the wizard it can result in the firewall becoming unreachable.nThe hardware appliance is (almost) plug & play.
What about the implementation team?
We implemented it in-house.
What was our ROI?
It's around six to nine months.
Which other solutions did I evaluate?
We looked at several open-source firewall options whose names I will not mention, and the reason we did not use them was because of the ease of use, and what our support desk could do.
What other advice do I have?
If you want an easy to manage, and powerful firewall then take look at Sophos UTM.
Disclosure: My company has a business relationship with this vendor other than being a customer: We are a reseller of the Sophos UTM and or other product of Sophos.
CEO, Technologist with 51-200 employees
Comprehensive UTM Product, scale-able, fast, understandable user interface
What is most valuable?
Proven UTM technology, excellent security and threat management are valuable features. The fact that I can provide scalable solutions for a SoHo environment on a small appliance, run on my own PC/server or even a virtualized environment allows me to accommodate almost any business, regardless of size. The software works in the same way across all the models. I have managed all my clients via the Sophos UTM Manager, a centralized console. I am a MSP, so having a centralized system to managed and maintain all of my client UTM firewalls is just gravy.
Customers appreciate the extensive built in reporting, rock solid IPS and security features. Coupled with a centralized Wireless and Remote Ethernet Device (RED) Device extends my service offerings. Lastly, the Total Protect bundle offers an affordable, comprehensive solution for the SMB market.
How has it helped my organization?
Using the SUM (Sophos UTM Manager) Central Console, each client UTM is configured to report to my RMM and CRM system for monitoring, SLA, ticketing, and support. We can administer a majority of our management such as firmware updates from our Sophos UTM manager. With many other products, this needs to be done and case by case basis.
We also schedule weekly automatic backups of the clients UTM configuration. These backups are emailed to our support portal and preserved. We keep spare/loaner equipment in stock so if a client’s UTM has a catastrophic failure, we prep a spare unit, apply their most recent configuration, and within 5 minutes have a functioning loaner unit we can deliver while their warranty replacement is processed. A simple drive to the client’s location and a swap out is done which gets them back in business on the same day. You can also get a 30 day full trial license for appliance or software. My sales staff can place a 30 day trial of fully functional unit as part of a proof of concept.
What needs improvement?
The unit offers great failover and load balancing features that can be complex to understand, some streamlining of the process would help. More predefined port rules would help the novice user/technician as well.
For how long have I used the solution?
I have been a Sophos/Astaro Partner for over 10 years. I started with Astaro v6 and have continued with them following their acquisition by Sophos a few years ago. The product keep getting better and better. I have over 200 units I have installed and managed. I am currently selling the SG Series with UTM v9.309. The SG series have models that fit small business up to large enterprise environments.
Alongside the hardware versions, we also use a virtualized version running UTM 9.
What was my experience with deployment of the solution?
The only issues I have, have been due to human error.
What do I think about the stability of the solution?
The solution is very stable if you size the unit to the environment. An SG125 is great for a 25 person office with web, email filtering, application control, etc. but it would not work well in a 100 person office. You need to know the proper sizing prior to deployment.
What do I think about the scalability of the solution?
As stated, unit needs to be scaled to the environment. So if I don’t do my job of understanding the client's environment, it is possible to undersize the unit just like every other product. For clients who are planning major growth, we tend to sell either a virtualized UTM or software base unit. Then it is simply a matter of adding license capacity, RAM, CPU, etc. when needed.
How are customer service and technical support?
Customer Service:
They have a great account team and customer service is solid. 85% of the time the issues are resolved on the same day, and 97% by the next business day.
Technical Support:They have excellent technical support. I can submit a ticket request via their portal, with a call, etc. I can get someone 24/7 and usually within an hour. They also have a great escalation procedure.
Which solution did I use previously and why did I switch?
I have used many, such as SonicWALL, Cisco, Juniper, WatchGuard, and FortiGate. Sophos is consistent and deep in their solutions and I like a consistent platform and support.
How was the initial setup?
Simple small offices are a breeze. We have some template configurations, which only require us to stage and activate a license(s), install a basic template and modify the interfaces to meet client specifics and then add the unique definitions. More complex setups start with a basic template which even my technicians can load, and then require an engineer or security specialist to finish off.
What about the implementation team?
We are a managed service provider (MSP) so we do it in-house for clients. We provide our customers with basic training and complete documentation package.
What was our ROI?
As with most hardware, margins could always be better. I can get competitive pricing on larger deals. Our biggest ROI is the monthly management fee, which is very reasonable for our clients. Since we do all of our management (updates, reports, etc.) from the SUM we spend very little time on this and a technician can do it. It has a very good economy scaling and the annual subscription renewals are pretty standard with not much of a margin. This solution fits the MSP model very well due to it being a centralized control/management solution.
What's my experience with pricing, setup cost, and licensing?
A SoHo setup takes about an hour, which is US$125 and the monthly management/maintenance is US$30, but it all adds up.
Which other solutions did I evaluate?
We have evaluated many
- WatchGuard
- SonicWALL
- Cisco
- FortiGate
- Smoothwall, etc.
What other advice do I have?
The product has a shallow and a deep end. Getting a small business/SoHo running up quickly and reliably is straight forward, but the deep end takes some technical skills, just like any solution. What I really like is that my Tier One guys can get a quick status update, have a look very quickly, and then resolve most basic issues. Tiers two and three are not as involved unless there is a major issue or complexity. Also, when buying the product, get the audit/chance tracking built in too!
Disclosure: My company has a business relationship with this vendor other than being a customer: My company is a business partner.
Founder at a tech services company with 51-200 employees
Sophos UTM helps us to control incoming and outgoing network traffic. Not a highly available and scalable product.
What is most valuable?
Valuable Features include Sophos Remote Access VPN, Country Based Firewall, Web Application Firewall, Ease of access (via browser) and Reporting.
How has it helped my organization?
Sophos UTM helps us to control incoming and outgoing network traffic. It also helps employees connect to the AWS VPC environment from remote locations. Web application firewall protects applications from different hacking attempts like SQL Injection, Cross site scripting, Cookie signing, URL hardening etc. On top of that, it also helps the organization adhere to compliance rules and provides an audit trail of the environment.
What needs improvement?
Sophos UTM is not a highly available and scalable product. Till now, it is a single point of failure.
For how long have I used the solution?
2.5 years.
What was my experience with deployment of the solution?
No issues encountered. We had a very smooth deployment.
What do I think about the stability of the solution?
No issues with stability.
What do I think about the scalability of the solution?
Yes. Sophos UTM on AWS is not an scalable product. Sophos is actively working on scalability part from using a UTM manager which can control configuration deployment on multiple UTM's
How are customer service and technical support?
Customer Service:
Customer service level is top notch.
Technical Support:Very Good. All our queries were properly answered on time.
Which solution did I use previously and why did I switch?
Yes. Earlier, we had used Checkpoint. But the deployment procedure and user interface for Checkpoint was very complicated. The amount of time to invest in checkpoint is nearly 2x than Sophos. Checkpoint requires tool to be installed on your system while Sophos is a browser based tool.
How was the initial setup?
It was a very straightforward setup. As it is a browser based tool, it helps administrator to access it from different location and system. We don't have to download desktop clients on our local system. Also, we can access this product from different operating systems (linux, windows and Mac).
What about the implementation team?
We deployed it in-house.
What was our ROI?
ROI for the product is very high. The cost of the product is based on the number of users and the licensing is not too expensive.
What's my experience with pricing, setup cost, and licensing?
On AWS, instances/servers are charged on hourly basis. The yearly licensing cost for 10 years is nearly around $200-300.
Which other solutions did I evaluate?
While we were looking for deployment of UTM product on AWS in year 2011, there were only 2 stable products available in market i.e., Sophos and Checkpoint. We choose to go ahead with Sophos.
What other advice do I have?
Easy to use, Easy to access, good for compliance. It is a very good product as compared to others available on AWS.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
The Sophos UTMs are highly available you just need 2 or more. You can also have them in active active or active passive mode

Buyer's Guide
Download our free Sophos UTM Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2023
Product Categories
Unified Threat Management (UTM)Popular Comparisons
Fortinet FortiGate
Netgate pfSense
Cisco Secure Firewall
OPNsense
Sophos XG
Meraki MX
Zscaler Internet Access
Palo Alto Networks NG Firewalls
Azure Firewall
Check Point NGFW
CyberArk Privileged Access Manager
WatchGuard Firebox
Palo Alto Networks WildFire
SonicWall TZ
Untangle NG Firewall
Buyer's Guide
Download our free Sophos UTM Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
- What Is The Biggest Difference Between Sophos UTM and Sophos XG?
- What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
- What Is The Biggest Difference Between Sophos and pfSense?
- Who provides a better antivirus solution: Bitdefender or Sophos?
- What are the biggest differences between Meraki and Sophos? Which one is good for security and SD-WAN?
- What is the biggest difference between Fortinet FortiGate and Sophos UTM?
- When evaluating Unified Threat Management (UTM), what aspect do you think is the most important to look for?
- What UTM solution do you recommend?
- Why is a UTM solution important?
- Which tool is better for internet protection: Meraki MX or Fortinet?
A few observations on an otherwise-accurate review...
The quickest way to get Sophos Support is by submitting a case via MyUTM, SophServ or at https://secure2.sophos.com/en-us/support/open-a-support-case/describe-issue.aspx. Calling is the slowest way to open a case.
I wonder if Mr. Khan's review doesn't apply to the XG Firewall which is a new Sophos product based on the GUI that Cyberoam developed.
Cheers - Bob