Sophos XG OverviewUNIXBusinessApplication

Sophos XG is the #7 ranked solution in best firewalls. PeerSpot users give Sophos XG an average rating of 8.2 out of 10. Sophos XG is most commonly compared to Fortinet FortiGate: Sophos XG vs Fortinet FortiGate. Sophos XG is popular among the large enterprise segment, accounting for 44% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 19% of all views.
Sophos XG Buyer's Guide

Download the Sophos XG Buyer's Guide including reviews and more. Updated: May 2023

What is Sophos XG?

Sophos XG Firewall is a complete firewall solution that provides all the real-time security and insights you need to protect your network from ransomware and advanced threats. Sophos XG Firewall provides visibility into suspicious users, unknown and unwanted apps, encrypted traffic, and other threats. With its advanced artificial intelligence capabilities, Sophos XG Firewall immediately identifies potential risks and intrusions on web servers and networks.

Sophos XG Firewall Features

Sophos XG Firewall offers a wide range of security features, including:

  • Application control: Prevent widespread infections with XG’s Security Heartbeat. XG Firewall automatically identifies the source of an infection on a network and automatically prevents it from accessing other network resources.

  • Synchronized user ID: Eliminate the need for client or server authentication agents by sharing user identification between the endpoint and the firewall through Security Heartbeat.

  • Centralized management: Easily manage all activities with Sophos Central. The XG cloud management platform allows users to easily set up, manage, and monitor XG firewalls along with other Sophos products. Some of Sophos Central’s features include alerting, backup management, one-click firmware updates, and rapid deployments of new firewalls.

  • Lateral movement protection: Automatically isolate compromised systems at every point in the network to stop attacks dead in their tracks.

  • Network protection: Protect networks from attacks and threats while providing secure network access.

  • Web protection: Gain clear visibility and control over all users’ web and application activity.

  • Web server protection: Solidify web servers and applications against hacking attacks while providing secure web access.

  • Email protection: Consolidate email protection with anti-spam, DLP, and encryption. XG’s Live Anti-Spam provides protection from the most recent spam campaigns, phishing attacks, and malicious attachments. Data Loss Prevention automatically triggers encryption on sensitive data in outgoing emails.

Reviews from Real Users

Sophos XG Firewall stands out among its competitors, among other reasons, for its intrusion detection capabilities, its user-friendly management platform, and in general, for being a complete and robust firewall solution.

Niranjan P., a network & system support engineer, writes, “Sophos is a comprehensive solution which allows me to configure all the attendant products, such as Sophos's firewall, endpoint, and encryption features. A nice feature of Sophos is that it offers in sync and heartbeat security. When my clients have a perimeter involving Sophos firewall and endpoints with Sophos Endpoint, they can communicate with each other.”

Antonio D., sales manager at INFOSEC, notes, “The product has a console that is based in the cloud for all their products. In this console, they have email security, firewall security, endpoint security, et cetera. All of the products on offer in the console are very useful for us. The solution is stable. The solution works well for enterprises and large-scale organizations.”

Antony M., ICT/HMIS supervisor at a healthcare company, writes, “The VPN feature is the most valuable. It has come in handy during this period when people are working from home. The filtering feature is also valuable because you can easily filter the sites that you don't want to visit. You can also set timely surfing quotas”

Sophos XG Video

Sophos XG Pricing Advice

What users are saying about Sophos XG pricing:
  • "We pay for two licenses for the use of Sophos XG annually and it is a flat fee. We do not have everyone going through both of the Sophos XG firewalls a the same time and the Sophos XG on Microsoft Azure is only accessible from the VPN."
  • "When compared to other products, Sophos licensing is very affordable."
  • "The pricing was reasonable."
  • "We pay licensing fees of approximately $2,000. We have a contract for three years."
  • "I paid approximately 57,000 Rupees ($750 USD) for three years."
  • Sophos XG Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Software Developer/ IT Analyst Individual Contributor at AIICO Capital Limited
    Real User
    Top 20
    Secure, duel switch capabilities, and good support
    Pros and Cons
    • "Most of the features Sophos XG has are valuable. However, if I have two different ISP, I'm able to create an automatic switch between the two ISPs. I can do the same thing for the cloud as well. If I have two subnets coming from the cloud, I'm able to create a type of switch between both of them where if there is traffic on one and has the traffic drop, I'm able to switch to the other ISP without any problems. It's a normal feature and I get to enjoy the ability to switch between services with no issues."
    • "We recently did an upgrade on the Sophos XG firmware and we were surprised that after the upgrade, the automatic switch actually we were using did not work anymore."

    What is our primary use case?

    We are using the Sophos XG in a different manner than the typical use case. We have the physical box, and we are using Sophos XG on the cloud.

    We have two different types. We have two different Sophos XG we're running. We're running one on the Microsoft Azure cloud which mostly all security on the cloud goes through the Sophos XG. The second Sophos XG is running on our own physical local data center.

    We are doing something similar to an IPsec between Azure and the local data center. So we are doing an IPsec between the two. We connected all our resources and we mostly run the applications on Microsoft Azure. Were now are doing IPsec between the two data centers.

    What is most valuable?

    Most of the features Sophos XG has are valuable. However, if I have two different  ISP, I'm able to create an automatic switch between the two ISPs. I can do the same thing for the cloud as well. If I have two subnets coming from the cloud, I'm able to create a type of switch between both of them where if there is traffic on one and has the traffic drop, I'm able to switch to the other ISP without any problems. It's a normal feature and I get to enjoy the ability to switch between services with no issues.

    Security is one of the major reasons we are deploying Sophos XG in our process.

    What needs improvement?

    We recently did an upgrade on the Sophos XG firmware and we were surprised that after the upgrade,  the automatic switch actually we were using did not work anymore.

    We try to understand exactly why it wasn't working with the new 18.5 firmware, but we could not figure it out. I realized that I was stuck with the main ISP. If there's an outage, it was not reliable on the network any longer.

    We had to reverse, back to the old firmware even though we were still trying to fix the new version. It is a very efficient feature for our operation. If it was not there, it could make the workings of our operation inefficient. It is one of the best features of Sophos XG. It makes operations very efficient. You don't have to worry about anything at all. We are using the entire Sophos package, such as Sophos endpoint, Sophos XGR, Sophos ZGR.

    The documentation can improve with Sophos XG. This will allow our network engineer to work better with the solution. Additionally, they can improve the ability to filter down devices. Recently we were faced with a challenge where we needed to restrict mobile phone users on the network but we realized that we couldn't do this with the solution. 

    Recently I was looking at the Cisco Meraki solution, to see what it can do in terms of capacity. There's one feature that stood out to me, and that feature has the ability to implement some policies. Organizations need to have security policies in place. I would like the ability to create policies.

    For how long have I used the solution?

    I have been using Sophos XG for approximately two and a half years.

    Buyer's Guide
    Sophos XG
    May 2023
    Learn what your peers think about Sophos XG. Get advice and tips from experienced pros sharing their opinions. Updated: May 2023.
    710,326 professionals have used our research since 2012.

    What do I think about the scalability of the solution?

    We have approximately 60 people that are working on Sophos XG. However, the number is higher because Microsoft Azure routes every customer through the firewall. We have multiple layers and the traffic passes through Cloudflare and then gets directed to the Sophos XG on Microsoft Azure. The Sophos XG on Azure does all the filtering and routing to the private IP, allowing us not to use the public IP.

    The DMs are private, and approximately 14,000 customers  pass through the Sophos XG and Microsoft Azure

    How are customer service and support?

    The support from Sophos XG is very good. We can easily relate to the support.

    I would rate the support from Sophos XG a two out of five. You cannot have good support without good documentation.

    If you look at the software environment now, anywhere you go, you see the documentation for everything that has been done. Sophos XG has documentation, however, you should not need to have a certification to be able to understand it.

    Which solution did I use previously and why did I switch?

    I have used Sophos Cyberoam previously.

    How was the initial setup?

    If we had better documentation we would be able to implement Sophos XG better for the organization's exact specifications. When you have already come up with your networking strategy, presented it to the company, then you find out the new framework doesn't conform with the organizational strategy. You have to start going back and receiving approval for a new strategy. However, you are not even sure what the strategy is going to be with the new framework, because everything has changed. Most of the automatic resources stop working.

    There is a high chance I do not even know why it is not working or what the major issue is. We have realized the package wasn't switching and we did a lot of troubleshooting for almost a week to understand why. We switch over to our old firewall, then we finally understood that it was something that has to do with the new 18.5 firmware in Sophos XG. Immediately we switch back to the old firmware, this fixed out problems we were having at that point.

    I would rate the implementation of Sophos XG a two out of five.

    What about the implementation team?

    The initial deployment was done approximately three years ago and it was done by a third party because of some complex considerations, such as the VOIP Gateway.

    However, since the initial implementation, we have been managing it by our own in-house network engineers and every modification to the network has been done in-house.

    We have three network engineers, that work on the solution and the network. They can manage all the features and securities. The amount of people needed to maintain the solution depends on the organization's architecture. 

    What was our ROI?

    In information security, the only way you rate ROI is by the level of information you're securing. I will ask myself how much is the information I'm securing is worth? The worth of what I'm securing will determine the amount of cost that I'm spending on the information secured. If I were to judge it that way, the ROI is high. 

    I would rate the ROI of Sophos XG a five out of five.

    What's my experience with pricing, setup cost, and licensing?

    We pay for two licenses for the use of Sophos XG annually and it is a flat fee. We do not have everyone going through both of the Sophos XG firewalls a the same time and the Sophos XG on Microsoft Azure is only accessible from the VPN.

    Sophos XG has changed its pricing model for extreme protection.

    I rate the price of Sophos XG a two out of five.

    Which other solutions did I evaluate?

    When we were evaluating other solutions we looked at Barracuda and it had an old GUI. This was an issue when we were making decisions between Barracuda and Sophos XG.

    What other advice do I have?

    The solution has served its purpose in my organization.

    I rate Sophos XG a nine out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Pre-sales manager at National Information Technology Company
    Real User
    Top 5Leaderboard
    Affordably priced, helpful, stable, and simple to set up
    Pros and Cons
    • "It's a complete firewall solution that has everything."
    • "The current bandwidth consumption is no longer shown in the XG and XGS."

    What is our primary use case?

    I am a system integrator. We integrate SG, XG, and XGS.

    We are also deploying it on Azure on-premises for our clients.

    Sophos XG is a firewall. It can protect your internal users if it is on-premises. It can publish applications such as websites, it can also protect your internal networks like IPS, and IDS. It provides you with VPN Access, and it gives you reports on the consumption of the internet.

    If you have deployed the endpoint between the antivirus in Sophos, it can also communicate with your endpoint and protect your users if infected.

    What is most valuable?

    It's a complete firewall solution that has everything.

    It is very useful.

    It competes with the majority of the market's products, including Palo Alto and Fortinet.

    What needs improvement?

    We always strive for more features.

    We could see the bandwidth use right away with the prior version, which was the SG version. The current bandwidth consumption is no longer shown in the XG and XGS.

    They are nearly a complete solution. However, they are missing this feature with the ability to view the current bandwidth usage. We have requested this, but have not had a reply yet. It was in SG before but it was removed in XG.

    For how long have I used the solution?

    We have been working with Sophos XG for six years. 

    We started with SG, then XG, and now XGS nine years ago.

    It can be deployed both on the cloud and on-premises. 

    What do I think about the stability of the solution?

    Sophos XG is very stable. We haven't had a single issue with stability in the nine years we have been using Sophos.

    All electric appliances rely on a stable electric current, which requires the use of a UPS, and a backup power supply. The main issue is the stability of the power.

    All Sophos appliances are SSD-based, which means the hard drive in the appliance is solid-state.

    we have deployed more than 50, 60 for our customers in Kuwait and we haven't had an issue or, any RMA.

    What do I think about the scalability of the solution?

    When purchasing a firewall, as a customer, you must first plan, consult with your partner(s), and decide on the sizing. If you buy an XGS 230, for example, it can support up to 200 users and 50 VPNs. If you buy the wrong product, you won't be able to scale it up.

    You should always size upfront. If you have a hundred users, you buy an appliance that can support 150. The license is the license.

    It's all about the hardware. If you purchase small hardware and you know that after one year you're going to have more employees then it is wrong.

    It's not a server, where you can just add more drives, It only has expansion units for the network. If you need to add fiber, for example, you can. There are expansion units, but you can't expand the architecture of the firewall.

    We have more than 50 customers.

    How are customer service and support?

    We haven't required any technical support. I have however heard from my peers that they have not had any issues with the customer support.

    They have offices in India, Dubai, and even in the United Kingdom. As we are certified Gold partners in Kuwait, we haven't had any issues with the Sophos team. They are quite responsive when you have a tender to submit. I have no complaints at all.

    Which solution did I use previously and why did I switch?

    in the past, we also integrated Palo Alto.

    How was the initial setup?

    The initial setup is easy and straightforward. As certified partners, this is something that we do every week. If the customers provide you with the network details, you can have it up and running in 30 minutes with no issues.

    It's a problem if you don't know your firewall, or how to deploy it, or know how to put the proper rule in place. It is very important that in any firewall if the customer doesn't know what rule should be in place, it is possible they will create the wrong rule and expose the network.

    You have to have a certified person to maintain the solution. How many you will need depends on the number of customers. If you have a lot of customers, you will need two technical people. It also depends on the size of your business. One is fine but as you grow with more customers, you will need at least two to deploy and maintain the solution.

    What's my experience with pricing, setup cost, and licensing?

    I don't have any issues with the price. The price varies depending on the market. The price of Sophos in Europe differs from that in our region, GCG, and from that in the United States. You will notice that each region has a different pricing structure. 

    Customers will always try to minimize the cost. When compared to other products, Sophos licensing is very affordable.

    What other advice do I have?

    They have already released the XGS. If you are referring to the previous version, XG. It is still in production and available for purchase. They have already released the XGS, which is the next generation of the XG. It has a more advanced architecture. Now that we have passed XG, there's XGS on the market.

    Remember to size your customers. You'll need to know how many web applications you will be publishing, how many end customers the company has, and how many of them will need to connect to the VPN. It's a formula that, based on the data, that will determine which appliance you require. You can start with a little one, but it's best to understand the requirements first.

    We are very happy with Sophos products.

    I would rate Sophos XG a ten out of ten.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
    PeerSpot user
    Buyer's Guide
    Sophos XG
    May 2023
    Learn what your peers think about Sophos XG. Get advice and tips from experienced pros sharing their opinions. Updated: May 2023.
    710,326 professionals have used our research since 2012.
    Tech Doctor at a recruiting/HR firm with 11-50 employees
    Real User
    Top 5
    Easy to manage, reasonable price, and very stable
    Pros and Cons
    • "Compared to other firewalls that I had looked at, I thought Sophos was the better solution. It just seems to be easier to manage versus Cisco, Fortinet, or one of the other options I was looking at."
    • "I'm just a sole proprietor for IT support, and from my perspective, there could be better ways to educate a proprietor, such as myself, on how to set it up, and program it, and manage it. They do tend to have support, but a lot of times, it is for larger networks. I need something that is simpler and more rudimentary as to how to go about setting up and configuring the firewall, setting up the rules, and that type of thing. So, if there is a missing component there, that would be it."

    What is our primary use case?

    I implemented this firewall for my clients. They're small offices. One has got half a dozen computers, and the other one has about 30 computers on the network. Both utilize VPN to remotely access their workstations in the office.

    It is sized based on the client. So, there are actually two different versions that I've utilized.

    How has it helped my organization?

    VPN setup is great and easy to implement for outside users to access data or workstations in the network.  Easy to manage and set up.  No major glitches.  Runs reliably.   Setting up iPhones and Macs is a bit more involved since you have to use VPN apps that are compatible with Apple for VPN and remote desktop.

    What is most valuable?

    Compared to other firewalls that I had looked at, I thought Sophos was the better solution. It just seems to be easier to manage versus Cisco, Fortinet, or one of the other options I was looking at.

    I'm not going to say that it's easy to configure, but I can understand how to configure it. There is a certain amount of support available to do the configurations. 

    What needs improvement?

    I'm just a sole proprietor for IT support, and from my perspective, there could be better ways to educate a proprietor, such as myself, on how to set it up, program it, and manage it. They do tend to have support, but a lot of times, it is for larger networks. I need something simpler and more rudimentary to set up and configure the firewall, set up the rules, and that type of thing. So, if there is a missing component there, that would be it. 

    Any firewall will need rules for how it protects the network against a variety of threats or various degrees of protection.  My comments are not aimed at Sophos specifically.  As a new person just learning about firewall protection, it would be helpful for any vendor to have an education area that runs through various scenarios and implements them in the firewall.  Videos would be helpful.  From my initial research on which firewall to choose,  Sophos appeared to have the most straightforward interface. 

    I purchased the units from www.firewalls.com, and they worked with me to do the initial setup.  That was very helpful to get started

    For how long have I used the solution?

    I have been using Sophos XG for 4 years.

    What do I think about the stability of the solution?

    It is very stable.

    What do I think about the scalability of the solution?

    It is scalable. There are different models, and you really need to choose a model that is appropriate for your current situation. You can buy something with a certain degree of scalability. Because I purchased it through firewalls.com, I was able to have that discussion, describe the application, and then choose a model that would suit that particular client with a degree of scalability. Now, for instance, if they went from 20 employees to 500 employees, then it is not scalable to that degree, but if they went from 20 employees to 50 employees, then it would be scalable. So, you've got to define the criteria in terms of what you're trying to protect, the number of users, the bandwidth that is going through it, the speed, etc. When I purchased them through firewalls.com, they explained and helped me choose the most appropriate appliance for what I'm doing.

    How are customer service and support?

    I did have a circumstance where the firewall had been damaged during a lightning storm or something like that, and I called them to help me diagnose what the issue was. They were good about the diagnostic. They were good about spending the time with me to figure out what was wrong. In the particular case that I was researching, it turned out that one of the ports was bad for some reason. It was either because of the lightning storm or some other reason. It was under warranty, and they replaced it with a new unit. So, I'm satisfied with Sophos' support.

    Which solution did I use previously and why did I switch?

    Previously used a small $100 cisco unit.  Not easy to implement VPN.  They may have an app, now, but at the time it was problematic and way too  complicated. 

    How was the initial setup?

    I purchased it through firewalls.com. They're an online vendor, and they did the initial setup and configuration on both firewalls. My experience with them was good.

    What about the implementation team?

    I used firewalls.com and they were excellent

    What was our ROI?

    Fewer management headaches

    What's my experience with pricing, setup cost, and licensing?

    The pricing was reasonable.  VPN licensing is included.

    Which other solutions did I evaluate?

    I looked at Cisco, Fortinet, and one of the others, and compared to them, I thought Sophos was the better solution. It seemed to be easier to manage. After the implementation, I could figure out what to do with a Sophos interface. If it was something like Cisco or other vendors, it would be far more complicated to deal with. So, that's one of the reasons why I chose Sophos.

    What other advice do I have?

    For someone who is not acquainted with firewalls, whether it is Sophos or anything else, dealing with a third party for the implementation is kind of a must. 

    I am satisfied with this solution. I don't really have any hands-on experience with other firewalls that I can compare it against, but I'm satisfied with it. I like it, and I'd buy it again.

    I would rate Sophos XG a 10 out of 10.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Manager of Information Technology at Sundown M Ranch
    Real User
    Plug-and-play with a modern interface and helpful technical support
    Pros and Cons
    • "The initial setup is straightforward."
    • "I'd like to see better reporting. While the logs are great, the reports are not."

    What is our primary use case?

    We primarily use the solution as our firewall.

    How has it helped my organization?

    I'm able to have very granular control over my organization's input and output data that goes in and out of our networks.

    What is most valuable?

    The firewall portion of the solution is the best part The rest is really just fluff. 

    The initial setup is straightforward.

    We have found the stability to be quite good.

    What needs improvement?

    User management is the area that, by far, needs the most work. The way that they try to transparently utilize user groups from the active directory to the Sophos firewall is outdated.

    I'd like to see them do a little bit better of a job with the content filtering. It has content filtering, however, it rarely works. Sometimes it just fails altogether. I'd like to see a better job done. 

    I'd like to see better reporting. While the logs are great, the reports are not.

    For how long have I used the solution?

    I've been using the solution for six years at this point. 

    What do I think about the stability of the solution?

    The stability is great. There are no bugs or glitches and it doesn't crash or freeze. It's a reliable firewall. 

    What do I think about the scalability of the solution?

    The product is super scalable. If I had a giant organization, I'd have no problem putting the Sophos firewall in.

    Right now, we have 155 on the solution. That's everyone from support to upper-level management. 

    We use it every day.

    We just recently upgraded. I have no reason or need to upgrade for years to come and therefore don't plan on scaling anytime soon.

    How are customer service and support?

    Technical support is fairly good. It's a pain to get ahold of them, however, once you get them, they're very thorough.

    The only thing that s not so great is that sometimes they try to force me down to my reseller, whoever their partner is. I always have to make up a lie and say I already tried and only then will they help me. Besides that, it's not bad.

    Which solution did I use previously and why did I switch?

    I previously used Cyberoam. We really switched as Cyberoam was bought out by Sophos.

    How was the initial setup?

    The implementation process was pretty straightforward. Learning the ins and outs was a little complex. How, in terms of just getting it set up, I was able to get it set up in a couple of days.

    Overall, the deployment took about three days. My strategy was, basically, going from my old Cyberoam to my new Sophos. I just copied each rule individually and tested them. Then I ran them in sync with each other for a couple of weeks. When I realized there were no problems, I pulled the Cyberoam out.

    We have three people on staff that can handle deployment and maintenance responsibilities. I've got a system admin, myself, and a help desk/content specialist.

    What about the implementation team?

    I did not use an integrator, reseller, or consultant for deployment. I handled the process myself. 

    What was our ROI?

    From an ROI standpoint, the product I had before, even though they were basically the same thing, I found I was spending a lot of man-hours with it and calling support a lot and actually having to pay for support on the previous model. 

    With this firewall, I rarely have to call support. When I do, it's free of charge. The ROI is 100% there. It might be a little more expensive up front, however, the quality is there for a medium-sized business.

    What's my experience with pricing, setup cost, and licensing?

    The licensing is based on a multi-year contract. It's a bit higher, in terms of price than other options. The billing process is pretty simple and straightforward. they don't have a complex licensing setup. 

    Which other solutions did I evaluate?

    I evaluated all the big players out there before choosing Sophos. I likely evaluated seven different options.

    What other advice do I have?

    I'm a customer and an end-user.

    I'd advise those considering this product to stick with it and stay away from the fluff. For example, the Sophos Anti-Virus is not worth it. 

    The firewall is fantastic. Definitely take their firewall courses, as there are going to be a lot of tasks that you feel should be easy and they're not. There's going to be a lot of troubleshooting. I've been working on it for five years and I still catch myself sometimes trying to figure out why a certain rule doesn't work doing this or that. Definitely take the training. I would highly recommend staying away from the other products.

    I'd give the product an eight out of ten for a score. It does everything I need it to do. The user interface is very modern. It works. I was able to figure out some very advanced things. Even though it has a modern interface, I like the fact that I can always go into the console and it's a Linux box behind the scene - which is very nice for when you're trying to do very advanced tasks. For the most part, it was plug-and-play. The setup was really easy. The support is fantastic.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    IT Manager at Saknafta Egypt
    Real User
    Top 20
    Easy to set up with good content blocking and good stability
    Pros and Cons
    • "Content blocking for websites is the most valuable aspect of the solution."

      What is our primary use case?

      I primarily use the solution for managing my firewall. I'm managing my internet and my laptops in my company. I'm a personal domain controller. I'm tasked with blocking some websites with it and I'm managing my updates through it. I'm basically controlling the flow of the internet through it.

      How has it helped my organization?

      I block a lot of sites. I'm controlling the flow of the internet directed to Office 365 so that people can use it easily and fluently. They can upload and send emails easily without hassle and without accessing the internet. I'm also controlling Teams, Zoom, and other stuff for chatting online. Without this solution, I would have no control.

      What is most valuable?

      Content blocking for websites is the most valuable aspect of the solution. A lot of employees always want to use Facebook and other non-work-related sites. I'm always blocking that.

      The initial setup is easy.

      The stability is good.

      Scaling is not an issue. 

      What needs improvement?

      The reporting needs to be much better. Sometimes I have a lot of trouble understanding what they mean.

      Sometimes it misses websites. For example, websites the users shouldn't be able to enter, or sometimes these websites are not shown in this log viewer. It's just occasional misses here and there. 

      Technical support could be more responsive and quicker in getting to a solution. 

      For how long have I used the solution?

      I've been using the solution for at least three years now.

      What do I think about the stability of the solution?

      I have found the stability to be very good. There have been no hiccups, no restarts, nothing like that. It doesn't hang and there are barely any bugs. 

      What do I think about the scalability of the solution?

      It's my understanding that they have a solution called RED, and I can upgrade it with another one to make a VPN between them. I haven't tried it yet. I'm looking at it as I have another office. I want to research scaling and have the offices together. From what I have seen, it will be easy.

      Right now, we have about 50 users and 10 VPNs. That includes everyone from financial and procurement managers to the CEO, chairman, and HR department, and other operations staff.

      We don't have any plans to increase users right now as we haven't increased in population, in employees number. That said, I use it a lot every day. I have to manage my firewalls through it.

      How are customer service and support?

      In my experience, technical support takes a while to get things done. In the past, I stuck with them for a while. It took about three weeks to serve us up a solution. I don't remember what the problem was as it was a long time ago. It might have been something about the subscription or something like that. What I do remember is it took a very long time. 

      Which solution did I use previously and why did I switch?

      I had a previous firewall, and I just swapped it out. I didn't have to change anything about my network. We previously used a firewall called MikroTik.

      With MikroTik, its GUI was very bad. It's very old. Everything was manual. There were no tutorials and it was open-source. You had to search for yourself and do everything yourself. There was no support even from the company.

      How was the initial setup?

      It was really easy for me, to be honest. The initial setup is very straightforward and simple. It's not overly complex. I had a firewall before that, so I knew what to expect. The implementation was done by a company that I bought this from. They installed it for me. It took about an hour and a half, or something like that. 

      I can't recall how many staff covered deployment. The deployment happened three years ago now. 

      What about the implementation team?

      I didn't need the assistance of an integrator or reseller. 

      What was our ROI?

      The solution has saved me a lot of time and enhanced my workflow for my company. It enhanced employees' work time and enhanced the internet connectivity for emails. On top of that, there was no downtime with the internet. That was the basic ROI we've seen.

      What's my experience with pricing, setup cost, and licensing?

      The subscription for this product is yearly. The last time I bought it two years ago it was about $2,000. There's just a subscription fee. There aren't any other costs. 

      Which other solutions did I evaluate?

      I also looked at Fortinet, however, from my research, I was told that Sophos had better reporting. With Fortinet, you have to buy a server to handle reporting. With Sophos, this is unnecessary. 

      What other advice do I have?

      I'm a customer and an end-user.

      I'd rate the solution at an eight out of ten. 

      Which deployment model are you using for this solution?

      On-premises
      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Technical Engineer at Harnssen Group Limited
      Real User
      Top 5
      Easy to set up with good technical support and good stability
      Pros and Cons
      • "We've deployed quite a number for our users and our customers, and the feedback is quite positive in terms of management and also administration."
      • "XG is at its end of life. People are moving to XGS."

      What is most valuable?

      I enjoy synchronized security, where you have to synchronize both the firewall and the endpoint. When I deploy a firewall, I integrate it with the endpoint so that they can send the security heartbeat from the endpoint to the firewall. In the Sophos firewall, there's deep inspection, which works quite well. Sophos has the web application firewall inbuilt. This is unlike other firewalls, where you have to integrate with another standalone web application firewall. Being inbuilt in Sophos, you just have to configure an application so that it's more of a policy, and you're good to go. It's pretty simple in terms of the user. 

      We've deployed quite a number for our users and our customers, and the feedback is quite positive in terms of management and also administration.

      The technical support is pretty good. 

      The initial setup is easy.

      There's quite a number of items on offer. When you look at Gartner, it's doing well. The uptake in the market has been wonderful and currently, it's competing with other top firewalls such as Check Point, Fortinet, and Palo Alto.

      What needs improvement?

      XG is at its end of life. People are moving to XGS. With those changes on the horizon, a client might end up in, maybe 10 years, having four or five appliances, which they might not use. I don't know what Sophos is doing to maybe change this. Right now, we've moved from XG to XGS.

      Another feature, which might be good and which other vendors are maybe exploring is the NAC. Sophos doesn't have a NAC solution. 

      Maybe they can improve on their WAF. Currently, they have the inbuilt. 

      They could work on their SD-WAN solution. I have seen it. It's not that competitive compared to other vendors. We've had some device issues.

      For how long have I used the solution?

      I've been dealing with the solution for the last four years.

      What do I think about the stability of the solution?

      In terms of when it's in the network, it's stable compared to other firewalls, where I have had some issues. I had a case with another firewall, which the client changed to Sophos and it was not that stable as the client had to go and actually restart the firewall. The challenge comes in terms of stability when, let's say, the engineer doing the scoping does the round-sizing for the firewall. This causes the IPS to become overloaded or overworked, so it disconnects the traffic at the port level. In terms of stability, I might say sometimes we might experience challenges maybe when the sizing is not done correctly. That's why we might experience that disconnect at the interface level where the internet gets disconnected, however, that's the case of sizing, not the product itself. In terms of stability, it's stable in the network.

      How are customer service and support?

      In terms of Sophos' support, they have been wonderful. I had a device issue and I found the return policy to be quite simple. 

      Their technical support is pretty straightforward. When you raise a ticket, the feedback is immediate, and you are assigned a support person. It's been a wonderful experience.

      Even to the end-user, it's a pretty straightforward system that they have. A user would just log into support.id, then key in their credentials and raise a support ticket. It's pretty simple.

      Which solution did I use previously and why did I switch?

      I'm also familiar with Check Point, FortiGate, and Palo Alto. We also used to use Sonic Wall, however, we've moved to Sophos.

      How was the initial setup?

      The initial setup is pretty straightforward. It's not overly complex.

      Which other solutions did I evaluate?

      I've compared Check Point, CloudGen Network Security, and Sophos XG previously for clients. Not being biased to any vendor, normally, in this region, what normally happens is the budget. You might recommend Check Point to a customer, however, Check Point is a bit expensive, so you might end up losing the deal. What you would recommend, is Check Point as the Quantum, as the firewall. Sophos is doing quite well in terms of the endpoint for the workstations and the servers, the physical and the virtual. Likely it would be a good idea to recommend Sophos Security. That said, if the client has the budget, you'd recommend Check Point as a firewall. It's always good to do a bit of comparison and advise the client as to what is best for them.

      What other advice do I have?

      We've actually deployed and supported quite a number of the products, from XG105 to XG3430.

      Sophos is on-prem mostly, however, now there's another product for Sophos, for the endpoints, which is cloud-based.

      I'd rate the solution at a ten out of ten. It's one of the best products. We have deployed quite a number of them - almost 20 - and I've not seen any of my clients complain.

      Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
      PeerSpot user
      Director Of Information Technology at 2B
      Real User
      Good load-balancing features, monitoring done from a single control panel, and controls access to our resources
      Pros and Cons
      • "Sophos Control Center is a good feature. We can monitor everything from the control panel."
      • "The VPN features can be improved. Due to covid-19, we have a lot of employees that work from home and we need better VPN capabilities."

      What is our primary use case?

      This product is our firewall that protects our connections from the internet. It controls access for our employees when they want to access streaming media websites such as YouTube.

      It controls the connection to our resources that originate from outside of our infrastructure.

      We use it to monitor users and their activity including which websites they visit and what portals they use.

      How has it helped my organization?

      This product is compatible with my business and our market.

      What is most valuable?

      This Sophos product has a lot of features included.

      This product does load-balancing between our connections. This is helpful because our infrastructure in Egypt is not stable and it requires several connections to achieve the required performance.

      Sophos Control Center is a good feature. We can monitor everything from the control panel.

      It can be used to create a VPN connection between users and our server. 

      The performance and speed of the appliance are good. I have also tried the software deployment, without the appliance, and it was also good.

      What needs improvement?

      The VPN features can be improved. Due to covid-19, we have a lot of employees that work from home and we need better VPN capabilities.

      We would like to be able to override policies set by the country. For example, VPN is banned in Egypt. If we could bypass this then it would be helpful because it would allow us to distribute our connections, or services, to other sites. 

      After upgrading from version 17 to 18, not everything is in the same place in the interface. For example, the firewall rules are in a different place. Consequently, my IT team department cannot understand the portal and find it not user-friendly. They were used to the previous version.

      Better training should be available because there is nothing on the Sophos website to assist with setting up VPN connections or VPN SSL certificates. For instance, there is nothing to explain how to configure the DDNS.

      For how long have I used the solution?

      We have been using Sophos XG for between six and seven years, since 2015.

      What do I think about the stability of the solution?

      This product is usually stable. In the past few days, I have found problems where some services are not stable. This is something that I have used the portal to submit a ticket for.

      What do I think about the scalability of the solution?

      We have 90 people working on the network concurrently. Combined, they have between 300 and 350 open sessions.

      When the size of our staff increased, we purchase another appliance to expand our infrastructure. Beyond that, I haven't been able to test scalability.

      How are customer service and support?

      In addition to the recent ticket I created for technical support, I keep in touch with them. The support is okay.

      Which solution did I use previously and why did I switch?

      Previously, we used the Microsoft TMG firewall, and I have also used Cisco ASA.

      I already had some experience with Sophos and firewalls. The first time I attended a Sophos event, I made a deal with Sophos and they helped me learn how to transition from TMG.

      The user interface with Sophos is easier to use. For example, Sophos makes it is easier to create firewall rules for a VPN connection to the outside. With the other vendors such as Cisco, the process is more complex. 

      Fortinet is also a top firewall provider but I recommend Sophos because it is more stable. I have limited experience with FortiGate.

      How was the initial setup?

      The initial setup was easy. It was not complex for our IT department but you need some technical knowledge to do things such as creating a VPN connection between two endpoints, either site-to-site or site-to-client. You should also be familiar with SSL certificates.

      The setup took between two and three hours, and after that, we had to prepare our network connections. It took two days in total.

      No maintenance is required for the appliance.

      What about the implementation team?

      We used a system integrator to assist us with the transition from TMG to Sophos.

      What's my experience with pricing, setup cost, and licensing?

      We pay licensing fees of approximately $2,000. We have a contract for three years.

      What other advice do I have?

      The vendor is very professional when it comes to firewall products. Aside from the issues with the VPN, It has all of the features that we need.

      My advice for anybody considering this product is that the result depends on your country. In my country, there are a lot of problems with ransomware and viruses. Sophos has already helped to mitigate and stop issues such as these on our network. It is the best firewall on the market.

      I would rate this solution a ten out of ten.

      Which deployment model are you using for this solution?

      On-premises
      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Network Administrator at chegus infotech
      Real User
      Offers VPN functionality, has good monitoring capabilities, and IPS filtering helps secure our network
      Pros and Cons
      • "Over the past two years, during the COVID pandemic, the VPN has helped us a lot."
      • "The interface can bit a bit more user-friendly."

      What is our primary use case?

      I use this product for my VPN. It links site-to-site between us and my client's VPN.

      All of the users have a unique ID that they use to connect to the VPN.

      The product also does site blocking based on the category of the website that the users are trying to access.

      I can also use it to monitor all of the users' activities.

      We use this in our physical environment.

      How has it helped my organization?

      During the pandemic, this product helped our employees connect with the office network. Security-wise, it provides IPS filtering, which is also quite benefiticial.

      What is most valuable?

      The most valuable feature is the VPN. Over the past two years, during the COVID pandemic, the VPN has helped us a lot. All of the users are able to connect with our office network using their own devices.

      What needs improvement?

      The interface can bit a bit more user-friendly. For me, it's still user-friendly and I don't find it difficult to use. However, the configuration should be more user-based. As an example, IPSec is complex and a little bit difficult to configure. If it were more like Microsoft Azure and the way their online configuration works, it would be an improvement. As it is now, I have all of the settings inside the device, so I can clone them and use them for customers. But, on the customer's side, it is difficult for people to understand.

      Our Wi-Fi network is not working as well as expected.

      For how long have I used the solution?

      I have been working with Sophos XG since December 2019.

      What do I think about the stability of the solution?

      This is a product that we use every day. Without it, it is very difficult for us to work. I really like the reliability and the performance of the Sophos device, but I'm facing a few issues with my Wi-Fi networks. This device supports the Wi-Fi network, but it's not quite as good as we expected. I'm not sure why it is not working so well for me.

      What do I think about the scalability of the solution?

      This is quite a reliable device, even as we scale it. We have fewer than 35 people in the company that uses it.

      How are customer service and support?

      It has been a very long time since I have contacted Sophos technical support. It was very difficult to get connected with customer service. Finally, after reaching customer care, which was handled by Cyberoam, they helped me out and fixed whatever issue I was facing.

      My customer care team is not in India, and this is something that we expected to have.

      Which solution did I use previously and why did I switch?

      Prior to Sophos XG, I was using the Cyberoam product. Cyberoam was acquired by Sophos. Aside from this, I don't have much experience with other providers.

      How was the initial setup?

      It is not complex to set up. Initially, it is a simple configuration but they should have default profiles available. For example, many companies only need a generic configuration. Even if it's just a static IP to get them started and then they can assign a default profile for all of the users inside the company.

      Our initial deployment took between two and three days to complete. This included deploying a new server. In advance of beginning deployment, we spent one day gathering requirements. The Sophos part of the deployment only took between three and four hours.

      What about the implementation team?

      The initial deployment was done by the vendor and me together. We had an integrator to set up the rack, and they supplied us with Sophos. Most of the configuration was done by me because the integrator did not have enough time.

      I also take care of the maintenance including the patching and updating. One person is enough for this. I used to have an assistant but now, I'm the only person that takes care of it.

      What's my experience with pricing, setup cost, and licensing?

      The price of this product is fine for me. For example, there are open-source solutions available on the market, but I trust Sophos. I know the vendors in India and I trust the product.

      I paid approximately 57,000 Rupees ($750 USD) for three years.

      What other advice do I have?

      Personally, I like this product and I like the vendor. The platform is very good and apart from the wireless interface issue that I am having, working with this product has been a very good experience.

      I would rate this solution an eight out of ten.

      Which deployment model are you using for this solution?

      On-premises
      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Buyer's Guide
      Download our free Sophos XG Report and get advice and tips from experienced pros sharing their opinions.
      Updated: May 2023
      Product Categories
      Firewalls
      Buyer's Guide
      Download our free Sophos XG Report and get advice and tips from experienced pros sharing their opinions.