Try our new research platform with insights from 80,000+ expert users
Owner at supernovatel
Real User
A firewall solution with a valuable VPN feature
Pros and Cons
  • "Because of the pandemic, the VPN is the most valuable feature."
  • "I used to work with Fortinet, and sometimes I see that the SD-WAN feature could be better because it's much easier in Fortinet."

What is our primary use case?

We use Sophos XG for a central firewall, with some branches making a VPN, but that's the normal deployment. Some clients use it as a proxy, but most of my clients use it as a gateway. We use Sophos to configure policies, work filters, application filters, and the SSL VPN and IPSec VPNs.

What is most valuable?

Because of the pandemic, the VPN is the most valuable feature. In Bolivia, the clients normally asked for an appliance with a web protection license or network protection and web protection license. These are the most common features demanded by our customers.

Some clients are also using the wireless solution and using XG firewall as a wireless controller. For those clients, this feature is a very important.

What needs improvement?

I used to work with Fortinet, and sometimes I see that the SD-WAN feature could be better because it's much easier in Fortinet. That area could be improved in Sophos XG as it's too complicated right now.

For example, I remember a case where the routers had to be configured by commands. It's not hard, but you have to read and investigate how to do that. The XG firewall works fine, but you have to read, and it takes some time to do it.

Sophos XG could also improve the floating area. I have more features in Fortinet, more visibility of the networking table, and the networking area. But in Sophos, you have to enter the CLA and display it. It'll also help if they offered more toll booths for VPN like Fortinet.

For how long have I used the solution?

I've been working with Sophos XG for around five years.

Buyer's Guide
Sophos XG
June 2025
Learn what your peers think about Sophos XG. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,170 professionals have used our research since 2012.

What do I think about the stability of the solution?

I have no issues with the stability. No reboots are needed, and there hasn't been a problem with that.

What do I think about the scalability of the solution?

The new enterprise models are scalable, and we don't have problems. I think it's fine.

How are customer service and support?

I like their technical support. With Cyberoam, I remember the technical support used to work closely with us. They used to configure some features for us and help us resolve problems, but not just by email. They used to work with us and show us how to do it. I think that was nice, but in Sophos, they give us instructions and help us, but by email.

How was the initial setup?

The initial setup and configuration was very easy for us. I think it's easier than the other options in the marketplace. The deployment time is relative. For example, if you're deploying for a client who has another firewall and have to integrate it, it'll take around two or three days. But if it's a new environment, you can deploy the firewall within two hours.

Which other solutions did I evaluate?

Normally, my clients look at Fortinet. Both have similar features, and sometimes Sophos is more expensive, or FortiGate is more expensive. It depends. But normally, I have clients that migrate from Fortinet to Sophos. They are used to working with FortiGate without a problem, but the main difference in our case is the support. Because as a company, SUPERNOVATEL, has more experience with Sophos to help our clients immediately. That makes the difference.

What other advice do I have?

On a scale from one to ten, I would give Sophos XG a nine.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
Network Engineer at Vibs
Real User
Stable, scalable, with a good central dashboard, and good technical support
Pros and Cons
  • "The most valuable feature is the central dashboard"
  • "I would like to see the performance improved."

What is our primary use case?

We are integrators. We integrate solutions for other our client's companies.

What is most valuable?

The most valuable feature is the central dashboard. It provides us with good performance.

What needs improvement?

When you utilize the processors, the device hangs. Many firewalls hang because of the high volume of loads.

If we are using the HP policy and the user policy at the same time, the firewall gets hung and it means that we cannot get clear reports.

We have mitigated the firewall with Palo Alto because Palo Alto is working on multiple environments. 

I would like to see the performance improved.

For how long have I used the solution?

I have been working with Sophos XG for three years.

Currently, we are using the MR4 v18.

What do I think about the stability of the solution?

It's a stable solution.

What do I think about the scalability of the solution?

This product is scalable. I would rate the scalability an eight out of ten.

So far we use this solution for SMB and enterprise companies.

How are customer service and technical support?

Technical support is very good.

Which solution did I use previously and why did I switch?

We are also working with Fortinet FortiGate and Palo Alto Networks NG Firewalls.

Palo Alto is the best product from a compliance point of view, and security. Fortinet is the second and the last is Sophos XG.

How was the initial setup?

I have installed Sophos XG in multiple organizations.

The initial setup is very easy.

It took less than 10 minutes to deploy.

What's my experience with pricing, setup cost, and licensing?

Sophos is very good for small companies because of the cost of the product compared to other solutions.

The price is reasonable.

What other advice do I have?

I prefer Palo Alto Networks NG Firewalls to Sophos. Palo Alto is very good and the customers are happy. The hardware is customizable with multiple firewalls. I think that it is the best.

I would rate Sophos XG an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer. partner
PeerSpot user
Buyer's Guide
Sophos XG
June 2025
Learn what your peers think about Sophos XG. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,170 professionals have used our research since 2012.
Miyoba Sichimwi - PeerSpot reviewer
Information Technology Security Officer at South African National Accreditation System (sanas)
Real User
Top 20
Quick to install and configure with proactive support, but updates often cause problems
Pros and Cons
  • "Definitely, its usability is very good, and it's a very robust firewall."
  • "I think that the main area for improvement is the quality assurance of the updates."

What is our primary use case?

This product serves as our current firewall solution, which is a network protection gateway.

What is most valuable?

This is a very simple solution.

It integrates well with Sophos Endpoint Protection, and we use the two of them to form a holistic security perimeter control. 

What needs improvement?

Software updates always come with issues. For example, I just upgraded to the next version, 80.5, and it came with VPN issues. It started dropping my VPN users. So, I had to roll back to before the software update. I think that the main area for improvement is the quality assurance of the updates.

The management console is a little bit rigid.

Scalability can be improved.

I think that it performs a little bit slow when it comes to connectivity, and having the speed increased would be better.

For how long have I used the solution?

We have been using Sophos XG for the past four years.

What do I think about the stability of the solution?

This is a very stable platform. In the four years that we have had it, it's never gone down.

What do I think about the scalability of the solution?

It is not a very scalable product. I would rate the scalability a seven out of ten because where you order it, it comes with prefixed ports. You will only have perhaps two for the WAN, and then maybe four LAN ports, and one console. In this regard, it's not scalable. 

When you buy it, you can't change the port configuration. In order to get more ports, you may have to upgrade to a bigger firewall.

We have about 130 accounts for approximately 80 employees.

How are customer service and technical support?

Technical support for Sophos is very good and they have a big presence in South Africa. It uses something called Sophos Central, where support can fix the problem before you, as the user, actually finds it.

How was the initial setup?

It is a very simple and very quick initial setup and configuration. Because it is a next-generation firewall, it does most of the rule development in the background. You just need to set up the basics and start it up.

What was our ROI?

For what you are buying, it's good value for the money.

What's my experience with pricing, setup cost, and licensing?

Sophos is very good when it comes to pricing. A firewall has a lot of things to look for when you're buying it, including throughput and its features. When we purchased this product, Sophos was the best on the market.

Which other solutions did I evaluate?

In addition to Sophos, we looked at FortiGate, SonicWall, and Cisco. We were looking for a next-generation firewall, and Cisco was out of range because it was too expensive. We settled on Sophos because we already had the endpoint solution in our environment, and the price was very good as well.

What other advice do I have?

Sophos XG is a firewall that I recommend because it's a very simple firewall. It's not complicated, and a LAN expert can just start using it and learn very quickly. Definitely, its usability is very good, and it's a very robust firewall.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
IT Executive at Hotel Maluri Kuala Lumpur
Real User
User-friendly and easy to explore with many good features
Pros and Cons
  • "The product is very easy to explore. It has a very good layout."
  • "The solution is tied to the US dollar. You need to pay whatever the equivalent is in your own currency, and, if the exchange is bad, it can really add to the cost."

What is most valuable?

Overall, everything about the solution works well. We haven't had any issues at all.

The features on offer are great. It has pretty much everything we need.

The solution is very user-friendly.

The product is very easy to explore. It has a very good layout.

What needs improvement?

I need to do a bit more research on the product. I can't think of any features that are missing.

The solution is tied to the US dollar. You need to pay whatever the equivalent is in your own currency, and, if the exchange is bad, it can really add to the cost.

For how long have I used the solution?

We've been using the solution for three years. It hasn't been an extremely long amount of time.

What do I think about the stability of the solution?

The stability is great. We don't have any issues. I haven't come across bugs or glitches. There isn't crashing or freezing. It's reliable.

How are customer service and technical support?

Technical support is quite good. That said, we really haven't had any issues with the product itself.

Which solution did I use previously and why did I switch?

I used to use Fortinet. That was at a different company, however.

How was the initial setup?

The solution is very straightforward to set up. It's not too complex. Sophos Endpoint is similar in that respect. It's easy to implement.

What's my experience with pricing, setup cost, and licensing?

The pricing is a bit expensive. That is mostly due to the US exchange. If the exchange is bad, it's quite an expensive option for us.

What other advice do I have?

We are Sophos customers. We're just end-users.

We also use Sophos Intercept X and Sophos Endpoint as well.

It's a good option. It's easy to explore and to use. Everything is pretty straightforward, especially if you compare it to other firewalls.

Overall, I would rate it at a nine out of ten. We've been very happy with it in general.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Director, Middle East, East India & SAARC at DMX Technologies
Real User
Good support, easy to set up, and the VPN helps ensure secure connections for people working remotely
Pros and Cons
  • "The feature that we find most valuable is the VPN, which ensures that people working remotely have a secure connection."
  • "We feel that the GUI can be improved a bit because it has a lot of information and looks a bit outdated."

What is our primary use case?

We are using this product as the firewall for our head office, so any connections going outside of the office go through it. We are also using VPN clients and especially during the lockdown, it was very helpful.

What is most valuable?

The feature that we find most valuable is the VPN, which ensures that people working remotely have a secure connection.

The email security and other security-related features are useful.

What needs improvement?

We feel that the GUI can be improved a bit because it has a lot of information and looks a bit outdated.

Nowadays, you hear a lot about next-generation firewalls, so some additional features can be added from an EI perspective. Products like FortiGate, for example, have a lot of features apart from the basic firewall. 

We would like to see integration with existing IPAM and IDAM products.

In the future, I would like to see new kinds of automations, as well as the inclusion of artificial intelligence-related features. A lot of other firewalls already have these now.

For how long have I used the solution?

I have been using Sophos XG for approximately three years.

What do I think about the stability of the solution?

We have not had many issues, perhaps two or three of them, when using Sophos XG.

What do I think about the scalability of the solution?

Scalability-wise, they have different models. With the requirements that we have, this firewall did a good job. It's still doing a good job in terms of performance. For a larger enterprise with a higher number of users, they can recommend other models.

Currently, we have approximately 100 users.

How are customer service and technical support?

We have received good support. For the small number of issues that we have had, we received help from IT. This included assistance with configuring some additional policies. Whenever we reached out to them, they were very prompt in terms of responding to us.

Which solution did I use previously and why did I switch?

Prior to Sophos XG, we were using a firewall by Palo Alto. The major reason we began looking for a different one was that the support was not very good. The firewall was pretty decent but whenever we wanted some help, it was a bit difficult to reach out to them. To summarize, it was not very prompt.

How was the initial setup?

The initial setup was simple. Within one to two hours, we were done. This was not just the installation, but the complete configuration.

What about the implementation team?

We performed the deployment with the Sophos team guiding us over the phone. It was not complex. There was one person from Sophos who was coordinating it, and it was done by our internal IT manager.

What other advice do I have?

For the most part, I can say that we plan to continue using this product. However, we would like to see if they have come up with new models and what additional features have they been incorporating. With cybersecurity, I know there have been a lot of threats of late, so we would like to see some new technologies or new features being incorporated.

This is a product that I can recommend. My advice for anybody who is implementing it is to first try to understand what the major use cases are. People need to know that there are quite a few options, such as Fortinet, and all of them have different advantages. Sophos fits perfectly for a smaller group of users, with perhaps between a hundred and two hundred people. For larger enterprises, I recommend that they implement Fortinet or Check Point.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Chef IT at a healthcare company with 51-200 employees
Real User
Stable, with an intuitive and user-friendly dashboard
Pros and Cons
  • "This solution does everything and anything a firewall can do."
  • "There is an area that is very specific to our setup, where working tools you cannot easily establish a VPN between two internal networks."

What is our primary use case?

This solution does everything and anything a firewall can do.

What is most valuable?

I am tempted to say that all of the features are valuable. 

When you choose a firewall you have to make a strategic decision, much more than a tactical one. We decided that everything we use within it, goes through and it's got protection.

The dashboard is intuitive and user-friendly.

What needs improvement?

Training on the devices is an area that needs improvement. Their training mechanisms are not perfect, and this is where you lose a good appreciation of the product.

The documentation for implementation is not good. For example, when you look up the details on a firewall rule to validate it, the details are not there.

If you click on the help file, they say a zone is an area where you can define specific logical network areas. This is where they stop, with nothing more. If you want to go further into the concept of it, which you know there is, you have nothing. Then you have to revert to the internet and go onto newsgroups to try to see if anybody has had your type of experience. Then you find someone, they explain it to you then say, "Oh, it only makes sense". So, then when you want to implement this, it's much easier at that time. So, that's the best-case scenario that I can explain.

There is an area that is very specific to our setup, where working tools you cannot easily establish a VPN between two internal networks.

When you want to establish a VPN with different wizards, they assume that you're always going through your internet link. 

If you want to create, with the zero-trust concept, which is where you don't trust anybody or any device, you want to make sure that everything on your network is segmented and everything is relative, depending on its flexibility, behind its firewall or a firewall segment. At some points, you might want to establish VPNs between certain network segments. 

Since you cannot establish VPN tunnels from the Sophos interfaces, plus if you are doing something that's going through the internet, then you lose flexibility. 

Currently, let's say we have a factory V-LAN and you don't want anybody within the factory V-LAN to be able to connect to another unless it is to a specific V-LAN, and you want to use VPN technology, you can't do it because you can't establish the connection again between two internal interfaces.

For how long have I used the solution?

I have been working with Sophos XG for six years.

What do I think about the stability of the solution?

It's a stable product.

What do I think about the scalability of the solution?

In regards to scalability, it's difficult to ascertain at this time because we haven't scaled it necessarily. 

The use cases that we have are very particular, and we're not in a mode of having scaled it yet. We have approximately 100 users in our organization who are using  Sophos XG.

How are customer service and technical support?

Their support, we have a mixed review of it. It's good, but where it's bad, is because they're an international company that relies on many different continents to be able to get the support at different levels.

When we get into the people that are from India, that's where the support becomes not as efficient as we would want it to be. They have different rules of operating under and they don't show themselves to be flexible. Whereas where I am, currently I'm in Canada. When I speak to the support people within Canada, they're much more flexible when it comes to trying to follow us up on what we're trying to do and get the thing working. They're more flexible.

How was the initial setup?

It was a combination of 75 percent straightforward and 25 percent complicated.

What's my experience with pricing, setup cost, and licensing?

It's approximately $6,000 for each device. We have three devices and it was somewhere around $18,000.

What other advice do I have?

I would recommend Sophos XG to others who are interested in using it.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer1192233 - PeerSpot reviewer
Information Systems Infrastructure Manager at a comms service provider with 1,001-5,000 employees
Reseller
Local support and good training, but the wireless controller and scalability can be better
Pros and Cons
  • "I like the firewall, inbound, and outbound modules the most. The VPN feature also works well. It is very easy to configure rules in Sophos XG. We have got local service here in Zimbabwe from Sophos, which is something that I like a lot. We have got good local support, and they come on-site when we have any challenges. Sophos provides a lot of good training all around Zimbabwe. They are quite dominant here, similar to other solutions like Fortinet or WatchGuard."
  • "When you are using it as a controller for the wireless access points, it doesn't perform well. It is not suitable for the public cloud. It is more suitable for enterprise data. It is not really the equipment for cloud data centers. I am looking for a data center firewall."

What is our primary use case?

I am using it for unified management.

What is most valuable?

I like the firewall, inbound, and outbound modules the most. The VPN feature also works well. It is very easy to configure rules in Sophos XG.

We have got local service here in Zimbabwe from Sophos, which is something that I like a lot. We have got good local support, and they come on-site when we have any challenges.

Sophos provides a lot of good training all around Zimbabwe. They are quite dominant here, similar to other solutions like Fortinet or WatchGuard.

What needs improvement?

When you are using it as a controller for the wireless access points, it doesn't perform well.

It is not suitable for the public cloud. It is more suitable for enterprise data. It is not really the equipment for cloud data centers. I am looking for a data center firewall.

For how long have I used the solution?

I have been using Sophos XG for more than five years. I started with Cyberoam, which was bought by Sophos.

What do I think about the stability of the solution?

It is stable. I have managed to secure my network. It has been good so far.

What do I think about the scalability of the solution?

It is not so scalable. If you want to upgrade, you have to buy another appliance. I don't see so much scalability. You can only change a port from 1 gigabit to 10 gigabits. There are other solutions like Fortinet that are more scalable.

How are customer service and technical support?

Their support is good. We get local support from them.

How was the initial setup?

The initial setup is straightforward. The deployment took two days.

What's my experience with pricing, setup cost, and licensing?

The pricing is flexible. Sophos looks at a country's economy and offers flexible pricing. This is how they have managed to penetrate the market.

What other advice do I have?

I would definitely recommend it. It has good support and training.

I would rate Sophos XG a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
Chief Technology Officer at Leystel Nigeria Limited
Reseller
An easy to manage solution that streamlines processes and management
Pros and Cons
  • "The SL VPNs are the most valuable feature. I have a lot of systems out of the head office that need to connect to the local networks, and they all connect wirelessly via the Sophos VPN client."
  • "The initial set up process can be a little tricky, especially when you are registering with Sophos using your registration number. Setup is not necessarily complex, but it's not trouble-free. You do have connectivity issues at the initial setup with registering the device on the Sophos platform to access the advanced features. It doesn't always go through the first time around. That may be an issue with the quality of our automation. I'm not sure exactly what it is."

What is our primary use case?

We use the solution as an internet firewall, and a VPN concentrator.

How has it helped my organization?

It streamlines the process of creating VPN access for users. Because of the AD integration, it makes it very easy to manage these users from different locations from a central source. It also helps us to get a good idea of what our risks are, or if there's any risky activity going on with the users. 

What is most valuable?

The SSL VPNs are the most valuable feature for me. I have a lot of systems out of the head office that need to connect to the local networks, and they all connect via the Sophos VPN client.

What needs improvement?

The initial set up process can be a little tricky, especially when you are registering with Sophos and you have a poor internet connection. Setup is not necessarily complex, but it's not trouble-free. You do have connectivity issues at the initial setup with registering the device on the Sophos platform to access the advanced features. It doesn't always go through the first time around. That may be an issue with the quality of our connection. I'm not sure exactly what it is. 

The single sign-on client I get maybe a 60% success rate on. There are times when it will use single sign-on for verification of users to access Internet resources. It still doesn't always catch the user. The user gets sent to the web login. Even though the single sign-on is helping, it doesn't always work. 

I would like to see a better single sign-on performance. I'd like to see a more streamlined way of managing your licensing as well.

For how long have I used the solution?

I've been using the solution for eight months.

What do I think about the stability of the solution?

There are no issues with stability. It's a very stable system and you almost never have serious problems for any reason. It's only when you do an upgrade that you have to restart. Stability-wise, for the on-premise solution, I'd give it 4 stars.

What do I think about the scalability of the solution?

Once you've bought the specific version, you are locked into the limitations of that plan. You can't exceed the number of VPNs, connections, etc. There's no way to increase that capacity, per se. You do have options where you can increase the port count and so on. However, in terms of scalability, you have to buy the capacity you require.

On the system I have now, it's not fully populated, but we have about 100 users. The plan is to eventually support about 1,400 users.

How are customer service and technical support?

I don't use the solution's technical support. I typically just use the documentation. There are lots of guides and videos available. In most cases, I search the guide. There's a step-by-step guide to deploy so I don't have to contact technical support.

How was the initial setup?

The initial setup isn't hard, but it can be tricky. Since I've been using several Sophos devices, I now find it's fairly simple. I get the deployment done in two hours, including integration. For others, it may take about a day to get everything done. 

There's almost no maintenance. There's really only the requirements of adding users and populating VPN connections. One person does that on a part-time basis.

What about the implementation team?

I handled the implementation myself.

What was our ROI?

We do see an ROI. It would be the cost of the support. If I had to hire a CCNP in Nigeria, I would be paying about $10,000 per annum for a CCNP minimum. For a less experienced person, I can get for about $6,000. I am probably saving about $4,000 a year in personnel costs from going with the XG rather than the ASA.

What's my experience with pricing, setup cost, and licensing?

We are paying about $1,500 yearly for the Enterprise Plus. As far as I know, there aren't costs above this standard fee.

Which other solutions did I evaluate?

We evaluated Cisco ASA as well as the FortiGate before ultimately choosing Sophos.

I chose Sophos over FortiGate because I'd already had experience with Cyberoam and it was a fairly similar migration in terms of configuration from the UTM over. But in terms of features and capabilities, I think FortiGate is pretty similar to the Sophos. Cisco ASA I choose not to go with because it's much harder to configure. I also needed to be able to have someone other than myself manage it and not need to have someone with CCNP sitting down just to add VPN users etc. I felt that the Sophos solution was a better option because it gave me all the functionality of the ASA, but it's much easier to manage.

What other advice do I have?

We use the on-premises deployment model.

We definitely plan to increase the usage and also add high variability too. Right now, it is the main internet gateway and firewall for my network.

We're using both Sophos XG and Sophos UTM.

I would warn those considering implementation that, once you've got it, you're stuck with it. You can't really increase the capacity very much beyond what you have. It's always good to have the expertise available to take care of the box because even though it's a lot easier than the Cisco ASA, you still need someone that has a little expertise in managing it.

You can get very good performance without spending all of your money and without having to send a lot of high-end techs in-house to monitor processes.

I would rate the solution nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer. Partner.
PeerSpot user
Buyer's Guide
Download our free Sophos XG Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2025
Product Categories
Firewalls
Buyer's Guide
Download our free Sophos XG Report and get advice and tips from experienced pros sharing their opinions.