Sophos XG Reviews

We primarily use Sophos XG as edge routers and edge firewalls, also known as border firewalls. We configure rules where specific users are allowed internet access and use rules for policy routing. We also control traffic for specific services, such as directing emails to one service provider while normal internet usage goes to another.

Sophos XG has helped us reduce virus and malware attacks. This allows our IT team to spend less time on troubleshooting and more on productive work. The ability to control what comes into and goes out of the network improves overall efficiency.

Sophos XG's most effective features for threat detection and management are its UTM components, which are useful for malware prevention and intrusion detection.

The firewall could be made more robust, particularly by simplifying two-factor authentication. It should also improve SD WAN capabilities. Additionally, there are issues with site-to-site VPNs dropping connections, which can be frustrating.

We have been using the solution since 2018.

Stability is generally okay. Customers have used the equipment all the way to end of life without major issues.

Scalability is not very flexible. You can't upgrade memory or storage on a specific model, which limits scalability.

The quality of support varies. The team handling application control is very good, but we have had bad experiences with the VPN support team. It all depends on the specific team you are dealing with.

Neutral

The setup is user-friendly and quite straightforward, especially for basic configurations.

Sophos XG reduces virus and malware attacks, addressing network efficiency and cost savings indirectly by minimizing the time spent on troubleshooting.

Pricing is reasonable. You get a perpetual license. That said, you must pay for support and updates. The cost depends on the package you are in, such as full threat management or basic.

We have also worked with Fortinet Firewalls and Palo Alto. Price-wise, Sophos XG is reasonable when comparing similar models.

When recommending Sophos, we consider the customer's specific requirements and infrastructure compatibility. Sophos is user-friendly and suitable for environments without highly technical staff because it is easy to manage.

I'd rate the solution eight out of ten.

Our main use case at the moment for Sophos XG is to create a site-to-site VPN with one of our clients. We cannot use AWS VPN, so we use Sophos XG.

We only used the VPN functionality. We did not explore other aspects of the product beyond the VPN capabilities.

The IPsec VPN is the only feature we utilized in Sophos XG. We did not explore the web and application filtering capabilities, and these features have not helped our organization in managing bandwidth or access to malicious sites.

The user-friendly interface of Sophos XG is acceptable but too complicated. There are many options and configurations, but it is very complicated to navigate through all those options if you are not familiar with the product.

Sophos XG can be improved by making the UI more user-friendly. They should add packet capture functionality in the UI instead of requiring users to access the server directly for this purpose, as it is a very useful tool that everyone needs. Additionally, it can be confusing when working in the AWS Marketplace, as users might mistakenly purchase the old version of Sophos XG.

I have been using Sophos XG for three or four months. It is new, and we may discontinue using this product because it has not met our requirements.

Considering the deployment flexibility of the Sophos XG firewall, hybrid deployments have not supported our organization's diverse technological infrastructure.

It is a bit early to tell, but Sophos XG is adequate for my company's growing needs at present.

I have not tried their customer service and technical support.

Positive

I have considered other solutions before Sophos XG, including pfSense, AWS firewall, and Kato firewall.

I was previously using AWS firewall and Kato firewall before switching to Sophos XG.

My experience with deploying Sophos XG was easy.

My experience with pricing, setup costs, and licensing was through AWS.

I do not use the security heartbeat functionality.

I have not tried the synchronized security feature of the Sophos XG firewall.

I am not particularly interested in being a reference to the vendor. We do not use Sophos extensively, so I may not provide substantial insights.

What led me to consider changing was that we thought the VPN configuration was not working because of the product we used to work with, so we tried other alternatives.

On a scale of 1-10, I would rate Sophos XG a seven or eight, though this rating is limited by our minimal usage of the product.

I was a distributor for Sophos XG products and worked with customers seeking network security solutions. In my current company, we previously used Sophos XG products extensively before switching to other options.

Sophos XG offers a robust solution with quota management features that are per IP and per user, which I find to be very effective. The ability to manage everything in one box is a significant advantage, eliminating the need to purchase separate products for email security and other features. The user interface is user-friendly, offering dashboards with widgets that provide speed and status, making configuration easy. Traffic management is facilitated through various configurations and user self-portals. Additionally, Sophos XG makes administrative tasks seamless by allowing easy navigation and configuration.

The technical support could be improved, particularly in terms of response speed, as there were delays when working with their Indian support team.

Traffic management is facilitated through various configurations.

Sophos XG is primarily suitable for SMB and mid-level enterprise categories, but not typically chosen by high-end enterprises in Sri Lanka.

The technical support could be improved, particularly regarding response speed when working with the Indian team.

Neutral

Previously, we used Sophos UTM before transitioning to Sophos XG.

The implementation of Sophos XG is straightforward and easy.

I worked as a distributor and the setup was handled internally or with assistance from vendors.

During my research, I explored products like Fortinet FortiGate and Netgate pfSense.

I rate Sophos XG eight out of ten. While the implementation was straightforward and easy, the technical support could use improvement. I recommend looking into improving the features and security validations to cater to the needs of bigger companies.

My company has normal web-based policies to restrict websites and allow certain legitimate websites. My company also has site-to-site VPNs and SSL VPNs, along with firewalls.

The most valuable feature of Sophos XG for our company's cybersecurity defense strategy stems from a mixture of all of the product's capabilities, which includes areas like web protection and VPN that are important when it comes to cybersecurity.

I would like the product to improve so that it can provide advanced SD-WAN, which can allow users to deal with infinite connections along with seamless bandwidth utilization.

In the product, the area revolving around SD-WAN has certain shortcomings where improvements are required.

It would be great if I could monitor a particular traffic from a network with Sophos XG.

I have been using Sophos XG for around a year and a half. I am a customer of the tool.

It is a stable solution. Stability-wise, I rate the solution an eight to nine out of ten.

Scalability-wise, I rate the solution a seven to eight out of ten.

There are around 200 users of the product in my company.

The solution's technical support is good. I rate the technical support an eight out of ten.

Positive

I have experience with Fortinet.

Sophos and Fortinet provide good features. Interface-wise and usage-wise, Fortinet is good. Fortinet provides a simple interface, while it is an area that is a bit complex in Sophos. Feature-wise, Sophos and Fortinet are similar.

I rate the product's initial setup phase at six or seven on a scale of one to ten, where one is difficult, and ten is easy.

The solution is deployed on the cloud and on-premises.

The solution can be deployed in a day.

The product is expensive. I rate the product price a six on a scale of one to ten, where one is low price and ten is high price.

Sophos XG has the ability to provide good reports.

I rate the tool an eight to nine out of ten.

I am using this product for security purposes.

Sophos XG is user-friendly, easily configured, and has all the latest features, including URL filtering.

I have used the Synchronized Security feature of Sophos XG along with the Heartbeat functionality, specifically the Security Heartbeat.

The filtering capabilities of Sophos XG are good and I find it user-friendly.

An area that could be improved is technical support's ticket registration process. Sometimes when I contact technical support, they do not register the tickets properly. They ask about registered mail ID and registration number when I am already under pressure. For instance, when the internet is not working or when I cannot apply certain rules, I am already stressed, but the tech support did not register the calls. This happened three to four months ago.

I have been using Sophos XG for one year.

Installing Sophos XG is very easy, with no issues encountered.

The complete installation, including setting up all rules, takes approximately one and a half hours.

I am familiar with Sophos XG.

We have purchased Sophos XG directly through Sophos, though I am not aware of the financial operations regarding the purchase.

I rate the technical support as eight out of ten.

On a scale of one to ten, I rate Sophos XG as eight.

Actually, we are using Tekton for creating CI/CD pipelines for building and deploying applications to different environments.

It helped a lot in terms of automation. We sometimes use Tekton for purposes like sending emails, running batch jobs, and similar tasks.

The valuable features include cloud-native integration, which makes it highly available and efficient in modern containerized environments. Another feature is the modular pipeline that allows reusing CI/CD manifests for different purposes. This modularity helps in reducing redundancy and maintaining a streamlined process.

One area of improvement is the lack of cross-cluster capability, meaning you need different sets of tasks and pipelines for each Kubernetes cluster. Tekton also has an unstable API with frequent changes, making it challenging to maintain consistency across versions. Additionally, there's a need for a better dashboard and built-in authentication mechanisms.

It's about one and a half years we have been working with Tekton.

Tekton is quite stable when used in a well-established Kubernetes cluster. The stability largely depends on the stability of the Kubernetes environment itself, which is designed for high availability.

Tekton's scalability is one of its most advanced features. Since it uses the underlying Kubernetes infrastructure, it can scale easily if the Kubernetes cluster is sufficiently large. I would rate it eight out of ten for scalability.

We primarily used community resources like Stack Overflow for addressing our issues and did not directly contact Tekton's customer service.

Positive

In my previous company, we used GitLab and Jenkins for creating CICD pipelines. Currently, Tekton is the primary tool we are using, with Jenkins as a backup solution if Tekton encounters any issues.

The initial setup was manageable but required extensive reading and understanding of documentation. If the Kubernetes cluster is already in place, the setup can be completed in less than ten minutes.

The deployment of Tekton was done in-house with a team of six to seven people handling deployment, creating CI/CD pipelines, and maintaining the solution.

Tekton is an open-source tool, meaning there are no setup costs associated with it. I would rate the cost at one, indicating it is free to use.

In my previous company, we used GitLab and Jenkins for similar purposes.

My advice is to avoid using Tekton if possible due to its complex setup and lack of user-friendly features like a comprehensive dashboard and built-in authentication mechanisms.

I'd rate the solution eight out of ten.

The tool's most valuable feature is threat protection and DLP features. So far, basic DLP features like content protection and blocking. Furthermore, for remote users, features such as back filtering and application control are available, allowing for command and control from our side. It is very easy to understand policy applications. 

It has multi-console features, where you can designate administrators or super admins. There's also a read-only feature available. Visibility features are included in XDR. This provides information on user impact, potential threats on specific machines, source and destination IPs, setup firewall details, and unique identifiers for each machine. Another notable feature is network isolation, ensuring that data remains secure by isolating affected machines from others.

Sophos XG offers visibility into network information, sources, destinations, and threats. Depending on the policies applied, users may monitor specific issues without blocking them. However, policies that block threats should be applied.

One feature I would like to add is remote wipeout capability. This would be useful in cases where a user leaves the organization and fails to return their laptop. Remote wipeout would allow for the deletion of data from the device with a single command. Regarding technical support from Sophos XG, it's generally satisfactory. However, the response time could be improved. It takes around one hour to receive assistance, but reducing this to 30-45 minutes would benefit us.

The tool has only a base DLP feature. It needs to have a full DLP feature with additional licensing. 

I have been working with the product for ten years. 

I rate the tool's stability an eight point five out of ten. 

I rate the solution's scalability a seven point five out of ten. 

The tool's installment is easy. 

The tool's pricing is cheaper compared to other alternative products. 

Sophos XG has a lab center where they analyze signatures and automatically update them on the product. This eliminates the need for manual updates on individual machines or centers. Additionally, it has features like MDR and management response features. So, Sophos XG seems to have a roadmap in place.

I would recommend the product based on the situation. Cortex, a next-generation antivirus for larger enterprises, would likely provide sufficient coverage. It's also known for its scalability and visibility features, including root cause analysis and terminology features.

I rate the overall solution an eight out of ten. 

We encounter difficulties while navigating through certain features and functionalities of the product. The GUI could be much more transparent.

We have been using Sophos XG for two years. At present, we use the latest version.

I rate the product’s stability an eight out of ten.

We have around 15 to 20 customers using Sophos XG. It is suitable for larger companies. We have around 200 technical engineers in our organization managing it. I rate the scalability a nine out of ten.

The technical support team is friendly and supportive in terms of technical assistance.

Positive

We are working with CheckPoint, SonicWall, and FortiGate.

The deployment method involves navigating through several pages, such as selecting the country and configuring LAN and WAN ports, before reaching the manual configuration stage. Instead, simplifying the process by allowing users to log in directly to the dashboard and initiate configuration without additional prompts could be helpful. The implementation time depends on specific firewall requirements.

The product is more expensive than SonicWall. Our customers compare devices for office compatibility, such as Sophos XG 4100 and SonicWall NSA 2300, and question license cost disparities.

I rate the pricing a six out of ten.

The product’s new variant allows for faster processing of data packets from LAN to WAN, surpassing the capabilities of an 8G firewall. It provides threat prevention features, including WAF, IPS, and AV. We have configured SSL VPN capabilities for different branches, which have been working efficiently. For our minimalistic usage, it has been performing well in transferring data from on-premise devices. It helps us generate detailed reports on the dashboard. The product’s integration with Sophos Central enhances security architecture by enabling centralized management under a single dashboard.

We recommend Sophos XG as a priority as it is much more reliable and has efficient technical assistance. It is much easier for configuration, web filtering, or web extension than one of its competitors.

I rate it a seven out of ten.