Sophos XG Reviews

I use Sophos XG for network security and VPN policies. It is crucial for safeguarding data, enforcing user access controls, and ensuring secure communication. The firewall features, like application control and intrusion prevention, provide a strong defense against cyber threats. With centralized management, setting up and monitoring policies becomes easy, and the VPN capabilities ensure secure remote access for our team.

What I like about Sophos XG is its versatility in tailoring security features to our specific needs. In our environment where certain services are only needed part-time, the flexibility to deploy services selectively is valuable. The comprehensive protection, from firewall to market inspection and routing, ensures a robust defense. I particularly like the visibility it provides into network traffic, allowing us to identify and address issues efficiently.

While Sophos XG has been reliable for remote troubleshooting sessions, it would be beneficial if the platform provided more flexible support for a variety of devices. The user interface is intuitive for those familiar with it, but improving accessibility and user guidance could be beneficial for newcomers. Additionally, although the features are comprehensive, fair pricing and more flexibility with device compatibility could make it even more appealing in the market.

I have been working with Sophos XG for two years.

It is quite stable.

I would give it a ten out of ten for scalability. We have approximately 100 users.

Tech support for Sophos XG is great. They are professional, respond quickly, and help resolve issues effectively.

Previously, I have used Fortinet and SonicWall.

The initial setup of Sophos XG is not complex, especially with familiarity and experience. As you work with it over time, it becomes more straightforward, and mastery comes with continuous use. Deployment depends on specific organizational needs, but in general, it involves configuring the connection between the internet and the local network, setting up VLANs, and defining firewall rules. For me, as a consultant, the process varies based on different client scenarios. Sophos XG simplifies the deployment process, and once configured, it efficiently manages network access for different user categories.

I have done both in-house deployments and collaborated with integrators based on the client's preference. As a consultant, I assess the needs, design the setup, and can either guide the in-house team through the deployment or handle it myself. The process involves configuring the live site for optimal security, and in some cases, I work remotely on existing setups. Sophos XG's flexibility makes it feasible for both in-house and external experts to manage the deployment effectively.

The payment structure can depend on the reseller or partner. Typically, it involves getting the device first, and then the licensing is managed, often in US dollars, through the partner or reseller. The process ensures proper handling and support through authorized channels.

I would recommend Sophos XG for anyone looking to build robust IT systems. It is ideal if you have a clear vision of your IT infrastructure and want a solution that can seamlessly integrate and enhance security. The flexibility to tailor it to specific needs makes Sophos XG a valuable choice for building a reliable and secure network. Overall, I would rate it as a ten out of ten.

I use Sophos XG in my company as a firewall for my company's network. The product is used to manage the internet access received through routers for our company's network.

The most valuable feature of the solution stems from the fact that the routing functionality provided by the product is very easy for our company to use in our network since it provides for the movement of packets from one device to the other devices in our network, making it an area which works really fine for us.

I want an increase in the ability of the product to block and delete the websites and applications that don't work fine for our company. The tool ends up blocking another website that I need when I only want it to block a particular website or application. I can't use the product's application control feature, making it a disadvantage of the solution where improvements are required.

I have been using Sophos XG since around 2019, making it five years. I use Sophos Firewall Home Edition.

It is a very stable solution. In my company, we have had a reason to restart the product for a long time since the services offered by the tool have been fine enough for our organization.

The product was installed in our company in 2019 when we had around 15 employees. I don't see any issues with the product, considering the increase in the number of devices over the years in our company.

Sophos Firewall Home Edition doesn't provide technical support.

Sometimes, my company needs to rely on pfSense to deal with the area of backup. My company prefers pfSense to save data.

The product's initial setup phase is very easy.

I use Sophos Firewall Home Edition, which is available for free.

I haven't used the VPN capabilities provided by the product since my company already has a VPN-based solution in our environment.

The application control feature of the product is very good. My company doesn't use the application control feature for now since there was an increase in the blocking and deletion of applications when it was used.

The integration of the product into our company's infrastructure did not have any impact on our network performance. In general, the product is a bit buggy when it comes to the area of its impact on network performance.

I recommend the product to those who plan to use it.

I rate the overall tool an eight out of ten.

We use Sophos XG for ensuring security, implementing web filtering, enforcing policies, and blocking traffic as needed.

I appreciate its interface, but I find that the available ports are insufficient. I've encountered limitations, often finding that three to four ports are not adequate for our needs.

It stands out with its side-to-side VPN and SSL VPN capabilities.

The most significant aspect is the protection it offers.

I encountered an issue while implementing web filtering for users. Specifically, when attempting to access reports detailing which sites users are visiting, the diagnostic report fails to display the complete URLs of the websites visited. This becomes particularly problematic when users utilize proxy software to bypass the firewall, as it renders tracking their website visits nearly impossible. Training presents a major challenge as there are numerous features available, such as IPS and IDS, which many network administrators are unfamiliar with and tend to leave disabled. Users are unable to enable these features themselves due to their lack of understanding of their functionalities and configuration processes. The training manual provided to users lacks proper guidance on configuration procedures. The content outlined in the user manual differs significantly from the live configuration process.

I have been working with it for approximately six years.

There are several glitches in the new firewall. One particular issue arises when applying filtering settings. The firewall fails to unblock sites without requiring a restart to save and execute the changes properly.

We have a multitude of distinct sites, amounting to a total of six to seven thousand users in total.

Our experience with Fortinet was better compared to Sophos. Also, configuring Fortinet is much easier than configuring Sophos.

Installation is not straightforward; it's a bit complex. For instance, when setting up two ISP connections and terminating them on two firewalls, the process involves configuring LAN and WAN interfaces separately, along with DNS and routing configurations in different tabs. Many users may find these functions unfamiliar. It would be more convenient if all functions related to traffic routing were consolidated into a single tab for easier management. Maintenance is also challenging.

The price of Sophos in PTR is significantly higher compared to Fortinet.

Overall, I would rate it three out of ten.

I mainly use Sophos XG for network firewall protection and VPN access. It helps secure our internet connection and allows us to manage our network traffic efficiently. Additionally, we use it for monitoring our local network.

Sophos XG has significantly improved our remote workforce security. It effectively safeguards our information systems and data, while also enabling us to restrict access to unauthorized websites. This has been particularly valuable for ensuring productivity and security across all our branches nationwide.

The most valuable features of Sophos XG for our use cases are its firewall capabilities, its ability to connect to wide area and local networks, and its VPN functionality. It effectively protects our information systems while simplifying VPN setup across branches, eliminating the need for additional VPN services from our internet service provider.

One area where Sophos XG could improve is in its patch management system. I encountered an issue where installing a new patch resulted in being locked out of the firewall, which was quite inconvenient. This suggests a vulnerability that needs addressing to ensure administrators can update patches without losing access. Such incidents shouldn't require a complete reconfiguration, so there is definitely room for improvement in this aspect.

One piece of advice I would offer is for Sophos XG to consistently incorporate the latest technologies to stay competitive with other vendors. Ensuring that new features are regularly updated and integrated into future products will enhance the platform's effectiveness and appeal to users.

I have been working with Sophos XG for seven years.

I would rate the stability of the solution as a ten out of ten.

I would rate the scalability of the solution as an eight out of ten. It is highly scalable and capable of covering a growing number of end users. Whether managing a small or large user base, its scalability makes it adaptable to varying network sizes and user demands. In my organization, we have approximately two thousand users across various branches using Sophos XG daily.

I would rate the initial setup of Sophos XG as a solid ten out of ten in terms of ease. With a clear understanding of the process and step-by-step guidance, setting it up was straightforward and hassle-free.

It took me around 30 minutes to deploy Sophos XG. The deployment process involved configuring the LAN, WAN, and VPN settings at each branch. Once connected to the switch and router, it was ready to use, making it a straightforward and quick setup process. 

Maintaining Sophos XG typically requires only one or two people, depending on the size and complexity of the network deployment.

The most effective feature of Sophos XG for threat prevention is its regular patch management system. By consistently updating software and firmware with new patches, it helps prevent attacks by addressing vulnerabilities and staying ahead of emerging threats.

The web filtering capability of Sophos XG has benefited our organization by effectively blocking users from accessing specific websites during office hours and even restricting access to certain sites altogether. This feature has been instrumental in enforcing our web usage policies and ensuring a secure browsing environment.

The performance of Sophos XG's firewall has met our expectations perfectly.

We have integrated Sophos XG with other security equipment such as routers and switches. While we primarily use it as a standalone product, in some branches, we have connected it with other security solutions for enhanced protection.

I would recommend implementing Sophos XG for its effectiveness as a firewall. Before installing it, consider factors like your current network equipment, intended use, user compliance with security controls, and whether your technical staff may need training if they're unfamiliar with Sophos firewall.

Overall, I would rate Sophos XG as a ten out of ten.

I use the solution in my internal network for my home office, for which I have applied a router in my home. I have deployed a couple of switches in my home network, but I need to secure my network from attacks.

Adaptive security is the most usable and most efficient feature in Sophos XG. The performance and scalability of the tool are advantageous areas.

With the firewall part in Sophos XG, it is not very flexible if you want to block access to a particular site during your internal usage. The tool is not able to block access to a particular website instantly or easily since it takes a considerable amount of time to configure a few things. If you specify that a user should not be able to go to www.google.com, it should be denied for sure.

The support engineers of the product are not very tech-savvy, making it an area where improvements are required.

I have been using Sophos XG for four years. I am a customer of the product.

At times, there are some issues that I have faced with the stability of the product. Not many firmware updates pushed into the tool are bug-free, and because of this, I face issues.

I rate the tool's stability a seven out of ten.

It is a scalable solution.

Based on my experience with the product's support team, I feel that Sophos provides good technical support to its users.

I rate the technical support a six out of ten.

Neutral

The product's initial setup phase was easy, especially compared to Cisco.

The solution is deployed on the cloud. I have also worked with the on-premises model.

The solution can be deployed in only a couple of hours.

The product has improved the security posture. Sophos XG provides features that are almost the same as those Cisco Firepower devices provide. I would say that a couple of features in Sophos XG are the same as the ones provided by other Cisco devices, which are top-notch.

The management tools or log-related solutions that are presented with Sophos are okay but not top-notch when it comes to Cisco. I rate the reporting and visibility tools in Sophos XG a six out of ten compared to Cisco.

Sophos xG's integration capabilities do not apply to a limited number of security tools. Cisco provides integration capabilities with many products, while Sophos XG offers integration with a limited number of products. Cisco provides integration capability with almost any tool that is present in the world. Cisco works day and night to ensure that it provides good integration capabilities with the solutions.

I recommend the tool to those who plan to use it, especially if you own a very small office where you don't need a product with too many functionalities.

I rate the tool a seven out of ten.

I am an integrator of this solution, and I have installed it in small- and medium-sized businesses and schools.

My company now spends less time tracking issues because of the security provided by Sophos XG in conjunction with Sophos Endpoint protection.

The security of the solution, thanks to the built-in unified threat management, is one of its most valuable features. Plus, one single pane of glass is all you need to manage the whole solution, and web management can be done from anywhere. If I get a call and I'm at home, I can open the solution in a web browser and address the situation.

I have been using this solution since 2013.

The stability of this solution is excellent. 

The solution is available in different sizes. As long as you purchase a version that is larger than you currently need, there is room to grow. If you purchase one for your current needs, then the scalability is not good and you're going to have to repurchase if you want to scale up. On a scale of one to ten, I would give this solution a five or six for scalability. 

I would rate the technical support as a ten out of ten. I'm a Sophos partner, and their partner support is excellent. 

Positive

I previously used Cisco Meraki, but Sophos XG has built-in web filtering and is a better overall security solution. Due to these features, I have tried to migrate as many of my schools to Sophos XG as possible.

On a scale of one to five, with five being complex, I would rate the initial setup as a four. If you don't understand the terminology and how Sophos designates the way they do things, then it is a little confusing.

Depending on the location, most deployments take a day. We leave the current firewall in place while we configure the new one, then we swing the cable over and fire up the new firewall. That way if we have to take it back offline, we can keep the client productive until we are done configuring the new firewall.

For deployment you really only need one person, and maintenance can easily be handled by one person, too.

The pricing depends on the size. Each Sophos XG solution is custom fit to the size of the client's network. For example, for the XG 135, you're looking at a yearly subscription. You can get a one-year subscription for a few hundred dollars, or a three-year subscription for $1,500-$1,600, so it's not bad. There are no costs in addition to the standard licensing fees. I would rate the pricing as a three point eight on a scale of one to five.

I've had schools running different firewalls with subscriptions and different web filters with subscriptions, and I've found that it is less expensive for smaller schools to run Sophos XG with its unified threat management instead of multiple appliances.

I have evaluated some other options. It really boils down to price, and I haven't had a chance to explore Palo Alto much. I've played with PortaNet a little bit, but I think that Sophos XG has better features for the price point.

For the standard end user, self-based training is necessary. When you get into the Sophos XG firewall and try to start creating NAT rules, it can be a little cumbersome for a novice. It's pretty easy once you know how to do it, but it will be hard for anybody who doesn't have experience.

My advice to someone purchasing this solution would be to look closely at the licensing package to make sure they get what they need.

For small businesses and small schools, I would rate this solution as an eight out of ten.

The tool's most valuable feature is threat protection and DLP features. So far, basic DLP features like content protection and blocking. Furthermore, for remote users, features such as back filtering and application control are available, allowing for command and control from our side. It is very easy to understand policy applications. 

It has multi-console features, where you can designate administrators or super admins. There's also a read-only feature available. Visibility features are included in XDR. This provides information on user impact, potential threats on specific machines, source and destination IPs, setup firewall details, and unique identifiers for each machine. Another notable feature is network isolation, ensuring that data remains secure by isolating affected machines from others.

Sophos XG offers visibility into network information, sources, destinations, and threats. Depending on the policies applied, users may monitor specific issues without blocking them. However, policies that block threats should be applied.

One feature I would like to add is remote wipeout capability. This would be useful in cases where a user leaves the organization and fails to return their laptop. Remote wipeout would allow for the deletion of data from the device with a single command. Regarding technical support from Sophos XG, it's generally satisfactory. However, the response time could be improved. It takes around one hour to receive assistance, but reducing this to 30-45 minutes would benefit us.

The tool has only a base DLP feature. It needs to have a full DLP feature with additional licensing. 

I have been working with the product for ten years. 

I rate the tool's stability an eight point five out of ten. 

I rate the solution's scalability a seven point five out of ten. 

The tool's installment is easy. 

The tool's pricing is cheaper compared to other alternative products. 

Sophos XG has a lab center where they analyze signatures and automatically update them on the product. This eliminates the need for manual updates on individual machines or centers. Additionally, it has features like MDR and management response features. So, Sophos XG seems to have a roadmap in place.

I would recommend the product based on the situation. Cortex, a next-generation antivirus for larger enterprises, would likely provide sufficient coverage. It's also known for its scalability and visibility features, including root cause analysis and terminology features.

I rate the overall solution an eight out of ten. 

The product has improved our network security posture. We got some phishing and malware attacks. We found out that someone was attacking our network. Since we installed the solution, we are not facing any attacks.

IPS works smoothly. The policies and rules work fine. The network performance and reporting tools of Sophos XG are good.

We are facing a little bit of an issue with the product's web filtering capabilities. It must be improved. SD-WAN can be improved.

I have been using the solution for almost two years.

I rate the tool’s stability a seven or eight out of ten.

I rate the tool’s scalability a seven or eight out of ten. Almost 5000 people are using the solution in our organization. We have installed the firewall. It is always running.

The support takes a lot of time to resolve issues.

Neutral

I rate the ease of setup a seven out of ten. The deployment took a few weeks.

The deployment was done in-house. We needed two to three people for the deployment.

I rate the pricing a seven or eight out of ten.

I will recommend the product to others. The solution is not extremely good, but it is good. Overall, I rate the product a seven or eight out of ten.