Sophos XG Reviews

We are using the Sophos XG in a different manner than the typical use case. We have the physical box, and we are using Sophos XG on the cloud.

We have two different types. We have two different Sophos XG we're running. We're running one on the Microsoft Azure cloud which mostly all security on the cloud goes through the Sophos XG. The second Sophos XG is running on our own physical local data center.

We are doing something similar to an IPsec between Azure and the local data center. So we are doing an IPsec between the two. We connected all our resources and we mostly run the applications on Microsoft Azure. Were now are doing IPsec between the two data centers.

Most of the features Sophos XG has are valuable. However, if I have two different  ISP, I'm able to create an automatic switch between the two ISPs. I can do the same thing for the cloud as well. If I have two subnets coming from the cloud, I'm able to create a type of switch between both of them where if there is traffic on one and has the traffic drop, I'm able to switch to the other ISP without any problems. It's a normal feature and I get to enjoy the ability to switch between services with no issues.

Security is one of the major reasons we are deploying Sophos XG in our process.

We recently did an upgrade on the Sophos XG firmware and we were surprised that after the upgrade,  the automatic switch actually we were using did not work anymore.

We try to understand exactly why it wasn't working with the new 18.5 firmware, but we could not figure it out. I realized that I was stuck with the main ISP. If there's an outage, it was not reliable on the network any longer.

We had to reverse, back to the old firmware even though we were still trying to fix the new version. It is a very efficient feature for our operation. If it was not there, it could make the workings of our operation inefficient. It is one of the best features of Sophos XG. It makes operations very efficient. You don't have to worry about anything at all. We are using the entire Sophos package, such as Sophos endpoint, Sophos XGR, Sophos ZGR.

The documentation can improve with Sophos XG. This will allow our network engineer to work better with the solution. Additionally, they can improve the ability to filter down devices. Recently we were faced with a challenge where we needed to restrict mobile phone users on the network but we realized that we couldn't do this with the solution. 

Recently I was looking at the Cisco Meraki solution, to see what it can do in terms of capacity. There's one feature that stood out to me, and that feature has the ability to implement some policies. Organizations need to have security policies in place. I would like the ability to create policies.

I have been using Sophos XG for approximately two and a half years.

We have approximately 60 people that are working on Sophos XG. However, the number is higher because Microsoft Azure routes every customer through the firewall. We have multiple layers and the traffic passes through Cloudflare and then gets directed to the Sophos XG on Microsoft Azure. The Sophos XG on Azure does all the filtering and routing to the private IP, allowing us not to use the public IP.

The DMs are private, and approximately 14,000 customers  pass through the Sophos XG and Microsoft Azure

The support from Sophos XG is very good. We can easily relate to the support.

I would rate the support from Sophos XG a two out of five. You cannot have good support without good documentation.

If you look at the software environment now, anywhere you go, you see the documentation for everything that has been done. Sophos XG has documentation, however, you should not need to have a certification to be able to understand it.

I have used Sophos Cyberoam previously.

If we had better documentation we would be able to implement Sophos XG better for the organization's exact specifications. When you have already come up with your networking strategy, presented it to the company, then you find out the new framework doesn't conform with the organizational strategy. You have to start going back and receiving approval for a new strategy. However, you are not even sure what the strategy is going to be with the new framework, because everything has changed. Most of the automatic resources stop working.

There is a high chance I do not even know why it is not working or what the major issue is. We have realized the package wasn't switching and we did a lot of troubleshooting for almost a week to understand why. We switch over to our old firewall, then we finally understood that it was something that has to do with the new 18.5 firmware in Sophos XG. Immediately we switch back to the old firmware, this fixed out problems we were having at that point.

I would rate the implementation of Sophos XG a two out of five.

The initial deployment was done approximately three years ago and it was done by a third party because of some complex considerations, such as the VOIP Gateway.

However, since the initial implementation, we have been managing it by our own in-house network engineers and every modification to the network has been done in-house.

We have three network engineers, that work on the solution and the network. They can manage all the features and securities. The amount of people needed to maintain the solution depends on the organization's architecture. 

In information security, the only way you rate ROI is by the level of information you're securing. I will ask myself how much is the information I'm securing is worth? The worth of what I'm securing will determine the amount of cost that I'm spending on the information secured. If I were to judge it that way, the ROI is high. 

I would rate the ROI of Sophos XG a five out of five.

We pay for two licenses for the use of Sophos XG annually and it is a flat fee. We do not have everyone going through both of the Sophos XG firewalls a the same time and the Sophos XG on Microsoft Azure is only accessible from the VPN.

Sophos XG has changed its pricing model for extreme protection.

I rate the price of Sophos XG a two out of five.

When we were evaluating other solutions we looked at Barracuda and it had an old GUI. This was an issue when we were making decisions between Barracuda and Sophos XG.

The solution has served its purpose in my organization.

I rate Sophos XG a nine out of ten.

This product is our firewall that protects our connections from the internet. It controls access for our employees when they want to access streaming media websites such as YouTube.

It controls the connection to our resources that originate from outside of our infrastructure.

We use it to monitor users and their activity including which websites they visit and what portals they use.

This product is compatible with my business and our market.

This Sophos product has a lot of features included.

This product does load-balancing between our connections. This is helpful because our infrastructure in Egypt is not stable and it requires several connections to achieve the required performance.

Sophos Control Center is a good feature. We can monitor everything from the control panel.

It can be used to create a VPN connection between users and our server. 

The performance and speed of the appliance are good. I have also tried the software deployment, without the appliance, and it was also good.

The VPN features can be improved. Due to covid-19, we have a lot of employees that work from home and we need better VPN capabilities.

We would like to be able to override policies set by the country. For example, VPN is banned in Egypt. If we could bypass this then it would be helpful because it would allow us to distribute our connections, or services, to other sites. 

After upgrading from version 17 to 18, not everything is in the same place in the interface. For example, the firewall rules are in a different place. Consequently, my IT team department cannot understand the portal and find it not user-friendly. They were used to the previous version.

Better training should be available because there is nothing on the Sophos website to assist with setting up VPN connections or VPN SSL certificates. For instance, there is nothing to explain how to configure the DDNS.

We have been using Sophos XG for between six and seven years, since 2015.

This product is usually stable. In the past few days, I have found problems where some services are not stable. This is something that I have used the portal to submit a ticket for.

We have 90 people working on the network concurrently. Combined, they have between 300 and 350 open sessions.

When the size of our staff increased, we purchase another appliance to expand our infrastructure. Beyond that, I haven't been able to test scalability.

In addition to the recent ticket I created for technical support, I keep in touch with them. The support is okay.

Previously, we used the Microsoft TMG firewall, and I have also used Cisco ASA.

I already had some experience with Sophos and firewalls. The first time I attended a Sophos event, I made a deal with Sophos and they helped me learn how to transition from TMG.

The user interface with Sophos is easier to use. For example, Sophos makes it is easier to create firewall rules for a VPN connection to the outside. With the other vendors such as Cisco, the process is more complex. 

Fortinet is also a top firewall provider but I recommend Sophos because it is more stable. I have limited experience with FortiGate.

The initial setup was easy. It was not complex for our IT department but you need some technical knowledge to do things such as creating a VPN connection between two endpoints, either site-to-site or site-to-client. You should also be familiar with SSL certificates.

The setup took between two and three hours, and after that, we had to prepare our network connections. It took two days in total.

No maintenance is required for the appliance.

We used a system integrator to assist us with the transition from TMG to Sophos.

We pay licensing fees of approximately $2,000. We have a contract for three years.

The vendor is very professional when it comes to firewall products. Aside from the issues with the VPN, It has all of the features that we need.

My advice for anybody considering this product is that the result depends on your country. In my country, there are a lot of problems with ransomware and viruses. Sophos has already helped to mitigate and stop issues such as these on our network. It is the best firewall on the market.

I would rate this solution a ten out of ten.

I primarily use the solution for managing my firewall. I'm managing my internet and my laptops in my company. I'm a personal domain controller. I'm tasked with blocking some websites with it and I'm managing my updates through it. I'm basically controlling the flow of the internet through it.

I block a lot of sites. I'm controlling the flow of the internet directed to Office 365 so that people can use it easily and fluently. They can upload and send emails easily without hassle and without accessing the internet. I'm also controlling Teams, Zoom, and other stuff for chatting online. Without this solution, I would have no control.

Content blocking for websites is the most valuable aspect of the solution. A lot of employees always want to use Facebook and other non-work-related sites. I'm always blocking that.

The initial setup is easy.

The stability is good.

Scaling is not an issue. 

The reporting needs to be much better. Sometimes I have a lot of trouble understanding what they mean.

Sometimes it misses websites. For example, websites the users shouldn't be able to enter, or sometimes these websites are not shown in this log viewer. It's just occasional misses here and there. 

Technical support could be more responsive and quicker in getting to a solution. 

I've been using the solution for at least three years now.

I have found the stability to be very good. There have been no hiccups, no restarts, nothing like that. It doesn't hang and there are barely any bugs. 

It's my understanding that they have a solution called RED, and I can upgrade it with another one to make a VPN between them. I haven't tried it yet. I'm looking at it as I have another office. I want to research scaling and have the offices together. From what I have seen, it will be easy.

Right now, we have about 50 users and 10 VPNs. That includes everyone from financial and procurement managers to the CEO, chairman, and HR department, and other operations staff.

We don't have any plans to increase users right now as we haven't increased in population, in employees number. That said, I use it a lot every day. I have to manage my firewalls through it.

In my experience, technical support takes a while to get things done. In the past, I stuck with them for a while. It took about three weeks to serve us up a solution. I don't remember what the problem was as it was a long time ago. It might have been something about the subscription or something like that. What I do remember is it took a very long time. 

I had a previous firewall, and I just swapped it out. I didn't have to change anything about my network. We previously used a firewall called MikroTik.

With MikroTik, its GUI was very bad. It's very old. Everything was manual. There were no tutorials and it was open-source. You had to search for yourself and do everything yourself. There was no support even from the company.

It was really easy for me, to be honest. The initial setup is very straightforward and simple. It's not overly complex. I had a firewall before that, so I knew what to expect. The implementation was done by a company that I bought this from. They installed it for me. It took about an hour and a half, or something like that. 

I can't recall how many staff covered deployment. The deployment happened three years ago now. 

I didn't need the assistance of an integrator or reseller. 

The solution has saved me a lot of time and enhanced my workflow for my company. It enhanced employees' work time and enhanced the internet connectivity for emails. On top of that, there was no downtime with the internet. That was the basic ROI we've seen.

The subscription for this product is yearly. The last time I bought it two years ago it was about $2,000. There's just a subscription fee. There aren't any other costs. 

I also looked at Fortinet, however, from my research, I was told that Sophos had better reporting. With Fortinet, you have to buy a server to handle reporting. With Sophos, this is unnecessary. 

I'm a customer and an end-user.

I'd rate the solution at an eight out of ten. 

We primarily use the solution as our firewall.

I'm able to have very granular control over my organization's input and output data that goes in and out of our networks.

The firewall portion of the solution is the best part The rest is really just fluff. 

The initial setup is straightforward.

We have found the stability to be quite good.

User management is the area that, by far, needs the most work. The way that they try to transparently utilize user groups from the active directory to the Sophos firewall is outdated.

I'd like to see them do a little bit better of a job with the content filtering. It has content filtering, however, it rarely works. Sometimes it just fails altogether. I'd like to see a better job done. 

I'd like to see better reporting. While the logs are great, the reports are not.

I've been using the solution for six years at this point. 

The stability is great. There are no bugs or glitches and it doesn't crash or freeze. It's a reliable firewall. 

The product is super scalable. If I had a giant organization, I'd have no problem putting the Sophos firewall in.

Right now, we have 155 on the solution. That's everyone from support to upper-level management. 

We use it every day.

We just recently upgraded. I have no reason or need to upgrade for years to come and therefore don't plan on scaling anytime soon.

Technical support is fairly good. It's a pain to get ahold of them, however, once you get them, they're very thorough.

The only thing that s not so great is that sometimes they try to force me down to my reseller, whoever their partner is. I always have to make up a lie and say I already tried and only then will they help me. Besides that, it's not bad.

I previously used Cyberoam. We really switched as Cyberoam was bought out by Sophos.

The implementation process was pretty straightforward. Learning the ins and outs was a little complex. How, in terms of just getting it set up, I was able to get it set up in a couple of days.

Overall, the deployment took about three days. My strategy was, basically, going from my old Cyberoam to my new Sophos. I just copied each rule individually and tested them. Then I ran them in sync with each other for a couple of weeks. When I realized there were no problems, I pulled the Cyberoam out.

We have three people on staff that can handle deployment and maintenance responsibilities. I've got a system admin, myself, and a help desk/content specialist.

I did not use an integrator, reseller, or consultant for deployment. I handled the process myself. 

From an ROI standpoint, the product I had before, even though they were basically the same thing, I found I was spending a lot of man-hours with it and calling support a lot and actually having to pay for support on the previous model. 

With this firewall, I rarely have to call support. When I do, it's free of charge. The ROI is 100% there. It might be a little more expensive up front, however, the quality is there for a medium-sized business.

The licensing is based on a multi-year contract. It's a bit higher, in terms of price than other options. The billing process is pretty simple and straightforward. they don't have a complex licensing setup. 

I evaluated all the big players out there before choosing Sophos. I likely evaluated seven different options.

I'm a customer and an end-user.

I'd advise those considering this product to stick with it and stay away from the fluff. For example, the Sophos Anti-Virus is not worth it. 

The firewall is fantastic. Definitely take their firewall courses, as there are going to be a lot of tasks that you feel should be easy and they're not. There's going to be a lot of troubleshooting. I've been working on it for five years and I still catch myself sometimes trying to figure out why a certain rule doesn't work doing this or that. Definitely take the training. I would highly recommend staying away from the other products.

I'd give the product an eight out of ten for a score. It does everything I need it to do. The user interface is very modern. It works. I was able to figure out some very advanced things. Even though it has a modern interface, I like the fact that I can always go into the console and it's a Linux box behind the scene - which is very nice for when you're trying to do very advanced tasks. For the most part, it was plug-and-play. The setup was really easy. The support is fantastic.

I enjoy synchronized security, where you have to synchronize both the firewall and the endpoint. When I deploy a firewall, I integrate it with the endpoint so that they can send the security heartbeat from the endpoint to the firewall. In the Sophos firewall, there's deep inspection, which works quite well. Sophos has the web application firewall inbuilt. This is unlike other firewalls, where you have to integrate with another standalone web application firewall. Being inbuilt in Sophos, you just have to configure an application so that it's more of a policy, and you're good to go. It's pretty simple in terms of the user. 

We've deployed quite a number for our users and our customers, and the feedback is quite positive in terms of management and also administration.

The technical support is pretty good. 

The initial setup is easy.

There's quite a number of items on offer. When you look at Gartner, it's doing well. The uptake in the market has been wonderful and currently, it's competing with other top firewalls such as Check Point, Fortinet, and Palo Alto.

XG is at its end of life. People are moving to XGS. With those changes on the horizon, a client might end up in, maybe 10 years, having four or five appliances, which they might not use. I don't know what Sophos is doing to maybe change this. Right now, we've moved from XG to XGS.

Another feature, which might be good and which other vendors are maybe exploring is the NAC. Sophos doesn't have a NAC solution. 

Maybe they can improve on their WAF. Currently, they have the inbuilt. 

They could work on their SD-WAN solution. I have seen it. It's not that competitive compared to other vendors. We've had some device issues.

I've been dealing with the solution for the last four years.

In terms of when it's in the network, it's stable compared to other firewalls, where I have had some issues. I had a case with another firewall, which the client changed to Sophos and it was not that stable as the client had to go and actually restart the firewall. The challenge comes in terms of stability when, let's say, the engineer doing the scoping does the round-sizing for the firewall. This causes the IPS to become overloaded or overworked, so it disconnects the traffic at the port level. In terms of stability, I might say sometimes we might experience challenges maybe when the sizing is not done correctly. That's why we might experience that disconnect at the interface level where the internet gets disconnected, however, that's the case of sizing, not the product itself. In terms of stability, it's stable in the network.

In terms of Sophos' support, they have been wonderful. I had a device issue and I found the return policy to be quite simple. 

Their technical support is pretty straightforward. When you raise a ticket, the feedback is immediate, and you are assigned a support person. It's been a wonderful experience.

Even to the end-user, it's a pretty straightforward system that they have. A user would just log into support.id, then key in their credentials and raise a support ticket. It's pretty simple.

I'm also familiar with Check Point, FortiGate, and Palo Alto. We also used to use Sonic Wall, however, we've moved to Sophos.

The initial setup is pretty straightforward. It's not overly complex.

I've compared Check Point, CloudGen Network Security, and Sophos XG previously for clients. Not being biased to any vendor, normally, in this region, what normally happens is the budget. You might recommend Check Point to a customer, however, Check Point is a bit expensive, so you might end up losing the deal. What you would recommend, is Check Point as the Quantum, as the firewall. Sophos is doing quite well in terms of the endpoint for the workstations and the servers, the physical and the virtual. Likely it would be a good idea to recommend Sophos Security. That said, if the client has the budget, you'd recommend Check Point as a firewall. It's always good to do a bit of comparison and advise the client as to what is best for them.

We've actually deployed and supported quite a number of the products, from XG105 to XG3430.

Sophos is on-prem mostly, however, now there's another product for Sophos, for the endpoints, which is cloud-based.

I'd rate the solution at a ten out of ten. It's one of the best products. We have deployed quite a number of them - almost 20 - and I've not seen any of my clients complain.

My clients are mostly based in the government. They are my core clients. I install the solution for my clients.

The solution is very easy to use. 

Of course, we have the skills, however, it's very easy for us to deploy the solution. That's one of the valuable features. 

They have a communication between the endpoint and the firewall which is very, very useful for security purposes.

Pricing is now pretty good. They changed the pricing structure a few months ago.

The initial setup is pretty easy.

The integration could be a bit better. They need to allow their solution to integrate with other products and not just other Sophos solutions.

Sophos has a feature that in my opinion is very limited. They don't have enough VPNs on their models. They have the XG 750, which is a sizeable appliance. On those models, they used to have not enough VPNs. They always were short on that area. 

Pricing used to be very bad, however, they've adjusted their strategy recently. 

The product needs to improve its marketing in Mexico. It's not a well-recognized product in our country.

The solution's technical support is very bad.

There is an overall lack of documentation in relation to features and capabilities. We need these to help explain aspects of the solution to our clients. 

I've used the solution since around 2014. I have about six years of experience at this point. It's been a while. I've definitely worked with the product in the last 12 months.

The solution is quite stable. There are no bugs and glitches. It doesn't crash and freeze. It's quite reliable. We don't have problems with it.

The solution is very scalable. It is not a problem. Sometimes we have issues when we are trying to do something with a different traditional version of hardware as sometimes the new hardware has more ports. However, if we are talking about scalability in a huge customer, we can do it very easily. 

Mexico is very different than other countries and continents as here, when we say it's a big customer, we are talking about 2,000 to maybe 3,000 users. There aren't too many large-scale operations in the country. However, in general, for our area, we tend to deal with large-scale companies.

For a company that has maybe 1,000 users, Sophos seems to work very well. We have one operation with 10,000 endpoints and it is working quite well.

Technical support from Sophos is very bad.

Sometimes we lose a project due to the fact that we need to solve some issues or answer questions. Things that may be technical but also involve the administrative side. I'm talking about licensing and the capabilities of the feature. We need some documentation, something we can show clients. They can better in those cases. They can either help us or supply us with what we need. 

In response time, they are terrible. In the area of technical knowledge, they are getting better, however, they aren't where they need to be. Right now, we are not satisfied with the level of support provided.

The initial setup is not complex. However, here in Mexico, it's very complex to sell the product. The brand is not as well known.

That said, the process is pretty straightforward. 

The deployment times vary. It depends on the end-user and what they need. Sometimes, it's easy as they don't have too many policies. The more policies they have, the longer it takes.

In other cases, clients may have a lot of VPNs. We have to work on those VPNs, and we have to do a lot of routing. However, that depends on the customer. Not all are like that.

For one appliance, you just need one person for deployment and maintenance. If we are working a lot of VPNs, we would have to use more people. We need to involve maybe two or three individuals and re-apply the configuration in that case. 

We handle the installation process ourselves. We do not need the assistance of consultants.

The pricing has recently changed on Sophos. Their licensing and cost structures are much more clear now. It's much better than it was.

Clients, in many cases, evaluate for Check Point, Forcepoint, and sometimes Fortinet. Occasionally, they may look at SonicWall, or Palo Alto however, the others are the main big competitors. 

Palo Alto is very expensive as are Check Point and Forcepoint. That's why we sometimes win the projects. We find Fortinet, is very, very hard to beat as they have a lot of market share, have a lot of marketing. Sophos doesn't have that presence, that marketing. Also, when you have to think about prices, Fortinet gives customers everything and it's hard to beat.

The biggest issue I've found with Sophos is the small number of VPNs that we can do compared to a similar appliance with Fortinet or in the same level center. In fact, many other brands offer more VPNs than Sophos.

I'm a Sophos reseller.

We use multiple versions. We have worked with XG 460 and XG 135 and some others -such as XG 230. In those cases, sometimes it has been Rev 1 and in other cases Rev 2 in terms of the hardware versions.

I mostly work with on-premise deployments. The only item I have installed in the cloud is an email solution by Sophos.

I'd recommend the solution to other organizations. Overall, I would rate it at a nine out of ten.

I use the solution in my company as an edge device on our network.

The solution's most valuable feature stems from its ability to protect our organization's web servers.

In Sophos XG, the throughput for larger networks is an area of concern where improvements are required.

I hope the product comes up with some better prices and offers for the tools provided to academic institutions.

I have been using Sophos XG for two years.

Stability-wise, I rate the solution a six out of ten.

Scalability-wise, I rate the solution a seven out of ten.

There are around 200 to 300 users in our institution.

Though our institution plans to increase the solution's use, we are unsure about the vendor we want to approach.

I rate the product's initial setup phase a seven on a scale of one to ten, where one means it is a difficult process and ten means it has an easy setup phase.

The solution is deployed on an on-premises model.

The solution can be deployed in two to three days.

The product is expensive.

My company considers Fortinet as an option against Sophos XG.

The product has improved network security for all the networks in my organization. The product also offers endpoint security since my organization has been using the anti-virus software from Sophos for the past ten years.

Sophos XG's interface is very user-friendly.

The performance of Sophos XG's VPN to meet the organization's remote access needs is an area that cannot be discussed due to security concerns. Though the product can meet our organization's current requirements, we are considering alternate solutions since we have plans to improve our network.

The reporting and analytics functionalities helped identify security incidents in our company.

I recommend the product to those who plan to use it because it is easy to manage and solve network-related problems.

I rate the product a seven out of ten.

Sophos XG has greatly strengthened our network security and threat management. Its integrated EDR capabilities and seamless integration with firewalls, along with additional services like their NOC services, provide a comprehensive solution. With all these features working together, it is a complete package that ensures robust security for our clients.

One feature of Sophos XG that I found incredibly beneficial for threat prevention is its endpoint protection. It monitors all activities on our devices and effectively blocks any harmful files from infecting our machines. It has been a game-changer in preventing troubles for our customers.

While Sophos XG is a great product overall, there could be some room for improvement in its pricing since my clients usually feel like the product is on the expensive side.

I have been working with Sophos XG for five years.

Overall, the solution is stable, and we rarely encounter glitches. Any issues that arise are usually related to Microsoft updates rather than the Sophos software itself.

I would rate the scalability of the solution as an eight out of ten. The clients I work with who use Sophos are typically small enterprises.

I have worked with other firewalls like Cisco and Fortinet over my 20 years of experience. Comparing Sophos to other solutions, I have seen significant improvements over the years. While it may not have been the easiest or best software three years ago, it is continually getting better with updates. Overall, Sophos is moving in the right direction, becoming more competitive with its counterparts.

Installing Sophos XG is straightforward and typically takes around one hour for configuration, excluding the physical setup. Usually, only one person is needed to complete the installation and configuration process. It is quite easy to maintain it.

There was a time when our network faced a sophisticated malware attack that bypassed traditional security measures. However, with Sophos XG in place, it quickly detected and mitigated the threat before it could cause any damage. The seamless integration of software and hardware ensured there were no vulnerabilities or gaps in our defense.

The interface of Sophos XG is user-friendly and suitable for new users. It is continually improving, with updates addressing any issues promptly. 

Deploying Sophos XG has led to noticeable improvements in network performance. 

Overall, I would rate Sophos XG as an eight out of ten.