Sophos XG Room for Improvement
There is no specific features request right now really. I see that all the features that Sophos is implementing and is proposing on the market follow exactly what the market is asking. It's difficult to identify something that is missing compared with what the market can ask as one of the most important things that Sophos does is have the capability to anticipate in a certain way what the market expects. As a leader on the market, they tend to have the solution just before the market is asking them for it.
The solution could offer a bit more integration with other systems, with other platforms - just to be able to extend the capability and to interface with other kinds of platforms or systems that I can find on the market as it gives the possibility to improve the level of integration.
Their support is fairly good, and they come back to me. I've had an issue once or twice where I couldn't understand what the support person was saying because those calls were probably routed to India. They were a bit difficult to understand, but it is generally not an issue.View full review »
I think Sophos XG can improve some annex features. Like in DHCP, we can't make IP reservations in the range. We must reserve out of the range, which is not good. It will not be the same as the DHCP function in a Windows Server. We can't make an IP reservation in the range of the DHCP in the Sophos.
Better in the next release? I hope...
Sophos can also improve the debugging of the WAF function and provide a better resolution in the log, in the attached WEB log. The initial error doesn't appear. You must tail the console log to find the source pattern, cause of the error.
The integration could be a bit better. They need to allow their solution to integrate with other products and not just other Sophos solutions.
Sophos has a feature that in my opinion is very limited. They don't have enough VPNs on their models. They have the XG 750, which is a sizeable appliance. On those models, they used to have not enough VPNs. They always were short on that area.
Pricing used to be very bad, however, they've adjusted their strategy recently.
The product needs to improve its marketing in Mexico. It's not a well-recognized product in our country.
The solution's technical support is very bad.
There is an overall lack of documentation in relation to features and capabilities. We need these to help explain aspects of the solution to our clients.
Pre-sales manager at National Information Technology Company
We always strive for more features.
We could see the bandwidth use right away with the prior version, which was the SG version. The current bandwidth consumption is no longer shown in the XG and XGS.
They are nearly a complete solution. However, they are missing this feature with the ability to view the current bandwidth usage. We have requested this, but have not had a reply yet. It was in SG before but it was removed in XG.
In terms of the product, from the way that we have been utilizing it, we have noticed that the vendor has been able to continuously upgrade and upgrade and update the product with new features. You'd find that all the time a new release has come out, and we're actually happy with that. We don't find it inconvenient that we are constantly upgrading.
I can't think of any downsides in terms of the features on offer.
I'd like the dashboard to be improved. It could be a bit more customizable.View full review »
Tech Doctor at a recruiting/HR firm with 11-50 employees
I'm just a sole proprietor for IT support, and from my perspective, there could be better ways to educate a proprietor, such as myself, on how to set it up, program it, and manage it. They do tend to have support, but a lot of times, it is for larger networks. I need something simpler and more rudimentary to set up and configure the firewall, set up the rules, and that type of thing. So, if there is a missing component there, that would be it.
Any firewall will need rules for how it protects the network against a variety of threats or various degrees of protection. My comments are not aimed at Sophos specifically. As a new person just learning about firewall protection, it would be helpful for any vendor to have an education area that runs through various scenarios and implements them in the firewall. Videos would be helpful. From my initial research on which firewall to choose, Sophos appeared to have the most straightforward interface.
I purchased the units from www.firewalls.com, and they worked with me to do the initial setup. That was very helpful to get startedView full review »
Manager of Information Technology at Sundown M Ranch
User management is the area that, by far, needs the most work. The way that they try to transparently utilize user groups from the active directory to the Sophos firewall is outdated.
I'd like to see them do a little bit better of a job with the content filtering. It has content filtering, however, it rarely works. Sometimes it just fails altogether. I'd like to see a better job done.
I'd like to see better reporting. While the logs are great, the reports are not.
They can improve all indicators, all KPIs, all the scores, the consoles, and the monitors. These are all areas that need improvement.
These areas need to be more clear for the customers. You have to have good experience working with Sophos to know how to get to the forums and to get to the information that you want from the beginning.
It is complicated to get the reports if you are not experienced with Sophos. For example, if you want to get a report on what the firewall is doing, you have to be a very experienced engineer.View full review »
IT Manager at Saknafta Egypt
The reporting needs to be much better. Sometimes I have a lot of trouble understanding what they mean.
Sometimes it misses websites. For example, websites the users shouldn't be able to enter, or sometimes these websites are not shown in this log viewer. It's just occasional misses here and there.
Technical support could be more responsive and quicker in getting to a solution.View full review »
XG is at its end of life. People are moving to XGS. With those changes on the horizon, a client might end up in, maybe 10 years, having four or five appliances, which they might not use. I don't know what Sophos is doing to maybe change this. Right now, we've moved from XG to XGS.
Another feature, which might be good and which other vendors are maybe exploring is the NAC. Sophos doesn't have a NAC solution.
Maybe they can improve on their WAF. Currently, they have the inbuilt.
They could work on their SD-WAN solution. I have seen it. It's not that competitive compared to other vendors. We've had some device issues.
The VPN features can be improved. Due to covid-19, we have a lot of employees that work from home and we need better VPN capabilities.
We would like to be able to override policies set by the country. For example, VPN is banned in Egypt. If we could bypass this then it would be helpful because it would allow us to distribute our connections, or services, to other sites.
After upgrading from version 17 to 18, not everything is in the same place in the interface. For example, the firewall rules are in a different place. Consequently, my IT team department cannot understand the portal and find it not user-friendly. They were used to the previous version.
Better training should be available because there is nothing on the Sophos website to assist with setting up VPN connections or VPN SSL certificates. For instance, there is nothing to explain how to configure the DDNS.View full review »
Chef IT at a healthcare company with 51-200 employees
Training on the devices is an area that needs improvement. Their training mechanisms are not perfect, and this is where you lose a good appreciation of the product.
The documentation for implementation is not good. For example, when you look up the details on a firewall rule to validate it, the details are not there.
If you click on the help file, they say a zone is an area where you can define specific logical network areas. This is where they stop, with nothing more. If you want to go further into the concept of it, which you know there is, you have nothing. Then you have to revert to the internet and go onto newsgroups to try to see if anybody has had your type of experience. Then you find someone, they explain it to you then say, "Oh, it only makes sense". So, then when you want to implement this, it's much easier at that time. So, that's the best-case scenario that I can explain.
There is an area that is very specific to our setup, where working tools you cannot easily establish a VPN between two internal networks.
When you want to establish a VPN with different wizards, they assume that you're always going through your internet link.
If you want to create, with the zero-trust concept, which is where you don't trust anybody or any device, you want to make sure that everything on your network is segmented and everything is relative, depending on its flexibility, behind its firewall or a firewall segment. At some points, you might want to establish VPNs between certain network segments.
Since you cannot establish VPN tunnels from the Sophos interfaces, plus if you are doing something that's going through the internet, then you lose flexibility.
Currently, let's say we have a factory V-LAN and you don't want anybody within the factory V-LAN to be able to connect to another unless it is to a specific V-LAN, and you want to use VPN technology, you can't do it because you can't establish the connection again between two internal interfaces.View full review »
When it comes to improvements that the vendor can make, we see that the cloud integration for managing all the firewalls is essentially a replacement of the on-prem version we had. It's not mature yet, being still in its infancy stage. That would require some improvement. As I have many firewalls, having the ability to delegate access to use, such as exists with Microsoft CSP or other services, would be a nice feature to see.
Also, as a tech person, I know that executives do not wish to receive complicated reports, so a simplified executive report for executives would be a nice improvement. This would save us from having to explain issues which are beyond the scope of their knowledge.View full review »
The solution really needs some additional features like network access control. If they could incorporate some user profiling and present the analytics of the login user usage patterns, or a typical proper management dashboard to take a decision on the firewall rules, that would be useful. Basically, MI's and the dashboard could be more user friendly. The information is there but the dashboards are not in a graphical format. In short, I'd like to see network access control, user profiling and analytics dashboards. It would make the solution a more competitive product on the market.View full review »
It would be helpful if they had a set of standard templates because it would assist in the beginning, when you are just getting started. They do have a template, but I mean specifically for different use cases. For example, an existing template for setting up a web page would suggest what kind of security we need to have in place. They do have help menus and videos, but additional templates would be useful.View full review »
Senior Network Architect at Virtua Technologies
What I don't like about Sophos is that applying policies can sometimes take longer, and there can even be a bit of a network interruption. With FortiGate, it's just one click and then you go, but with Sophos, sometimes the wheel keeps spinning for several seconds.
The SD-WAN capability is not as good as it is in FortiGate, and is something that should be improved.View full review »
In terms of improvement, I think the UI could be faster. Sometimes the system freezes and there's a lag. It seems there were some issues with the firmware but it's not a big problem. The user interface could also be improved. It would be great if they could include a little bit more bandwidth management. If they would integrate FatPipe into their product, it would be closer to what Fortinet does.
Technical Presales Consultant/ Engineer at a wholesaler/distributor with 10,001+ employees
I would like to see the technical support improve. They have the worst technical support I have ever seen in my whole life.
The initial setup, specifically when activating the license, is a nightmare and is quite difficult.View full review »
Dipl. Ing. at a tech services company with 11-50 employees
Recently, I've had a problem with updating firmware. Updates should be more stable . The last update I did was not successful and ended in a unusable device. Also the support case i opened for it could have been more effective.
I don't use all of the features and therefore it would be difficult to evaluate if anything is missing.View full review »
Software Engineer at a tech services company with 201-500 employees
I don't see any drawbacks to this solution at the moment. I know of other products that have more features and are more advanced stages, but ultimately, an organization's choice of software depends on its budget. If you have a small amount of money and you want to secure your network, Sophos XG can provide you with network security. Sophos ZG is a mid-range solution. There are solutions that are above it in terms of features on the market, but they cost more money.
They could work on their technical support to make it more productive for the end customer. Some of my friends and colleagues have had unfavorable experiences with the tech support taking too long to close their ticket. However, I opened two cases this week and both have been resolved.View full review »
Consultant at a tech services company with 51-200 employees
Everything is working as expected at this moment, but the anti-spam solution in Sophos XG needs to be improved. It needs more granular features and more stability. The anti-spam solution currently doesn't have many features, and we would like to have more features. At this moment, there is no expression filter for anti-spam. We need something to be able to filter subjects or attachments in emails based on the keyword. Sometimes, there is an issue with anti-spam, and Sophos XG suddenly stops processing incoming or outgoing emails. The only solution for this issue is to restart the appliance.
Their support should be improved. It takes a long time to escalate a support case from level one to level two.View full review »
IT Manager for Network and Security at a religious institution with 51-200 employees
The SD-WAN could be improved. It is not yet full-blown; it's only basic, really. They need to move on with the algorithm on how the SD-WAN works, and how it works in comparison to other brands of SD-WAN. Sophos should study those algorithms on how they do the SD-WAN to learn a few things that may help them build out their own solution.
We feel that the GUI can be improved a bit because it has a lot of information and looks a bit outdated.
Nowadays, you hear a lot about next-generation firewalls, so some additional features can be added from an EI perspective. Products like FortiGate, for example, have a lot of features apart from the basic firewall.
We would like to see integration with existing IPAM and IDAM products.
In the future, I would like to see new kinds of automations, as well as the inclusion of artificial intelligence-related features. A lot of other firewalls already have these now.View full review »
CTO at MEDWIZ SOLUTIONS
Unfortunately, there are quite a few negatives with them.
Their tech support is not great.
The features on offer are lacking.
Basically what they don't have is proper bandwidth management for multiple WAN ports and multiple WAN ports to multiple VPN WANs. Meaning, if I have it on both sides on both the main side and on the secondary side, two internet connections, I can't bond the two of them together into a single VPN and have bandwidth managed between the two of them.
If I want to go ahead and make a VPN, right now, I have two internet connections on each side. I have to make a failover a group of four VPNs for it to go ahead and failover between them.
You're getting into a lot of rules. It's a lot of extra rules, et cetera, that has to be done. They don't have simple pointing systems where you could go ahead and make rules saying, "Hey, here's the route". They're not fully route-based VPN rules yet. You literally have to take down all the routes all over the place in order to make updates. It's tedious.
Basically, we had the problem where we moved certain ranges from one data center to another data center. It took us about an hour of downtime to do that. We had to go ahead and we had to reset VLANs and we had re-setup all the VPNs in all the different places we reconnected. We don't have two sites, we have 25 sites. It was a lot of work.
Service Delivery Engineer - Network Security Lead at a tech services company with 51-200 employees
I have not used their SD-WAN product or the SD-WAN feature, so I don't know how scalable the SD-WAN is. But, I hope just that the SD-WAN is up to par with FortiGate.
The integration is an area that can improve a bit. One of the other solutions that I have used that is highly interoperable is Fortinet. It's easy to integrate with other products.
Sophos can definitely improve with the interoperability between solutions.View full review »
Gerente de Atendimento na Introduce at a tech services company with 11-50 employees
The main problem with Sophos XG today is that it doesn't have a feature where you actually know the quality of an international link, which would allow us to we know if the link is operational or not. We need more information. It's losing packets on the network. It's high latency. So, we need more information to know if the link is really bad or really good, and today, we only know if it's working and this just isn't enough.View full review »
Networking Engineer at a comms service provider with 1,001-5,000 employees
We are having challenges with social media because ever since this issue of COVID-19 came into existence, the idea of using online discussions has become relevant. Before this, they were not made the priority because they were not considered to be important. Now, we've discovered that we need to use a lot of these online applications.
We are having challenges when using Zoom with Sophos XG deployed. Our wireless network is not stable through the connection. More work needs to be done there, since the FW is doubling up as a wireless controller.
I would like to see improvements made to the display and visibility. I'm also using Sophos XG firewall as our wireless controller, but as it is now, I can't see my access points on the firewall. My wish is to see the Wireless network and reports also on this firewall cum- controller.View full review »
IT support officer at a wholesaler/distributor with 51-200 employees
For the moment, managing the Sophos interface is a little bit challenging. We have an external partner that helps me to comprehend. But it's new. It has to keep up with the market, and I understand that. But that's my personal problem at the moment. High-availability clusters have not been implemented, so we have only one firewall and one device. So should this device go down, there's no more internet access. But so far, we haven't had any problems.
I used to work with Fortinet, and sometimes I see that the SD-WAN feature could be better because it's much easier in Fortinet. That area could be improved in Sophos XG as it's too complicated right now.
For example, I remember a case where the routers had to be configured by commands. It's not hard, but you have to read and investigate how to do that. The XG firewall works fine, but you have to read, and it takes some time to do it.
Sophos XG could also improve the floating area. I have more features in Fortinet, more visibility of the networking table, and the networking area. But in Sophos, you have to enter the CLA and display it. It'll also help if they offered more toll booths for VPN like Fortinet.View full review »
Technical support could be improved. They aren't as responsive as they could be.
It would be ideal if we could have a more populated and detailed knowledge base. Generally, the new features must be tested before applying them to the production side. I would like to see more case studies, more application notes, and so on.
We would like to see an improvement in mail management. When passing from FG Series to XG Series, some mail features have been lost. We would like to regain them.View full review »
Information Technology Security Officer at a government with 201-500 employees
Software updates always come with issues. For example, I just upgraded to the next version, 80.5, and it came with VPN issues. It started dropping my VPN users. So, I had to roll back to before the software update. I think that the main area for improvement is the quality assurance of the updates.
The management console is a little bit rigid.
Scalability can be improved.
I think that it performs a little bit slow when it comes to connectivity, and having the speed increased would be better.View full review »
RSI at a logistics company with 201-500 employees
Cyberoam was extremely hard to develop. If this solution makes that process easier, we will be happy.
The solution should be lowered. It would help entice more clients. We'd like to pay a lower price.
We're concerned about the safety of our devices. We are worried if someone manages to hack the firewall, that they will be able to get past other protections and perhaps onto devices. We'd like Sophos to remain vigilant in its protective capabilities and to continuously update its solution to expand its security offering in order to better protect its customers.
It would be helpful if the solution offered some tutorial videos to help new users learn the system quickly.
There should be some trial on offer that allows users to try out the solution and learn it before implementing it.View full review »
Network & System Support Engineer at a tech services company with 11-50 employees
In light of all the firmware upgrades, maintenance, feature and general releases of firmware, I really appreciate the support offered by Sophos. It is really good.
However, the response time could stand improvement, as I do not benefit from immediate support. There is a delay involved. This can be problematic when I need urgent support, such as when my device is in a production environment.View full review »
Sr Information technology consultant at onkar international pvt ltd
When upgrading the firewalls, the process could be easier.
While we do have network control, we don't have network monitoring. If I have 200 nodes and I want to see what's happening, I don't have visibility, especially if people are working remotely.
If we could control roaming users through the firewalls and make it so that it's more of a complete security solution, which we prefer, that would be ideal. If we have to install some clients on these machines, that's fine. The only concern is the DLP. We want to protect our data from being stolen. We'd also like to monitor activities from the perspective of productivity. We want to be able to track and calculate what users are doing on their machines.
CIO at a aerospace/defense firm with 11-50 employees
Its price should be improved. It should be cheaper.
In terms of features, I am happy, and I don't need more features. The firewall is perfect, but the antivirus could be better. It would be useful if the antivirus was less heavy and had better performance.View full review »
The main area that needs improvement is the documentation.
Sophos needs to be a little better at communicating with partners about changes, issues, patches, and so forth.
The weakest point is the technical support because they are difficult to get into contact with.View full review »
System Engineer at a tech services company with 51-200 employees
The solution could be improved if it offered more documentation or at least provided more information about the products themselves. If there was a virtual assistant of some kind that would help clients familiarize themselves with everything, that would be very helpful.
It would be helpful to get some insights into new features so that we are able to relay information to clients effectively.View full review »
Information Security Manager at a recruiting/HR firm with 201-500 employees
We're always looking for the best products and the best pricing. Pricing is always a concern for us.
When they do updates, they could handle them a little bit better. We've only had one problem, however, I do prefer when updates come out a bit quicker. We do the patching and updates and different things, however, in terms of the patch and timing and the criticality of it, it could always be better.
CEO / Managing Director at Infinity Access Technologies Pvt Ltd
With the proliferation of fiber connectivity becoming available at our homes, consumers should not have to go and buy another module for fiber to ethernet converters or another device to get the fiber options. I understand all UTM models should have direct SFP ports available so that FFTH is directly terminated to UTM for better management and uptime.
Over the last six months, we have noticed that the hardware is slow, especially the VPN connections.
Sophos would benefit if they could improve the integration with Active Directory. It does not function consistently and we have to reconfigure it to make it function again.
Integration with IPA, which is like Active Directory for Linux servers, would be a nice feature to include.View full review »
Network Engineer at Spectrum Engineering Consortium Ltd.
We are facing some problems on this firmware version, version 18, that require improvement. We want to improve the email security because it doesn't give proper security with the data protection. Also, our clients are facing some problems where most of the sites which they're accessing are getting blocked. I want to improve those sites, that email security, and the data protection on the Firmware version 18. Also, sometimes it gets frozen and we cannot access it. After we shut it down and restart, then it's perfect. That's a point that we want to improve.
In the next release, I want them to please improve version 18 so that it has more features and is more user friendly and it should have a VRF option.
Head of Software department & Head of Security department at a tech services company with 11-50 employees
I think the management console could be improved. I also find the partner portal difficult to work with because it never functions correctly and it's exhausting to deal with. They should also improve the failover management and the reliability of failover, and there are sometimes issues with the WAF functionality, whereby a number of applications can't be used correctly. Finally, I think the support could be improved because when you open a ticket, there's a long wait time for a response.View full review »
Head ICT at a tech services company with 11-50 employees
I would like to explore network access control. I haven't seen that it is clearly deployed.
It might be something that is already in place, or if it is available on another device.
I would want the level of integration to have another device on your network that is also reliable.View full review »
Senior Engineer at a engineering company with 11-50 employees
Its user interface is a little bit slow.View full review »
Its price should be improved. Its features are pretty okay, but the price is the area where we have to fight more. They should do something about the price structure.
We are in the movie industry. We're a movie distribution company. Currently, we are affected badly by corona, since March of 2020. We are working from home, however, this solution is for on-premises tasks.
The pricing can be high unless you choose a longer contract.View full review »
Nagaraj K N
PPC at EMMVEE Photovoltaic Power Private Limited
I'm not seeing any such things that require any improvement. It's good. From time to time, some updates will come through. It's meeting our requirements right now.
The pricing has gotten much higher.View full review »
The interface could be improved by simplifying it and making it much smarter. I would also like to see an improvement in the diagnostic system graphs. They could be modified to provide individual graphs. The present page has all graphs in a single page and it slows things down and takes more time to refresh and load.
Additional features they could consider including in any update would be symbols and tools. They could also include URL groups and all Office updates, the regular things that people do on a daily basis.View full review »
CIO at a tech services company with 11-50 employees
Sophos XG should improve on the GDPR features involving data protection and encryption. Security regarding data protection is important.View full review »
It would be better if they made their own hardware like Palo Alto and Fortinet. They use their own ASICs and claim it is more secure.
The SD-WAN can be improved. The traffic optimization somehow needs to be improved, or there is a scope for improvement in Sophos XG.
It would be better if they moved towards the cloud side of things. Now a lot of things are moving on to the cloud.View full review »
Categorization or uncategorized websites is an area that needs improvement.
Having a web portal where you could make requests for the categorization of non-categorized items, would be beneficial.
The DLP rules don't cover countries such as Serbia. You cannot make custom rules. That could be added so that we could detect content that is not supposed to leave the company via email, and so that the rules could be customized by the clients.
We only have predefined rules and most of them are not for Serbia or countries from the Region.View full review »
Managing Director at a comms service provider with 1-10 employees
The only area that requires improvement is scalability.
I understand why scalability is difficult in all firewalls. I understand why it is difficult in our firewalls. If you want to scale, you can scale vertically or horizontally. That is the world of scalability. However, you cannot do so for the firewall. It's a forklift, you have to buy a new appliance.View full review »
We recently updated our previous version; now, the security licensing fee is quite high. I don't know if it's a bug in the OS, but it's not been very stable after we upgraded to the latest version.View full review »
In regards to email as an example, if you experience any malware, it is contained in the container but doesn't give you any information about the email, or what is contained in the email. You only have the option to reject it or to release it.
I need to open the email to see what it contains and the value of it before I know whether to access it or not.
Stability needs improvements.View full review »
Sophos XG's user interface has some room for improvement.View full review »
Network engineer at a manufacturing company with 201-500 employees
While it is possible to configure between two of the solution's devices in the same model, the high available usually fails. We are talking about when there are two devices running concurrently. When it comes to the traffic, there is a distribution of load balancing and the upworking. This is what is meant by high availability.View full review »
Network Team Lead at a manufacturing company with 5,001-10,000 employees
It is a very basic and entry-level firewall. It doesn't give very granular control over the traffic. It should have more granular control over the traffic. This feature should be there similar to Palo Alto and Cisco. It should have such advanced features.
Owner at InternetWorld Solutions Sdn Bhd
Support could be improved.View full review »
Firewall Engineer at a marketing services firm with 1-10 employees
Some features are not available on the graphical interface. So you need to return to the command line to solve some issues that are faced by the customer. I used it for enterprise networks, I decided that it is not very good for enterprise networks. There is some issue with its hardware. I have faced two problems and that were resolved by Sophos earlier. They changed the appliance. In other products, I have not seen such problems in the hardware. So I think that the hardware is not heavy duty. You can say it's not heavy duty like other vendors. The performance is not as it says on the datasheet. They should improve the hardware. If they can do that, it would be a very good product.View full review »
Senior Manager, Information Technology at a university with 201-500 employees
The interface should be changed. It should be more user-friendly.
They should also update the policies and statistics because Fortinet is better, but Sophos could grow.
In the next release, I would like to see improvements to simplify the interface and more policy deployments.View full review »
Mohamed Abdel Hassanein
Managing Director at FORESEC
The number of ports, especially on the entry-level appliances, should be increased.
The price of adding ports should be reduced to make it more competitive.
The vendor needs to create materials to show the differences between Sophos products and those from other vendors.
Network management needs to be included in the package.
As it is now, it only supports ten multiple users, which is something that should be increased.View full review »
Creative Head/Director at a marketing services firm with 1-10 employees
The solution is very slow in comparison with SonicWall and FortiGate. It should have faster performance.
The installation could be faster and is longer than that of other solutions, lasting more than a month instead of five minutes.View full review »
Cyber Security Engineer at a tech services company with 201-500 employees
This solution could be improved with more effective bandwidth. I found that when I enable DDoS detection for our clients, bandwidth is reduced. If DDoS detection is disabled, the bandwidth will be high, but it isn't secure. We recommend that customers enable DDoS detection, but if they need high bandwidth, we recommend Palo Alto and FortiGate instead of Sophos.View full review »
The cloud support needs to be improved. As it is, they only have support for Microsoft Azure. They should expand it to include providers like Amazon and Alibaba.View full review »
The security of the solution could be improved by making it more intuitive and it should have a background reputation service for classification of websites for content filtering. It's a service which defines the type of websites enabling me to do my content filtering in a much more effective and efficient way.
They really need to include some kind of a client app for mobiles so that firewalls and all the metrics can be accessed directly on the phone; some kind of administrative application on the phone, maybe on an iOS or Android.
Technical support can be slow to respond, which is something that should be improved.
In the future, I would like to see the addition of artificial intelligence for identifying and controlling traffic.View full review »
Our clients use Karios, and while it integrates well with it, the integration could be improved.View full review »
Network Administrator at a construction company with 51-200 employees
Network Security Administrator at a comms service provider with 501-1,000 employees
The first area that needs to be improved is customer support.
If I'm implementing a connection on the DMZ or WAN, I should be able to dive deep into the implementation, specifying what needs to be implemented or not. For example, I should be able to configure specific details for the DMZ, and not have to follow the templates that they provide.
We have had problems with the stability that affected business operations.View full review »
I am using the Azure Active Directory in my company and it was complicated to integrate this solution with Azure. I had to use an internal VPN and had to do many configurations to get it operating. This process should be easier to implement.View full review »
The reporting could be improved.
Many other firewalls give you the option to disconnect a user. For example, if an end-user is using too much bandwidth, you could right-click to disconnect this user, but Sophos XG does not support this feature.
Sophos XG does not have the ability to disconnect a user.View full review »
The manuals or guides we are given are too simple. When we are implementing the product, it is difficult for us as we don't have more detailed information.
The technical support on offer is slow. When I have questions, they answer me very slowly. Sometimes within 24 hours, I have a response. However, it can be longer. In Mexico, Sophos doesn't have technical support locally. It's in Argentina or in other countries. It would be nice if support was available in the country.
Head of Network Department at a financial services firm with 1,001-5,000 employees
The GUI and support could be better. I think there are other products that we are going to deploy instead of Sophos. We have already upgraded a month ago because the interfaces and support for Sophos are really weak. But other products like Juniper, Cisco, or FortiGate are better than Sophos. It's also complicated, and the end-user or client does not understand it.
The interfaces and the GUI design are not easy, and when you do something, unrelated things are in the same configuration site. There are different sites to visit to configure Sophos. This is even more than other products. Many features can be improved, especially the VPN and web filtering features.View full review »
I would like to have a more efficient logging process & real time analisys. The logging, expecially with EDR subscription, is something that needs improvement.
I would like to see email management improved to have more features and options for integrating with other solutions, expecially cloud based.View full review »
They made some changes to the firmware update sometime last year, which moved some of the policies from where they were before. Some of the policies, such as NAS policies, were separated, which made it a bit hard for people to trace the policies they had configured.View full review »
Information Systems Infrastructure Manager at a comms service provider with 1,001-5,000 employees
When you are using it as a controller for the wireless access points, it doesn't perform well.
It is not suitable for the public cloud. It is more suitable for enterprise data. It is not really the equipment for cloud data centers. I am looking for a data center firewall.View full review »
Their reporting needs to be improved.
The initial setup is not straightforward.
Technical support could be improved as well.
Integration to the cloud is also a challenge. It's not straightforward, especially while I move my mail from on-premises to cloud 365. I had to go to the cloud to research certain routes with it.View full review »
Sophos XG could improve the policies, they are a bit confusing when creating them. There are many options that make it confusing and it could be simplified.View full review »
The VPN device could be improved upon.
The firewalls could be strengthened.
The solution could be more scalable.View full review »
Shah Abdul Manap
IT Executive at Hotel Maluri Kuala Lumpur
I need to do a bit more research on the product. I can't think of any features that are missing.
The solution is tied to the US dollar. You need to pay whatever the equivalent is in your own currency, and, if the exchange is bad, it can really add to the cost.View full review »
When you utilize the processors, the device hangs. Many firewalls hang because of the high volume of loads.
If we are using the HP policy and the user policy at the same time, the firewall gets hung and it means that we cannot get clear reports.
We have mitigated the firewall with Palo Alto because Palo Alto is working on multiple environments.
I would like to see the performance improved.View full review »
Senior Consultant at Wavednet Group
I would like to see in future releases a tool to scan for malicious packets and give the location of where they are coming from. Nowadays all over the world is suffering from ransomware threats. If they could map where those packets are coming from and make the packet monitoring more efficient it will be helpful to prevent more of these kinds of threats.View full review »
Senior IT Manager at a agriculture with 11-50 employees
I would like to have more artificial intelligence in the web monitoring service that comes with it. It should alert us when particular events happen. It has already got some of that. I know that it is more of a service, and Sophos is already looking at it. It is called SIEM.View full review »
ICT Manager at a hospitality company with 1,001-5,000 employees
They can simplify its interface so that it is mostly drag-and-drop. There was an SQL injection attack on some Sophos devices. They just need to harden their devices a little bit so that they can't be hacked very easily.
Entrepreneur at Carmel Infotech Solutions
The recent changes of the policy compared to Cyberoam are a little bit less user-friendly and complicated. Cyberoam is much easier to use.
Security could be better.
In the next release, I would like to see improvements made to the policy and simplify the policy-making, as the complexity of it makes it really tough.View full review »
The logging side of it could definitely be better. Some of the logging lacks, and the information that they provide you, especially in the spam filtering section, could be better.View full review »
In feature releases of the solution, I would like there to be an increase in the detection capability. The detection is low compared to the other solution available in the market.View full review »
Head Operations at Intersect Technologies
I would like to see improvement with service and support. LAN inbound and outbound traffic requires more control and an additional stop.View full review »
VP of Operations at a manufacturing company with 51-200 employees
The UI needs improvement because it can be a little weird at times.View full review »
They need to do more quality checks before they release firmware upgrades. Currently, a few Cyberoam firewall customers are facing some issues while upgrading the Cyberoam firmware to Sophos. After the new firmware is installed, they are seeing some performance issues, which require some bug fixes. The performance is fine after getting the required support. Customers who are already using Sophos hardware are quite satisfied with this solution.
Their support should also be improved. We are facing difficulties getting support on time through email or phone.View full review »
The box needs to be fixed
Moreover,the bugs need fixing. I also think that SD-WAN features should be added. The intelligence feature should be improved and Sophos needs upgrading and updating.View full review »
Manager IT at a retailer with 201-500 employees
The two main areas where this product needs improvement are routing and reporting.
The security can be improved, as well.View full review »
Founder & Chief Operating Officer at a tech services company with 11-50 employees
It is already secure but it could be better in terms of other breaches that may occur.View full review »
IT Analyst at a financial services firm with 11-50 employees
In the Firewall, the Intrusion Prevention System can be improved. Now because COVID has come to stay, people tend to work from home, and cybersecurity has been on the high side.
It can improve more on the security aspect of this so that it can combat any major threat or common bug. I am not saying that the security has become compromised, as it is usually active, but they can improve on it.
Local and technical support can be improved.
When firmware updates are complete, there were issues with connectivity and VPN users. Recently, I stopped updating the firmware because I didn't want to obstruct the connectivity of the staff working remotely at different locations.
I have stopped doing any updates until the issue can be addressed.View full review »
I wish to see an antivirus feature added to the solution.
Programmer / Analyst at Maridive & Oil Services
Their updates can be faster and more regular. Right now, it's updated monthly. When I need to update the firmware, I want it done within weeks, not months. There are also some changes in version 18, like rules, that aren't needed.View full review »
System Engineer at Dhanush Infosol
Some of the firewall rules are complicated for us to understand, they should be simplified.View full review »
System Administrator Server and Networks at a manufacturing company with 201-500 employees
The behavior with the zones was a little bit tricky to understand and the beginning of the project.
Sophos XG is difficult to manage and it is difficult to understand when you first begin.
The reaction time of the GUI is terrible when compared to other manufacturers.View full review »
In terms of improvement, one of the features we are having a hard time getting a hang of is MAC addressing, like when we assign IP addresses to a specific MAC address. That is something that can be improved. For the next release, I think, it should have better feature integration.
Technical Support Engineer at a tech services company with 1-10 employees
The user interface could be better.
We find that the solution takes too long to load. It's slow.View full review »
Senior Director of IT Operations at a tech services company with 11-50 employees
The VPN is in need of improvement. For us, it is hard to set up and it not working properly.View full review »
Systems Administrator Team Leader at a retailer with 1,001-5,000 employees
The MTR feature has to be enhanced. There are some bugs on the ADL which need enhancing.
Head Of Solutions at a tech services company with 11-50 employees
It is not recommended for larger enterprise customers.
They need to improve the SD-WAN feature.View full review »
Support for this product is something that is really important, and it needs to improve.View full review »
An area of improvement would be the reporting as diagnostic graphs take a long time to load and refresh. If there could be an option to show only select graphs, it may speed up the graphics.
Most of the time we don't use the disk usage, memory or CPU graphs. The main graph we watch is the bandwidth usage.
Additionally, their previous update contained many bugs. They need to ensure that, before releasing a new version, there are not so many bugs.View full review »
Owner at a tech services company with 11-50 employees
Scalability could be improved. It could be better.View full review »
Vice President (Technical) at a computer software company with 51-200 employees
I'd like to see a more simplified functionality for our customers. We also had a negative experience with the sales team of Sophos, which offered a three-year renewal to our customer. We'd suggested one year, keeping the customer's cashflow in mind and Covid. The result was that it affected our credibility with the customer. These are some of the irritants in the sales policy.View full review »
The uploading and downloading of reports should be included.
We are looking for a firewall to block the uploads from the user, not the downloads. I would like to see this feature updated.
In the next release, I would like the uploading and downloading reports to be included.View full review »
There have been some issues when upgrading. For some reason, parts of the configuration become unconfigured, I then have to reconfigure it. I should not need to keep reconfiguring it after upgrades.View full review »
Network Manager at a outsourcing company with 5,001-10,000 employees
There's an IP address delivery for our VPN client and a limited range of IP addresses. So this is a problem in the latest firmware release, but rather than using homework scenarios, we need a lot of VPN clients.View full review »
Director at a consultancy with 1-10 employees
The reports could improve, they do not seem complete and more information could be added.View full review »
The support service level agreement in regard to the amount of time needed to upgrade things is too low. It should be higher.View full review »
Sophos XG's web server protection and log viewer could improve. They should also introduce sandboxing.View full review »
The technical support they offer is difficult to access. There is no direct number to call and when you do get hold of them and have confirmation, it takes a while to get a response.View full review »
Technical Support Engineer at a tech services company with 1-10 employees
The solution could improve by making the graphical interface better and increasing the performance.
CEO at Tawassul Technology
Some businesses require Dynamic IP. This feature would be useful if it worked.View full review »
Senior Information Technology Project Manager at a tech vendor with 201-500 employees
Data traffic analysis could be better. I think Fortinet products like FortiAnalyzer are very effective in analyzing data traffic. I think it's better than Sophos. It could also be more stable.View full review »
Senior Infrastructure Engineer at a tech vendor with 51-200 employees
Even though things work on the back end, we have encountered bugs in the solution.
User interface and integration can stand improvement.
Head Of Network & Technical Support at a financial services firm with 501-1,000 employees
There are issues with electricity with this solution.View full review »
ICT Manager at toril community cooperative
They can lower its price. It is very expensive. We are looking for a less expensive solution depending on our budget. They can also improve it in terms of firewall protection.View full review »
David Van Win
Senior System Administrator at a financial services firm with 201-500 employees
Their technical support needs improvement. I've been on hold with them for hours waiting for their support.View full review »
Senior Network Security Engineer | Project Manager at a consumer goods company with 10,001+ employees
The solution could be more secure.View full review »
The reporting could be improved in this solution by adding more details.View full review »
IT Manager at a manufacturing company with 201-500 employees
Sophos needs improvements made to the console, such as host entry or defining rules directly from it.View full review »
IT Security Manager at a financial services firm with 201-500 employees
It's a problem that we are not able to investigate incidents, there is no tracking. Security is also lacking in this product.
As with solutions like Palo Alto and other firewalls, the SD-WAN needs to be rigorously and aggressively improved because when we provide this solution to our customers, it often fails at the network security level.
The solution could improve by having better security.View full review »
Director at REDCO
Areas for improvement would be the access points and the on-premise version, which is very bad.View full review »