Sophos UTM Reviews

I'm IT head at our company in India and we are customers of Sophos UTM.

The solution has many good features. There was a steep learning curve moving to version 18 but we're now at a point where the solution is more efficient and effective. When talking about VLANs the solution makes it easy to separate rules for everything. The solution is easy to use with simple implementation.  

The application server needs to be improved because currently, the classification segregation of applications needs to be more defined. Also, we used to be able to open the firewall using LAN IPS but that's no longer possible and needs to be solved. I'd like to see an improvement in central categorizing. These days with all the applications and threats, getting everything filtered down needs to be a finer, more granular process. There are times when you find that a website seems to be legit, but there is a code running behind it that can act as a proxy or some kind of a bot. The sites are always logged on, but at times we have to open for a few clients or a few sites and in that time they're open to attack.

We've been using this solution for at least six years. 

This solution is absolutely stable. 

The solution is scalable; we jumped from 135 to 230 users without any problems at all. 

Technical support used to be good but it's lagging a bit now. Support staff was better trained and more efficient than they are now. It could be because of Covid but it's a bit of a challenge at the moment. 

We worked with SonicWall many years ago. We then switched to Cyberoam and then we primarily used Cisco Firepower. There were support issues with Cisco and it wasn't easy to find the KB articles and training was lacking. Even the training personnel had problems when we had issues with implementation. The same thing happened when we used Palo Alto with the support being the biggest problem. It was so unstructured and I hope that has changed in the last 12 months. When it comes to firewalls we are happy with two products; Fortinet is our preference but when you take cost into account, we prefer Sophos. 

The initial setup was relatively straightforward. 

The licensing costs for Sophos are reasonable. It's clear to me that there are no full solutions, you can't win it all, and the cost is always an issue. We're on the winning side with Sophos in that respect. We renew our license every three years. 

I rate the solution eight out of 10. 

Proven UTM technology, excellent security and threat management are valuable features. The fact that I can provide scalable solutions for a SoHo environment on a small appliance, run on my own PC/server or even a virtualized environment allows me to accommodate almost any business, regardless of size. The software works in the same way across all the models. I have managed all my clients via the Sophos UTM Manager, a centralized console. I am a MSP, so having a centralized system to managed and maintain all of my client UTM firewalls is just gravy.

Customers appreciate the extensive built in reporting, rock solid IPS and security features. Coupled with a centralized Wireless and Remote Ethernet Device (RED) Device extends my service offerings. Lastly, the Total Protect bundle offers an affordable, comprehensive solution for the SMB market.

Using the SUM (Sophos UTM Manager) Central Console, each client UTM is configured to report to my RMM and CRM system for monitoring, SLA, ticketing, and support. We can administer a majority of our management such as firmware updates from our Sophos UTM manager. With many other products, this needs to be done and case by case basis.

We also schedule weekly automatic backups of the clients UTM configuration. These backups are emailed to our support portal and preserved. We keep spare/loaner equipment in stock so if a client’s UTM has a catastrophic failure, we prep a spare unit, apply their most recent configuration, and within 5 minutes have a functioning loaner unit we can deliver while their warranty replacement is processed. A simple drive to the client’s location and a swap out is done which gets them back in business on the same day. You can also get a 30 day full trial license for appliance or software. My sales staff can place a 30 day trial of fully functional unit as part of a proof of concept.

The unit offers great failover and load balancing features that can be complex to understand, some streamlining of the process would help. More predefined port rules would help the novice user/technician as well.

I have been a Sophos/Astaro Partner for over 10 years. I started with Astaro v6 and have continued with them following their acquisition by Sophos a few years ago. The product keep getting better and better. I have over 200 units I have installed and managed. I am currently selling the SG Series with UTM v9.309. The SG series have models that fit small business up to large enterprise environments.

Alongside the hardware versions, we also use a virtualized version running UTM 9.

The only issues I have, have been due to human error.

The solution is very stable if you size the unit to the environment. An SG125 is great for a 25 person office with web, email filtering, application control, etc. but it would not work well in a 100 person office. You need to know the proper sizing prior to deployment.

As stated, unit needs to be scaled to the environment. So if I don’t do my job of understanding the client's environment, it is possible to undersize the unit just like every other product. For clients who are planning major growth, we tend to sell either a virtualized UTM or software base unit. Then it is simply a matter of adding license capacity, RAM, CPU, etc. when needed.

They have a great account team and customer service is solid. 85% of the time the issues are resolved on the same day, and 97% by the next business day.

They have excellent technical support. I can submit a ticket request via their portal, with a call, etc. I can get someone 24/7 and usually within an hour. They also have a great escalation procedure.

I have used many, such as SonicWALL, Cisco, Juniper, WatchGuard, and FortiGate. Sophos is consistent and deep in their solutions and I like a consistent platform and support.

Simple small offices are a breeze. We have some template configurations, which only require us to stage and activate a license(s), install a basic template and modify the interfaces to meet client specifics and then add the unique definitions. More complex setups start with a basic template which even my technicians can load, and then require an engineer or security specialist to finish off.

We are a managed service provider (MSP) so we do it in-house for clients. We provide our customers with basic training and complete documentation package.

As with most hardware, margins could always be better. I can get competitive pricing on larger deals. Our biggest ROI is the monthly management fee, which is very reasonable for our clients. Since we do all of our management (updates, reports, etc.) from the SUM we spend very little time on this and a technician can do it. It has a very good economy scaling and the annual subscription renewals are pretty standard with not much of a margin. This solution fits the MSP model very well due to it being a centralized control/management solution.

A SoHo setup takes about an hour, which is US$125 and the monthly management/maintenance is US$30, but it all adds up.

We have evaluated many

• WatchGuard
• SonicWALL
• Cisco
• FortiGate
• Smoothwall, etc.

The product has a shallow and a deep end. Getting a small business/SoHo running up quickly and reliably is straight forward, but the deep end takes some technical skills, just like any solution. What I really like is that my Tier One guys can get a quick status update, have a look very quickly, and then resolve most basic issues. Tiers two and three are not as involved unless there is a major issue or complexity. Also, when buying the product, get the audit/chance tracking built in too!

Sophos UTM offers considerable protection and employs a very well-structured pricing scheme.

It's a good choice for businesses that need a basic security solution with a good price-performance ratio. However, it's not a good choice for businesses that need a complex security solution. That's why I'm also considering Fortinet, which can provide a more comprehensive security solution.

I like the simplicity of Sophos UTM and the web filtering features.

The application control is really bad. It needs a lot of enhancements. The traffic shaping and bandwidth control, and application control need a lot of work.

In future releases, Sophos can enhance its quality of service. 

I have been using this solution for 11 years. 

There are two aspects to consider: software stability and hardware stability. The software is a bit stable, but the hardware needs a lot of improvement. So the software can be rated nine out of ten, but the hardware is only seven out of ten.

The software solution is not very scalable. So, it can be improved. 

We have about 50 customers right now using this solution. 

The initial setup is easy. It took half an hour to deploy. 

It is a complex security solution for firewalls. So there are a lot of implementation concerns. It's not like a wireless solution or something like that. So there's no direct answer for this one, especially for security solutions.

For the deployment, maintenance, and management, you need two security engineers. You need security engineers, not just regular engineers.

The ROI is extremely high.

The cost of the license depends on the size of the firewall appliance. There is a huge variety of pricing models.  

Sophos UTM has very reasonable pricing. 

Overall, I would rate the solution an eight out of ten. 

It's a good firewall solution for small and medium businesses, but it's not the best choice for businesses with complex security requirements. 

I would recommend that businesses carefully consider their requirements before choosing Sophos UTM. If you need advanced application control, you should look for a different firewall solution.

We use Sophos UTM as a firewall and access control. The firewall has web filtering and anti-fishing tools. We synced Sophos UTM with our Microsoft Windows Active Directory.

Sophos UTM is a robust solution and it provides flexibility.

I have been using Sophos UTM for approximately five years.

The stability of Sophos UTM is very good. The solution has been stable since Sophos took over Cyberoam which was the original company providing this solution.

The scalability of Sophos UTM is seamless if you have the right UTM device. However, for every device there are limitations, we have 150 users on it at this time.

The support from Sophos is very helpful. We raise a support ticket on the portal and we receive a response.

The initial setup was straightforward. The full deployment takes approximately two days which could be simplified to reduce the time. The major part of the process is the configuration and the policy setup.

We did the implementation of Sophos UTM using our internal team. We have certified engineers that can handle the process. If there are any issues we can reach out to the support of Sophos.

We have two people that handle the maintenance for the solutions.

There is a license for the device and for the software. We pay annually for the solution and the cost is competitive.

Sophos has an aggressive 360-degree security deployment. They are securing your mobile phone and data, both data security and also device security. They're on the cloud too, if you look at the company they really working hard on a 360 approach for security. The coverages they offer makes them robust. You can always start from somewhere, and then you scale up. You can start with their device management solution, or with their firewall, and then you begin to scale up with other features seamlessly. The flexibility they provide is also very good with Sophos, I can recommend Sophos confidently.

I rate Sophos UTM a nine out of ten.

Every single Virtual Private Cloud (VPC) has Sophos in front of it. I also use it for Outbound Gateways in my WorkSpaces environment.

Our company trusts Sophos without even seeing it, as it provides us comfortability while allowing for flexibility.

Its scaling capability.

Sophos has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewall from one place, which is huge for me. When you have multiple VPCs and multiple accounts, it becomes too cumbersome to use a product that you have to look at individually. With Sophos, I can look at one place and see everything: my logs, filters, firewall rules, etc.

I would like them to move from the Classic Load Balancer to the Network Load Balancer. This would make it easier to do certain things with Amazon. They are able to do some enhancements with Network Load Balancer that they are unable to do with Classic Load Balancer.

I have never had a stability issue with Sophos. It self-heals.

I have not run into a scalability issue since it is scalable past my license.

I have had great technical support. The only issues that I have experienced with technical support are when I get a Tier 1 support person who knows about the on-premise product, not the AWS side of the product.

The implementation and configuration through AWS is easy. They have cloud configuration templates, which are easy to deploy.

We originally purchased the solution through the AWS Marketplace. I started my proof of concept doing pay-as-you-go, then moved to a VAR for a 'Bring Your Own Licence' (BYOL) licensing model. The BYOL license still requires you to accept the terms of the AWS Marketplace to deploy.

It is easy to purchase through the AWS Marketplace. In addition, if you have a budget for the AWS Marketplace, then your purchases will appear on your regular Amazon bill, which makes things even easier.

I went and looked at Check Point eight years ago, because back then, I loved Check Point. They also weren't many solutions like this back then. AWS Marketplace did not even exist eight years ago!

After comparing Check Point and Sophos pricing, I questioned whether the decimal for Sophos was in the wrong spot. Sophos's competitors were so much higher in price. 

Originally, cost sold me because Check Point and Sophos had the same features. Now, Sophos has surpassed Check Point's features.

If you haven't tried it, do so.

Amazon has their products (e.g., Amazon GuardDuty). However, when you are working in a multiple VPC environment along with digital enhancements and features, some of those enhancements and features are not always available with Amazon, but are with Sophos.

It is used to protect the servers. It is a very transparent solution. 

Sophos integrates seamlessly and we don't even feel it is running in the background. 

I found just one instance of a virus on somebody's email, and Sophos cut it off immediately. Then the admin said, "Oh, this is a virus. That's a new one." They found out that I hadn't updated some virus information.

The virus updates will always depend on new viruses that are discovered. Maybe they can send a notification or a reminder for update time. 

We have been using Sophos UTM for two years. 

It is absolutely stable. 

We have over 200 users in my company. We are planning on increasing the usage. We never faced any issue with scalability. 

We have local support and go through our company's tech support. 

The initial setup is straightforward. It was implemented within five minutes. 

The central admin team deployed the solution. There were around three to four members of the team. 

It is easy to install and transparent solution. I would recommend using the solution. I would rate it a ten out of ten. 

Most of our clients use Sophos UTM as a perimeter firewall for branch offices. Additionally, we use the Sophos XG, RED firewall for extending the network, and the Sophos Intercept X to complement the firewalls.

The most valuable features of Sophos UTM are the ease of use, it is very user-friendly. You can understand what they implement in the new firmware, and it's easy to manage the firewalls.

When I implement a solution, I have to teach the customers how to use it and when I have used other solutions, such as Check Point, it was difficult.

Sophos UTM has good integration with wireless and endpoint solutions

In Sophos UTM there is always a problem with the routing tables. If you want to see the routing table, you have to use the UI. You can't do it via a web browser. The routing table is better in Fortinet.

I have been using Sophos UTM for approximately six years.

The stability of the Sophos UTM is very good, most of our clients do not have to reboot the firewalls. 

The technical support is good. I tell my customers that we always have the support of Sophos and it is good for us. If you create ticket support in Spanish, you have to wait sometime, because they don't have a lot of people who work in Spanish. We have to do it in English. They should have more other language support agents.

I have previously used Sophos Cyberoam, XGS, and XG solutions. Additionally, I have used Check Point solutions.

The implementation of Sophos UTM firewalls is difficult. There are many aspects that are involved and there is maintenance needed. However, the difficulty level is the same as if you were implementing a Fortinet firewall.

We have a three-person implementation team that works in many cities here in Bolivia.

I have evaluated other solutions, such as Cisco.

I would advise others that the Sophos Academy is really good. You can receive certifications from them. It is important to understand the requirements because some people who don't know much are afraid to use firewalls, and that's a problem. It's important to use firewalls and ask questions proactively about them.

I rate Sophos UTM an eight out of ten.

We primarily used the solution to replace Cyberoam. For a client recently, we replaced their old SD device with the latest version, XG 210.

At the moment we have deployed the web filtering application as they have their own web servers and their email protection. The web filtering is great. At the moment, we haven't heard any negative feedback from the client.

There is plenty of documentation that can help you check scenarios or different situations that might you have.

The stability is great.

The cost of the solution is very reasonable.

I can't recall dealing with any missing features.

Lately, I've dealt more with Fortinet, and haven't focused too much on Sophos.

The initial setup may be difficult for those not familiar with the product.

If I recall correctly, I've been dealing with the solution for about five or so years. It's been a while at this point. 

The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

We are actually in the process of discussing scaling with a client. We're working on the business planning aspect right now. We're looking at opportunities on how to protect their network, besides just the webserver and the email servers.

I haven't made any request for technical support previously. That is due to the fact that even the local authorized distributor here in the Philippines is very helpful in deploying and configuring the product. Therefore, we have no need to contact Sophos directly.

There's also lots of documentation to reference. 

Recently, I've used a lot of Fortinet products. 

Although I hadn't done a setup in a while, I quickly recalled the steps taken. If you've handled a setup before, you're likely to find the implementation process rather straightforward. I found I was able to adapt quickly and figure out the necessary configurations.

In terms of licensing, here in the Philippines, we just pay on a yearly basis. The renewal is up for this year in Q3. We are talking now with the distributor where we purchased the hardware for a possible renewal with the client.

Overall, they provide very reasonable pricing.

My company is a reseller of Sophos.

I haven't deployed one of their latest solutions yet. We just had a recent project for a basic firewall, and they were actually 210. That's the last project I had with Sophos.

We are in the process of taking up certification exams for Sophos.

I definitely recommend Sophos. It's one of our top products in the company.

I'd rate the solution at a nine out of ten.