Sophos Cyberoam UTM Review

It has good performance but their quality control needs to be improved.


What is most valuable?

  • Web filtering
  • Application filtering
  • IPS
  • QoS

How has it helped my organization?

I used to work for a Cyberoam distributor. In one of my projects, I deployed it in a university with 1500 users (students), all of whom had different QoS and web category policies, different authentication policies. I then had to connect the university’s branches, in different cities, with a Site to Site VPN using AD authentication available for just the account. This was to restrict access only to the accounting application server of the other branch. It was quite complicated to do, but it was very successful.

In another project for a bank, I secured a banking application server and attached a database using two Cyberoam devices on the edge, with a Juniper device in the middle. This was for securing three different segments - internal users, internal developers and external visitors. The final topology was so secure that, even for some testing purposes, we were not able to break in to change the configuration and access the system as a third party.

What needs improvement?

Not very often, but there are some minor bugs in the products. I think their quality control can improve.

For how long have I used the solution?

I’ve used it since 2008, so seven years so far.It is a complex product so I’d rate the performance and number of features as 10/10, and 7/10 for the consistency and programing.

What was my experience with deployment of the solution?

Generally speaking, the Cyberoam development is quite simple, easy and straight forward. Overall it depends on the network complexity.

What do I think about the stability of the solution?

Compared to a Cisco router, Cyberoam UTMs need to be restarted more often. From my point of view, this is acceptable, since many aspects of the product functions in layer seven, while a Cisco router just routes!

What do I think about the scalability of the solution?

Since all the products models from the smallest to the strongest have the same features and capabilities, I can say that the product is extremely scalable. However, if you need to upgrade the whole device to a stronger model, I would say scalability is 8/10, which considering the differences between the number of ports in different models (I could even give 9/10, but let’s stay with 8/10!).

How are customer service and technical support?

Customer Service:

It really depends on the retailer, representative and local distributor. Nothing much to say.

Technical Support:

One of the most considerable advantages of Cyberoam over the competitors is the after sales support. The 24/7 support assists the customers, even from minor to very major issues, and they chase up the issue until the final resolution by email and phone. They are really trustworthy.

Which solution did I use previously and why did I switch?

In a different continent, a different company, and as a customer (not a distributor) I still used the same brand, Cyberoam! It’s cheap, flexible, easy to configure and easy to manage.

How was the initial setup?

I’ve been using the product for ages and I have deployed it in hundreds of networks and complexities. However, using the configuration wizard, the initial configuration is extremely easy and straightforward (depending on the network complexity of course).

What about the implementation team?

I have always installed it myself.

What's my experience with pricing, setup cost, and licensing?

It's hard to estimate, as it depends on the complexity, and scale of the network.It takes anywhere from one day to less than a week in normal situations.

Which other solutions did I evaluate?

I have evaluated Juniper, WatchGuard and a couple of minor brands. So far, I can still raise the flag of Cyberoam.

What other advice do I have?

Since the features on the model are the same, and it is just the hardware that gets improved for higher models, I usually advise a model one and a half times bigger than the number of the network users. For instance a 1000 user network can be easily served by a 1500NG. However based on my experience, since not all the users are active simultaneously, even 1 to 1 is sufficient. Considering the capability of HA, expansion is simple if needed.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
2 Comments

author avatarUser
Vendor

Very use full and straight forward approach, thumbs up :)

author avatarSr network Administrator at IDS Infotech Limited
Consultant

Very elaborated review with good categorization....