Sophos Cyberoam UTM Review

Web and content filtering, and bandwidth monitoring help keep bandwidth costs in check


What is our primary use case?

The primary use is for our firewall, for intrusion detection and prevention. Other uses include internet web filtering, application content blocking, and some VPN. We also look at bandwidth optimization. We don't want users to abuse the network.

How has it helped my organization?

One of the benefits has been cost reduction because I am now able to monitor my bandwidth. I have just enough bandwidth to utilize within the organization, without having to spend significant amounts toward additional bandwidth. That has been one of the major benefits.

It has also increased productivity within the organization because now, fewer people are spending time abusing the network, and are focusing more on their jobs. I have not totally blocked everything, they do get their social life after hours, it's just a control during work hours.

What is most valuable?

For me, the web and content filtering are valuable because that, unfortunately, is where the abuse happens a lot. People are abusing the network and pushing up the bandwidth price.

What needs improvement?

Once in a while, an unwanted email will slip in. You have to set your parameters to avoid that happening, but once in a while, an email has slipped past firewall. Once you update the firmware, you notice that it doesn't happen. If an email slips in, I get a little bit worried. I do get the report, but you just don't want that situation happening in the first place.

When I look comparatively at certain products like Check Point - I haven't used Check Point but I have seen it in action - the people who have actually used it have confirmed that they have not had that experience before. 

However, I do know that Cyberoam is upgrading from Cyberoam to Sophos. I'd love to see the upgrade. I'd love to see a swap-out of the device. I should be able to swap out my device rather than I have to buy the whole unit again.

One of the places that viruses spread is through the browser. Unfortunately, Cyberoam configuration is done through the browser. That makes the configuration process is easier. But if your PC is clean and you're configuring Cyberoam then you should have no issues in the first place.

I've never used the console, so maybe that's an area of training that the Cyberoam should look into. That would enable me to configure the device without necessarily using a browser. But then again, if I am going to use a computer to configure it, my PC should be clean.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

The solution has been very stable. I have had no issues. Occasionally I do some penetration testing and I put it through its paces. I was quite impressed. I did not see any performance downgrade, which was impressive.

What do I think about the scalability of the solution?

I managed to scale up, but not from the model perspective. It began to fail only when the number of users grew significantly. I had to replace it but that was because we planned for 50 people and, suddenly, the organization doubled to 100 people, which was a significant jump.

How is customer service and technical support?

It is very good, both local as well as non-local. The technical support for the Cyberoam website was very helpful with regards to the few issues that I had. Here in Zambia, there is a Cyberoam representative, and we have no issues with the support. I have found it very helpful.

Which solutions did we use previously?

One of the reasons we invested in the Cyberoam solution was that we were looking at content filtering. That was the initial discussion. While searching for content filtering, Cyberoam appeared. One of the advantages of Cyberoam, in particular is the Layer 8 technology, the user layer. That pushed us towards Cyberoam.

When selecting a vendor, one of the key issues is the support. It's easy to buy something, but the after-sales support is very critical for me. It is very critical because half the stuff happens not during the purchases, but rather after I've bought the gadgets. I have it on my table, and, yay, it's working and, two days later, it's down and I can't get my support guys on site.

Another one of the determining factors was cost. I chose Cyberoam at a time when the organization was restructuring. We were trying to cut down on cost, so we analyzed the solution critically. Cyberoam has a recurring yearly cost. Competing products are good, but some of the initial setup costs were very high. And then you have to look at the ability to actually get the support in.

So support, pricing, and after-sales were key, as well as the ability to swap out the device should it be faulty. I should be able to swap it out within a specified period. There is no point in having my network down for five hours. Thankfully, I haven't experienced that.

How was the initial setup?

It was very straightforward. I'm a Cyberoam-certified practitioner, but I actually deployed Cyberoam before I got my practitioner license, and I had no issues. So it was very easy.

Which other solutions did I evaluate?

Cisco has a very good product, but there were only a handful of support people available in the country at that time. My vendors said that Cyberoam has very good support, you can actually learn it and they offer initial support. 

I took up the challenge. I bought the product, did the implementation, went to the user training, and the support was readily available for my vendors.

What other advice do I have?

See what your market is offering. Here in Zambia, Cyberoam has a lot of support. Take your time and make sure that when you're making a decision, your requirements are met. Cyberoam met our requirements. I was only looking at web filtering and I got a whole lot more than that.

Also, your after-sales support is crucial. Train yourself, because if you have the knowledge of a product, it's easy for you to set it up and use it to its fullest potential.

I rate this solution a nine out of ten. It has met many of my requirements even without subscription, just the base model. It's easy to use, easy to install, easy to implement. There isn't too much headache or cabling, you don't have to replace a whole, huge network. You're just replacing one thing and it can be implemented without an issue.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest

Sign Up with Email