What is our primary use case?
We primarily use the solution for a number of use cases, including the firewall, web filtering, email filtering, and email encryption. UTM does it all. The only thing that we don't use it for is web application and protection. We don't really have any web servers in-house.
What is most valuable?
The web and email filtering are the two biggest and most valuable aspects of the solution for us.
The solution overall has just been a good, cost-effective solution for us.
The solution offers a lot of functionality.
The solution scales well.
We've found the technical support to be helpful.
The stability and performance are quite good.
What needs improvement?
The ease of use could be a bit better. It's something they could work on.
The ease of configuration could be improved. It's not as simple as it could be just yet. However, it's kind of the nature of it.
They're kind of difficult to get set up sometimes.
Some of the detail in the web filter and the email filtering could be better outlined in the reporting. It is not as good as the two separate standalone solutions we used previously. However, it does also gives us a lot of other stuff that those two solutions didn't. It's a trade-off.
For how long have I used the solution?
I've been using the solution for the last five years at this point.
What do I think about the stability of the solution?
The stability and performance are good. The solution is reliable. There are no bugs or glitches. It doesn't crash or freeze. It's good.
What do I think about the scalability of the solution?
We've been using the same hardware for five years and it's always had a very good performance. I would say it scales pretty well. We have around 80 users on the solution currently. We've had double that. Actually, until COVID hit, we did have double that, as of a year ago.
How are customer service and technical support?
We've been very happy with Sophos, despite the fact that most of their support is based out of Europe. When you get them on the phone, they're actually very good. Their support is very good. We've been happy with them, and have no concerns about renewing the maintenance.
Which solution did I use previously and why did I switch?
We currently use a few Cusco solutions. We had a SurfControl web filter previously - a standalone server for that. We also had an email filtering package, that was on a separate server by itself. We found that the Sophos UTM did both of those things, and it gave us a firewall, and it saved us money. That's largely why we switched. The downside to Sophos is the reporting wasn't as good, however, everything else was better.
There was nothing wrong with the other solutions that we had other than it would cost us twice as much money to get a lot fewer capabilities. We don't really have the manpower to fully utilize those other solutions in great detail, which is why a simple web filter and email filter that was built into the Sophos solution worked for us. Plus, it does a lot more than that. We could run everything through it. We could - and we may do this - move away from using the Cisco solutions altogether, and just use the two Sophos firewalls. Once we get the XG up and running, we can upgrade the UTM to XG also and have the two XG firewalls in our two locations, and use it for the LAN connection between the locations. I don't know that we'll do that, however, it's definitely something that we can do. It's just a lot of additional capability and flexibility.
How was the initial setup?
While the configuration can sometimes be tricky, it was pretty much straightforward to initially set everything up. It helped that we had paid support through Sophos, so their technicians helped us get it up and running.
The deployment took a couple of weeks in total. It wasn't too big of a deal.
We don't really have any staff dedicated to deployment and maintenance. I tend to handle those aspects myself.
I've watched a few webinars, even on implementation, and it's just that a lot of the stuff is really different. You need to work on it a bit to get the hang of everything.
What about the implementation team?
We had Sophos directly assist us. They were great at helping us implement everything. We physically got it in place, and then got it up and running, and then finished it off with some assistance from Sophos.
What's my experience with pricing, setup cost, and licensing?
We've found the solution to be cost-effective overall.
Normally we do a three-year license with maintenance on a firewall.
Beyond the standard maintenance fee, the solution doesn't require any other licensing costs.
What other advice do I have?
We are a manufacturing company. We're not a technology company. We don't need to have the very latest state-of-the-art technology, however, we want to try to be close to it. For us, Sophos is perfect.
We also plan to use Sophos XG, however, we haven't implemented it yet. We're hoping it might be easier to configure and set up than UTM.
Our antivirus, actually, was the antivirus that was managed by the UTM. Now they've since retired that capability, and they've gone to endpoint security software being managed in the cloud. Sophos Central can manage all of the Sophos security products, including all the firewalls, the endpoint security. Basically, you end up with one web interface for all of your security stuff. That's actually going to be a big feature, especially moving forward with XG, due to the fact that, if XG detects anything fishy going on, you can shut down individual client networks, and not allow any traffic to go through.
Our Exchange ActiveSync is actually behind a Cisco firewall. We have a Cisco ASA also.
We use the latest version of the solution.
I'd rate the solution at an eight out of ten. We've largely been satisfied with the product.
As a company, you're looking to get the best solution out there. Once you have something in place, and it's worked well for you, and it hasn't cost you any excess money, you don't need to have too much contact with anyone. I rarely contact Sophos. That's a good indication of how good the product is working for us. If I was looking for something new, or if when maintenance comes up, and we've had hardware that's been in operation for a while, maybe we just need something new. Then you look and see if there's something out there that works better for you. That's basically it. We're not looking for anything new. We've actually been very happy with Sophos. I liked the way that there's a lot of good stuff there.
Which deployment model are you using for this solution?