Sophos UTM Review

Comprehensive UTM Product, scale-able, fast, understandable user interface

What is most valuable?

Proven UTM technology, excellent security and threat management are valuable features. The fact that I can provide scalable solutions for a SoHo environment on a small appliance, run on my own PC/server or even a virtualized environment allows me to accommodate almost any business, regardless of size. The software works in the same way across all the models. I have managed all my clients via the Sophos UTM Manager, a centralized console. I am a MSP, so having a centralized system to managed and maintain all of my client UTM firewalls is just gravy.

Customers appreciate the extensive built in reporting, rock solid IPS and security features. Coupled with a centralized Wireless and Remote Ethernet Device (RED) Device extends my service offerings. Lastly, the Total Protect bundle offers an affordable, comprehensive solution for the SMB market.

How has it helped my organization?

Using the SUM (Sophos UTM Manager) Central Console, each client UTM is configured to report to my RMM and CRM system for monitoring, SLA, ticketing, and support. We can administer a majority of our management such as firmware updates from our Sophos UTM manager. With many other products, this needs to be done and case by case basis.

We also schedule weekly automatic backups of the clients UTM configuration. These backups are emailed to our support portal and preserved. We keep spare/loaner equipment in stock so if a client’s UTM has a catastrophic failure, we prep a spare unit, apply their most recent configuration, and within 5 minutes have a functioning loaner unit we can deliver while their warranty replacement is processed. A simple drive to the client’s location and a swap out is done which gets them back in business on the same day. You can also get a 30 day full trial license for appliance or software. My sales staff can place a 30 day trial of fully functional unit as part of a proof of concept.

What needs improvement?

The unit offers great failover and load balancing features that can be complex to understand, some streamlining of the process would help. More predefined port rules would help the novice user/technician as well.

For how long have I used the solution?

I have been a Sophos/Astaro Partner for over 10 years. I started with Astaro v6 and have continued with them following their acquisition by Sophos a few years ago. The product keep getting better and better. I have over 200 units I have installed and managed. I am currently selling the SG Series with UTM v9.309. The SG series have models that fit small business up to large enterprise environments.

Alongside the hardware versions, we also use a virtualized version running UTM 9.

What was my experience with deployment of the solution?

The only issues I have, have been due to human error.

What do I think about the stability of the solution?

The solution is very stable if you size the unit to the environment. An SG125 is great for a 25 person office with web, email filtering, application control, etc. but it would not work well in a 100 person office. You need to know the proper sizing prior to deployment.

What do I think about the scalability of the solution?

As stated, unit needs to be scaled to the environment. So if I don’t do my job of understanding the client's environment, it is possible to undersize the unit just like every other product. For clients who are planning major growth, we tend to sell either a virtualized UTM or software base unit. Then it is simply a matter of adding license capacity, RAM, CPU, etc. when needed.

How are customer service and technical support?

Customer Service:

They have a great account team and customer service is solid. 85% of the time the issues are resolved on the same day, and 97% by the next business day.

Technical Support:

They have excellent technical support. I can submit a ticket request via their portal, with a call, etc. I can get someone 24/7 and usually within an hour. They also have a great escalation procedure.

Which solution did I use previously and why did I switch?

I have used many, such as SonicWALL, Cisco, Juniper, WatchGuard, and FortiGate. Sophos is consistent and deep in their solutions and I like a consistent platform and support.

How was the initial setup?

Simple small offices are a breeze. We have some template configurations, which only require us to stage and activate a license(s), install a basic template and modify the interfaces to meet client specifics and then add the unique definitions. More complex setups start with a basic template which even my technicians can load, and then require an engineer or security specialist to finish off.

What about the implementation team?

We are a managed service provider (MSP) so we do it in-house for clients. We provide our customers with basic training and complete documentation package.

What was our ROI?

As with most hardware, margins could always be better. I can get competitive pricing on larger deals. Our biggest ROI is the monthly management fee, which is very reasonable for our clients. Since we do all of our management (updates, reports, etc.) from the SUM we spend very little time on this and a technician can do it. It has a very good economy scaling and the annual subscription renewals are pretty standard with not much of a margin. This solution fits the MSP model very well due to it being a centralized control/management solution.

What's my experience with pricing, setup cost, and licensing?

A SoHo setup takes about an hour, which is US$125 and the monthly management/maintenance is US$30, but it all adds up.

Which other solutions did I evaluate?

We have evaluated many

  • WatchGuard
  • SonicWALL
  • Cisco
  • FortiGate
  • Smoothwall, etc.

What other advice do I have?

The product has a shallow and a deep end. Getting a small business/SoHo running up quickly and reliably is straight forward, but the deep end takes some technical skills, just like any solution. What I really like is that my Tier One guys can get a quick status update, have a look very quickly, and then resolve most basic issues. Tiers two and three are not as involved unless there is a major issue or complexity. Also, when buying the product, get the audit/chance tracking built in too!

Which version of this solution are you currently using?

SG series, UTM 9.309
**Disclosure: My company has a business relationship with this vendor other than being a customer: My company is a business partner.
More Sophos UTM reviews from users
...who work at a Manufacturing Company
...who compared it with Meraki MX
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: April 2021.
479,323 professionals have used our research since 2012.
Add a Comment