Sophos UTM Review

Configuring the network was the easiest part of implementation, but the internet failover needs to work better.

What is most valuable?

  • Firewall
  • NAT
  • Intrusion prevention
  • Site-to-Site VPN
  • Web filter
  • Anti-virus

How has it helped my organization?

Before using the Sophos appliance, we consistently struggled with users clicking on things they shouldn't be. This led to virus/malware infections that seemed to propagate through the network at an alarming speed. Since we incorporated the appliance into our network, we don't have to worry as much since it does in-line virus checking, and if a computer does get infected the Sophos appliance lets us know via it's Advanced Threat Protection so we can get a much faster response time.

What needs improvement?

I wish the internet failover worked better. As it stands right now, when we have an internet failure on WAN1, it takes several minutes before our WAN2 connection picks up the traffic, with many things not working until I manually fail over to the other WAN.

For how long have I used the solution?

I've used it for seven years.

What was my experience with deployment of the solution?

Initially, we had issues configuring the web filter and getting the right policies applied to the right users. After several calls to Sophos, they were able to assist us in getting to where we wanted to be. Other than that, deployment was easy as long as you pay attention to what you are doing and have the setup guide handy for any questions you have.

What do I think about the stability of the solution?

The appliance has been very stable, only being rebooted to apply patches for security vulnerabilities, which fortunately is not very often.

What do I think about the scalability of the solution?

The UTM 220 has served our purposes very well, it has allowed us to scale up on the computing side as well as the server side with no issues at all.

How are customer service and technical support?

Customer Service:

Their customer service is fantastic.

Technical Support:

I have never had an issue go unanswered when I've had to involve Sophos technical support. Above all, it's their technical expertise that truly sets them apart from other vendors we have tried.

Which solution did I use previously and why did I switch?

We did originally try to use PFSense. The software was hard to use, and the level of technical expertise was not good. Ultimately, after several demos of both products, we decided that Astaro (at the time we purchased our original device) was the right vendor to work with. Since that time, Sophos purchased Astaro and it would appear that they kept a lot of the same people working on these devices because the transition was smooth, and the level of knowledge never faltered.

How was the initial setup?

The initial setup was very straightforward. I will say that you do need to have a certain level of knowledge to set up the more advanced functions. Configuring the network was the easiest part, and the firewall was very straightforward once you figured out exactly what rules you needed to put in place. NAT was a bit confusing to start with, but once you went through the process it was easy. Intrusion prevention was easy to set up, flip the switch to the on position and decide what rules you want to apply. Web filtering took a few calls to Sophos to set up properly, as we were trying to set up filtering policies based on Active Directory groups, and were not successful in the initial configuration, but we did finally get this implemented.

What about the implementation team?

I implemented the product in-house. The one bit of advice that I can give is to organize yourself prior to deployment. Determine what services you want to utilize in your environment, and focus your learning to those parts of the guide, this will make your deployment much easier.

What was our ROI?

Our return on investment is the fact that we are protecting the business' data, lowering administrative costs, and are better able to manage every bit of our network security.

What's my experience with pricing, setup cost, and licensing?

The licensing model is very straightforward, it's a bit pricey, but for what you get, it's well worth it.

Which version of this solution are you currently using?

220 v9.3
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Sophos UTM reviews from users
...who work at a Financial Services Firm
...who compared it with Meraki MX
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
511,521 professionals have used our research since 2012.
Add a Comment
ITCS user

author avatarit_user192969 (KAM with 11-50 employees)

Hello, we have experienced similar issue as you have described "internet failover", but it has nothing to do with the UTM, but the ISP was the issue. The results were the same with another solution too.
We were told to pay an extra money to ISP for better services to mitigate that issue. Crap :)


Patrik S

author avatarit_user831537 (User)