Sophos logo

Sophos UTM Review
Configuring the network was the easiest part of implementation, but the internet failover needs to work better.

1,506

Valuable Features

  • Firewall
  • NAT
  • Intrusion prevention
  • Site-to-Site VPN
  • Web filter
  • Anti-virus

Improvements to My Organization

Before using the Sophos appliance, we consistently struggled with users clicking on things they shouldn't be. This led to virus/malware infections that seemed to propagate through the network at an alarming speed. Since we incorporated the appliance into our network, we don't have to worry as much since it does in-line virus checking, and if a computer does get infected the Sophos appliance lets us know via it's Advanced Threat Protection so we can get a much faster response time.

Room for Improvement

I wish the internet failover worked better. As it stands right now, when we have an internet failure on WAN1, it takes several minutes before our WAN2 connection picks up the traffic, with many things not working until I manually fail over to the other WAN.

Use of Solution

I've used it for seven years.

Deployment Issues

Initially, we had issues configuring the web filter and getting the right policies applied to the right users. After several calls to Sophos, they were able to assist us in getting to where we wanted to be. Other than that, deployment was easy as long as you pay attention to what you are doing and have the setup guide handy for any questions you have.

Stability Issues

The appliance has been very stable, only being rebooted to apply patches for security vulnerabilities, which fortunately is not very often.

Scalability Issues

The UTM 220 has served our purposes very well, it has allowed us to scale up on the computing side as well as the server side with no issues at all.

Customer Service and Technical Support

Customer Service:

Their customer service is fantastic.

Technical Support:

I have never had an issue go unanswered when I've had to involve Sophos technical support. Above all, it's their technical expertise that truly sets them apart from other vendors we have tried.

Previous Solutions

We did originally try to use PFSense. The software was hard to use, and the level of technical expertise was not good. Ultimately, after several demos of both products, we decided that Astaro (at the time we purchased our original device) was the right vendor to work with. Since that time, Sophos purchased Astaro and it would appear that they kept a lot of the same people working on these devices because the transition was smooth, and the level of knowledge never faltered.

Initial Setup

The initial setup was very straightforward. I will say that you do need to have a certain level of knowledge to set up the more advanced functions. Configuring the network was the easiest part, and the firewall was very straightforward once you figured out exactly what rules you needed to put in place. NAT was a bit confusing to start with, but once you went through the process it was easy. Intrusion prevention was easy to set up, flip the switch to the on position and decide what rules you want to apply. Web filtering took a few calls to Sophos to set up properly, as we were trying to set up filtering policies based on Active Directory groups, and were not successful in the initial configuration, but we did finally get this implemented.

Implementation Team

I implemented the product in-house. The one bit of advice that I can give is to organize yourself prior to deployment. Determine what services you want to utilize in your environment, and focus your learning to those parts of the guide, this will make your deployment much easier.

ROI

Our return on investment is the fact that we are protecting the business' data, lowering administrative costs, and are better able to manage every bit of our network security.

Pricing, Setup Cost and Licensing

The licensing model is very straightforward, it's a bit pricey, but for what you get, it's well worth it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
3 visitors found this review helpful
Anonymous avatar x30Anonymous avatar x30Anonymous avatar x30

1 Comment

Anonymous avatar x30

Hello, we have experienced similar issue as you have described "internet failover", but it has nothing to do with the UTM, but the ISP was the issue. The results were the same with another solution too.
We were told to pay an extra money to ISP for better services to mitigate that issue. Crap :)

Regards,

Patrik S

Like (0)26 August 15
Anonymous avatar x30
Guest
Why do you like it?

Sign Up with Email