What is most valuable?
Reverse proxy, SSL VPN, web & email protection
For me, those features were most valuable from a security point of view;
• Reverse proxy is very important for shielding application frameworks.
• For VPN, we all knew that PPTP was broken and is not secure anymore. For Ipsec, you need to have opened ports, and if you are in a hotel who only has ports 80 and 443 opened, you can’t do anything.
SSLVPN is one of the solutions. Yes, you can use DirectAccess, but there are some limitations, too.
For DirectAccess, you need to have all those computers joined in one domain.
• Web & email protection is a nice feature because you have all of those controls in one dashboard. This is of course for small and maybe some mid-size companies. For larger and enterprise, it’s another story.
How has it helped my organization?
Less and faster administration, full control of traffic, and a lot of futures included in the base price.
What needs improvement?
The goal for small companies is to have one administration dashboard -- from where you can manage antivirus for computers, firewalls, IDS, IPS, mobile phones, tablets, etc.
Sophos UTM is on the right path to getting there.
For how long have I used the solution?
Sophos UTM 135 = two years.
Sophos UTM 115 = one year.
What do I think about the stability of the solution?
No problems with stability.
What do I think about the scalability of the solution?
No problems with scalability.
How are customer service and technical support?
The technical support is really good and the representatives are very responsive.
Which solution did I use previously and why did I switch?
Cisco (didn’t achieve expectations), Microsoft TMG (end of life).
How was the initial setup?
The setup is straightforward, but I suggest hiring an expert for integration. This is your first line of defense, and there is no room for mistakes.
What's my experience with pricing, setup cost, and licensing?
Sophos UTM’s are not the cheapest but they are not the most expensive. Create a checklist of what you need, and go through it with a sales representative. They will advise the right license for your company and I’m sure you can get some discount.
Which other solutions did I evaluate?
What other advice do I have?
Create a checklist with your requirements, test the solution, and if it passes everything, implement it.