Sophos UTM Review

Brings greater visibility into the network traffic coming inside and passing away from the company


What is our primary use case?

Currently, we are using the product on-premise. However, in the future, we would like to deploy an AWS instance too.

How has it helped my organization?

This product helped us a lot in having a greater visibility into the network traffic coming inside and passing away from the company. The Sophos’s unique RED devices helped us a lot to build up extremely, easy Layer 2 VPN connections.

What is most valuable?

  • Email and web proxy: for filtering unwanted emails and spam, and for web content and malicious url filtering
  • SSL VPN and two-factor authentication: for secure remote access
  • Layer 7 app control: for blocking P2P (ex. BitTorrent) and media streaming content 
  • WAF/reverse proxy: for securely publishing web applications and protecting Exchange services 
  • WAN load balancing: for multiple Internet connection management

What needs improvement?

  • Certificate management (ex. Let’s Encrypt support)
  • VPN: IKEv2 Support

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

We have not encountered any issues with stability.

What do I think about the scalability of the solution?

The Sophos UTM solution is very scalable. You can build a hardware cluster with up to 10 nodes. 

How is customer service and technical support?

Technical issues addressed to support team have been solved quickly.

Which solutions did we use previously?

Before we were using Cisco solutions, we switched because of the lack of UTM features.

How was the initial setup?

The initial configuration is straightforward thanks to the web GUI. In 30 minutes, you can have a running firewall with UTM protection enabled.

What's my experience with pricing, setup cost, and licensing?

The pricing for Sophos UTM is quite acceptable compared to other UTM vendors. If you would like to run an active-passive HA system, you only need to buy an additional hardware without subscription. At other vendors, you need subscription for both devices.

In the case of a software/virtual appliance subscription, you pay by protecting user/IP addresses. You can do this to as much hardware resources as you like.

Which other solutions did I evaluate?

We evaluated SonicWall, WatchGuard, and Stormshield (Netasq) solutions.

What other advice do I have?

We highly recommend this solution for SMBs for its reasonable pricing and wide range of network services.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller and System Integrator.
Add a Comment
Guest

Sign Up with Email