Sophos UTM Room for Improvement

ZaherEL Bsat
Pre-Sales Manager | Infrastructure and Security at National Information Technology Company
There is definitely room for improvement with Sophos UTM. For the SG version of Sophos UTM, they can add blocking of countries in the NAT section, not only in the firewall section. When you are mapping, they should also add the ability to block countries in that section. That's not available right now. It's only available in the firewall if you want to block incoming traffic. With Sophos UTM, there is a general rule in the firewall when the country blocking can block some countries from accessing your data. In the current version, you still need to add it by putting in the IP range. This feature would be helpful for administrators and it gives them the advantage to block stuff in less time. The web filter needs additional enhancement but that's the point of the XG upgrade. If they're going to continue with the production of the XG, then they will not add the same features to the basic version of Sophos UTM. View full review »
Anthony Petecca
Manager IT and Security at Health Street
It does have built-in policies which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them. View full review »
Juan C. Sanchez Pignalosa
CEO & Co-Founder at Advisor Consulting Group
Sophos UTM has many improvements that I would suggest, but the main one is for the Application Control to be managed with users as well, and with timeframes (schedules) for the administrator to allow certain apps outside an specific timeframe, or vice versa. View full review »
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
438,560 professionals have used our research since 2012.
Scott Rouse
Architecture and DevOps at
The UI on it could stand a little improvement. In some areas, it is a little slow and clunky. It is sometimes not easy to find something. However, once you get used to it, it is pretty normal to use. View full review »
Frank Scalzo
Director of Cloud Technology at Avalere Health\Inovalon
I would like them to move from the Classic Load Balancer to the Network Load Balancer. This would make it easier to do certain things with Amazon. They are able to do some enhancements with Network Load Balancer that they are unable to do with Classic Load Balancer. View full review »
M.K. Goyal
Asst General Manager(C&IT) at NMDC Iron & Steel Plant
Initially, there were problems of wireless access points not getting detected and lease lines were getting disconnected after one hour. Sophos replaced the appliance, but the issue was not resolved . The matter got escalated to their international support and the issue was identified as a bug where long distance fiber connections are used over single mode fiber. The patch was shipped by Sophos with a promise to fix the issue in the next release. Now, the appliance is working fine. The issue of wireless access points was due to some compatibility issues with the D-Link switch. I provided the Cisco 2900 series switches to connect to the wireless access points by creating a separate wireless LAN port on the firewall. View full review »
Md. Dipu Khan
One additional feature that should be included in the next release is synchronized security, which would enable all the security to work together as a system. Another suggestion is to add advanced threat protection (ATP) to defend against sophisticated Malware. Seeing these additional improvements would be a great thing going forward. View full review »
John Xavier
CIO at Quartesian
We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work. View full review »
Max Pupov
DevOps at a tech services company with 11-50 employees
The product could be simplified and made more self-explanatory. View full review »
Ibrahim El Sayed
Network & Hardware Administrator at Nile Projects & Trading Co.
I would like to see the SD-WAN feature improved. I want to manage many lines and load-balance them, getting high availability by making SLA tests according to: * Check interval. * Failures before inactive. * Restore link after. * SD-WAN Rules to control bandwidth, download and upload stream. View full review »
Global Network Security Admin at a consumer goods company with 201-500 employees
The support needs improvement. View full review »
Milos Lichtenstein
IT SM & Security Consultant at a tech services company with 1,001-5,000 employees
There is still room for improvement in wireless protection. I don't mean their WiFi device is bad, but there are still things to improve on, such as WiFi roaming. View full review »
Darren Weiner
Solutions Architect at National Renewable Energy Laboratory
The printed provisioning is the primary thing that needs improvement. View full review »
Security Architect at a financial services firm with 501-1,000 employees
They could reduce the price. View full review »
Bob Obrinsky
Owner at Robert Obrinsky Industries, LLC
Support for IKEv2 is needed in this solution. But, the handwriting is on the wall that Sophos will probably stop development in favor of their XG Firewall. No timeframe on that yet though. View full review »
Senior Solutions Specialist at centerprise international
The price is an issue to consider for improvement. View full review »
IT Security Specialist at a tech services company with 11-50 employees
The solution could be improved by adding cloud soundboxing. View full review »
Neeraj Panwar
Cloud Network Administrator at a tech services company with 11-50 employees
During initial configuration, I encountered a few issues. View full review »
Gerald Lang
IT Architect at ISCL IT Security Consulting G. Lang
We would be happy with fewer new features over the same time, but with more stable updates! We would like to have unique viewable IDs for rules and in the packet filter logfile, for easier debugging of old log files. Sophos UTM shouldn't die. View full review »
Unified Communications Specialist at Agentra
The memory and processing were problematic. The interface could be better. View full review »
Joshua Robertson
IT Specialist at Arnett Carbis Toothman LLP
* SUM cannot manage app control * Improve app control system as a whole * Extend support for SG until XG has improved significantly. View full review »
Edward Cetron
Owner at Technologies International
Setup: Getting an exchange server to work behind Sophos is incredibly difficult with rules invoked that are simple numbers (e.g. 9054). View full review »
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
438,560 professionals have used our research since 2012.