Sophos UTM Room for Improvement

ZaherEL Bsat
Pre-Sales Manager | Infrastructure and Security at National Information Technology Company
There is definitely room for improvement with Sophos UTM. For the SG version of Sophos UTM, they can add blocking of countries in the NAT section, not only in the firewall section. When you are mapping, they should also add the ability to block countries in that section. That's not available right now. It's only available in the firewall if you want to block incoming traffic. With Sophos UTM, there is a general rule in the firewall when the country blocking can block some countries from accessing your data. In the current version, you still need to add it by putting in the IP range. This feature would be helpful for administrators and it gives them the advantage to block stuff in less time. The web filter needs additional enhancement but that's the point of the XG upgrade. If they're going to continue with the production of the XG, then they will not add the same features to the basic version of Sophos UTM. View full review »
Anthony Petecca
Manager IT and Security at Health Street
It does have built-in policies which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them. View full review »
Juan C. Sanchez Pignalosa
CEO And Founder at Advisor Consulting Group Corp
Sophos UTM has many improvements that I would suggest, but the main one is for the Application Control to be managed with users as well, and with timeframes (schedules) for the administrator to allow certain apps outside an specific timeframe, or vice versa. View full review »
Find out what your peers are saying about Sophos, pfSense, Fortinet and others in Firewalls. Updated: January 2020.
397,983 professionals have used our research since 2012.
Scott Rouse
Architecture and DevOps at hc1.com
The UI on it could stand a little improvement. In some areas, it is a little slow and clunky. It is sometimes not easy to find something. However, once you get used to it, it is pretty normal to use. View full review »
Frank Scalzo
Director of Cloud Technology at Avalere Health\Inovalon
I would like them to move from the Classic Load Balancer to the Network Load Balancer. This would make it easier to do certain things with Amazon. They are able to do some enhancements with Network Load Balancer that they are unable to do with Classic Load Balancer. View full review »
M.K. Goyal
Asst General Manager(C&IT) at NMDC Iron & Steel Plant
Initially, there were problems of wireless access points not getting detected and lease lines were getting disconnected after one hour. Sophos replaced the appliance, but the issue was not resolved . The matter got escalated to their international support and the issue was identified as a bug where long distance fiber connections are used over single mode fiber. The patch was shipped by Sophos with a promise to fix the issue in the next release. Now, the appliance is working fine. The issue of wireless access points was due to some compatibility issues with the D-Link switch. I provided the Cisco 2900 series switches to connect to the wireless access points by creating a separate wireless LAN port on the firewall. View full review »
Md. Dipu Khan
CEO at NG
One additional feature that should be included in the next release is synchronized security, which would enable all the security to work together as a system. Another suggestion is to add advanced threat protection (ATP) to defend against sophisticated Malware. Seeing these additional improvements would be a great thing going forward. View full review »
John Xavier
CIO at Quartesian
We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work. View full review »
CTO0a65
CTO at a tech services company with 11-50 employees
* Certificate management (ex. Let’s Encrypt support) * VPN: IKEv2 Support View full review »
Max Pupov
DevOps at a tech services company with 11-50 employees
The product could be simplified and made more self-explanatory. View full review »
Ibrahim El Sayed
Network & Hardware Administrator with 1,001-5,000 employees
I would like to see the SD-WAN feature improved. I want to manage many lines and load-balance them, getting high availability by making SLA tests according to: * Check interval. * Failures before inactive. * Restore link after. * SD-WAN Rules to control bandwidth, download and upload stream. View full review »
GlobalNe150a
Global Network Security Admin at a Consumer Goods with 201-500 employees
The support needs improvement. View full review »
Martin Lindemann Frederiksen
It Forum Gruppen A/S
VPN needs IKEv2, but it’s in the roadmap. All other new, cool features will only come to the new Sophos XG Firewall. View full review »
Milos Lichtenstein
IT SM & Security Consultant at a tech services company with 1,001-5,000 employees
There is still room for improvement in wireless protection. I don't mean their WiFi device is bad, but there are still things to improve on, such as WiFi roaming. View full review »
Darren Weiner
Solutions Architect at National Renewable Energy Laboratory
The printed provisioning is the primary thing that needs improvement. View full review »
Securityde9c
Security Architect at a financial services firm with 501-1,000 employees
They could reduce the price. View full review »
Bob Obrinsky
Owner with 11-50 employees
Support for IKEv2 is needed in this solution. But, the handwriting is on the wall that Sophos will probably stop development in favor of their XG Firewall. No timeframe on that yet though. View full review »
MichaelCook
Senior Solutions Specialist at centerprise international
The price is an issue to consider for improvement. View full review »
securityspec4553
IT Security Specialist at a tech services company with 11-50 employees
The solution could be improved by adding cloud soundboxing. View full review »
Neeraj Panwar
Cloud Network Administrator at a tech services company with 11-50 employees
During initial configuration, I encountered a few issues. View full review »
Gerald Lang
IT Architect with 11-50 employees
We would be happy with fewer new features over the same time, but with more stable updates! We would like to have unique viewable IDs for rules and in the packet filter logfile, for easier debugging of old log files. Sophos UTM shouldn't die. View full review »
Todd285
Unified Communications Specialist at Agentra
The memory and processing were problematic. The interface could be better. View full review »
Joshua Robertson
IT Specialist at a financial services firm with 201-500 employees
* SUM cannot manage app control * Improve app control system as a whole * Extend support for SG until XG has improved significantly. View full review »
it_user588840
CEO with 501-1,000 employees
Reporting: We have had to work manually in many of our reports. View full review »
Edward Cetron
Owner with 11-50 employees
Setup: Getting an exchange server to work behind Sophos is incredibly difficult with rules invoked that are simple numbers (e.g. 9054). View full review »
Find out what your peers are saying about Sophos, pfSense, Fortinet and others in Firewalls. Updated: January 2020.
397,983 professionals have used our research since 2012.