Sophos UTM Overview

Sophos UTM is the #3 ranked solution in our list of top Unified Threat Management (UTM) tools. It is most often compared to Fortinet FortiGate: Sophos UTM vs Fortinet FortiGate

What is Sophos UTM?
The global network of highly skilled researchers and analysts, protecting businesses from known and emerging malware - viruses, rootkits and spyware.

Sophos UTM is also known as Astaro.

Sophos UTM Buyer's Guide

Download the Sophos UTM Buyer's Guide including reviews and more. Updated: May 2021

Sophos UTM Customers
One Housing Group
Sophos UTM Video

Filter Archived Reviews (More than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
BO
Owner at Robert Obrinsky Industries, LLC
Reseller
A powerful and flexible user interface makes remote client support easy

What is our primary use case?

I use this solution in both the home and office, and I am also a reseller of the product. It is used for Unified Threat Management for SMB to Mid-Size companies. It provides VPN solutions for our clients, and it has the absolute best UI in the industry.

Pros and Cons

  • "Configuration troubleshooting is eased by the use of the color-coded, live firewall log."
  • "Support for IKEv2 is needed in this solution."
CEO at NG
Real User
Offers secure and Scalable Firewall Security

What is our primary use case?

We use this solution for communication endpoint, encryption, and network security. We are focused on providing security software to the small to mid-market enterprises; the essence of our delivery is internet security.

Pros and Cons

  • "The features that I've known to be most valuable are both the web security features as well as the web firewall capabilities. As a partner of Sophos firewall, we have some clients and they are using Sophos firewall UTM and we are using it as well."
  • "The only time we face a problem or issues is when we place a ticket. We have found that response is very slow."

What other advice do I have?

Sophos UTM is a good product for security purposes and maybe if Sophos provided another company option to implement their products then I would say that Sophos UTM is great. On a scale of one to ten with 10 being the best, I would give this solution a nine out of 10.
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
509,641 professionals have used our research since 2012.
EC
Owner at Technologies International
Real User
Application layer filtering is a vital feature

What is our primary use case?

SMB firewall.

How has it helped my organization?

Protected it against malware and allowed us to serve our servers safely.

What is most valuable?

Application layer filtering.

What needs improvement?

Setup: Getting an exchange server to work behind Sophos is incredibly difficult with rules invoked that are simple numbers (e.g. 9054).
ZE
Pre-Sales Manager | Infrastructure and Security at National Information Technology Company
Real User
Has a solid state hard drive and can boot in less than sixty seconds

What is our primary use case?

We are partners with Palo Alto and several IT certificate vendors, like Sophos. We deploy Sophos UTM for customers. Internally we use Sophos, but we deploy solutions including both Sophos and Palo Alto Networks to our customers. We are an IT integration company. Our services include the deployment of security appliances. Our environment includes Sophos UTM for internal use, which means it is protecting the network. It is protecting our environment. We publish our services like the help desk, mail server, and other servers. Sophos UTM offers us protection for publishing and the VPN.

Pros and Cons

  • "Sophos UTM has improved the porting section. It has improved security by seeing the gaps. For example, when you discover that an entry has been using a certain application, with Sophos UTM acting as a Layer 7 firewall, you can block the application, not the port."
  • "With Sophos UTM, there is a general rule in the firewall when the country blocking can block some countries from accessing your data. In the current version, you still need to add it by putting in the IP range. This feature would be helpful for administrators and it gives them the advantage to block stuff in less time."

What other advice do I have?

My recommendation is that businesses should go for the XG version, not the SG because the XG version of Sophos offers next-generation firewall support and has more improvements. Sophos XG is the next generation firewall that is not available on the UTM version. The difference is in the features between the two and how you deploy them. Sophos XG version covers what is in the SG version plus additional bonuses: the dashboard, the heartbeat between the firewall and the input, etc. I advise first evaluate, know your network, know your needs, and plan for the upcoming two or three years before you…
IT Specialist at Arnett Carbis Toothman LLP
Real User
Top 5
Sophos SUM allows us to manage over 50 devices from a central management console

What is our primary use case?

* Network border protection for clients and internal company * It is used for small to medium-sized businesses and networks.
MN
IT Security Specialist at a tech services company with 11-50 employees
Reseller
It is a good source for IDS and IPS

What is our primary use case?

Our primary use case of this solution is IDS and IPS. We also use it for application availability. 

What is most valuable?

The most valuable feature is the IPS. It also protects us from malware. 

What needs improvement?

The solution could be improved by adding cloud soundboxing.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

The stability is OK. 

What do I think about the scalability of the solution?

The scalability is not something I have experience with because our organization is pretty lean.

How is customer service and technical support?

I have not used technical support. 

How was the initial setup?

It was easy to set up and quite straightforward.

What other

Info Sec Consultant at Size 41 Digital
Real User
ExpertTop 5
Allows our client to use cross-region AWS VPCs to connect remote dev offices

What is our primary use case?

A client wanted to trial Sophos UTM 9 before deploying it into a production environment because, historically, Sophos has not had the best of reputations in AWS. The client had used Sophos in other environments, hence they wanted to stick to what they know.

Pros and Cons

  • "UTM 9 brings along IPSec as well as iPhone and iPad support. This seems small but it’s useful."
  • "We didn’t find any issues but I know there have been some in the last few years."

What other advice do I have?

We didn’t find any issues but I know there have been some in the last few years. I can’t comment about Sophos on AWS previously but they seem fine now. There were no problems for our client so all I can comment on is the experience they had. I think it’s taken a little while for Sophos to get experience in solving problems with their product in the AWS environment, but they do seem to go the extra mile. This solution rates an eight out of ten, based on our experience. Support was good. You will always find problems with installations so it does hinge on support.
Manager IT and Security at Health Street
Real User
Enables us to fully isolate an infected server or workstation with the click of a button

What is our primary use case?

Threat management for servers is our primary use case. We're not using it on all workstations, just a few. We're primarily using it on servers. The version we're using is fully in the cloud, not on-prem.

Pros and Cons

  • "The isolation of infected machines is a big feature. Also, the ability to detect external sources that change files on a file server is really big."
  • "It does have built-in policies, which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them."

What other advice do I have?

If you're running a full Windows-based shop you're going to have a lot more options, so make sure you shop around. If you're running a Mac-based shop like we are, Sophos is definitely the way to go. Just make sure you can afford it. Regarding how well Sophos integrates with other products, so far we haven't integrated it with anything. We have it on the servers and we have it scanning our Amazon accounts, but that's it. The integration with Amazon is cool. Maybe they could work on that because it seems like a newer feature. You can see what's available but not really do anything yet. For the…
CEO & Co-Founder at Advisor Consulting Group
Real User
Application Control should be able to be managed with users; however, we now have a protected, standardized network.

What other advice do I have?

They have supported our business venture since 2010, and will do for many years. We have studied closely the different product portfolio, and each one of them, are carefully developed.
Data Department Manager at BTC Networks
Real User
As both a firewall and UTM it's perfect, however, sometimes with setting up the spam filters there is an issue.

What other advice do I have?

Give us 10 minutes of your time, and we will show you the differences. When I do presentations, I give potential clients demo access to the solution(s) I am presenting.
ML
IT SM & Security Consultant at a tech services company with 1,001-5,000 employees
Consultant
Sandstorm protects against crypto viruses in real-time

Pros and Cons

  • "Advanced protection (Sophos Sandstorm) - Protects against crypto viruses in real-time."
  • "There is still room for improvement in wireless protection. I don't mean their WiFi device is bad, but there are still things to improve on, such as WiFi roaming."

What other advice do I have?

We do not use this on AWS. Before implementing the SG appliance, completely prepare the rules for your network; know what and where you want to implement.
MG
Asst General Manager(C&IT) at NMDC Iron & Steel Plant
User
It improved bandwidth utilization and provided link load balancing features for internet and intranet lease lines

What is our primary use case?

We were looking for a solution which provided a single view for both a wired and wireless network. We were previously using the Cyberoam 200ia firewall appliance and wanted an appliance which could support 1500 to 3000 corporate users. The solution also required a wireless access controller scalable to at least a 125 second wave 802.11 ac wireless access point. We purchased a Sophos XG 450 appliance with Sophos wireless access points.

Pros and Cons

  • "It improved bandwidth utilization and provided link load balancing features for internet and intranet lease lines."
  • "Initially, there were issues with the wireless network as wireless access points were disappearing from the dashboard after some time."

What other advice do I have?

In India Cyberoam, which has been taken over by Sophos, has a vast support network and loyal user base. Migration to Sophos was the logical path. Further, pricing for the upgrade was very competitive as Sophos wanted to retain existing customers.
AP
Global Network Security Admin at a consumer goods company with 201-500 employees
Real User
It can identify threats quickly, then find the affected devices and quarantine them

What is our primary use case?

I am using it for security, antivirus, and malware detection.

Pros and Cons

  • "It has helped by identifying threats within the company. If there are computers or servers that are compromised, then we are able to identify them right away in the system."
  • "The technical support only communicates via email. I would prefer to communicate directly with someone."

What other advice do I have?

The product works. It helps you identify threats within the environment. We were able to integrate it with different devices and the installation is straightforward. We are using the cloud-based version, but it is through Sophos directly. We are not using AWS. A lot of this stuff is also on-premise.
JC
Security Architect at a financial services firm with 501-1,000 employees
Real User
We like the ease of deployment and the dashboards are good

What is our primary use case?

It is used as an antivirus.

What is most valuable?

Ease of deployment Licensing The dashboards are good.

What needs improvement?

They could reduce the price.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The stability is good.

What do I think about the scalability of the solution?

The scalability is good for us. We are only a company of about 400, so it is perfect.

How is customer service and technical support?

I have not used the technical support.

How was the initial setup?

The implementation with the AWS environment was good.  We haven't had any issues with deployment.

What's my experience with pricing, setup cost, and licensing?

The pricing and licensing…
Solutions Architect at National Renewable Energy Laboratory
Real User
It meets our compliance needs for antivirus, but the printed provisioning needs improvement.

What is our primary use case?

We use it for antivirus.

How has it helped my organization?

It meets our compliance needs in an elastic computer environment.

What is most valuable?

It meets our compliance needs for antivirus.

What needs improvement?

The printed provisioning is the primary thing that needs improvement.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It is a little too CPU resource intensive, so we would like to see improvements there.

What do I think about the scalability of the solution?

We are running about a couple hundred EC2 instances. Overall, the AWS Marketplace product should be a better fit, but it is a little pricier.

How is customer service and technical support?

When we…
DevOps at a tech services company with 11-50 employees
Real User
It works well without any maintenance

What is our primary use case?

* Firewalls * Developer access * VPN traffic * Rerouting and routing. I am using it to route traffic for developer access or regular traffic for my instances. I have a web application, and I control access to and from it in one of my environments.

Pros and Cons

  • "It works well without any maintenance. So far, it has worked pretty well regardless of the traffic."
  • "The product could be simplified and made more self-explanatory."

What other advice do I have?

Do your homework. Compare products. Use what you need depending on your needs. We are only using the AWS version of the product.
Architecture and DevOps at hc1.com
Real User
It has allowed us to have a solution that we can maintain and not have to babysit all the time

What is our primary use case?

Our Sophos UTM provides a secure VPN solution. It allows us to have a VPN solution that limits access to certain sensitive areas in our environment.

Pros and Cons

  • "It has made our organization more secure, because we are using a VPN. We are not accessing services directly. It allows us to segregate some of the traffic for individuals which may be more of a developer role rather than an operational role needing access to developer resources, but not necessarily production operational resources."
  • "It makes it a lot easier for us to maintain things. Prior to it, things were more difficult. This means less time on us. We can focus on other things. The recovery is more in man-hours for us than anything else."
  • "The documentation during the AWS integration was a little fuzzy on getting it to work with how the whole public exposure versus private exposure, then routing some of the traffic."

What other advice do I have?

It is definitely worth looking at. It is a pretty good product. It is integrated with our LDAP solution, and that integration is okay. Any LDAP integration can be hit or miss. It doesn't matter what it is, because it's LDAP. Since we use LDAP as a service, it's a little different, but it does work well. We use it for the AWS version.
CIO at Quartesian
Real User
It provides a solid firewall, but they could improve on the support

What is our primary use case?

We are using as a firewall product.

Pros and Cons

  • "It helped to connect our satellite offices to the main Amazon infrastructure in a circular way."
  • "We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work."
  • "They could definitely improve on the support, especially in other countries."

What other advice do I have?

I would recommend to take a look a product, as it is a good product apart from the improvements that I mentioned. We are very happy with the product so far. It is used as a standalone. We don't integrate it with other systems. We are using the AWS version of this product.
Director of Cloud Technology at Avalere Health\Inovalon
Real User
It has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewalls from one place

What is our primary use case?

Every single Virtual Private Cloud (VPC) has Sophos in front of it. I also use it for Outbound Gateways in my WorkSpaces environment.

Pros and Cons

  • "Sophos has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewall from one place."
  • "I would like them to move from the Classic Load Balancer to the Network Load Balancer. This would make it easier to do certain things with Amazon. They are able to do some enhancements with Network Load Balancer that they are unable to do with Classic Load Balancer."

What other advice do I have?

If you haven't tried it, do so. Amazon has their products (e.g., Amazon GuardDuty). However, when you are working in a multiple VPC environment along with digital enhancements and features, some of those enhancements and features are not always available with Amazon, but are with Sophos.
Senior Solutions Specialist at centerprise international
Reseller
It has ease-of-use and fits the purpose of our firewall protection needs.

What is our primary use case?

The primary use case for using this product is as a firewall.

How has it helped my organization?

It has ease-of-use and it fits the purpose of our firewall protection needs.

What is most valuable?

The most valuable feature is that it is easy to administer. 

What needs improvement?

The price is an issue to consider for improvement.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The stability of the product is good.

What do I think about the scalability of the solution?

We are not a very big organization, so we do not see any issues going into the future. We feel that it will continue to scale appropriately for our organization's needs.

Which solution did I use previously

TD
Unified Communications Specialist at Agentra
Real User
We have a better level of protection and we have the ability for our devices to be more of a self-sustained type of resource.

What is our primary use case?

My primary use case is as a VPN, a firewall and a web filter.

How has it helped my organization?

We have a better level of protection and we have the ability for our devices to be more of a self-sustained type of resource.

What is most valuable?

The most valuable features are: Firewall protection Intrusion detection

What needs improvement?

The memory and processing were problematic. The interface could be better.

What's my experience with pricing, setup cost, and licensing?

I have no problem with the cost or licensing of this solution. This is a primary reason whay I wanted this solution. It does the same thing cheaper than other name brands.
Cloud Network Administrator at a tech services company with 11-50 employees
Real User
We cannot use our network on a weekly basis without it.

What is our primary use case?

It helps us with protection, with concurrent use of the VPN.

How has it helped my organization?

This solution improved our firewall capability. We installed an identity process, and this is extremely helpful.

What is most valuable?

The security is the most important, and without security, we cannot use our network on a weekly basis.

What needs improvement?

During initial configuration, I encountered a few issues.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

The stability is very good.

How was the initial setup?

The initial setup of this solution was easy. It was not complex. 

What was our ROI?

When considering a product, I think support from the solution is very…
CEO with 501-1,000 employees
MSP
Rapid deployment with great logging and analysis features

What is our primary use case?

We use Sophos UTM as our main firewall with all its features included. Mainly, it controls all of our network perimeter security: firewall, IDS/IPS, and web application firewall (including VoIP).

How has it helped my organization?

Web application firewall (WAF): We removed our old internal reverse proxy, and it now controls all the security aspects of our web servers with Sophos UTM WAF.

What is most valuable?

Ease of use Rapid deployment with great logging and analysis features

What needs improvement?

Reporting: We have had to work manually in many of our reports.

For how long have I used the solution?

More than five years.
IS
CTO at a tech services company with 11-50 employees
Reseller
Brings greater visibility into the network traffic coming inside and passing away from the company

What is our primary use case?

Currently, we are using the product on-premise. However, in the future, we would like to deploy an AWS instance too.

Pros and Cons

  • "​The initial configuration is straightforward thanks to the web GUI. In 30 minutes, you can have a running firewall with UTM protection enabled.​"
  • "Brings greater visibility into the network traffic coming inside and passing away from the company."
  • "Needs to improve the certificate management (ex. Let's Encrypt support)."

What other advice do I have?

We highly recommend this solution for SMBs for its reasonable pricing and wide range of network services.
ML
It Forum Gruppen A/S
Real User
Network Protection and Web Filtering help us provide next-gen threat handling

Pros and Cons

  • "They are all good, but most-used are Network Protection and Web Filtering."
  • "Scaling out cannot be easier, as there are many migration paths."
  • "VPN needs IKEv2, but it’s in the roadmap. Also, all new, cool features will only come to the new Sophos XG Firewall."

What other advice do I have?

We don't use Sophos UTM on AWS. I would recommend Sophos UTM. But also look at its successor, Sophos XG Firewall, as we do not know how many years Sophos UTM will "live." (Note that it will be free to migrate from UTM to XG).
Project Engineer
Real User
Initial configuration was super simple. Management and monitoring have never been easier.

What is our primary use case?

We have been rolling out the Sophos UTM platform to our clients over the past two years. About 80% of our managed clients have been moved to Sophos UTM. We have been migrating them mostly from SonicWall and Cisco ASA. We do not use Sophos UTM in AWS. However, we have deployed a few Sophos XGs in an Azure environment.

Pros and Cons

  • "It does not take much effort or thinking to understand how it works.​"
  • "The product is extremely intuitive."
  • "​Configuration could not be made any easier."
  • "With over 150 firewalls in our portal, management and monitoring have never been easier."
  • "​This product could use some improvement with web filtering. It takes a lot of time and effort to set up and maintain.​"
  • "Finding information about Sophos’ sizing guidelines can actually be difficult. Also, Sophos does not make it clear what they mean by “users” when you are sizing a firewall, which then leads to undersized implementations.​"
  • "​I am going to flat out say technical support is terrible. Being a Platinum level customer, I am not happy with the support.​"
  • "Stay away from the wireless models, since you cannot put them in HA. They start to give you some weird issues once you start getting into multiple SSIDs and networks."

What other advice do I have?

I can’t recommend this product more! Though, stay away from the wireless models, since you cannot put them in HA. They start to give you some weird issues once you start getting into multiple SSIDs and networks. The number one piece of advice is to read and follow the sizing guide, if you do not, you will undersize the firewall. Just to reiterate: * Configuration could not be made any easier. * The product is extremely intuitive. * It does not take much effort or thinking to understand how it works. My company has rolled out devices as small as the SG 105 and as large as the SG 330. I…
Network Administrator at a government with 11-50 employees
Real User
Web Server Protection is an elegant solution and can even hide the server's base system

Pros and Cons

  • "It is not an easy task to protect your web servers from the big bad internet. The Web Server Protection in this solution does it elegantly and, if configured correctly, even hides the server's base system from prying eyes."
  • "The UI can be cumbersome and, sometimes, features are not where you think they should be."

What other advice do I have?

I use it in a self-hosted implementation.
Snr Dev Ops Engineer at a tech services company
Real User
Define your requirements and find what best suits you

What is our primary use case?

We have quite a lot of web service hosting, either websites or hosting APIs. We use Sophos as a two-factor authentication process. So, if they are outside or working in a remote office, they will need to use the Sophos VPN, which is gotten from the Sophos UTM, then ideally they will be developers. However, they can also be BI guys, DevOps people, etc. Sophos UTM allows you to compartmentalize different sections or different people, having those people connect to different services. We use it for primarily for two-factor authentication, for VPN to allow employees security access the servers and… more »

Pros and Cons

  • "It allows our developers to be able to securely log into servers to deploy and manage software."
  • "It has allowed us to design a bespoke cloud space for our clients, while still having an excellent level of protection."
  • "There is absolutely no support when using AWS. If you buy the on-premise Sophos solution, you get support."
  • "It is a pretty straightforward setup, but it should be some sort of documentation that takes you step-by-step to help set it up for your VPC."

What other advice do I have?

Great product which works without issues or downtime.
Consultant at a manufacturing company with 1,001-5,000 employees
User
Supports all the traditional firewall components, but the install was slow due to the GUI

What is our primary use case?

* Providing the firewall to my small business office. We run it on a fanless PC and a supporting 50Mb/s VDSL connection. * Supports 10 devices and has 40 rules. * Using UTM and IPS extensively.

Pros and Cons

  • "The UTM features are reasonably strong and the patterns are updated on a regular basis"
  • "The lack of import/export functions for network and service options drives me mad."

What other advice do I have?

Takes awhile to build a comprehensive rule set because of the relatively slow Web GUI. If you build, backup, restore and reconfig between the boxes.
Network Engineer II at a legal firm with 1,001-5,000 employees
Vendor
Configuring the network was the easiest part of implementation, but the internet failover needs to work better.

Pros and Cons

  • "If a computer does get infected the Sophos appliance lets us know via it's Advanced Threat Protection so we can get a much faster response time."
  • "As it stands right now, when we have an internet failure on WAN1, it takes several minutes before our WAN2 connection picks up the traffic"
Quality Officer at a tech services company with 10,001+ employees
Consultant
I know I am secure against threats from the internet

What other advice do I have?

Start simple and step-by-step, and start using the product fully.
Network & System Engineer at a tech services company
Consultant
Sophos is number two on the market, and from my experience, even if there are some drawbacks, they have workaround solutions in the product.
Business Owner at a tech services company with 1-10 employees
Real User
Top 20
The technical support is really good and the representatives are very responsive.

What other advice do I have?

Create a checklist with your requirements, test the solution, and if it passes everything, implement it.
IT Infrastructure Architect at a retailer with 10,001+ employees
Vendor
A firewall that allows for web filtering and application control.

What other advice do I have?

Sophos is a great security partner for any organization. Investing in their suite of products gives you a good cohesive strategy for security. Adding Fastvue Sophos Reporter allows you to get better visibility into how well your UTM is protecting your environment as well as adding the ability to add real time alerts. It really adds additional features to the product without increasing the cost much and a relatively short ROI is often realized.
Senior IT Support Engineer at a religious institution with 51-200 employees
Vendor
The email alert on event triggers is a valuable feature. The ability to disconnect the VPN connection needs to improve.
Head of IT at a construction company with 201-500 employees
Vendor
Some of the valuable features are web and email protection and VPN.

What other advice do I have?

I love all Sophos products, but the combination of Sophos XG, Sophos RED, and Sophos advanced endpoint protection with intercept X is something that all IT professionals and security officers will love and want to have.
Systemadministrator at MCON Group GmbH
Real User
It is for beginners and hardcore professionals.

What other advice do I have?

If you'd like to look into a system which is very robust and hardcore, then select Sophos UTM.
Senior IT Consultant at a tech services company with 51-200 employees
Consultant
Great security and logging.

What other advice do I have?

At first I did not like Sophos UTM but after second setup and config I liked it a lot and now recommend it to all my customers. It has great security features, and together with Sophos Endpoint Protection it works perfectly.
IT and Data Security Manager at a tech services company
Consultant
An Excellent Product, easy to understand for an experienced engineer
The Sophos UTM products helped us manage and a global network of more than 20 sites.  Their ability to firewall, filter and monitor network traffic and provide VPN connectivity really helped us day to day with such a complex network. We chose the product initially because the user interface was simple to understand and made sense without requiring a long training course for an experienced network engineer to utilise.  Central Management is made easy with the Sophos UTM Manager which allows you to set configurations, see patch status and pull reports from all your estate. While the product was originally with Astaro the low end (1xx) units had serious reliability issues and support was extremely challenging to engage with. However, once…
Senior Technical Consultant with 51-200 employees
MSP
Sophos UTM vs. Fortinet FortiGate
I have used both Sophos and Fortinet products in production and I have found the Sophos UTM appliances (hardware and virtual) to be a better fit most of the time -- with a few caveats which I will touch on below. In both instances, the transition from TMG will be mostly straightforward. The main hang-ups will be with the VIP/load balancing and SSL. For some reason that completely escapes me, both of these vendors make getting valid certificates onto their boxes unnecessarily difficult -- the Fortinet appliances more so than the Sophos UTM appliances. At one point a Fortinet engineer had to write an entire manual on how to get an SSL certificate uploaded successfully on the 4.x firmware. Sophos: The one feature that is missing (and this makes some amount of sense) from the Sophos…
Technical Consultant at a tech services company
Consultant
It's provided us with unified threat management as well as comprehensive lists of reports, although we can't currently run 2.4 Ghz and 5 Ghz bands simultaneously.
Senior Expert for Microsoft infrastructure at a computer software company with 51-200 employees
Vendor
It provides firewall, proxy, and VPN in one solution, but be prepared to follow the Zeroeth Rule during implementation.

What other advice do I have?

I have some technical advice, but generally, always prepare steps to implement Sophos UTM and test your implementation before using it in production environment. The Zeroeth Rule: Start with a hostname that is an FQDN resolvable in public DNS to your public IP. If you didn't do that, start over with a factory reset; it will save you hours of frustration. * Whenever something seems strange, always check the Intrusion Prevention, Application Control and Firewall logs * In general, a packet arriving at an interface is handled only by one of the following, in order, DNATs first, then VPNs and…
Systems Engineer at Base-2 ICT Services Ltd
Consultant
The reliability of the equipment makes it possible to provide stable connections but IPSEC site-to-site VPN connectivity needs to be improved.

What other advice do I have?

Nothing is perfect, but with Sophos those are really small – sometimes it is incorrect firmware upgrade paths, or rare log in problems (device forgetting admin password). All those though can be fixed, there is plenty information in the Internet and support is usually awesome. Also, you need to plan the solution and costs involved, while having in mind potential growth of users/connections; e.g. creating virtual appliances and allocating resources (RAM, CPU, NICs) minding potential workload.
IT Security & Audit Manager at a tech services company with 51-200 employees
Consultant
It is full of options, but the web filtering engine needs to be improved.

What other advice do I have?

It's a nice product that is full of interesting options.
Support Engineer at a tech services company with 51-200 employees
Consultant
RED appliances and APs make a difference, however, performance is suffering under high traffic usage.

What other advice do I have?

It is great solution for customers who have small, branch offices. I would advise you get Sophos for distributed locations (with RED and APs).
Consultant at a tech services company with 51-200 employees
Consultant
Sophos's web filtering & SMTP filtering is much better than SonicWall which we previously used.

What other advice do I have?

If you are a IT Consultant shop, become a partner and do the training. If you are the IT of a company, you can either get a IT Service company to set the unit up for you or if you are confident with firewalls you can purchase premium support to get assistance for troubleshooting purposes.
IT/Telecom Specialist at Prewest
Vendor
The web application firewall is a good feature, despite it limiting you to only using ports 80 and 443.

What other advice do I have?

If you want an easy to manage, and powerful firewall then take look at Sophos UTM.
CEO, Technologist with 51-200 employees
Vendor
Comprehensive UTM Product, scale-able, fast, understandable user interface

What other advice do I have?

The product has a shallow and a deep end. Getting a small business/SoHo running up quickly and reliably is straight forward, but the deep end takes some technical skills, just like any solution. What I really like is that my Tier One guys can get a quick status update, have a look very quickly, and then resolve most basic issues. Tiers two and three are not as involved unless there is a major issue or complexity. Also, when buying the product, get the audit/chance tracking built in too!
Founder at a tech services company with 51-200 employees
Consultant
Sophos UTM helps us to control incoming and outgoing network traffic. Not a highly available and scalable product.

What other advice do I have?

Easy to use, Easy to access, good for compliance. It is a very good product as compared to others available on AWS.