We just raised a $30M Series A: Read our story

Sophos UTM OverviewUNIXBusinessApplication

Sophos UTM is the #2 ranked solution in our list of top Unified Threat Management (UTM) tools. It is most often compared to Fortinet FortiGate: Sophos UTM vs Fortinet FortiGate

What is Sophos UTM?
The global network of highly skilled researchers and analysts, protecting businesses from known and emerging malware - viruses, rootkits and spyware.

Sophos UTM is also known as Astaro.

Sophos UTM Buyer's Guide

Download the Sophos UTM Buyer's Guide including reviews and more. Updated: September 2021

Sophos UTM Customers
One Housing Group
Sophos UTM Video

Archived Sophos UTM Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Ibrahim El Sayed
Network & Hardware Administrator at Nile Projects & Trading Co.
Real User
Creates secure IPsec and SSL VPN high availability connections between head office and branches

Pros and Cons

  • "It allows me to easily connect with more than forty-five remote sites and more than fifty remote users between IPsec and SSL VPN, applying the web filter and application filter to ensure a secure connection."
  • "I would like to see the SD-WAN feature improved."

What is our primary use case?

We use this solution for IPsec & site-to-site SSL VPN.

My environment involves connecting all of our branches with the head office through one Sophos XG 210 device. This is done using IPsec and SSL VPN, after which we apply a web filter, as well as an application filter to ensure that we are getting a secure connection.

How has it helped my organization?

It allows me to easily connect with more than forty-five remote sites and more than fifty remote users between IPsec and SSL VPN, applying the web filter and application filter to ensure a secure connection.

This solution also gives me varieties of VPN policies for good data encryption.

What is most valuable?

The most valuable features of this solution are:

  • High Availability between IPsec site tunnels provides a valid continuous connection and ensures we have no downtime affecting our business.
  • Log Viewer allows me to monitor all incoming and outgoing traffic, as well as view and block vulnerabilities.

What needs improvement?

I would like to see the SD-WAN feature improved. I want to manage many lines and load-balance them, getting high availability by making SLA tests according to:

  1. Check interval.
  2. Failures before inactive.
  3. Restore link after.
  4. SD-WAN Rules to control bandwidth, download and upload stream.

For how long have I used the solution?

We have been using this solution for more than four years.

Which solution did I use previously and why did I switch?

I switched to Sophos as it is more reliable.

What's my experience with pricing, setup cost, and licensing?

This solution is less expensive than FortiGate. 

Which other solutions did I evaluate?

We did not evaluate other solutions prior to choosing this one.

Disclosure: My company has a business relationship with this vendor other than being a customer: Sophos XG
BO
Owner at Robert Obrinsky Industries, LLC
Reseller
A powerful and flexible user interface makes remote client support easy

Pros and Cons

  • "Configuration troubleshooting is eased by the use of the color-coded, live firewall log."
  • "Support for IKEv2 is needed in this solution."

What is our primary use case?

I use this solution in both the home and office, and I am also a reseller of the product. It is used for Unified Threat Management for SMB to Mid-Size companies. It provides VPN solutions for our clients, and it has the absolute best UI in the industry.

How has it helped my organization?

This solution makes remote support of clients extremely easy and flexible. Modifications can be made in minutes. New definitions of network objects, users, groups, etc. can be made from anywhere in the UI.

What is most valuable?

The most valuable feature is the user interface, which is flexible, powerful, and easy to understand. Configuration troubleshooting is eased by the use of the color-coded, live firewall log. Live logs for most features are also available.

What needs improvement?

Support for IKEv2 is needed in this solution. But, the handwriting is on the wall that Sophos will probably stop development in favor of their XG Firewall. No timeframe on that yet though.

Which solution did I use previously and why did I switch?

We have been using this solution since it was the Astaro Security Gateway (/products/sophos-utm-reviews ).

Disclosure: My company has a business relationship with this vendor other than being a customer: I am a reseller of this product, and I also use it in my home and office. It is by far the best firewall/UTM solution I have tested or worked with in my career.
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: September 2021.
541,708 professionals have used our research since 2012.
Md. Dipu Khan
CEO at NG
Real User
Offers secure and Scalable Firewall Security

Pros and Cons

  • "The features that I've known to be most valuable are both the web security features as well as the web firewall capabilities. As a partner of Sophos firewall, we have some clients and they are using Sophos firewall UTM and we are using it as well."
  • "The only time we face a problem or issues is when we place a ticket. We have found that response is very slow."

What is our primary use case?

We use this solution for communication endpoint, encryption, and network security. We are focused on providing security software to the small to mid-market enterprises; the essence of our delivery is internet security.

What is most valuable?

The features that I've known to be the most valuable are both the web security features as well as the web firewall capabilities. As a partner of Sophos firewall, we have some clients that are using Sophos firewall UTM and we use it as well.

What needs improvement?

One additional feature that should be included in the next release is
synchronized security, which would enable all the security to work together as a system. Another suggestion is to add advanced threat protection (ATP) to defend against sophisticated Malware. Seeing these additional improvements would be a great thing going forward.  

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The product is stable. It's a product that our clients are able to use and enjoy. We haven't had many complaints about the product at all. Internally we haven't experienced any problems. 

What do I think about the scalability of the solution?

The scalability is also fine. Currently, we have 20 employees using the product to date and only one employee needed to maintain the product. At the moment we don't have any plans to increase usage in the company. Not now, next year maybe.

How are customer service and technical support?

We train our employee's on technical support. I don't need any outside technical support.

The only time we faced a problem or issue is when we place a ticket. We have found that the response is very slow. That seems to be our biggest problem.

Which solution did I use previously and why did I switch?

We previously used Cyberoam but Sophos acquired Cyberoam. That's why we migrated to Sophos.

How was the initial setup?

The initial setup was done with our engineers, they also set up that server firewall. The setup was straightforward.

What about the implementation team?

The deployment took one month. We're a support base reseller. Our in-house team took care of it. We don't use anyone from the outside, we can deploy the product on our own.

What's my experience with pricing, setup cost, and licensing?

Everything involving pricing and licensing is maintained by our Bangladesh Sophos country managers. The pricing is okay and the licensing is also included in the price.

What other advice do I have?

Sophos UTM is a good product for security purposes and maybe if Sophos provided another company option to implement their products then I would say that Sophos UTM is great.

On a scale of one to ten with 10 being the best, I would give this solution a nine out of 10. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
EC
Owner at Technologies International
Real User
Application layer filtering is a vital feature

What is our primary use case?

SMB firewall.

How has it helped my organization?

Protected it against malware and allowed us to serve our servers safely.

What is most valuable?

Application layer filtering.

What needs improvement?

Setup: Getting an exchange server to work behind Sophos is incredibly difficult with rules invoked that are simple numbers (e.g. 9054).

What is our primary use case?

SMB firewall.

How has it helped my organization?

Protected it against malware and allowed us to serve our servers safely.

What is most valuable?

Application layer filtering.

What needs improvement?

Setup: Getting an exchange server to work behind Sophos is incredibly difficult with rules invoked that are simple numbers (e.g. 9054).

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ZE
Pre-sales manager at National Information Technology Company
Real User
Has a solid state hard drive and can boot in less than sixty seconds

Pros and Cons

  • "Sophos UTM has improved the porting section. It has improved security by seeing the gaps. For example, when you discover that an entry has been using a certain application, with Sophos UTM acting as a Layer 7 firewall, you can block the application, not the port."
  • "With Sophos UTM, there is a general rule in the firewall when the country blocking can block some countries from accessing your data. In the current version, you still need to add it by putting in the IP range. This feature would be helpful for administrators and it gives them the advantage to block stuff in less time."

What is our primary use case?

We are partners with Palo Alto and several IT certificate vendors, like Sophos. We deploy Sophos UTM for customers.

Internally we use Sophos, but we deploy solutions including both Sophos and Palo Alto Networks to our customers. We are an IT integration company. Our services include the deployment of security appliances.

Our environment includes Sophos UTM for internal use, which means it is protecting the network. It is protecting our environment.

We publish our services like the help desk, mail server, and other servers. Sophos UTM offers us protection for publishing and the VPN.

How has it helped my organization?

When we started with Sophos UTM, we were using Microsoft Threat Management Gateway (TMG) which formed part of the firewall. It's not anymore there, it has been discontinued. 

Sophos UTM is an SSD appliance. It has a solid state hard drive and can boot in less than sixty seconds. It is an appliance that has more stability than software solutions. It all depends on which hardware you have installed.

Sophos UTM has improved the porting section. It has improved security by seeing the gaps. For example, when you discover that an entry has been using a certain application, with Sophos UTM acting as a Layer 7 firewall, you can block the application, not the port.

In the application firewall, you can block the next update for Bitcoin or for Facebook. It has settings to block a port or wifi or just block the application and firewall. Sophos UTM will be able to detect the application type and filter network users.

Sophos UTM did help us a lot on the throughput of the internet because at that time we were using ADSL. Now it is fiber, which means we are able to manage the throughput of the firewall by also putting the quality of service first. 

For example, we are able to configure 2MB for YouTube or 5MB are guaranteed for the service which is published. In the past, with TMG you had to buy third-party tools that also did not have the same functionality.

Currently, Sophos UTM and XG are helping our customers. The features available in the UTM and XG are a combination of all the firewalls in the market which means all the features.

The IT Admin or IT Security in any organization would like to have Sophos UTM because it is full of all the features you think about for enterprise. 

Sophos UTM normally will deploy a batch or an upgrade and add more features, every six to eight months based on the RMD.

What is most valuable?

To be quite honest, from my personal experience all the features of Sophos UTM are useful, which includes publishing templates and the ease of publishing any servicing needs. 

From the VPN side, all the VPN protocols are available so you can choose from SSVPN to PPTP to other versions of VPN, and it's easy to deploy within minutes.

The firewall includes very good logging where you can see what's hacking your network. The IDS and IPS settings are based on your reliance and also alerts you if there is an attack. 

We're happy with Sophos and we also have an XG version being used for other services, because we are a company that provides services. We have two versions, we have the XG and the latest one. 

The Sophos UTM which is the previous version but still being in production is our main firewall for the company.

We happy with all the features, we have no negative comments on any of the features except that the XG has more ability to block based on countries.

On the previous model, the blocking of countries we had a problem with, i.e. if you use the NAT feature, you can't block countries. You have to enter the IP network. 

With the XG version, you can just select when you publish via NAT not via WAF. You can select the countries. 

That is the only difference between XG and the UTM which we did not really like, but other than that its all cool.

What needs improvement?

There is definitely room for improvement with Sophos UTM. For the SG version of Sophos UTM, they can add blocking of countries in the NAT section, not only in the firewall section. 

When you are mapping, they should also add the ability to block countries in that section. That's not available right now. It's only available in the firewall if you want to block incoming traffic.

With Sophos UTM, there is a general rule in the firewall when the country blocking can block some countries from accessing your data. In the current version, you still need to add it by putting in the IP range. 

This feature would be helpful for administrators and it gives them the advantage to block stuff in less time. 

The web filter needs additional enhancement but that's the point of the XG upgrade. If they're going to continue with the production of the XG, then they will not add the same features to the basic version of Sophos UTM.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

With the ability of the hardware, we haven't experienced any problems with Sophos UTM so far. Neither have our customers. 

At the beginning of the XG version, three years back, they had hardware issues. After that Sophos deployed division two, three, and four as hardware appliances.

Sophos fixed the hardware issue for the lower models, i.e. the 525, the XG 125, and the XG 85. All of the larger Sophos UTM models were fine.

Now, all are stable, all are fine. We haven't seen any crash. One of our customers had a DDoS attack. Since he had the proper rules, we did not record any incident. 

Sophos UTM blocked the DDoS. Although it is not a dedicated anti-DDoS solution, Sophos UTM has the features. 

Sophos UTM is stable. I haven't seen any claims or issue tickets from our customers regarding stability.

What do I think about the scalability of the solution?

Sophos UTM has different aspects. If you have an HA distribution, high availability, you can scale up.

When you go and purchase Sophos UTM, you have to plan and say what the environment is. This planning has to be done before buying. If you buy a small appliance and after two years, you are 50 or 70 employees there are upgrade options. 

It should be between you and Sophos. They can give you a free appliance if you subscribe for three years on subscription, for example.

If you have an existing subscription and you want to have HA, this means another device has to be set as redundant. The only downside is that it has to be the same version and the same model. 

In my company, we have around 35 loyal customers. These customers have purchased and are redeeming Sophos UTM with us. Altogether, we are 55 employees. Most of them are at the office. Concurrently around 35 others are on site at other clients. We have around 35 servers. 

We have the published Sophos UTM on the main server, help desk, share point, etc. We've got around nine published services, plus 10 VPNs running concurrently for our support engineers to connect and work on our internal infrastructure for the allotment servers. 

We have 50 Sophos UTM installations at least that are actively browsing, downloading, and being protected by the web filter and other features there.

It depends on the organization, but for us we only require one person to manage this solution, even working remotely at home.

How are customer service and technical support?

We don't have much need to speak with the vendor because we are educated and experienced with Sophos UTM. We are an integrator company.

For our customers, in the beginning, we give them training. After a week we do expect to have some calls because they are not yet educated or they're not yet used to it. 

After that, that's it. They already told us if they are ready or not. Sophos' support is better than others because Sophos also can sell endpoint solutions.

If one of our customers has an issue and Sophos did support and send their team for the investigation it could be conflicting.

For example, one of our customers had an endpoint which is an antivirus and they had an issue. We have teams that were actively taking care of the customer based on our relationship with the client and their Sophos UTM device license.

We have no comment on the Sophos UTM support which we have seen at our customer sites because it was only with a government customer. 

The customer told us that the Sophos UTM representative mentioned that they wanted to have the vendor take care of this issue.

Other than that, I have had no negative experiences with Sophos' technical support.

How was the initial setup?

The initial setup of Sophos UTM is straightforward for both versions, the XG & UTM. In addition, they both provide a proper manual.

In the beginning, seven years back, Sophos UTM wasn't straightforward for beginners. You had to be already excellent in security. Now, it is very easy because you install the IP address, you log in, and you do the initial setup by routine. 

These days its much easier than in the past but not everyone that has a firewall is secured. If you do it properly by choosing the right network, the right topology, and the right firewall rules, Sophos UTM will work.

There are orders for most of the rules. For example, if you put a deny rule below an allow rule, you are not going to have the proper result. 

Sophos UTM requires knowledge. It's easy to deploy but also there is a responsibility on the person who is deploying to understand. 

You must have the knowledge of security and networking, to make sure that the solution is working properly. Sophos UTM is very easy compared to other vendors somehow.

In our environment, we have defined previously the VLAN rules on our sheets because we had another firewall. In the beginning, we just copied the current rules and then enhanced them slowly so deployment took place quickly.

After fixing the appliance physically on the rack, it took one hour to be up and running and ready based on the rules. If you are a small environment that would take you less than 20 minutes. 

It all depends on how many rules you have, how many demands, how many users, and public services. For example: if you have five websites, the main server, and a starter business, you might need more time because you would need to define the rules properly. 

It all depends on how complex your environment is. Sophos UTM is easy and straightforward for me and for somebody who is certified on security levels.

What about the implementation team?

We haven't opened a ticket with Sophos for 60 days, but we still have support. All our customers use us as the first level of support, even if they have to chase it. 

Sophos UTM comes with a license. We are very aware and updated on Sophos solutions. We have good experience with it.

Although we sell other solutions, we are looking forward to building, selling, and integrating Sophos XG/UTM versus other vendors because of the ease of use.

We are more focused now. Our entire team is certified in Sophos Enterprise, while other vendors would likely still have just one or two members who are certified.

We feel more comfortable using Sophos equipment and solutions.

What was our ROI?

I can't mention anything on ROI because I'm more focused on the technical part. I'm not needed in the financial part. In our company, we have saved bandwidth and lots of network hardware waste. 

The Sophos UTM solution did help us because we were depending on a software base from Microsoft. Microsoft is a great company but they are not great for our security. Now they have improved. When you go out and buy something, buy it from the specialists.

For example, if you go for virtualization, VMware is a company that only does virtualization. Go for specialized people. Don't go for people who are doing everything at once. 

It's like when you go to a physician or a doctor and you have a problem with certain things. i.e you have a problem with the bones. Go to the doctor that is specialized in the bones, not a general doctor. 

What's my experience with pricing, setup cost, and licensing?

The Sophos UTM license is annual or you have a choice for a two or three-year term.

The Sophos UTM licensing is based on if you have an appliance. There are several layers of subscription you can take:

  • Sophos UTM Full Guard includes everything but a few features.
  • Sophos UTM Full Guard Plus includes all the most used features, i.e Wifi, ITF, ITS, web publishing WAF, etc. 

There is a huge price list. The prices in the MENA area (the Middle East and North Africa) is completely different than North America.

The products are completely different in the MENA area from the United States. Each region has its own scheme of pricing based on the VAT and the tax refund. 

The price might be different for the people who are in the United States and the UK.

After you select the level of subscription, you pay once.

Which other solutions did I evaluate?

We tried and tested Fortigate from Fortinet. We tested several appliances about six years back. Not Palo Alto at that time, only Fortinet. 

We evaluated other open-source Linux software but not appliances. We decided to go with Sophos UTM based on several factors related to the tests we did at that time.

Evaluation is very important so that you can see what are you buying and what you are going to face in the future.

What other advice do I have?

My recommendation is that businesses should go for the XG version, not the SG because the XG version of Sophos offers next-generation firewall support and has more improvements.

Sophos XG is the next generation firewall that is not available on the UTM version. The difference is in the features between the two and how you deploy them. 

Sophos XG version covers what is in the SG version plus additional bonuses: the dashboard, the heartbeat between the firewall and the input, etc. 

I advise first evaluate, know your network, know your needs, and plan for the upcoming two or three years before you purchase. 

Get in touch with the vendors because these days every vendor wants to sell. They are willing to help the customers and willing to show them what they will get. 

Make sure you evaluate properly many platforms. Don't just go with one vendor. Go with two or three vendors. Evaluate and then short-list and choose the best for you.

The rating has to have criteria: 

  • On performance, I would give Sophos UTM a 10 out of 10 rating. 
  • On price, it is a long discussion because you can get a discounted price if you are an integrator. 
  • As a user and a customer, I would give Sophos UTM a 9 out of 10 rating.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Joshua Robertson
IT Specialist at Arnett Carbis Toothman LLP
Real User
Top 20
Sophos SUM allows us to manage over 50 devices from a central management console

What is our primary use case?

  • Network border protection for clients and internal company
  • It is used for small to medium-sized businesses and networks.

How has it helped my organization?

Sophos SG has provided us with the tools to protect our networks, detect malicious activity, and customize security to our clients' needs.

What is most valuable?

  • Sophos UTM Manager (SUM): It allows us to manage over 50 Sophos UTM devices from a central management console. 
  • Creating rules, exceptions, and managing most features from SUM, and pushing to all or a section of devices as needed.

What needs improvement?

  • SUM cannot manage app control
  • Improve app control system as a whole
  • Extend support for SG until XG has improved significantly.

For how long have I used the solution?

Three to five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
MN
IT Security Specialist at a tech services company with 11-50 employees
Reseller
It is a good source for IDS and IPS

What is our primary use case?

Our primary use case of this solution is IDS and IPS. We also use it for application availability. 

What is most valuable?

The most valuable feature is the IPS. It also protects us from malware. 

What needs improvement?

The solution could be improved by adding cloud soundboxing.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

The stability is OK. 

What do I think about the scalability of the solution?

The scalability is not something I have experience with because our organization is pretty lean.

How is customer service and technical support?

I have not used technical support. 

How was the initial setup?

It was easy to set up and quite straightforward.

What other

What is our primary use case?

Our primary use case of this solution is IDS and IPS. We also use it for application availability. 

What is most valuable?

The most valuable feature is the IPS. It also protects us from malware. 

What needs improvement?

The solution could be improved by adding cloud soundboxing.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

The stability is OK. 

What do I think about the scalability of the solution?

The scalability is not something I have experience with because our organization is pretty lean.

How is customer service and technical support?

I have not used technical support. 

How was the initial setup?

It was easy to set up and quite straightforward.

What other advice do I have?

When considering a new solution, I always make sure that there is good technical support. Also, the pricing is an important aspect.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Aimee White
Info Sec Consultant at Size 41 Digital
Real User
Top 5Leaderboard
Allows our client to use cross-region AWS VPCs to connect remote dev offices

Pros and Cons

  • "UTM 9 brings along IPSec as well as iPhone and iPad support. This seems small but it’s useful."
  • "We didn’t find any issues but I know there have been some in the last few years."

What is our primary use case?

A client wanted to trial Sophos UTM 9 before deploying it into a production environment because, historically, Sophos has not had the best of reputations in AWS. The client had used Sophos in other environments, hence they wanted to stick to what they know.

How has it helped my organization?

The solution allows the client to use cross-region AWS VPCs to connect remote dev offices.

What is most valuable?

Classic defence in depth, with layered features. 

  • SPI (stateful packet inspection)
  • IPS
  • WAF 
  • VPN capability with built-in load balancer

Nothing out of the ordinary these days, but the fact Sophos has such a big name and good support was a big plus for the client who already had a relationship with Sophos support. Also, auto-scaling of UTM workers using EC2 is a nice and handy feature.

UTM 9 brings along IPSec as well as iPhone and iPad support. This seems small but it’s useful. 
Finally, Cold Standby CloudFormation script to one node, with persistent info in S3, is a convenient feature.

What's my experience with pricing, setup cost, and licensing?

We procured this solution via the AWS Marketplace because of BYOL (bring your own licence). That was the driving force behind the choice. In addition, they had test and production environments in AWS already so it was easy to get a sign-off.

What other advice do I have?

We didn’t find any issues but I know there have been some in the last few years. I can’t comment about Sophos on AWS previously but they seem fine now. There were no problems for our client so all I can comment on is the experience they had. I think it’s taken a little while for Sophos to get experience in solving problems with their product in the AWS environment, but they do seem to go the extra mile.

This solution rates an eight out of ten, based on our experience. Support was good. You will always find problems with installations so it does hinge on support.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Anthony Petecca
Manager IT and Security at Health Street
Real User
Enables us to fully isolate an infected server or workstation with the click of a button

Pros and Cons

  • "The isolation of infected machines is a big feature. Also, the ability to detect external sources that change files on a file server is really big."
  • "It does have built-in policies, which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them."

What is our primary use case?

Threat management for servers is our primary use case. We're not using it on all workstations, just a few. We're primarily using it on servers.

The version we're using is fully in the cloud, not on-prem.

How has it helped my organization?

We don't have to worry about viruses anymore. Before Sophos, we didn't have anti-virus at all because we're a newer company and we're just now starting to get into business-level stuff. When we installed it on a few of the users' machines, we saw that they did have very minor infections - they downloaded something they shouldn't have, something that could have hurt the computer. We were able say, "Well, we're glad they didn't click on that."

What is most valuable?

The isolation of infected machines is a big feature. Also, the ability to detect external sources that change files on a file server is really big.

The third key feature is something called EDR. It's a type of advanced file analysis. If you aren't sure what a file is you can click on it and it will upload a sample to Sophos and it will respond saying, "That's malicious," or "Not malicious." You can see every individual file and registry key that that file has ever interacted with, and what they did. It will show you every single thing it's done to the machine so you can clean up everything or check everything that it has ever touched. You don't have to worry about, "Oh, did I clean everything up?"

What needs improvement?

It does have built-in policies which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

In terms of stability, it's definitely top-notch, a market leader. The ability to do things and the availability of it being online aren't an issue.

What do I think about the scalability of the solution?

It seems very scalable. All you do is install the client, and it pulls it in. You don't have to actually have more Sophos servers running. It all goes back to their central, cloud-based platform, which is nice.

How is customer service and technical support?

I haven't had to use Sophos' technical support.

How was the initial setup?

The initial integration and configuration of Sophos in our AWS environment was incredibly easy. They give you a license key and a file. You download that file on the operating system type that you're trying to install it on. Install it and it's done. There's nothing else at all to do. It gets auto-configured for you.

What was our ROI?

We haven't seen ROI because we just got it two or three months ago. Over time we will.

What's my experience with pricing, setup cost, and licensing?

The biggest issue with Sophos is the pricing. It's definitely more expensive. We looked at Webroot, which is a big alternative, and Sophos was almost three times the price of Webroot. That's a pretty big difference.

We actually went with both Webroot and Sophos. We went with Webroot for most of the client machines. We're only using Sophos for the servers and the really important client machines, like the ones the managers use. That way, we can split our cost up a little bit.

Which other solutions did I evaluate?

We looked at Webroot, primarily. That was pretty much the only one we evaluated that was even close to being a competitor. We did look at a few others, but we didn't even do the trials because \Webroot and Sophos offered so much more.

Webroot seemed really nice for Windows, but we have a lot of Macs. Our servers are Windows, and we definitely went with Sophos for the servers because it has a little bit more capability with Webroot.

An example would be that if you have a file server, it will actually detect if a source is changing stuff on the file server. Suppose that a client was connected to them. That client wouldn't even need protection. Sophos is smart enough to understand, "Hey, a client just uploaded this virus." Webroot wouldn't do that. Sophos also lets us do full isolations of the servers or workstations. So if something gets infected, we can isolate that machine with the click of a button, clean it up, and then release it back into the network. That's not something Webroot was capable of handling either. Those were two big things to us because both of those features stop viruses from spreading.

Everyone's going to get infected at some point. We just want to stop the spread as soon as possible.

What other advice do I have?

If you're running a full Windows-based shop you're going to have a lot more options, so make sure you shop around. If you're running a Mac-based shop like we are, Sophos is definitely the way to go. Just make sure you can afford it.

Regarding how well Sophos integrates with other products, so far we haven't integrated it with anything. We have it on the servers and we have it scanning our Amazon accounts, but that's it. The integration with Amazon is cool. Maybe they could work on that because it seems like a newer feature. You can see what's available but not really do anything yet.

For the features, how well it works, and how easy it is to use, I would give Sophos a ten out of ten. Overall, I would give it a nine because it is very costly compared to all competitors.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Juan C. Sanchez Pignalosa
CEO & Co-Founder at Advisor Consulting Group
Real User
Top 20
Application Control should be able to be managed with users; however, we now have a protected, standardized network.

How has it helped my organization?

Our datacenter cloud services such as email, and web services for internal and external use, had to be protected with different systems and the web services where left really unprotected, since we used an standard IPS/IDS to protect ourselves from web attacks (from the outside) which nowadays are really sophisticated. Also, we had to employ many work hours to have a protected, standardized network. With Sophos EndPoint and Sophos UTM, we simplified and also protected our network at the same time, with less work force.

What is most valuable?

The web filter and the ATP (Advanced Threat Protection) are great and easy to manage, and the integrated WAF (Web Application Firewall) allows the administrator to seamlessly protect HTTP/S services without having to pay thousands of dollars. The just introduced Sandstorm system for protection, is awesome as well.

What needs improvement?

Sophos UTM has many improvements that I would suggest, but the main one is for the Application Control to be managed with users as well, and with timeframes (schedules) for the administrator to allow certain apps outside an specific timeframe, or vice versa.

What do I think about the stability of the solution?

No issues encountered.

What do I think about the scalability of the solution?

The scalability is awesome as when you need the network protection systems to grow immediately, you just activate and license the exact same box, and configure it in cluster mode for Active-Active mode in Cluster/High Availability.

How are customer service and technical support?

This is where Sophos vendor outclasses every other vendor. They have grown so much throughout the last four to five years, but they have grown as well in their capability to attend support cases. We've had some really advanced cases, and we have never been forgotten or left behind.

Which solution did I use previously and why did I switch?

We used a commercial product, Untangle, with our own brand called Rhino Box. Untangle did not invest in the development of features as we expected, such as the adoption of IPSec VPNs (they had it but very limited), and IPv6. This was what made us do research for our SMB/Enterprise market offering. We tried out Sophos UTM (recently purchased as Astaro UTM) and it was really easy to deploy and came with Sophos Support, which is awesome.

How was the initial setup?

The initial setup is straightforward. Sophos brand is well known in the market for being a unique and powerful tool that is simple to deploy and manage. This is what makes it different from any other vendors. The Sophos UTM, comes with a deployment "Wizard for Dummies" since it show the wizard at the initial setup, and in less than three minutes, you can have your box up and running. Also for Policies deployment, you are clicks away to customize your security settings.

What about the implementation team?

We always deploy by ourselves, so that way we can test how the customer will see the initial implementation. Our main advice, is to read the manual, and follow the wizards that comes with each tool. Also, it is strongly recommended to have a professional firm contracted for the initial setup, and support, as we are, to can design, and help with any kind of implementation issues.

What was our ROI?

The ROI is in 12-16 months, since with this kind of tool, we deliver the best of breed protection, and increment the focus of the end user, in being productive.

What's my experience with pricing, setup cost, and licensing?

I recommend you get the three year licenses, since Sophos offers three years for the price of two. I would also recommend that you acquire any Sophos Licensing with Professional Services added, that way, you'll have the best experience possible.

What other advice do I have?

They have supported our business venture since 2010, and will do for many years. We have studied closely the different product portfolio, and each one of them, are carefully developed.

Disclosure: My company has a business relationship with this vendor other than being a customer: We have been a Gold Partner since 2010.
Maroun Abboud
Data Department Manager at BTC Networks
Real User
Top 20
As both a firewall and UTM it's perfect, however, sometimes with setting up the spam filters there is an issue.

How has it helped my organization?

As we are a solution provider and not product oriented, we give the best solution for our customers, with a good price. We are the number one company in the region, BTC, and operate in Egypt, Iraq, Jordan, Lebanon, and Saudi Arabia.

What is most valuable?

As both a firewall and UTM it's perfect.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

For me, the customer satisfaction, and awareness, is the most important thing. I usually train all my clients on their chosen system.

Technical Support:

10/10.

Which solution did I use previously and why did I switch?

As we are a service provider, we offer various other products to our customer:

  • Astaro ASG
  • Avaya/Netscreen
  • Fortinet
  • HP Switches & WiFi
  • Juniper SSG
  • Juniper SRX 210 & 240
  • Juniper WXC
  • Sophos next generation SG, including RED, SG, and WiFi
  • Telindus Crocus E1Q

How was the initial setup?

For me, the installation and setup is simple. I work hard to do the simulation for the customer, and discuss all the requirements before implementation with the client.

What about the implementation team?

In one project I implemented Sophos for was a bank. I had to involve the Sophos team as the client was asking for WAF in transparent mode with HTTPS inspection. They were 10/10.

Which other solutions did I evaluate?

Prior to Sophos, it was mainly Juniper and Fortinet.

What other advice do I have?

Give us 10 minutes of your time, and we will show you the differences. When I do presentations, I give potential clients demo access to the solution(s) I am presenting.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ML
IT SM & Security Consultant at a tech services company with 1,001-5,000 employees
Consultant
Sandstorm protects against crypto viruses in real-time

Pros and Cons

  • "Advanced protection (Sophos Sandstorm) - Protects against crypto viruses in real-time."
  • "There is still room for improvement in wireless protection. I don't mean their WiFi device is bad, but there are still things to improve on, such as WiFi roaming."

How has it helped my organization?

We replace customers' old and expensive devices such as firewalls, anti-spam, etc. with Sophos, as it has all these features. You don't need four boxes if you can have all these features in one box.

What is most valuable?

The most valuable features are

  • Web Protection - Protects you against problems originating from the internet.
  • Advanced protection (Sophos Sandstorm) - Protects against crypto viruses in real-time.
  • Email Protection - Really strong anti-spam.
  • REDs (Remote Ethernet Device)  - Connects you from a remote workplace to your source network.

What needs improvement?

There is still room for improvement in wireless protection. I don't mean their WiFi device is bad, but there are still things to improve on, such as WiFi roaming.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

No issues with stability.

What do I think about the scalability of the solution?

No, everything works perfectly.

How is customer service and technical support?

They have consultants who can help you quickly.

How was the initial setup?

 You can use the wizard which will guide you through all the initial settings.

What's my experience with pricing, setup cost, and licensing?

Sometimes more is less, meaning if you want more than three features, take the FullGuard licence.

What other advice do I have?

We do not use this on AWS.

Before implementing the SG appliance, completely prepare the rules for your network; know what and where you want to implement.

Disclosure: My company has a business relationship with this vendor other than being a customer: Gold Partner.
MG
Asst General Manager(C&IT) at NMDC Iron & Steel Plant
User
It improved bandwidth utilization and provided link load balancing features for internet and intranet lease lines

Pros and Cons

  • "It improved bandwidth utilization and provided link load balancing features for internet and intranet lease lines."
  • "Initially, there were issues with the wireless network as wireless access points were disappearing from the dashboard after some time."

What is our primary use case?

We were looking for a solution which provided a single view for both a wired and wireless network. We were previously using the Cyberoam 200ia firewall appliance and wanted an appliance which could support 1500 to 3000 corporate users. The solution also required a wireless access controller scalable to at least a 125 second wave 802.11 ac wireless access point. We purchased a Sophos XG 450 appliance with Sophos wireless access points.

How has it helped my organization?

It improved bandwidth utilization and provided link load balancing features for internet and intranet lease lines. It also provided good security for internal users.

What is most valuable?

  • A good package overall
  • A nice UTM appliance with a good GUI and reports.
  • Configuring web access controls in the appliance is a bit typical and requires debarring and listing separately. Once configured, the solution works beautifully.

What needs improvement?

Initially, there were problems of wireless access points not getting detected and lease lines were getting disconnected after one hour. Sophos replaced the appliance, but the issue was not resolved . The matter got escalated to their international support and the issue was identified as a bug where long distance fiber connections are used over single mode fiber. The patch was shipped by Sophos with a promise to fix the issue in the next release.

Now, the appliance is working fine. The issue of wireless access points was due to some compatibility issues with the D-Link switch. I provided the Cisco 2900 series switches to connect to the wireless access points by creating a separate wireless LAN port on the firewall.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

Initially, there were issues with the wireless network as wireless access points were disappearing from the dashboard after some time. Later issues were resolved by connecting the wireless access points through Cisco switches.

What do I think about the scalability of the solution?

No scalability issues.

How are customer service and technical support?

Support is very good.

Which solution did I use previously and why did I switch?

We used to use Cyberoam 200ia. It required to an upgrade due to end of life and the changed requirement of its organisation.

How was the initial setup?

The initial setup was complex as different VLANs had to be created for the business network, wireless network for corporate users, wireless network for guest users, and a separate VLAN for the communications network and the VC. QoS had to be enabled for different type of services. In addition, link load balancing was also configured and tested for internet lease lines and intranet MPLS lease lines.

What about the implementation team?

We implemented through a vendor team, and their expertise level was good.

What was our ROI?

ROI has yet to be calculated.

What's my experience with pricing, setup cost, and licensing?

We purchased the appliance with five years onsite support and licenses.

Which other solutions did I evaluate?

FortiGate 1000D.

What other advice do I have?

In India Cyberoam, which has been taken over by Sophos, has a vast support network and loyal user base. Migration to Sophos was the logical path. Further, pricing for the upgrade was very competitive as Sophos wanted to retain existing customers.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
AP
Global Network Security Admin at a consumer goods company with 201-500 employees
Real User
It can identify threats quickly, then find the affected devices and quarantine them

Pros and Cons

  • "It has helped by identifying threats within the company. If there are computers or servers that are compromised, then we are able to identify them right away in the system."
  • "The technical support only communicates via email. I would prefer to communicate directly with someone."

What is our primary use case?

I am using it for security, antivirus, and malware detection.

How has it helped my organization?

It has helped by identifying threats within the company. If there are computers or servers that are compromised, then we are able to identify them right away in the system.

What is most valuable?

It can identify threats quickly, then find the affected devices and quarantine them.

It ease of use: The GUI is easy to maneuver through; it is not complicated.

What needs improvement?

The support needs improvement.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It has been stable. We haven't had issues. It does what it is supposed to do.

What do I think about the scalability of the solution?

Since it is cloud-based, scalability works great. We have around 300 users in our environment.

How is customer service and technical support?

The technical support only communicates via email. I would prefer to communicate directly with someone.

Which other solutions did I evaluate?

We also considered Symantec and McAfee. We did not chose them because we had experience with both of them and were not happy with their platforms.

We chose Sophos for its ease of use and it detects malware and viruses that other companies can't detect.

What other advice do I have?

The product works. It helps you identify threats within the environment.

We were able to integrate it with different devices and the installation is straightforward.

We are using the cloud-based version, but it is through Sophos directly. We are not using AWS. A lot of this stuff is also on-premise.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
JC
Security Architect at a financial services firm with 501-1,000 employees
Real User
We like the ease of deployment and the dashboards are good

What is our primary use case?

It is used as an antivirus.

What is most valuable?

Ease of deployment Licensing The dashboards are good.

What needs improvement?

They could reduce the price.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The stability is good.

What do I think about the scalability of the solution?

The scalability is good for us. We are only a company of about 400, so it is perfect.

How is customer service and technical support?

I have not used the technical support.

How was the initial setup?

The implementation with the AWS environment was good.  We haven't had any issues with deployment.

What's my experience with pricing, setup cost, and licensing?

The pricing and licensing…

What is our primary use case?

It is used as an antivirus.

What is most valuable?

  • Ease of deployment
  • Licensing
  • The dashboards are good.

What needs improvement?

They could reduce the price.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The stability is good.

What do I think about the scalability of the solution?

The scalability is good for us. We are only a company of about 400, so it is perfect.

How is customer service and technical support?

I have not used the technical support.

How was the initial setup?

The implementation with the AWS environment was good. 

We haven't had any issues with deployment.

What's my experience with pricing, setup cost, and licensing?

The pricing and licensing are both good and better than Sophos's competitors. This is why we went with the product.

Which other solutions did I evaluate?

We looked at Symantec, but liked Sophos's licensing better.

What other advice do I have?

Consider the product, as it seems to be one of the top four.

We use the both the AWS and on-premise versions. They are both good and about the same.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Darren Weiner
Solutions Architect at National Renewable Energy Laboratory
Real User
It meets our compliance needs for antivirus, but the printed provisioning needs improvement.

What is our primary use case?

We use it for antivirus.

How has it helped my organization?

It meets our compliance needs in an elastic computer environment.

What is most valuable?

It meets our compliance needs for antivirus.

What needs improvement?

The printed provisioning is the primary thing that needs improvement.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It is a little too CPU resource intensive, so we would like to see improvements there.

What do I think about the scalability of the solution?

We are running about a couple hundred EC2 instances. Overall, the AWS Marketplace product should be a better fit, but it is a little pricier.

How is customer service and technical support?

When we…

What is our primary use case?

We use it for antivirus.

How has it helped my organization?

It meets our compliance needs in an elastic computer environment.

What is most valuable?

It meets our compliance needs for antivirus.

What needs improvement?

The printed provisioning is the primary thing that needs improvement.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It is a little too CPU resource intensive, so we would like to see improvements there.

What do I think about the scalability of the solution?

We are running about a couple hundred EC2 instances. Overall, the AWS Marketplace product should be a better fit, but it is a little pricier.

How is customer service and technical support?

When we need technical support, we just engage the vendor, then figure out what our requirements are from there.

How was the initial setup?

The integration and configuration of this product on our AWS environment is a little clunky right now.

The product is a standalone in terms of integration.

What other advice do I have?

Going forward, we need to look at the provisioning pieces and the resource utilization.

The AWS version is easier to provision than the on-premise version.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Max Pupov
DevOps at a tech services company with 11-50 employees
Real User
It works well without any maintenance

Pros and Cons

  • "It works well without any maintenance. So far, it has worked pretty well regardless of the traffic."
  • "The product could be simplified and made more self-explanatory."

What is our primary use case?

  • Firewalls
  • Developer access
  • VPN traffic
  • Rerouting and routing.

I am using it to route traffic for developer access or regular traffic for my instances. I have a web application, and I control access to and from it in one of my environments.

How has it helped my organization?

All my needs are met at the moment.

What is most valuable?

Our policy is launch and forget. It works well without any maintenance. So far, it has worked pretty well regardless of the traffic.

What needs improvement?

The product could be simplified and made more self-explanatory.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

I am stressing it quite a bit, and the stability is great. I haven't performed any maintenance on the instances in quite a while now. It works. I am happy because everything works well.

What do I think about the scalability of the solution?

My throughput is moderate versus high throughput applications.

I am always holding a predefined number of instances, so I haven't had any issues.

How is customer service and technical support?

I have not used the technical support.

How was the initial setup?

The configuration was pretty complex on my side compared to OpenVPN. However, this might imply that Sophos has more use cases and capabilities. It depends.

Which other solutions did I evaluate?

I am also using OpenVPN

Partially, for historic reasons, things were built prior to me being able to evaluate stuff. At the moment, we are using both solutions. In terms of pricing, when I need to spin up anything small with smaller requirements, I am using the free OpenVPN instead of Sophos UTM.

What other advice do I have?

Do your homework. Compare products. Use what you need depending on your needs.

We are only using the AWS version of the product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Scott Rouse
Architecture and DevOps at hc1.com
Real User
It has allowed us to have a solution that we can maintain and not have to babysit all the time

Pros and Cons

  • "It has made our organization more secure, because we are using a VPN. We are not accessing services directly. It allows us to segregate some of the traffic for individuals which may be more of a developer role rather than an operational role needing access to developer resources, but not necessarily production operational resources."
  • "It makes it a lot easier for us to maintain things. Prior to it, things were more difficult. This means less time on us. We can focus on other things. The recovery is more in man-hours for us than anything else."
  • "The documentation during the AWS integration was a little fuzzy on getting it to work with how the whole public exposure versus private exposure, then routing some of the traffic."

What is our primary use case?

Our Sophos UTM provides a secure VPN solution. It allows us to have a VPN solution that limits access to certain sensitive areas in our environment.

How has it helped my organization?

It has made our organization more secure, because we are using a VPN. We are not accessing services directly. It allows us to segregate some of the traffic for individuals which may be more of a developer role rather than an operational role needing access to developer resources, but not necessarily production operational resources.

Previously, it was all intermixed, and access was kept under control by other means. This makes it easier and more streamlined.

What is most valuable?

  1. The VPN side of it.
  2. The ease of configuration of the VPN.
  3. Some of the end user self-serviceability of it without having to have a whole lot of touch from our operational group

What needs improvement?

The UI on it could stand a little improvement. In some areas, it is a little slow and clunky. It is sometimes not easy to find something. However, once you get used to it, it is pretty normal to use.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

We haven't had an issue with it yet. 

Any given day, we have easily ten to 15 users on it constantly, plus some other ancillary services which go across the VPN to access resources in our environment.

What do I think about the scalability of the solution?

It works for what we have, as we only need a couple of them. Scalability-wise, we don't need a whole lot. 

How is customer service and technical support?

We have used technical support one time for a weird upgrade issue. Their response was good.

How was the initial setup?

It integrated well with AWS. The documentation was a little fuzzy on getting it to work with how the whole public exposure versus private exposure, then routing some of the traffic. However, once you read the documentation carefully, it comes out well. This goes back to the UI issue.

What was our ROI?

It makes it a lot easier for us to maintain things. Prior to it, things were more difficult. This means less time on us. We can focus on other things. The recovery is more in man-hours for us than anything else.

What's my experience with pricing, setup cost, and licensing?

Purchasing through the AWS Marketplace is pretty straightforward. Because were entirely on AWS and don't have anything anywhere else. It made the most sense for us as a one stop shop.

The pricing is pretty reasonable. I don't think that it is overly expensive.

Which other solutions did I evaluate?

We looked at a couple other products. However, overall, Sophos UTM seemed to fit the bill. It has allowed us to have a solution that we can maintain and not have to babysit all the time.

What other advice do I have?

It is definitely worth looking at. It is a pretty good product.

It is integrated with our LDAP solution, and that integration is okay. Any LDAP integration can be hit or miss. It doesn't matter what it is, because it's LDAP. Since we use LDAP as a service, it's a little different, but it does work well.

We use it for the AWS version.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
John Xavier
CIO at Quartesian
Real User
It provides a solid firewall, but they could improve on the support

Pros and Cons

  • "It helped to connect our satellite offices to the main Amazon infrastructure in a circular way."
  • "We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work."
  • "They could definitely improve on the support, especially in other countries."

What is our primary use case?

We are using as a firewall product.

How has it helped my organization?

It helped to connect our satellite offices to the main Amazon infrastructure in a circular way.

What is most valuable?

It provides a solid firewall.

What needs improvement?

We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work. 

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It's pretty stable. For our usage, it has been pretty good.

What do I think about the scalability of the solution?

We are a small company with a small infrastructure. For our infrastructure, it is perfectly solid. I don't have experience using it on a larger scale.

How is customer service and technical support?

They could definitely improve on the support, especially in other countries. Right now, it is just average. For example, we have a team in India. When they face issues, they have to go to Australia or talk to somebody in the US to receive support. They should be more responsive and have more local offices.

What about the implementation team?

AWS has been pretty good. It is well integrated and pretty user-friendly. Initially, we experienced issues with the configuration because Sophos provided us a CloudFormation template, which caused us some back and forth. By now, the process may have improved.

What's my experience with pricing, setup cost, and licensing?

Purchasing it through the AWS Marketplace went smoothly. We did not have any issues and the pricing was decent.

We decided to purchase through the AWS Marketplace because of the integration with the AWS infrastructure, firing it up and configuring it was very seamless.

Which other solutions did I evaluate?

We originally considered Barracuda and another solution.

We chose Sophos because we thought that it provided superior service. Also, they have a long history in the market, and I received a recommendation from one of my consultants.

What other advice do I have?

I would recommend to take a look a product, as it is a good product apart from the improvements that I mentioned. We are very happy with the product so far.

It is used as a standalone. We don't integrate it with other systems.

We are using the AWS version of this product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Frank Scalzo
Director of Cloud Technology at Avalere Health\Inovalon
Real User
It has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewalls from one place

Pros and Cons

  • "Sophos has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewall from one place."
  • "I would like them to move from the Classic Load Balancer to the Network Load Balancer. This would make it easier to do certain things with Amazon. They are able to do some enhancements with Network Load Balancer that they are unable to do with Classic Load Balancer."

What is our primary use case?

Every single Virtual Private Cloud (VPC) has Sophos in front of it. I also use it for Outbound Gateways in my WorkSpaces environment.

How has it helped my organization?

Our company trusts Sophos without even seeing it, as it provides us comfortability while allowing for flexibility.

What is most valuable?

Its scaling capability.

Sophos has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewall from one place, which is huge for me. When you have multiple VPCs and multiple accounts, it becomes too cumbersome to use a product that you have to look at individually. With Sophos, I can look at one place and see everything: my logs, filters, firewall rules, etc.

What needs improvement?

I would like them to move from the Classic Load Balancer to the Network Load Balancer. This would make it easier to do certain things with Amazon. They are able to do some enhancements with Network Load Balancer that they are unable to do with Classic Load Balancer.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

I have never had a stability issue with Sophos. It self-heals.

What do I think about the scalability of the solution?

I have not run into a scalability issue since it is scalable past my license.

How is customer service and technical support?

I have had great technical support. The only issues that I have experienced with technical support are when I get a Tier 1 support person who knows about the on-premise product, not the AWS side of the product.

What about the implementation team?

The implementation and configuration through AWS is easy. They have cloud configuration templates, which are easy to deploy.

What's my experience with pricing, setup cost, and licensing?

We originally purchased the solution through the AWS Marketplace. I started my proof of concept doing pay-as-you-go, then moved to a VAR for a 'Bring Your Own Licence' (BYOL) licensing model. The BYOL license still requires you to accept the terms of the AWS Marketplace to deploy.

It is easy to purchase through the AWS Marketplace. In addition, if you have a budget for the AWS Marketplace, then your purchases will appear on your regular Amazon bill, which makes things even easier.

Which other solutions did I evaluate?

I went and looked at Check Point eight years ago, because back then, I loved Check Point. They also weren't many solutions like this back then. AWS Marketplace did not even exist eight years ago!

After comparing Check Point and Sophos pricing, I questioned whether the decimal for Sophos was in the wrong spot. Sophos's competitors were so much higher in price. 

Originally, cost sold me because Check Point and Sophos had the same features. Now, Sophos has surpassed Check Point's features.

What other advice do I have?

If you haven't tried it, do so.

Amazon has their products (e.g., Amazon GuardDuty). However, when you are working in a multiple VPC environment along with digital enhancements and features, some of those enhancements and features are not always available with Amazon, but are with Sophos.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
MichaelCook
Senior Solutions Specialist at centerprise international
Reseller
It has ease-of-use and fits the purpose of our firewall protection needs.

What is our primary use case?

The primary use case for using this product is as a firewall.

How has it helped my organization?

It has ease-of-use and it fits the purpose of our firewall protection needs.

What is most valuable?

The most valuable feature is that it is easy to administer. 

What needs improvement?

The price is an issue to consider for improvement.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The stability of the product is good.

What do I think about the scalability of the solution?

We are not a very big organization, so we do not see any issues going into the future. We feel that it will continue to scale appropriately for our organization's needs.

Which solution did I use previously

What is our primary use case?

The primary use case for using this product is as a firewall.

How has it helped my organization?

It has ease-of-use and it fits the purpose of our firewall protection needs.

What is most valuable?

The most valuable feature is that it is easy to administer. 

What needs improvement?

The price is an issue to consider for improvement.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The stability of the product is good.

What do I think about the scalability of the solution?

We are not a very big organization, so we do not see any issues going into the future. We feel that it will continue to scale appropriately for our organization's needs.

Which solution did I use previously and why did I switch?

We have experience with Sophus, as well.

What's my experience with pricing, setup cost, and licensing?

The price is something that one will need to consider.

Disclosure: My company has a business relationship with this vendor other than being a customer: I am a reseller.
TD
Unified Communications Specialist at Agentra
Real User
We have a better level of protection and we have the ability for our devices to be more of a self-sustained type of resource.

What is our primary use case?

My primary use case is as a VPN, a firewall and a web filter.

How has it helped my organization?

We have a better level of protection and we have the ability for our devices to be more of a self-sustained type of resource.

What is most valuable?

The most valuable features are: Firewall protection Intrusion detection

What needs improvement?

The memory and processing were problematic. The interface could be better.

What's my experience with pricing, setup cost, and licensing?

I have no problem with the cost or licensing of this solution. This is a primary reason whay I wanted this solution. It does the same thing cheaper than other name brands.

What is our primary use case?

My primary use case is as a VPN, a firewall and a web filter.

How has it helped my organization?

We have a better level of protection and we have the ability for our devices to be more of a self-sustained type of resource.

What is most valuable?

The most valuable features are:

  • Firewall protection
  • Intrusion detection

What needs improvement?

The memory and processing were problematic. The interface could be better.

What's my experience with pricing, setup cost, and licensing?

I have no problem with the cost or licensing of this solution. This is a primary reason whay I wanted this solution. It does the same thing cheaper than other name brands.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Neeraj Panwar
Cloud Network Administrator at a tech services company with 11-50 employees
Real User
We cannot use our network on a weekly basis without it.

What is our primary use case?

It helps us with protection, with concurrent use of the VPN.

How has it helped my organization?

This solution improved our firewall capability. We installed an identity process, and this is extremely helpful.

What is most valuable?

The security is the most important, and without security, we cannot use our network on a weekly basis.

What needs improvement?

During initial configuration, I encountered a few issues.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

The stability is very good.

How was the initial setup?

The initial setup of this solution was easy. It was not complex. 

What was our ROI?

When considering a product, I think support from the solution is very…

What is our primary use case?

It helps us with protection, with concurrent use of the VPN.

How has it helped my organization?

This solution improved our firewall capability. We installed an identity process, and this is extremely helpful.

What is most valuable?

The security is the most important, and without security, we cannot use our network on a weekly basis.

What needs improvement?

During initial configuration, I encountered a few issues.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

The stability is very good.

How was the initial setup?

The initial setup of this solution was easy. It was not complex. 

What was our ROI?

When considering a product, I think support from the solution is very important.

Which other solutions did I evaluate?

We did not have experience with a firewall prior to installing this solution.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user588840
CEO with 501-1,000 employees
MSP
Rapid deployment with great logging and analysis features

What is our primary use case?

We use Sophos UTM as our main firewall with all its features included. Mainly, it controls all of our network perimeter security: firewall, IDS/IPS, and web application firewall (including VoIP).

How has it helped my organization?

Web application firewall (WAF): We removed our old internal reverse proxy, and it now controls all the security aspects of our web servers with Sophos UTM WAF.

What is most valuable?

Ease of use Rapid deployment with great logging and analysis features

What needs improvement?

Reporting: We have had to work manually in many of our reports.

For how long have I used the solution?

More than five years.

What is our primary use case?

We use Sophos UTM as our main firewall with all its features included. Mainly, it controls all of our network perimeter security: firewall, IDS/IPS, and web application firewall (including VoIP).

How has it helped my organization?

Web application firewall (WAF): We removed our old internal reverse proxy, and it now controls all the security aspects of our web servers with Sophos UTM WAF.

What is most valuable?

  • Ease of use
  • Rapid deployment with great logging and analysis features

What needs improvement?

Reporting: We have had to work manually in many of our reports.

For how long have I used the solution?

More than five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IS
CTO at a tech services company with 11-50 employees
Reseller
Brings greater visibility into the network traffic coming inside and passing away from the company

Pros and Cons

  • "​The initial configuration is straightforward thanks to the web GUI. In 30 minutes, you can have a running firewall with UTM protection enabled.​"
  • "Brings greater visibility into the network traffic coming inside and passing away from the company."
  • "Needs to improve the certificate management (ex. Let's Encrypt support)."

What is our primary use case?

Currently, we are using the product on-premise. However, in the future, we would like to deploy an AWS instance too.

How has it helped my organization?

This product helped us a lot in having a greater visibility into the network traffic coming inside and passing away from the company. The Sophos’s unique RED devices helped us a lot to build up extremely, easy Layer 2 VPN connections.

What is most valuable?

  • Email and web proxy: for filtering unwanted emails and spam, and for web content and malicious url filtering
  • SSL VPN and two-factor authentication: for secure remote access
  • Layer 7 app control: for blocking P2P (ex. BitTorrent) and media streaming content 
  • WAF/reverse proxy: for securely publishing web applications and protecting Exchange services 
  • WAN load balancing: for multiple Internet connection management

What needs improvement?

  • Certificate management (ex. Let’s Encrypt support)
  • VPN: IKEv2 Support

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

We have not encountered any issues with stability.

What do I think about the scalability of the solution?

The Sophos UTM solution is very scalable. You can build a hardware cluster with up to 10 nodes. 

How are customer service and technical support?

Technical issues addressed to support team have been solved quickly.

Which solution did I use previously and why did I switch?

Before we were using Cisco solutions, we switched because of the lack of UTM features.

How was the initial setup?

The initial configuration is straightforward thanks to the web GUI. In 30 minutes, you can have a running firewall with UTM protection enabled.

What's my experience with pricing, setup cost, and licensing?

The pricing for Sophos UTM is quite acceptable compared to other UTM vendors. If you would like to run an active-passive HA system, you only need to buy an additional hardware without subscription. At other vendors, you need subscription for both devices.

In the case of a software/virtual appliance subscription, you pay by protecting user/IP addresses. You can do this to as much hardware resources as you like.

Which other solutions did I evaluate?

We evaluated SonicWall, WatchGuard, and Stormshield (Netasq) solutions.

What other advice do I have?

We highly recommend this solution for SMBs for its reasonable pricing and wide range of network services.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller and System Integrator.
ML
It Forum Gruppen A/S
Real User
Network Protection and Web Filtering help us provide next-gen threat handling

Pros and Cons

  • "They are all good, but most-used are Network Protection and Web Filtering."
  • "Scaling out cannot be easier, as there are many migration paths."
  • "VPN needs IKEv2, but it’s in the roadmap. Also, all new, cool features will only come to the new Sophos XG Firewall."

How has it helped my organization?

We give customers a device that can handle next-gen security threats, which is way better than a typical router.

What is most valuable?

They are all good, but most-used are the Network Protection and Web Filtering licenses.

What needs improvement?

VPN needs IKEv2, but it’s in the roadmap.

All other new, cool features will only come to the new Sophos XG Firewall.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

There are no more stability issues than with other vendors, so I would say it's very stable.

What do I think about the scalability of the solution?

Scaling out cannot be easier, as there are many migration paths.

How are customer service and technical support?

It’s satisfactory.

Which solution did I use previously and why did I switch?

No previous solution. For next-gen firewalls, I began with Sophos.

How was the initial setup?

It is straightforward. There is a wizard running at first boot, making it easy for you to select the level of protection you want.

What's my experience with pricing, setup cost, and licensing?

For under 50 users, MSP licensing is profitable.

What other advice do I have?

We don't use Sophos UTM on AWS.

I would recommend Sophos UTM. But also look at its successor, Sophos XG Firewall, as we do not know how many years Sophos UTM will "live." (Note that it will be free to migrate from UTM to XG).

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
it_user805347
Project Engineer
Real User
Initial configuration was super simple. Management and monitoring have never been easier.

Pros and Cons

  • "It does not take much effort or thinking to understand how it works.​"
  • "The product is extremely intuitive."
  • "​Configuration could not be made any easier."
  • "With over 150 firewalls in our portal, management and monitoring have never been easier."
  • "​This product could use some improvement with web filtering. It takes a lot of time and effort to set up and maintain.​"
  • "Finding information about Sophos’ sizing guidelines can actually be difficult. Also, Sophos does not make it clear what they mean by “users” when you are sizing a firewall, which then leads to undersized implementations.​"
  • "​I am going to flat out say technical support is terrible. Being a Platinum level customer, I am not happy with the support.​"
  • "Stay away from the wireless models, since you cannot put them in HA. They start to give you some weird issues once you start getting into multiple SSIDs and networks."

What is our primary use case?

We have been rolling out the Sophos UTM platform to our clients over the past two years. About 80% of our managed clients have been moved to Sophos UTM. We have been migrating them mostly from SonicWall and Cisco ASA.

We do not use Sophos UTM in AWS. However, we have deployed a few Sophos XGs in an Azure environment.

How has it helped my organization?

The UTM product has definitely improved the way our organization functions. We have set a standard across clients and engineers. Everyone is trained on the product and knows how to manage the devices. UTM is probably the most complete all-in-one firewall that I have used to date. Having the UTM Manager has probably made the most impact, with over 150 firewalls in our portal, management and monitoring have never been easier.

What is most valuable?

The most valuable to features are: Web Application Firewall, Sophos UTM Manager, IDS/IPS, Remote Access, and RED.

  1. WAF: This is excellent for hardening web servers. The firewall will reverse proxy your web servers, eliminating the need to open ports. Instead the firewall will run an instance of Apache and proxy all traffic to and from the real web servers. (This is also handy when you have a single public IP.)
  2. SUM: The Sophos UTM Manager is a must have for any MSP. The SUM is a centralized portal for quick access to all the firewalls you manage. This also keeps track of who logs into the firewall by AD account. It is great for keeping track of a help desk, and who is making changes.
  3. IDS/IPS: General Intrusion Prevention and detection. It works very well.
  4. Remote Access: VPN access is always a need, and the UTM includes this free with all their license models. A very nice feature that I use a lot is the HTML5 portal. The portal allows you to have web-based access to resources behind the firewall. The best use for this would be when a client does not have any servers on-site. You can set up the HTML5 portal with SSH/Telnet to manage switches on-site, all done through the browser.
  5. RED: REDs simplify the setup for multi-location clients. A license is not required for a RED, and only one UTM is needed. REDs are great for mobile sites, as they can be tossed in a bag and can run off 4G/LTE. Configuration is effortless, and they create a direct tunnel back to the main office, getting you up and online in no time.

What needs improvement?

This product could use some improvement with web filtering. It takes a lot of time and effort to set up and maintain.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

I have never come across any major stability issues. I have seen some bugs on newer firmware releases which have only affected units configured in HA. Sophos is usually quick to fix these bugs.

What do I think about the scalability of the solution?

You should never come across a scalability issue if you follow Sophos’ sizing guidelines. Finding this information can actually be difficult. Also, Sophos does not make it clear what they mean by “users” when you are sizing a firewall, which then leads to undersized implementations.

How are customer service and technical support?

I am going to flat out say technical support is terrible. I will admit that it has gotten better over the past year. Previously, hold times would be 45 minutes at minimum. After the long hold times, you would receive an extremely under qualified engineer. The knowledge of engineers has definitely increased over the year and the time on hold has gone way down. 

Being a Platinum level customer, I am not happy with the support.

Which solution did I use previously and why did I switch?

SonicWall used to be our primary choice of firewall. I am just an engineer and I do not have control over which products we use. We started using Sophos Antivirus, then they eventually sold us on firewalls, encryption, mobile control, and a lot more of their products. The synchronized security model is really what was sold flexible to the product.

How was the initial setup?

Initial configuration was super simple. I am a network engineer, so simple to me may not be simple to someone who does not understand routing and switching. When we were told we were switching to Sophos UTM, I downloaded a trial of the virtual firewall and was able to get it up and running in about an hour with no prior training. After actually going to the training courses provided by Sophos, configuration became even easier.

What's my experience with pricing, setup cost, and licensing?

I am not in sales and cannot comment on this. I design and implement network configurations. 

I would recommend to follow Sophos’ sizing guidelines for choosing which license and model to use. Sophos has their own way of going about this and supplies partners with all the information required. If you follow their documentation and guidelines, there should be zero questions about licensing and sizing. 

Sophos also offers free training when selling their products from within the partner portal.

Which other solutions did I evaluate?

As a networking engineer, all new products in this category interest me. I find myself testing a lot of different products personally. Here at Flexible Systems, I did not try any other products prior to switching to Sophos. Since we are an MSP, we have had plenty of exposure to many brands of firewalls (Cisco ASA, SonicWall, WatchGuard, Fortinet, ADTRAN, and Edgewater). I personally would choose the Sophos UTM over any other product, including the Sophos XG platform.

What other advice do I have?

I can’t recommend this product more! 

Though, stay away from the wireless models, since you cannot put them in HA. They start to give you some weird issues once you start getting into multiple SSIDs and networks. The number one piece of advice is to read and follow the sizing guide, if you do not, you will undersize the firewall. 

Just to reiterate:

  • Configuration could not be made any easier.
  • The product is extremely intuitive.
  • It does not take much effort or thinking to understand how it works.

My company has rolled out devices as small as the SG 105 and as large as the SG 330. I personally have an SG 210 in my home. I have gone through all the training involved for configuration and implementation. I also use the product at home and have been extremely happy with Sophos UTM overall. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Platinum partner.
it_user801675
Network Administrator at a government with 11-50 employees
Real User
Web Server Protection is an elegant solution and can even hide the server's base system

Pros and Cons

  • "It is not an easy task to protect your web servers from the big bad internet. The Web Server Protection in this solution does it elegantly and, if configured correctly, even hides the server's base system from prying eyes."
  • "The UI can be cumbersome and, sometimes, features are not where you think they should be."

How has it helped my organization?

We use to use a sort of "security as a service," and I had all kinds of issues getting visibility into the system to see if there were issues with my network. That is no longer a problem, I can now see every packet that passes in and out of my network.

What is most valuable?

To me it is the Web Server Protection, it is not an easy task to protect your web servers from the big bad internet. This solution does it elegantly and, if configured correctly, even hides the server's base system from prying eyes.

What needs improvement?

The UI can be cumbersome and, sometimes, features are not where you think they should be.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

No stability issues at all.

What do I think about the scalability of the solution?

Our current use of the product doesn't need any scaling out.

How are customer service and technical support?

Their support is prompt and will find the issue for you.

Which solution did I use previously and why did I switch?

We were using an offsite solution that was at least 20 times the cost over a year.

What's my experience with pricing, setup cost, and licensing?

Go to a vendor and let them assess your needs so you can get a right-sized device.

What other advice do I have?

I use it in a self-hosted implementation.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user701427
Snr Dev Ops Engineer at a tech services company
Real User
Define your requirements and find what best suits you

Pros and Cons

  • "It allows our developers to be able to securely log into servers to deploy and manage software."
  • "It has allowed us to design a bespoke cloud space for our clients, while still having an excellent level of protection."
  • "There is absolutely no support when using AWS. If you buy the on-premise Sophos solution, you get support."
  • "It is a pretty straightforward setup, but it should be some sort of documentation that takes you step-by-step to help set it up for your VPC."

What is our primary use case?

We have quite a lot of web service hosting, either websites or hosting APIs. We use Sophos as a two-factor authentication process. So, if they are outside or working in a remote office, they will need to use the Sophos VPN, which is gotten from the Sophos UTM, then ideally they will be developers. However, they can also be BI guys, DevOps people, etc. 

Sophos UTM allows you to compartmentalize different sections or different people, having those people connect to different services.

We use it for primarily for two-factor authentication, for VPN to allow employees security access the servers and to ensure people do not access things they should not have access to.

How has it helped my organization?

  • It has allowed us to have one solution for our AWS needs.
  • It allows our developers to be able to securely log into servers to deploy and manage software.
  • It has allowed us to design a bespoke cloud space for our clients, while still having an excellent level of protection.

What is most valuable?

  • The combination of server protection
  • Seamless incorporation with AWS
  • Its VPN feature

What needs improvement?

You (currently) need to buy the Sophos software per availability, zone, and per VPC. It should offer an account-based solution.

When you buy a Sophos license, you have to buy a license for each location. We have clients in the US. We have clients in Ireland. We have clients in the UK. With GD-PI coming, the clients' data needs to stay in-house, so when you buy the Sophos license, it only works for the UK. Then, you have to buy another in the USA and another one in Ireland, then you have to have a VPN tunnel between all of them to have them talk to each other because Sophos blocks them talking to each other.

So, ideally, a multi-VPC or a multi-talented Sophos would be great because it would take away the fact that you need to build a tunnel and you have one management console for all your different locations. Instead of having three different locations with three different IP addresses and having to add users to probably two out of three, sometimes all three, having just one centralized location would be good.

What do I think about the stability of the solution?

No, we did not. Backups were done daily, and its Linux backend gave us no issues.

What do I think about the scalability of the solution?

Adding new servers was seamless. Adding new users and allowing for VPN access was also fantastic.

How are customer service and technical support?

For the AWS version, it was atrocious. None really. For the bespoke cloud space that we designed though, they were very good.

To further clarify, there is absolutely no support when using AWS. If you buy the on-premise Sophos solution, you get support and you get all the stuff. Whereas if you are using the AWS version, you do not. So, you kind of have to research. There's something simple really which affects Sophos quite a bit during setup. 

Which solution did I use previously and why did I switch?

No, we didn't. It was our first choice and it was definitely a good one.

How was the initial setup?

For a user who hasn't done it before, it may be a bit complex but with a general understanding of networks, it was fine.

However, when you build everything up using the AWS version (setup), it actually does not work until you write it on the Sophos UTM and in the networking, you have to change the source destination check. You have to do that at the end of it, but there is nowhere in the documentation or anything where it tells you that. It was just somebody happened to find that out. It is a pretty straightforward setup, but it should be some sort of documentation that takes you step-by-step to help set it up for your VPC. There really is not that much difference setting it up in different VPCs, but there is not enough information out there. It is a very good solution that a lot of people would be using more of except you are doing different things, and you have to try and figure it out yourself. 

The support, there is none; AWS themselves, they support it the best, because they have some knowledge of it, but they do not fully support it because it is not their product. It is a third-party product.

What's my experience with pricing, setup cost, and licensing?

Licensing is a bit complicated, as it is based on products -- so define your requirements and find what best suits you, as you do not need the whole suite of software they provide.

For AWS, it is pretty straightforward. You buy it, then you have all your licenses that you need, approximately 60 or 70, or it might even be unlimited. However, that is for one margin to expand to different margins. If you have an on-premise AWS, or one of our clients wanted on-premise AWS Assistant, the problem is to build the Sophos UTM on it. We get the software, then the licensing was not explained well because when you buy the licenses, you buy five (or 50) licenses, that is for the first module. So if you expand to second module, you have to buy more licenses of that. 

Again, it is one of those things where it is not well explained. Unless you are in the United States, or you have to use Sophos, you can't contact Sophos directly. You have to use a third-party company, and they all have different ways of how they explain their licensing. So, we have clients that want the database on-premise, and we went to get the Sophos licensing system and stuff like that. It was just they were doing it a different way to who we had in Ireland, so the conformity is a bit iffy. 

It is one of those things where it is not very well explained, so it is a lot of grunt work, a lot research has to be done before you progress, and there are the pitfalls that you encounter. There are quite a few of them. Once you get it working, it is a fantastic product. It is just getting it that is the issue. 

Which other solutions did I evaluate?

We looked at a few, but I can't remember right now.

What other advice do I have?

Great product which works without issues or downtime.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user693984
Consultant at a manufacturing company with 1,001-5,000 employees
User
Supports all the traditional firewall components, but the install was slow due to the GUI

Pros and Cons

  • "The UTM features are reasonably strong and the patterns are updated on a regular basis"
  • "The lack of import/export functions for network and service options drives me mad."

What is our primary use case?

  • Providing the firewall to my small business office. We run it on a fanless PC and a supporting 50Mb/s VDSL connection.
  • Supports 10 devices and has 40 rules.
  • Using UTM and IPS extensively.

What is most valuable?

  • Using the Home version to help Sophos develop the XG. I have not used the earlier UTM, which colleagues have recommended.
  • The UTM features are reasonably strong and the patterns are updated on a regular basis
  • Supports all the traditional firewall components

How has it helped my organization?

Not applicable.

What needs improvement?

  • The lack of import/export functions for network and service options drives me mad.
  • No route to NULL
  • No Dshield.org integration

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

No.

What do I think about the scalability of the solution?

Not applicable. 

How are customer service and technical support?

Not applicable.

Which solution did I use previously and why did I switch?

Originally Cisco 871 IOS IP Advanced Security, then Juniper SSG20, which was getting old and service contracts were too expensive.

How was the initial setup?

Slow because of GUI and lack of .csv style object import.

What about the implementation team?

In-house

What was our ROI?

Not applicable.

What's my experience with pricing, setup cost, and licensing?

If you can afford it, go for a small Check Point, as it is easier to manage.

Which other solutions did I evaluate?

Linux ipchains and modern equivalents.

What other advice do I have?

Takes awhile to build a comprehensive rule set because of the relatively slow Web GUI.

If you build, backup, restore and reconfig between the boxes.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Network Engineer II at a legal firm with 1,001-5,000 employees
Vendor
Configuring the network was the easiest part of implementation, but the internet failover needs to work better.

Pros and Cons

  • "If a computer does get infected the Sophos appliance lets us know via it's Advanced Threat Protection so we can get a much faster response time."
  • "As it stands right now, when we have an internet failure on WAN1, it takes several minutes before our WAN2 connection picks up the traffic"

What is most valuable?

  • Firewall
  • NAT
  • Intrusion prevention
  • Site-to-Site VPN
  • Web filter
  • Anti-virus

How has it helped my organization?

Before using the Sophos appliance, we consistently struggled with users clicking on things they shouldn't be. This led to virus/malware infections that seemed to propagate through the network at an alarming speed. Since we incorporated the appliance into our network, we don't have to worry as much since it does in-line virus checking, and if a computer does get infected the Sophos appliance lets us know via it's Advanced Threat Protection so we can get a much faster response time.

What needs improvement?

I wish the internet failover worked better. As it stands right now, when we have an internet failure on WAN1, it takes several minutes before our WAN2 connection picks up the traffic, with many things not working until I manually fail over to the other WAN.

For how long have I used the solution?

I've used it for seven years.

What was my experience with deployment of the solution?

Initially, we had issues configuring the web filter and getting the right policies applied to the right users. After several calls to Sophos, they were able to assist us in getting to where we wanted to be. Other than that, deployment was easy as long as you pay attention to what you are doing and have the setup guide handy for any questions you have.

What do I think about the stability of the solution?

The appliance has been very stable, only being rebooted to apply patches for security vulnerabilities, which fortunately is not very often.

What do I think about the scalability of the solution?

The UTM 220 has served our purposes very well, it has allowed us to scale up on the computing side as well as the server side with no issues at all.

How are customer service and technical support?

Customer Service:

Their customer service is fantastic.

Technical Support:

I have never had an issue go unanswered when I've had to involve Sophos technical support. Above all, it's their technical expertise that truly sets them apart from other vendors we have tried.

Which solution did I use previously and why did I switch?

We did originally try to use PFSense. The software was hard to use, and the level of technical expertise was not good. Ultimately, after several demos of both products, we decided that Astaro (at the time we purchased our original device) was the right vendor to work with. Since that time, Sophos purchased Astaro and it would appear that they kept a lot of the same people working on these devices because the transition was smooth, and the level of knowledge never faltered.

How was the initial setup?

The initial setup was very straightforward. I will say that you do need to have a certain level of knowledge to set up the more advanced functions. Configuring the network was the easiest part, and the firewall was very straightforward once you figured out exactly what rules you needed to put in place. NAT was a bit confusing to start with, but once you went through the process it was easy. Intrusion prevention was easy to set up, flip the switch to the on position and decide what rules you want to apply. Web filtering took a few calls to Sophos to set up properly, as we were trying to set up filtering policies based on Active Directory groups, and were not successful in the initial configuration, but we did finally get this implemented.

What about the implementation team?

I implemented the product in-house. The one bit of advice that I can give is to organize yourself prior to deployment. Determine what services you want to utilize in your environment, and focus your learning to those parts of the guide, this will make your deployment much easier.

What was our ROI?

Our return on investment is the fact that we are protecting the business' data, lowering administrative costs, and are better able to manage every bit of our network security.

What's my experience with pricing, setup cost, and licensing?

The licensing model is very straightforward, it's a bit pricey, but for what you get, it's well worth it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Quality Officer at a tech services company with 10,001+ employees
Consultant
I know I am secure against threats from the internet

What is most valuable?

The IPS and endpoint protection function.

A standard Firewall of an access router, monitoring up to OSI level 4, is unacceptable anymore these days. The endpoint protection solution is integrated, thus running along with the notification function.

How has it helped my organization?

All the necessary functions being incorporated into one solution with notifications configured, I know I am secure against threats from the internet. (Up to the limits of the solution in the constantly evolving and dangerous Internet).

What needs improvement?

  • A cleaning up function to remove unused references.
  • A dashboard to show that the various parts of the solution really do their tasks and not only have been activated or configured (e.g., From the live log of the IPS function it is difficult to understand if the solution (snort) is running or experiences a problem and has stopped working.
  • The possibility to add the sandbox (and possible future) function, paid for, to the free Home version.

For how long have I used the solution?

I've used this solution for three years.

What do I think about the stability of the solution?

Some with the IPS function (snort).

In my case, when restarting the system (because of an update), I doubt that snort starts correctly and do a manual restart of the IPS function (see my answer for 'Room for Improvement').

What do I think about the scalability of the solution?

No, I use the solution in a VMware environment with Intel Network interface cards.

How are customer service and technical support?

As a free home user, I have not used the support services up until now.

Once, I did upload an Office document that appeared to give a false positive, but never got a notification. I understand this because of the priorities that have to be given, but I would have liked to receive a (even small) reaction.

Which solution did I use previously and why did I switch?

I did take a look at other open source solutions, but found the Sophos UTM, being the best professional free for Home UTM solutions, full blown, and updated daily, to be the best solution.

How was the initial setup?

The setup wizard provided me with just enough insight into the basics of the solution -- to be able to start using the solution fully after some self-study and exploration of the various knowledge bases and forums.

What's my experience with pricing, setup cost, and licensing?

I looked at some open source variants but being able to use the best professional (free for the home version) product with regular updates -- convinced me to use the Sophos UTM solution at Home.

Which other solutions did I evaluate?

The instability and best effort service of a community of the open source solution did not give the right trust to depend on in the battle against the negative sides of the worldwide internet

What other advice do I have?

Start simple and step-by-step, and start using the product fully.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user700155
Network & System Engineer at a tech services company
Consultant
Sophos is number two on the market, and from my experience, even if there are some drawbacks, they have workaround solutions in the product.

What is most valuable?

RED remote Ethernet Device layer 2 site-to-site tunnel.

RED is a layer 2 tunnel based on SSL protocol that you can establish tunnel, with or without static public IP form provider and this is a feature you will not see among another vendor.

How has it helped my organization?

I have done hundreds of setups of this solution.

What needs improvement?

Sophos is number two on the market, and from my experience, even if there are some drawbacks, they have workaround solutions in the product. Every day, Sophos makes developments in the firmware that are free if you have a valid license.

For how long have I used the solution?

I've used this solution for five years.

What do I think about the stability of the solution?

No.

What do I think about the scalability of the solution?

No, correct sizing will fit.

How is customer service and technical support?

Fast response time. Easy management, good support.

What's my experience with pricing, setup cost, and licensing?

Pricing is competitive.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Business Owner at a tech services company with 1-10 employees
Real User
The technical support is really good and the representatives are very responsive.

What is most valuable?

Reverse proxy, SSL VPN, web & email protection


For me, those features were most valuable from a security point of view;


• Reverse proxy is very important for shielding application frameworks.


• For VPN, we all knew that PPTP was broken and is not secure anymore. For Ipsec, you need to have opened ports, and if you are in a hotel who only has ports 80 and 443 opened, you can’t do anything.

SSLVPN is one of the solutions. Yes, you can use DirectAccess, but there are some limitations, too.

For DirectAccess, you need to have all those computers joined in one domain.

• Web & email protection is a nice feature because you have all of those controls in one dashboard. This is of course for small and maybe some mid-size companies. For larger and enterprise, it’s another story.

How has it helped my organization?

Less and faster administration, full control of traffic, and a lot of futures included in the base price.

What needs improvement?

The goal for small companies is to have one administration dashboard -- from where you can manage antivirus for computers, firewalls, IDS, IPS, mobile phones, tablets, etc.

Sophos UTM is on the right path to getting there.

For how long have I used the solution?

Sophos UTM 135 = two years.
Sophos UTM 115 = one year.

What do I think about the stability of the solution?

No problems with stability.

What do I think about the scalability of the solution?

No problems with scalability.

How are customer service and technical support?

The technical support is really good and the representatives are very responsive.

Which solution did I use previously and why did I switch?

Cisco (didn’t achieve expectations), Microsoft TMG (end of life).

How was the initial setup?

The setup is straightforward, but I suggest hiring an expert for integration. This is your first line of defense, and there is no room for mistakes.

What's my experience with pricing, setup cost, and licensing?

Sophos UTM’s are not the cheapest but they are not the most expensive. Create a checklist of what you need, and go through it with a sales representative. They will advise the right license for your company and I’m sure you can get some discount.

Which other solutions did I evaluate?

What other advice do I have?

Create a checklist with your requirements, test the solution, and if it passes everything, implement it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user701457
IT Infrastructure Architect at a retailer with 10,001+ employees
Vendor
A firewall that allows for web filtering and application control.

How has it helped my organization?

The Sophos UTM planform has allowed us to improve or implement the following security practices:

  • Details Web filtering and user access Control
  • SaaS QoS
  • Network segmentation with firewall and IPS
  • WiFi protection
  • Web Application Proxy everywhere, inside and out
  • WAN expansion with SSL VPN and IPsec VPN over the Internet
  • Two Factor Authentication requirement for PCI compliance
  • Reduced the need for expensive MPLS deployments

What is most valuable?

The UTM/SG platform starts off with the basic functionality of being a good Firewall, adding the additional modules opens up the products set and allows for full web filtering and application control, reverse proxy, APT detection, IPS, VPNs, User portal etc.

The licensing model works very nicely to allow you to get the right protection at the right price point for the right deployment size.

In the increasingly cloud focused word the Sophos UTM’s ability to deliver Safe web access, Web Filter and Cloud Application control has gone from being a nice to have to being a must have for any size company or organization. The rich access logs it records allows you to get real insight into what your users and devices are accessing on the cloud. Native reporting is basic, but can easily be improved by adding Fastvue Sophos Reporter.

What needs improvement?

At Enterprise level the SUM (UTM Manager) needs to be updated to reflect all of the capabilities

At the Reporting level for user internet browsing the On-box Reporting is very basic and even adding the Sophos iView only give you limited improvement. Having said that, Fastvue’s Sophos Reporter provides all of this and more and integrates seamlessly with the UTM platform to unlock all of the log data’s value.

The SG platform does however not scale to a large enterprise deployment. You can deploy at scale but this is where the platform shows its age and limitations. For Large and Enterprise the better option is to go with the Sophos XG Platform.

What do I think about the stability of the solution?

Major firmware release can sometimes be buggy initially but are soon pathed and stabilized. My advice would be to sit tight for 9.x release for about a week before implementing 9.x.yyy releases often fix bug without introducing stability issues.

What do I think about the scalability of the solution?

The platform scales-out in a great way, if your deployment is basic and you do not exceed the capabilities of the current SUM. Several companies run large UTM connected networks with hundreds of site across multiple countries.

The platform scales up admirably in the format of the large tin deployments such as the SG550 or SG650 models. They are ably to handles massive throughput rates on the firewall modules but the Proxy and WAF modules cap out at a 10 000+ users or devices depending on the traffic, of course.

How was the initial setup?

For anyone with Proxy and firewall experience the setup is pretty straight forward with a wizard that will get you up and running in no time. The UTM / SG is also available in Hardware Software / Hyper-V/ AWS / ESXi / Oracle Virtual Box so you can set up a test or lab environment on almost anything to get started.

What's my experience with pricing, setup cost, and licensing?

The licensing options with virtual are great and scaling up and down is typically not an issue if you reseller is involved. Sometimes buying the hardware makes more sense than going virtual. The hardware is great and unlike the virtual licensing is unrestricted by user numbers. There are huge numbers of OS models that range from very small to very large. You will likely find a good fit for your deployment.

A great benefit is that you can migrate your Sophos SG license to a Sophos XG license in the future. You can safely Deploy on SG and later migrate over to the newer XG platform when you are ready. It offers a great feature set at a good price point.

Which other solutions did I evaluate?

Various other platforms were evaluated before choosing the Sophos SG including CheckPoint – UTM1, FortiGate, and Sophos XG (Beta – at the time). All have their own areas where they shine and should be short listed candidate for anyone looking to implement a UTM.

What other advice do I have?

Sophos is a great security partner for any organization. Investing in their suite of products gives you a good cohesive strategy for security. Adding Fastvue Sophos Reporter allows you to get better visibility into how well your UTM is protecting your environment as well as adding the ability to add real time alerts. It really adds additional features to the product without increasing the cost much and a relatively short ROI is often realized.

Disclosure: My company has a business relationship with this vendor other than being a customer: Through various methods, I have business relationship with Sophos and their reseller network. They are great guys who care more about making the internet a safer place than just extracting the maximum amount of revenue from you. Sophos listens to their customers and adds features as we request them. It really makes you feel like you have a security partner and not just a product supplier.
ITCS user
Senior IT Support Engineer at a religious institution with 51-200 employees
Vendor
The email alert on event triggers is a valuable feature. The ability to disconnect the VPN connection needs to improve.

What is most valuable?

The most valuable features are:

  • Ease of configuration of the firewall rules and routing.

  • The email alert on event triggers.

  • Internal storage for logging, as you do not have to get another server to store the logs.

What needs improvement?

The ability to disconnect the VPN connection needs to improve. Currently, in order to disconnect an existing VPN connection of a device, the admin needs to change the password of the user.

For how long have I used the solution?

I have used this solution for two and a half years.

What do I think about the stability of the solution?

We encountered stability issues more on the Web Filtering feature where certain valid websites are blocked or the video cannot be played and it requires extra exceptional configuration.

What do I think about the scalability of the solution?

There were no scalability issues.

How are customer service and technical support?

I would rate the technical support a 8/10.

Which solution did I use previously and why did I switch?

Previously, we were using WatchGuard UTM. The pricing and ease of use of the configuration were the reasons as to why we moved over to this solution.

How was the initial setup?

Setup is straightforward.

What's my experience with pricing, setup cost, and licensing?

From time to time, there is a promotion and it is more cost effective to get the 3 years subscription licensing upfront.

Which other solutions did I evaluate?

We looked at Fortinet.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user697017
Head of IT at a construction company with 201-500 employees
Vendor
Some of the valuable features are web and email protection and VPN.

What is most valuable?

All the features are valuable.

  • Web protection: Allows me to control unnecessary web traffic into the company network.
  • Email protection: Protects the company from spam and malicious emails.
  • RED and VPN: Provides an easy and secure way to connect branch offices so I can easily control them.
  • WAF and DMZ: Provides an easy and very secure way to publish your internal servers. Enables you to have more than one WAN and to use them for load balancing and controlling the traffic through them.

How has it helped my organization?

Before implementing Sophos UTM, we had a lot of problems with:

  • Malicious URLs
  • Spam
  • Unnecessary internet traffic
  • difficulties in connecting and controlling branch offices

After implementing Sophos UTM, the percentage of infected computers because of bad URLs was been reduce by 90%. A lot of spam emails were blocked. Additionally, I created a whitelist for company emails and a blacklist for unnecessary emails.

Branch offices have the same protection like the main office and communication between offices is very easy. We created rules for one-way communication for some branch offices and two-way communication for another office. You have got a lot of abilities for different configurations between offices.

But after migrating to Sophos XG and the new XG OS, things got easier, more secure, and more interesting. Specifically, we had the ability to generate different reports for different protection types, different end users, or different services.

With the new XG OS, I have better control of my network and I can easily detect malicious and unnecessary traffic.

For how long have I used the solution?

We used UTM for four years, and XG for one year.

What do I think about the stability of the solution?

At the beginning, there were stability issues, due to a poorly configured switch. I had problems with HA, but after that, there were no stability issues.

How are customer service and technical support?

I only contacted technical support five or six times. They were very professional. I will rate them as excellent.

Which solution did I use previously and why did I switch?

We did not use a different solution before this one.

How was the initial setup?

The initial setup, at the beginning, was very complex. After some time, everything got clear. I did the migration of UTM to the new OS XG by myself and I didn't need help from technical support.

What's my experience with pricing, setup cost, and licensing?

Think twice when you are choosing your Sophos UTM/XG. I made a mistake the first time because I needed more powerful hardware for my network. I did not choose very well. The price and the license are definitely elements for which you must think twice. I had excellent cooperation with the Sophos sales team and my mistake was quickly resolved.

Which other solutions did I evaluate?

We evaluated SonicWall, Palo Alto, and Untangle.

What other advice do I have?

I love all Sophos products, but the combination of Sophos XG, Sophos RED, and Sophos advanced endpoint protection with intercept X is something that all IT professionals and security officers will love and want to have.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user472113
Systemadministrator at MCON Group GmbH
Real User
It is for beginners and hardcore professionals.

What is most valuable?

All the features are similar; we are real, hardcore users of the Sophos UTMs.

How has it helped my organization?

This product is for beginners and for hardcore professionals; beginners can get their feet wet and professionals can easily look into the product.

What needs improvement?

Certificate Management should be improved.

For how long have I used the solution?

I have used this solution since 2014, i.e. for around three years.

What do I think about the stability of the solution?

We have over 30 Sophos UTMs running. There are some that are not stable, because of the bridges used or ISP used (Cisco vPCs/Dell MLAGs etc.).

What do I think about the scalability of the solution?

The Sophos UTM Internal DB sometimes has problems which affect its scalability.

How are customer service and technical support?

Technical support is very good, but only to the distributor. Support is poor if the distributor escalates to the vendor or we complain directly to the vendor.

Which solution did I use previously and why did I switch?

It was not a change; in general, we have used many firewall vendors, but no one is as good as Sophos UTM.

How was the initial setup?

The initial setup is easy.

What's my experience with pricing, setup cost, and licensing?

Unfortunately, the pricing is very expensive, but for licensing, there are some "cheap" options for some scenarios.

What other advice do I have?

If you'd like to look into a system which is very robust and hardcore, then select Sophos UTM.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Elías Björnsson
Senior IT Consultant at a tech services company with 51-200 employees
Consultant
Great security and logging.

What is most valuable?

Great security and logging. Easy GUI.

What needs improvement?

It really needs to update IPSec to enable IKEv2.

For how long have I used the solution?

Two years.

What was my experience with deployment of the solution?

No.

What do I think about the stability of the solution?

No.

What do I think about the scalability of the solution?

No.

How are customer service and technical support?

Customer Service:

Customer service is great and responds really fast.

Technical Support:

Technical support might be a bit better and there are not enough easily accessible guides.

Which solution did I use previously and why did I switch?

Previously used the OpenSource pfSense which works great, but Sophos adds the little extra that is needed in security.

How was the initial setup?

Straightforward.

What about the implementation team?

In-house.

Which other solutions did I evaluate?

I evaluated pfSense, and still go with pfSense where IPSec to AzurePack services are needed because Sophos does not support IKEv2.

What other advice do I have?

At first I did not like Sophos UTM but after second setup and config I liked it a lot and now recommend it to all my customers. It has great security features, and together with Sophos Endpoint Protection it works perfectly.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
IT and Data Security Manager at a tech services company
Consultant
An Excellent Product, easy to understand for an experienced engineer
The Sophos UTM products helped us manage and a global network of more than 20 sites.  Their ability to firewall, filter and monitor network traffic and provide VPN connectivity really helped us day to day with such a complex network. We chose the product initially because the user interface was simple to understand and made sense without requiring a long training course for an experienced network engineer to utilise.  Central Management is made easy with the Sophos UTM Manager which allows you to set configurations, see patch status and pull reports from all your estate. While the product was originally with Astaro the low end (1xx) units had serious reliability issues and support was extremely challenging to engage with. However, once…

The Sophos UTM products helped us manage and a global network of more than 20 sites. 

Their ability to firewall, filter and monitor network traffic and provide VPN connectivity really helped us day to day with such a complex network.

We chose the product initially because the user interface was simple to understand and made sense without requiring a long training course for an experienced network engineer to utilise. 

Central Management is made easy with the Sophos UTM Manager which allows you to set configurations, see patch status and pull reports from all your estate.

While the product was originally with Astaro the low end (1xx) units had serious reliability issues and support was extremely challenging to engage with. However, once Sophos took over their world class technical support teams soon brought responsiveness up to the level I would expect from a premium product. And the newer hardware is much better quality.

The ability to have either software, hardware or virtual appliances allows excellent freedom of choice.

High Availability is easy to configure and works really well, with options to have either active \ active or active \ passive depending on your needs and budget.

The fact you can use the full product for Free at home is a wonderful idea for engineers to become more familiar with the product and keep their skills up to date.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Senior Technical Consultant with 51-200 employees
MSP
Sophos UTM vs. Fortinet FortiGate
I have used both Sophos and Fortinet products in production and I have found the Sophos UTM appliances (hardware and virtual) to be a better fit most of the time -- with a few caveats which I will touch on below. In both instances, the transition from TMG will be mostly straightforward. The main hang-ups will be with the VIP/load balancing and SSL. For some reason that completely escapes me, both of these vendors make getting valid certificates onto their boxes unnecessarily difficult -- the Fortinet appliances more so than the Sophos UTM appliances. At one point a Fortinet engineer had to write an entire manual on how to get an SSL certificate uploaded successfully on the 4.x firmware. Sophos: The one feature that is missing (and this makes some amount of sense) from the Sophos…

I have used both Sophos and Fortinet products in production and I have found the Sophos UTM appliances (hardware and virtual) to be a better fit most of the time -- with a few caveats which I will touch on below. In both instances, the transition from TMG will be mostly straightforward. The main hang-ups will be with the VIP/load balancing and SSL. For some reason that completely escapes me, both of these vendors make getting valid certificates onto their boxes unnecessarily difficult -- the Fortinet appliances more so than the Sophos UTM appliances. At one point a Fortinet engineer had to write an entire manual on how to get an SSL certificate uploaded successfully on the 4.x firmware.

Sophos: The one feature that is missing (and this makes some amount of sense) from the Sophos appliance is BITS caching for updates. Other than that, Sophos offers a full replacement for TMG on UTM9. The XG platform also offers a replacement for the TMG; however, some of the rumblings about upcoming releases suggests that Sophos is going to give XG the Apple iOS treatment and "streamline" the interface...potentially cutting out/hiding some functionality. On the effectiveness of the NGFW, Sophos is mostly good but has a few issues blocking all pieces of an application. For instance, we had to build custom blocking rules for OpenVPN (the vpn was being used to bypass the content filter) because the default Application Control wasn't effectively blocking the application.

Fortinet: If it wasn't for Fortinet's terrible tech support we would still be deploying Fortigates exclusively. So perhaps that answers your last question right upfront. FortiWeb is not absolutely required for what you are proposing; however, the FortiWeb does make the transition from TMG much easier as the FortiWeb is purpose-built to do what you are requiring. Related, the AD-integration used with Fortinet is one of the strongest implementations we have used: The SSO agents ability to poll data from the DCs without an agent allows the use of SSO with non-Windows machines that are bound to AD, which we have used extensively at both educational institutions and shops running CentOS. Transitioning to Fortinet is relatively simple: The UI makes a lot more sense than it did in the old 4.x releases, the firewall rules are straight-forward, and the reverse proxy settings are well-documented.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Technical Consultant at a tech services company
Consultant
It's provided us with unified threat management as well as comprehensive lists of reports, although we can't currently run 2.4 Ghz and 5 Ghz bands simultaneously.

What is most valuable?

  • Firewall
  • Intrusion Prevention
  • Web Filtering
  • SMTP Proxy
  • Red (VPN Appliance Box for remote sites)

How has it helped my organization?

The product has provided us with unified threat management as well as comprehensive list of reports.

What needs improvement?

Their new product range which is the new SG Series UTMs, especially the wireless versions, should at least include two radios for 2.4 Ghz and 5 Ghz bands. Currently we can only run one or the other, but not both.

For how long have I used the solution?

I've used it for around 18 months.

What was my experience with deployment of the solution?

No at this stage.

What do I think about the stability of the solution?

Only thing we have noticed as of late was that their firmware updates break something else that was working in a previous version. Only noticing this on some customers though not all customers.

How are customer service and technical support?

They're great.

Which solution did I use previously and why did I switch?

I’ve used other products like NetboxBlue, SonicWALL in my previous roles. We chose the Sophos UTM because of pricing, rich feature set and the fact that it can be either a Virtual App or Hardware Appliance.

How was the initial setup?

The initial setup was very straightforward. It was done through a wizard and there not much needed doing while setting up the UTM.

What about the implementation team?

We are a reseller so we use the same product that we sell to our customers. That’s how much we love the product.

Disclosure: My company has a business relationship with this vendor other than being a customer: We're a Sophos Gold Partner.
ITCS user
Senior Expert for Microsoft infrastructure at a computer software company with 51-200 employees
Vendor
It provides firewall, proxy, and VPN in one solution, but be prepared to follow the Zeroeth Rule during implementation.

What is most valuable?

  • SSL VPN
  • HTML5 VPN portal
  • Application control
  • Reverse proxy
  • Web filtering

How has it helped my organization?

We used several vendor products before UTM, and now it is all in one box - firewall, proxy, and VPN. Sophos is much easier to manage and configure.

What needs improvement?

Every product has room for improvement.

For how long have I used the solution?

I have used it for three years actively with several projects utilizing UTM.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

No issues encountered.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

We don't have direct contact with Sophos support so I can’t rate the level of customer service and technical support properly.

Which solution did I use previously and why did I switch?

I did. Sophos UTM is far more easier to configure and it is very intuitive with configuration.

How was the initial setup?

Setup is easy and straightforward. It is a browser based tool, so you can access it from every location, and with different operating systems.

What about the implementation team?

We did it in-house.

What other advice do I have?

I have some technical advice, but generally, always prepare steps to implement Sophos UTM and test your implementation before using it in production environment.

The Zeroeth Rule:

Start with a hostname that is an FQDN resolvable in public DNS to your public IP. If you didn't do that, start over with a factory reset; it will save you hours of frustration.

  1. Whenever something seems strange, always check the Intrusion Prevention, Application Control and Firewall logs
  2. In general, a packet arriving at an interface is handled only by one of the following, in order, DNATs first, then VPNs and proxies and, finally, manual routes and manual Firewall rules, which are considered only if the automatic Routes and rules coming before hadn't already handled the traffic
  3. Never create a Host/Network definition bound to a specific interface. Always leave all definitions with 'Interface
  4. When creating DNATs for traffic arriving from the internet, in "Going to:" always use the "(Address)" object created by WebAdmin when the interface or the Additional Address was defined. Using a regular Host object will cause the DNAT to fail as the packets won't qualify for the traffic selector.
  5. In NAT rules, it is a good habit to leave a field blank when not making a change. In the case of a service with a single destination port, this makes no difference. In the case of a service with multiple ports, or a Group, repeating the service makes the NAT rule ineffective.
  6. There are only four reasons to sync users from AD to the ASG/UTM:
    • The user should be able to log on to a Remote Access VPN that uses certificates to authenticate the user
    • Email Protection is enabled and the user should receive Quarantine Reports and be able to manage personal black/whitelists and/or use Email Encryption/Signing
    • You want to do Reporting by Department for Web Protection (and I consider it a bug to require this when doing AD-SSO)
    • You want to use the Authentication Agent to populate "username (User Network)" objects
    • There's no other reason to sync users to WebAdmin - certainly not with AD-SSO
Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user243894
Systems Engineer at Base-2 ICT Services Ltd
Consultant
The reliability of the equipment makes it possible to provide stable connections but IPSEC site-to-site VPN connectivity needs to be improved.

What is most valuable?

  • Reliability
  • Usability
  • Number of features that fully cover goals
  • Perfect support
  • Possibility to get “under the hood”

How has it helped my organization?

The Sophos solution provides a branch to head office distributed network for a construction company across New Zealand, and the reliability of the equipment makes it possible to provide stable connections and is easy to implement and support.

What needs improvement?

Would be great if it would be possible to improve IPSEC site-to-site VPN connectivity over slow/unstable internet connections.

For how long have I used the solution?

This particular configuration has been in use for about two and a half years.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

Very rare cases of appliance lost admin password or web-service hangs.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

Since I’m an engineer, I probably cannot evaluate this aspect, however as far as I know equipment order and upgrade was always fine

Technical Support:

4.99 out of 5 – support is very helpful, only once there were misunderstanding about licensing and number of supported Sophos WAPs and that was resolved promptly and fully.

Which solution did I use previously and why did I switch?

For this project, the Sophos infrastructure has been planned and deployed from the start and there has been no need to change it

How was the initial setup?

It's logically straightforward and the transparent interface made possible a quick deployment. However, a little time was needed to get familiarized with the interface.

What about the implementation team?

It was implemented in house.

What other advice do I have?

Nothing is perfect, but with Sophos those are really small – sometimes it is incorrect firmware upgrade paths, or rare log in problems (device forgetting admin password). All those though can be fixed, there is plenty information in the Internet and support is usually awesome. Also, you need to plan the solution and costs involved, while having in mind potential growth of users/connections; e.g. creating virtual appliances and allocating resources (RAM, CPU, NICs) minding potential workload.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user241089
IT Security & Audit Manager at a tech services company with 51-200 employees
Consultant
It is full of options, but the web filtering engine needs to be improved.

What is most valuable?

They are all valuable, but the most valuable is the uplink balancing. This is very useful when dealing with more than one ISP, and the wireless capability for our guests.

How has it helped my organization?

It's scalable and easy to manage.

What needs improvement?

The web filtering engine needs to be improved as, sometimes, the service hangs for a while and restarts randomly. Alas, there was an issue with authorizing Lync traffic but it's all good now.

For how long have I used the solution?

I've used it for eight years.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

Rarely.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

It's good.

Technical Support:

It's acceptable because sometimes there are delays with answering our requests. We are using the regular support, so we don't have the ability to contact Sophos directly.

Which solution did I use previously and why did I switch?

We did, and we switched due to the costs and the functionalities.

How was the initial setup?

It was very easy.

What about the implementation team?

We used a vendor team to implement it.

What other advice do I have?

It's a nice product that is full of interesting options.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user230352
Support Engineer at a tech services company with 51-200 employees
Consultant
RED appliances and APs make a difference, however, performance is suffering under high traffic usage.

Valuable Features

I think the RED appliances and APs make a difference, and add value to Sophos. Also, it is easy to configure, robust and is a stable appliance. The licensing is great, because you don't have to pay the same license fee for a standby appliance.

Improvements to My Organization

Actually, we were not used to firewalls in our organization, but I was working at a distributor previously so I had a chance to do many demos. The customers like its GUI because it's easy to manage and RED takes attention of the customer which has distributed locations like shops, cafes, fast food stores etc.

Room for Improvement

They should have more powerful appliances. The appliances throughput and performance is suffering under high traffic usage. Also, I think they need better appliances for enterprise and high end customers.

Use of Solution

I've used it for one year.

Deployment Issues

Because we have local laws about logging, we had to get permission to develop a logging mechanism. Also, we had lots of requests to improve URL filtering categories.

Stability Issues

I had an issue with transparent mode in a demo, but mostly it is a very stable appliance and software.

Scalability Issues

Sophos has a sizing guide which is a great during the planning phase in ensuring you are getting the sizing right. I have used it many times when I preparing customer demands. I haven't had any problems yet.

Customer Service and Technical Support

Customer Service:

I was working with Sophos' Germany office, and they always supported me. It was really great working with them.

Technical Support:

They're 6/10. I had many cases, but they don't like to do a remote session immediately. To be honest, I have worked with better support teams from other vendors,.

Initial Setup

It is very easy.

Implementation Team

I implemented it but got help from the vendor when I got stuck wit something. They are great.

Other Advice

It is great solution for customers who have small, branch offices. I would advise you get Sophos for distributed locations (with RED and APs).

Disclosure: I am a real user, and this review is based on my own experience and opinions.
SrEngineer672
Consultant at a tech services company with 51-200 employees
Consultant
Sophos's web filtering & SMTP filtering is much better than SonicWall which we previously used.

What is most valuable?

Firewall and Web Protection

Advanced Threat Protection is a good "dashboard" feature to see if there is any network issues

How has it helped my organization?

Its a key point of keeping your network secure which once setup requires minimal ongoing monitoring. Also this unit can act as the whole security suite so everything in your network is protected.

What needs improvement?

Its identification of users without the need of setting up Proxies or Identity software could be better, that is probably the trickiest section to setup.

For how long have I used the solution?

2 years

What was my experience with deployment of the solution?

No issues other than ensuring what has been configured matches the requirement of the company/client.

What do I think about the stability of the solution?

The only stability issue we have encountered was an update caused the unit to over process things. Everything kept running but it did slow down Internet access because of this.

What do I think about the scalability of the solution?

I have only done basic High Availability setup which is very good but not Scalable solutions. However, as long as you follow the sizing guides and get the right UTM for the company there has been no issues.

How are customer service and technical support?

Customer Service:

Excellent

Technical Support:

Not outstanding but I have noticed significant improvements over the last 12 months

Which solution did I use previously and why did I switch?

We used to use SonicWall. I still think its a good product though its web filtering and SMTP filtering were no where near as good as Sophos UTM. The reason we switched was the partner relationship between Dell and the IT Solutions company soured.

How was the initial setup?

You can setup the unit in simple mode and get 90% of what you want done. That is very straightforward

You can also setup each component manually. This requires understanding of the unit but even that is not difficult.

Probably the only difficult part of the Sophos UTM is the WebControl as this can be setup many ways. Ensuring you have mapped out a solution that is adaptable to the company is probably the most complex part.

What about the implementation team?

As we are a supplier, we bounce off ideas with their sales engineers. They are excellent.

What was our ROI?

Unsure as I don't deal in the money side of things but I think the clients get excellent returns as their security is totally covered if they include EndPoint protection.

What's my experience with pricing, setup cost, and licensing?

Most companies I have dealt with handing them a unit find they don't have to do much ongoing work on the unit. Once its working, its working and adjustments to rules and policies are easy.

Which other solutions did I evaluate?

No, we had a good relationship with Sophos and after comparing it to our previous solution (SonicWall) we were convinced it was a good product.

What other advice do I have?

If you are a IT Consultant shop, become a partner and do the training.

If you are the IT of a company, you can either get a IT Service company to set the unit up for you or if you are confident with firewalls you can purchase premium support to get assistance for troubleshooting purposes.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are a business partner with Sophos
it_user233997
IT/Telecom Specialist at Prewest
Vendor
The web application firewall is a good feature, despite it limiting you to only using ports 80 and 443.

What is most valuable?

The web application firewall and web filtering. We are using the UTM to be the gateway for the private cloud solutions we offer.

How has it helped my organization?

Easy management of the firewall, with one URL to control the firewall/web filters for our entire cloud.

What needs improvement?

HA needs to be improved for the software appliance because if Sophos is deployed in ESXI/Hyper-V then the HA is unstable. Also, the web application firewall only allows the use of ports 80 and 443, and if we could use others ports than that would be a welcome addition.

For how long have I used the solution?

For two years now in our datacenter, and also several deployments at some of our customers.

What was my experience with deployment of the solution?

Setting up the link aggregation group (NIC teaming) gave us some problems with the ethernet VLAN option for WAN, but after a firmware update, the issue was resolved.

What do I think about the stability of the solution?

If you enable the intrusion prevention option in the firewall any Wordpress deployments on a Plesk server behind the firewall slows down to a crawl, and there is no fix yet. The current workaround is disabling the intrusion prevention option at the moment.

What do I think about the scalability of the solution?

No issues yet.

How are customer service and technical support?

Customer Service:

7/10. Getting a new license for the SG220 sometimes takes a long time, but they will give you a 30 day demo license to compensate for it.

Technical Support:

9/10. Any question or issue is solved within minutes after calling technical support.

Which solution did I use previously and why did I switch?

SonicWALL was our previous product, and we switched to Sophos because of its ease of use.

How was the initial setup?

When you start the initial setup you`re helped with wizards, but if you use the software appliance and make a mistake by selection wrong interfaces in the wizard it can result in the firewall becoming unreachable.nThe hardware appliance is (almost) plug & play.

What about the implementation team?

We implemented it in-house.

What was our ROI?

It's around six to nine months.

Which other solutions did I evaluate?

We looked at several open-source firewall options whose names I will not mention, and the reason we did not use them was because of the ease of use, and what our support desk could do.

What other advice do I have?

If you want an easy to manage, and powerful firewall then take look at Sophos UTM.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are a reseller of the Sophos UTM and or other product of Sophos.
ITCS user
CEO, Technologist with 51-200 employees
Vendor
Comprehensive UTM Product, scale-able, fast, understandable user interface

What is most valuable?

Proven UTM technology, excellent security and threat management are valuable features. The fact that I can provide scalable solutions for a SoHo environment on a small appliance, run on my own PC/server or even a virtualized environment allows me to accommodate almost any business, regardless of size. The software works in the same way across all the models. I have managed all my clients via the Sophos UTM Manager, a centralized console. I am a MSP, so having a centralized system to managed and maintain all of my client UTM firewalls is just gravy.

Customers appreciate the extensive built in reporting, rock solid IPS and security features. Coupled with a centralized Wireless and Remote Ethernet Device (RED) Device extends my service offerings. Lastly, the Total Protect bundle offers an affordable, comprehensive solution for the SMB market.

How has it helped my organization?

Using the SUM (Sophos UTM Manager) Central Console, each client UTM is configured to report to my RMM and CRM system for monitoring, SLA, ticketing, and support. We can administer a majority of our management such as firmware updates from our Sophos UTM manager. With many other products, this needs to be done and case by case basis.

We also schedule weekly automatic backups of the clients UTM configuration. These backups are emailed to our support portal and preserved. We keep spare/loaner equipment in stock so if a client’s UTM has a catastrophic failure, we prep a spare unit, apply their most recent configuration, and within 5 minutes have a functioning loaner unit we can deliver while their warranty replacement is processed. A simple drive to the client’s location and a swap out is done which gets them back in business on the same day. You can also get a 30 day full trial license for appliance or software. My sales staff can place a 30 day trial of fully functional unit as part of a proof of concept.

What needs improvement?

The unit offers great failover and load balancing features that can be complex to understand, some streamlining of the process would help. More predefined port rules would help the novice user/technician as well.

For how long have I used the solution?

I have been a Sophos/Astaro Partner for over 10 years. I started with Astaro v6 and have continued with them following their acquisition by Sophos a few years ago. The product keep getting better and better. I have over 200 units I have installed and managed. I am currently selling the SG Series with UTM v9.309. The SG series have models that fit small business up to large enterprise environments.

Alongside the hardware versions, we also use a virtualized version running UTM 9.

What was my experience with deployment of the solution?

The only issues I have, have been due to human error.

What do I think about the stability of the solution?

The solution is very stable if you size the unit to the environment. An SG125 is great for a 25 person office with web, email filtering, application control, etc. but it would not work well in a 100 person office. You need to know the proper sizing prior to deployment.

What do I think about the scalability of the solution?

As stated, unit needs to be scaled to the environment. So if I don’t do my job of understanding the client's environment, it is possible to undersize the unit just like every other product. For clients who are planning major growth, we tend to sell either a virtualized UTM or software base unit. Then it is simply a matter of adding license capacity, RAM, CPU, etc. when needed.

How are customer service and technical support?

Customer Service:

They have a great account team and customer service is solid. 85% of the time the issues are resolved on the same day, and 97% by the next business day.

Technical Support:

They have excellent technical support. I can submit a ticket request via their portal, with a call, etc. I can get someone 24/7 and usually within an hour. They also have a great escalation procedure.

Which solution did I use previously and why did I switch?

I have used many, such as SonicWALL, Cisco, Juniper, WatchGuard, and FortiGate. Sophos is consistent and deep in their solutions and I like a consistent platform and support.

How was the initial setup?

Simple small offices are a breeze. We have some template configurations, which only require us to stage and activate a license(s), install a basic template and modify the interfaces to meet client specifics and then add the unique definitions. More complex setups start with a basic template which even my technicians can load, and then require an engineer or security specialist to finish off.

What about the implementation team?

We are a managed service provider (MSP) so we do it in-house for clients. We provide our customers with basic training and complete documentation package.

What was our ROI?

As with most hardware, margins could always be better. I can get competitive pricing on larger deals. Our biggest ROI is the monthly management fee, which is very reasonable for our clients. Since we do all of our management (updates, reports, etc.) from the SUM we spend very little time on this and a technician can do it. It has a very good economy scaling and the annual subscription renewals are pretty standard with not much of a margin. This solution fits the MSP model very well due to it being a centralized control/management solution.

What's my experience with pricing, setup cost, and licensing?

A SoHo setup takes about an hour, which is US$125 and the monthly management/maintenance is US$30, but it all adds up.

Which other solutions did I evaluate?

We have evaluated many

  • WatchGuard
  • SonicWALL
  • Cisco
  • FortiGate
  • Smoothwall, etc.

What other advice do I have?

The product has a shallow and a deep end. Getting a small business/SoHo running up quickly and reliably is straight forward, but the deep end takes some technical skills, just like any solution. What I really like is that my Tier One guys can get a quick status update, have a look very quickly, and then resolve most basic issues. Tiers two and three are not as involved unless there is a major issue or complexity. Also, when buying the product, get the audit/chance tracking built in too!

Disclosure: My company has a business relationship with this vendor other than being a customer: My company is a business partner.
it_user163662
Founder at a tech services company with 51-200 employees
Consultant
Sophos UTM helps us to control incoming and outgoing network traffic. Not a highly available and scalable product.

What is most valuable?

Valuable Features include Sophos Remote Access VPN, Country Based Firewall, Web Application Firewall, Ease of access (via browser) and Reporting.

How has it helped my organization?

Sophos UTM helps us to control incoming and outgoing network traffic. It also helps employees connect to the AWS VPC environment from remote locations. Web application firewall protects applications from different hacking attempts like SQL Injection, Cross site scripting, Cookie signing, URL hardening etc. On top of that, it also helps the organization adhere to compliance rules and provides an audit trail of the environment.

What needs improvement?

Sophos UTM is not a highly available and scalable product. Till now, it is a single point of failure.

For how long have I used the solution?

2.5 years.

What was my experience with deployment of the solution?

No issues encountered. We had a very smooth deployment.

What do I think about the stability of the solution?

No issues with stability.

What do I think about the scalability of the solution?

Yes. Sophos UTM on AWS is not an scalable product. Sophos is actively working on scalability part from using a UTM manager which can control configuration deployment on multiple UTM's

How are customer service and technical support?

Customer Service:

Customer service level is top notch.

Technical Support:

Very Good. All our queries were properly answered on time.

Which solution did I use previously and why did I switch?

Yes. Earlier, we had used Checkpoint. But the deployment procedure and user interface for Checkpoint was very complicated. The amount of time to invest in checkpoint is nearly 2x than Sophos. Checkpoint requires tool to be installed on your system while Sophos is a browser based tool.

How was the initial setup?

It was a very straightforward setup. As it is a browser based tool, it helps administrator to access it from different location and system. We don't have to download desktop clients on our local system. Also, we can access this product from different operating systems (linux, windows and Mac).

What about the implementation team?

We deployed it in-house.

What was our ROI?

ROI for the product is very high. The cost of the product is based on the number of users and the licensing is not too expensive.

What's my experience with pricing, setup cost, and licensing?

On AWS, instances/servers are charged on hourly basis. The yearly licensing cost for 10 years is nearly around $200-300.

Which other solutions did I evaluate?

While we were looking for deployment of UTM product on AWS in year 2011, there were only 2 stable products available in market i.e., Sophos and Checkpoint. We choose to go ahead with Sophos.

What other advice do I have?

Easy to use, Easy to access, good for compliance. It is a very good product as compared to others available on AWS.

Disclosure: I am a real user, and this review is based on my own experience and opinions.