Sophos XG Reviews

I'm using the solution mainly for its firewall application and to prevent intrusion in the system. The XG platform is very powerful from the perspective of identification and to prevent potential attacks on the system due to its the capacity to predict and to anticipate the potential damage on the system.

It's integrated inside the system, meaning that it can control all the endpoints in the system and talk with them and identify any potential situation. It can also isolate one area inside the system without compromising the entire system. This allows you to isolate the initial problem without involving the entire infrastructure. 

You have real-time control of all your infrastructure. It is integrated with the hardware and offers good performance alongside the hardware and by the firmware, and these work together to control the entire infrastructure.

The real-time control on offer is excellent.

We really appreciate that you can segment and quarantine certain sections of your system without having to shut down the entire operation.

The product has artificial intelligence that has the capability to quickly identify which could be the potential risk mainly for intrusions like ransomware or a new kind of typology of attacks that are in place right now. 

The idea is to mainly prevent the condition and not to manage the situation, as, if that happens, in many ways, it's already too late. It's to identify the condition that can help the company to prevent or mainly to reduce the risk of an intrusion. In that sense, its performance is excellent. 

The product is doing it job without affecting the system with a heavy load. The activity on offer is very light in terms of resources that are required by the system. It does not require a lot of resources in terms of memory, et cetera. There is no performance impact on the system. The customer doesn't detect its presence on the system when it's working, and yet they still get all of the great benefits of protection.

The solution has been quite stable. 

It's a product that is in continuous improvement and is following what the customer is asking. They are taking inputs and designing new releases specifically according to the client and their needs.

It's one of the best products on the market as it really understands where the market is moving and iterates based on the future. It's constantly improving. It does a great job at keeping confidentiality while guaranteeing security.

The solution doesn't just offer theoretical security, it really does offer very good, real-time security and delivers on its promise to the client.

There is no specific features request right now really. I see that all the features that Sophos is implementing and is proposing on the market follow exactly what the market is asking. It's difficult to identify something that is missing compared with what the market can ask as one of the most important things that Sophos does is have the capability to anticipate in a certain way what the market expects. As a leader on the market, they tend to have the solution just before the market is asking them for it. 

The solution could offer a bit more integration with other systems, with other platforms - just to be able to extend the capability and to interface with other kinds of platforms or systems that I can find on the market as it gives the possibility to improve the level of integration.

The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's very reliable.

The solution is quite scalable. You have to consider that all Sophos products are scalable. This is one of the main characteristics of the system. It means that you can start with a base solution that is very simple and improve this step by step without losing what you have done in the past. It's scalable in the sense that you have a different layout that you can cover, however, you don't have to dismiss what you have done in the past. You have just to integrate. In this way, if you consider the cost of implementation for the company, it has the possibility to optimize the cost because the company has the possibility to appreciate the system initially, and then improve the system step by step without losing what has been done in the past.

This means the company has the possibility to distribute the cost if you're in a certain period of growth. Normally some companies start to say, "I want to guarantee to control to the outside with a certificate and give the possibility to access my data in a controlled way. After that, I want to extend the security on the email that is managed by the company. I want to encrypt the data on the server and so on." All these features can be approached in a step-by-step manner instead of all at once, and you can implement them on the system in different ways and at different times.

We normally have about 50 users and around five technicians.

I also currently use Cisco products alongside Sophos.

However, we did not previously use a solution that was different from Sophos.

The initial setup is not so complicated. The system is not complicated to understand and also in can be installed without a very high level of expertise. Of course, if you have this kind of expertise, you can obtain from the system the maximum performance that the system can do, however, it means that you are not obliged to be a guru to be able to use these kinds of products. You can use these kinds of products just as an IT manager inside the company without having or needing special knowledge. 

Otherwise, you can leave to Sophos with the capability of doing something like a close box. You are sure that Sophos is able to guarantee the level of security that you are expecting. You can have it be automatic, or you can choose to go more manual in its operations. For example, if you were a professional photographer, you'd probably like a manual experience, as it would allow you more leeway with your craft, and if you were an amateur, you 'ld likely prefer an automatic camera that handles the heavy lifting for you. Sophos, in that sense, is the same. If you want, you can configure single parameters, or you can leave it to Sophos to give you something out-of-the-box.

In any case, if you stay on the automatic configuration, you are guaranteed that the system can provide the correct level of service that you want. It means that it's not required to have an expert. That said, you need of course to have a minimum level of knowledge, as it's clear that you need to know what you are managing. Starting from that, you can obtain what you need without moving into an advanced configuration.

Typically, a configuration takes about half a day or so, if you go that route. It doesn't take long, as those who would handle it would know what they are doing.

We handled the implementation ourselves, in-house. We did not need the assistance of an implementor or consultant. I have enough knowledge on the solution to manage it myself.

I'm mainly a user. Sometimes I handle installations.

I'm using the latest version of the solution. I don't have the version number on-hand.

We do plan on continuing to use the solution. I've been quite please with it overall.

I would recommend the solution to others. It's worked quite well so far and really leads the market.

I would rate the solution at a ten out of ten.

My clients use Sophos XG for deploying firewalls at corporate office and branch offices. The branches connect via site-to-site VPN, allowing outbound traffic from the central location.

The firewall provides network visibility and reporting capabilities, constantly improving over time. It can be integrated with the cloud console, allowing centralized management of multiple firewalls. integration with endpoint security products ensures seamless traffic flow and rule enforcement, even when endpoints are not directly connected to the firewall.   

I've had experience with Sophos XG's threat intelligence features, and they provide good coverage, although I wouldn't say they're the best in the industry. The sandbox feature is available with top-tier subscriptions, allowing you to test content in a cloud sandbox.

One improvement I'd suggest for Sophos XG is to make certain functionalities, like CR functionality, part of the default firewalling rather than exclusive to premium subscriptions. Enhancing DLP capabilities at the gateway level could significantly boost security for organizations.

I have been using Sophos XG for the past 10 years. 

As for stability, I'd give it a high score, maybe a nine, because it keeps running without much downtime.

I'd rate them an eight for stablity It's not to say they're perfect, but generally, it's pretty good I'd recommend it for companies of all sizes.

Integrating Sophos XG into existing infrastructure was quite easy and straightforward. There were hardly any complexities involved in the process.you can use both options - cloud-based or hardware-based firewalls. When I mention hybrid, it means having both options available. While cloud-based firewalls offer convenience, they can be more expensive compared to hardware ones. Although I haven't personally worked with the cloud version, it seems similar in appearance but may have different features. Cloud-based firewalls may seem like an overkill in terms of price, especially when considering the cost of operation over time. They become more beneficial when additional security layers like zero trust, DLP, or secure web gateway functionalities are added. This expands security beyond physical location constraints, making it accessible from anywhere.

I'd rate Sophos XG an 8. It's my first preference and confidently recommend it to other users.

The product’s most valuable feature is the user management system.

The product's technical support services could be better. 

We have been using Sophos XG for three to four years.

I rate the product’s stability an eight or nine out of ten.

We have 15 to 20 Sophos XG users. I rate its scalability an eight or nine.

We do not receive enough technical support services from Sophos XG.

Neutral

The initial setup was complicated because we didn’t have executives with proper expertise. It took us two months to complete.

I rate Sophos XG’s pricing a seven out of ten.

I rate Sophos XG an eight out of ten.

I am a system integrator. We integrate SG, XG, and XGS.

We are also deploying it on Azure on-premises for our clients.

Sophos XG is a firewall. It can protect your internal users if it is on-premises. It can publish applications such as websites, it can also protect your internal networks like IPS, and IDS. It provides you with VPN Access, and it gives you reports on the consumption of the internet.

If you have deployed the endpoint between the antivirus in Sophos, it can also communicate with your endpoint and protect your users if infected.

It's a complete firewall solution that has everything.

It is very useful.

It competes with the majority of the market's products, including Palo Alto and Fortinet.

We always strive for more features.

We could see the bandwidth use right away with the prior version, which was the SG version. The current bandwidth consumption is no longer shown in the XG and XGS.

They are nearly a complete solution. However, they are missing this feature with the ability to view the current bandwidth usage. We have requested this, but have not had a reply yet. It was in SG before but it was removed in XG.

We have been working with Sophos XG for six years. 

We started with SG, then XG, and now XGS nine years ago.

It can be deployed both on the cloud and on-premises. 

Sophos XG is very stable. We haven't had a single issue with stability in the nine years we have been using Sophos.

All electric appliances rely on a stable electric current, which requires the use of a UPS, and a backup power supply. The main issue is the stability of the power.

All Sophos appliances are SSD-based, which means the hard drive in the appliance is solid-state.

we have deployed more than 50, 60 for our customers in Kuwait and we haven't had an issue or, any RMA.

When purchasing a firewall, as a customer, you must first plan, consult with your partner(s), and decide on the sizing. If you buy an XGS 230, for example, it can support up to 200 users and 50 VPNs. If you buy the wrong product, you won't be able to scale it up.

You should always size upfront. If you have a hundred users, you buy an appliance that can support 150. The license is the license.

It's all about the hardware. If you purchase small hardware and you know that after one year you're going to have more employees then it is wrong.

It's not a server, where you can just add more drives, It only has expansion units for the network. If you need to add fiber, for example, you can. There are expansion units, but you can't expand the architecture of the firewall.

We have more than 50 customers.

We haven't required any technical support. I have however heard from my peers that they have not had any issues with the customer support.

They have offices in India, Dubai, and even in the United Kingdom. As we are certified Gold partners in Kuwait, we haven't had any issues with the Sophos team. They are quite responsive when you have a tender to submit. I have no complaints at all.

in the past, we also integrated Palo Alto.

The initial setup is easy and straightforward. As certified partners, this is something that we do every week. If the customers provide you with the network details, you can have it up and running in 30 minutes with no issues.

It's a problem if you don't know your firewall, or how to deploy it, or know how to put the proper rule in place. It is very important that in any firewall if the customer doesn't know what rule should be in place, it is possible they will create the wrong rule and expose the network.

You have to have a certified person to maintain the solution. How many you will need depends on the number of customers. If you have a lot of customers, you will need two technical people. It also depends on the size of your business. One is fine but as you grow with more customers, you will need at least two to deploy and maintain the solution.

I don't have any issues with the price. The price varies depending on the market. The price of Sophos in Europe differs from that in our region, GCG, and from that in the United States. You will notice that each region has a different pricing structure. 

Customers will always try to minimize the cost. When compared to other products, Sophos licensing is very affordable.

They have already released the XGS. If you are referring to the previous version, XG. It is still in production and available for purchase. They have already released the XGS, which is the next generation of the XG. It has a more advanced architecture. Now that we have passed XG, there's XGS on the market.

Remember to size your customers. You'll need to know how many web applications you will be publishing, how many end customers the company has, and how many of them will need to connect to the VPN. It's a formula that, based on the data, that will determine which appliance you require. You can start with a little one, but it's best to understand the requirements first.

We are very happy with Sophos products.

I would rate Sophos XG a ten out of ten.

I primarily use the solution as a firewall. It's running on our data centers and all of our offices.

It has a simple GUI, which is good. 

The initial setup is pretty simple.

Unfortunately, there are quite a few negatives with them.

Their tech support is not great. 

The features on offer are lacking.

Basically what they don't have is proper bandwidth management for multiple WAN ports and multiple WAN ports to multiple VPN WANs. Meaning, if I have it on both sides on both the main side and on the secondary side, two internet connections, I can't bond the two of them together into a single VPN and have bandwidth managed between the two of them.

If I want to go ahead and make a VPN, right now, I have two internet connections on each side. I have to make a failover a group of four VPNs for it to go ahead and failover between them.

You're getting into a lot of rules. It's a lot of extra rules, et cetera, that has to be done. They don't have simple pointing systems where you could go ahead and make rules saying, "Hey, here's the route". They're not fully route-based VPN rules yet. You literally have to take down all the routes all over the place in order to make updates. It's tedious. 

Basically, we had the problem where we moved certain ranges from one data center to another data center. It took us about an hour of downtime to do that. We had to go ahead and we had to reset VLANs and we had re-setup all the VPNs in all the different places we reconnected. We don't have two sites, we have 25 sites. It was a lot of work.

I've used the solution for about three years at this point. 

It has its bugs and we can't get answers due to the fact that technical support is outsourced. There are some bugs that we keep running into that tech support can't figure out what to do. The bigger problem is the log systems aren't big enough for them to actually capture all the logs that happen.

Technical support is an issue. About six months after we bought it to a year after we bought it, they outsourced all their tech support to India. Literally beforehand, they were an American-based tech support company and they actually had full product knowledge. The Indian-based tech support doesn't have the product knowledge and there was a language barrier. They could speak English, however, they didn't understand us very well.

We were told that they stopped doing outsource and they are rehiring their own internal staff again for tech support. We're hoping that we're going to be able to get better tech support again.

The initial setup is pretty straightforward and simple. It's not overly difficult. I don't consider it to be complex. 

We bought it as is. We bought it with four years of support. However, I can't speak to how much it costs. 

I'd advise users considering the solution that, if you have quite a bit of sites, it's going to get a lot of work to do, to fix things up. It makes more sense if you have minimal sites. 

I'd rate the solution at a six out of ten.

The solution has a variety of very good, very useful features. We take advantage of a lot of them.

The initial setup isn't overly difficult.

The stability is good.

We found the initial setup to be straightforward.

Technical support is helpful.

The pricing is reasonable.

The VPN device could be improved upon.

The firewalls could be strengthened.

The solution could be more scalable.

I've been working with the solution for four or five years or so at this point. It's been a while. 

The solution is very stable. We haven't dealt with bugs or glitches and it doesn't crash or freeze. It's pretty reliable.

I wouldn't describe the solution as overly scalable. It's limited.

We have 100 to 150 users on the product currently.

Technical support has been oaky. When we have needed them, they have been helpful and responsive. We're satisfied with the level of support we receive.

The initial setup was okay. It wasn't too complicated or difficult. It was pretty straightforward overall.

We have ten to 20 people on staff that can handle deployment and maintenance. We look at the solution monthly to see if there's anything we have to do.

We find the pricing to be reasonable. It's not too expensive.

We purchase a new license every three years.

I can't speak to the exact pricing of the product, however.

We're satisfied with this solution currently. We aren't evaluating any others or looking for a replacement. 

We're a customer and an end-user. We don't have a business relationship with Sophos.

I'd rate the solution at a nine out of ten.

I prefer the advanced Sophos models. they are reliable and work well for us.

The solution is very easy to use. It's easy to navigate. 

I like that I can create new rules and policies quite easily.

The solution works quite well overall.

The solution is easy to set up and configure.

Technical support has been very good.

The solution is scalable.

The product so far has been quite stable.

We are in the movie industry. We're a movie distribution company. Currently, we are affected badly by corona, since March of 2020. We are working from home, however, this solution is for on-premises tasks.

The pricing can be high unless you choose a longer contract.

We've been using the solution for about two years. 

We have no complaints in regards to the stability. It doesn't crash or freeze. There are no bugs or glitches. It's good. We find it to be reliable in terms of performance.

The scalability potential is very good. If a company needs to expand it, it can do so with ease.

We have 100 users on the solution.

We have 24/7 help if we need it. The technical support on offer is quite helpful. The offices are also in Mumbai, and that makes it very easy to connect with them and get help when we need it.

Previous to Sophos, we worked with Cyberoam. We switched due to the fact that Sophos took over Cyberoam and the Cyberoam model we had was outdated. Therefore, we were upgraded in Sophos.

The initial setup is quite easy. it's not overly complex. The configuration process is also very simple.

We have a team within our organization that can handle any maintenance that is required.

The pricing is not an issue. We pay almost it's $40,000 per year. Longer contracts offer better pricing. I'm taking a renewal with a four-year core contract.

I'd recommend the solution to other users and companies. Sophos has been great so far.

I'd rate the solution at an eight out of ten. It loses some marks due to the fact that I have had some technical issues with it. I also don't use it that much and wouldn't consider myself a Sophos expert. I need to spend more time with it.

Sophos XG primarily serves as a means to regulate user traffic, enabling control over internet usage and website accessibility. It also facilitates the connection of branches and conducts malware scans on network traffic. These are the main purposes typically associated with servers. In terms of features, Sophos XG excels in catering to customers seeking a comprehensive network security solution. It incorporates various functionalities that would otherwise require the purchase of multiple solutions from other cybersecurity vendors. This unified threat management platform encompasses a firewall, IPS, web proxy, mail gateway, web application firewall, sandbox, and DLP module. From the customer's perspective, Sophos XG offers an all-in-one solution for network security needs. However, it is primarily designed for small and medium businesses rather than enterprises.

One of the standout features of Sophos XG is its proprietary VPN technology known as RID (Remote Internet Device). This unique technology provides efficient branch connectivity without the need to invest in additional firewalls for each branch. By utilizing an affordable device called RED, users can effectively control and establish connections in a cost-effective manner. Additionally, the solution is feature-rich.

Sophos XG boasts an extensive and finely-tuned proxy that offers impressive capabilities. Its comprehensive database of malicious websites is remarkably vast.

The support from the vendor needs to be improved.

I have been using Sophos XG for approximately six years.

I rate the stability of Sophos XG a six out of ten.

The scalability of the solution is limited to three nodes and may not be sufficient for extensive scaling. It is well-suited for small to medium-sized organizations. However, when it comes to large enterprises, particularly those with a distributed structure, Sophos can effectively cater to their needs. Distributed enterprises, characterized by numerous branches and a small employee count per branch, can benefit from Sophos XG capabilities. However, for larger enterprise customers with high network loads, Sophos XG may not meet the necessary requirements in terms of handling the network's capacity.

Most of our customers are small to medium-sized.

I rate the scalability of Sophos XG a five out of ten.

The support could improve. This is due to recent acquisitions. The time it takes to resolve an issue takes too long.

The response time from Sophos is deemed unacceptable by users. When opening a support case with any vendor, an automated email is typically received. However, in the case of Sophos, this automated email, lacking a personal touch, can take up to a week to arrive. Such delays are considered highly unsatisfactory. Consequently, the quality of their support has significantly deteriorated. As a result, users are reluctant to open support cases and would rather reinstall an appliance themselves than go through the support process.

I rate the support from Sophos XG a one out of ten.

Negative

The initial setup process of Sophos XG may pose some challenges. However, once configured, Sophos XG proves to be remarkably user-friendly. The activation of the appliance may require a reliable internet connection and can be a bit cumbersome. Nevertheless, once activated, the overall experience becomes significantly smoother.

The process of installation can take one to seven days. However, the time depends on many factors, such as customer size, and overall environment.

I rate the initial setup of Sophos XG a seven out of ten.

The price of the solution is reasonable when compared to the market.

You have to buy the appliance and pay for the license that matches your needs.

I rate the price of Sophos XG a seven out of ten. 

The solution had stability issues in the past but they have been resolved.

Before making a purchase, it is advisable to emphasize the importance of account managers and support from the vendor. In the past, the common practice was to involve the vendor's on-site personnel, such as the country manager in Saudi Arabia, when opening a support case. By opening the support case and sharing the support ID with the country manager, they could facilitate faster escalation and assistance behind the scenes. Essentially, contacting the sales representatives can help expedite the support process.

I rate Sophos XG a nine out of ten.