We just raised a $30M Series A: Read our story
2015-08-28T14:14:00Z

What needs improvement with Sophos UTM?

4

Please share with the community what you think needs improvement with Sophos UTM.

What are its weaknesses? What would you like to see changed in a future version?

ITCS user
Guest
3636 Answers

author avatar
Top 20Reseller

I can't recall dealing with any missing features. Lately, I've dealt more with Fortinet, and haven't focused too much on Sophos. The initial setup may be difficult for those not familiar with the product.

2021-07-23T10:54:30Z
author avatar
Top 5Real User

I'm still exploring the features and I haven't used them in totality. I think that additional metrics features are needed to be able to monitor other areas or to monitor as much as you can, at a fine-grain resolution. This would be good. Somewhat similar to what Darktrace can do. Proactively understand and using AI intelligence to monitor and see activities that are away from the norm and then proactively see how they can either isolate the quarantine system and inject it back into the system upon validation. They could explore most of the products in Symantec's and Fresh Services and run from the same file to see what additional feature one is offering. I would also like it if they could work on the price because it is expensive.

2021-06-18T15:12:26Z
author avatar
Top 5LeaderboardReal User

We need to speed up the support.

2021-04-03T12:26:55Z
author avatar
Top 20Real User

The ease of use could be a bit better. It's something they could work on. The ease of configuration could be improved. It's not as simple as it could be just yet. However, it's kind of the nature of it. They're kind of difficult to get set up sometimes. Some of the detail in the web filter and the email filtering could be better outlined in the reporting. It is not as good as the two separate standalone solutions we used previously. However, it does also gives us a lot of other stuff that those two solutions didn't. It's a trade-off.

2021-03-04T05:33:34Z
author avatar
Top 10Real User

We are very happy with Sophos. I can't think of any pressing issues that need to be addressed.

2021-02-22T11:28:06Z
author avatar
Top 5Real User

Sophos UTM is sensitive when it comes to setting up the SSL VPN, with the certificate. The bandwidth speeds are limited, although this could be because they're doing web filtering. They need to have the time to filter all of the traffic. The logs are not clear, which means that you need an additional piece of software in order to read them clearly. This is the main issue with Sophos UTM. Essentially, you need to spend time looking through the logs and if you want quicker access then you need to have third-party software.

2021-02-07T11:07:40Z
author avatar
Top 20Real User

Monitoring and reporting are areas that need improvement.

2021-01-06T20:20:26Z
author avatar
Top 10Real User

There are things missing when it comes to policies. The web filtering capability should be improved. Anti-phishing functionality should be improved.

2020-12-29T11:19:55Z
author avatar
Top 5Reseller

Sophos has a very small crew of people who continue to work on enhancing the UTM. At some point, they had actually stopped enhancing it and the word on the street was that they weren't going to enhance it any more because everybody was going to go over to XG, but they found that 50% of their users were still on the UTM and that was five years after they'd come out with the XG line. They decided they were going to rebuild some core parts of XG, and that would take a while. It's been six years and they're still not there. The updates come out agonizingly slowly. They just trickle out and when there's a problem with an update it takes a while to sort out. It's still a viable product but the more they improve XG, the less you have a need to stick with SG.

2020-12-16T05:05:15Z
author avatar
Top 20Real User

There needs to be some improvement in the IPsec VPN. There is implementation only support. I have version one. I'd be most interested in having IP version two from the protocol.

2020-12-10T05:09:53Z
author avatar
Top 20Real User

The five-factor authentication needs improvement. It needs central management.

2020-11-27T19:43:00Z
author avatar
Top 5Real User

Sophos is good for endpoint security but Trend Micro is better than Sophos. APEX is better than Sophos because it has a friendly, usable dashboard, and the implementation is very easy. Sophos should be more user-friendly, have more dashboards, and an easier implementation.

2020-11-27T12:59:00Z
author avatar
Top 5Real User

Sophos should improve its ability to check something like bandwidth consumption for users or something more real-time. real time trafic graph most show specific info from user, ip and bandwith, in my personal opinion i have seen better traffic graphs in open source firewalls.

2020-11-26T13:25:00Z
author avatar
Top 5Real User

I think the behavior with the zones was a little bit tricky to understand at the beginning of this project. It can be hard to manage at first, but overall, we don't have many problems with this solution.

2020-11-03T15:26:59Z
author avatar
Top 20Reseller

We would be happy with fewer new features over the same time, but with more stable updates! We would like to have unique viewable IDs for rules and in the packet filter logfile, for easier debugging of old log files. Sophos UTM shouldn't die.

2019-11-04T21:38:00Z
author avatar
Real User

I would like to see the SD-WAN feature improved. I want to manage many lines and load-balance them, getting high availability by making SLA tests according to: * Check interval. * Failures before inactive. * Restore link after. * SD-WAN Rules to control bandwidth, download and upload stream.

2019-07-22T07:55:00Z
author avatar
Reseller

Support for IKEv2 is needed in this solution. But, the handwriting is on the wall that Sophos will probably stop development in favor of their XG Firewall. No timeframe on that yet though.

2019-05-28T05:39:00Z
author avatar
Real User

Setup: Getting an exchange server to work behind Sophos is incredibly difficult with rules invoked that are simple numbers (e.g. 9054).

2019-04-09T18:33:00Z
author avatar
Real User

There is definitely room for improvement with Sophos UTM. For the SG version of Sophos UTM, they can add blocking of countries in the NAT section, not only in the firewall section. When you are mapping, they should also add the ability to block countries in that section. That's not available right now. It's only available in the firewall if you want to block incoming traffic. With Sophos UTM, there is a general rule in the firewall when the country blocking can block some countries from accessing your data. In the current version, you still need to add it by putting in the IP range. This feature would be helpful for administrators and it gives them the advantage to block stuff in less time. The web filter needs additional enhancement but that's the point of the XG upgrade. If they're going to continue with the production of the XG, then they will not add the same features to the basic version of Sophos UTM.

2019-04-02T07:02:00Z
author avatar
Real User

One additional feature that should be included in the next release is synchronized security, which would enable all the security to work together as a system. Another suggestion is to add advanced threat protection (ATP) to defend against sophisticated Malware. Seeing these additional improvements would be a great thing going forward.

2019-02-24T10:18:00Z
author avatar
Top 20Real User

* SUM cannot manage app control * Improve app control system as a whole * Extend support for SG until XG has improved significantly.

2019-02-14T17:50:00Z
author avatar
Real User

It does have built-in policies which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them.

2019-01-13T09:53:00Z
author avatar
Reseller

The solution could be improved by adding cloud soundboxing.

2018-12-25T09:42:00Z
author avatar
Real User

They could reduce the price.

2018-12-11T08:31:00Z
author avatar
Real User

The support needs improvement.

2018-12-11T08:31:00Z
author avatar
Real User

The product could be simplified and made more self-explanatory.

2018-12-11T08:30:00Z
author avatar
Real User

The printed provisioning is the primary thing that needs improvement.

2018-12-11T08:30:00Z
author avatar
Real User

The UI on it could stand a little improvement. In some areas, it is a little slow and clunky. It is sometimes not easy to find something. However, once you get used to it, it is pretty normal to use.

2018-12-09T08:34:00Z
author avatar
Real User

We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work.

2018-12-05T07:52:00Z
author avatar
Real User

I would like them to move from the Classic Load Balancer to the Network Load Balancer. This would make it easier to do certain things with Amazon. They are able to do some enhancements with Network Load Balancer that they are unable to do with Classic Load Balancer.

2018-12-04T07:57:00Z
author avatar
Real User

The memory and processing were problematic. The interface could be better.

2018-10-24T14:07:00Z
author avatar
Reseller

The price is an issue to consider for improvement.

2018-10-24T14:07:00Z
author avatar
Real User

During initial configuration, I encountered a few issues.

2018-09-25T09:23:00Z
author avatar
User

Initially, there were problems of wireless access points not getting detected and lease lines were getting disconnected after one hour. Sophos replaced the appliance, but the issue was not resolved . The matter got escalated to their international support and the issue was identified as a bug where long distance fiber connections are used over single mode fiber. The patch was shipped by Sophos with a promise to fix the issue in the next release. Now, the appliance is working fine. The issue of wireless access points was due to some compatibility issues with the D-Link switch. I provided the Cisco 2900 series switches to connect to the wireless access points by creating a separate wireless LAN port on the firewall.

2018-05-02T09:35:00Z
author avatar
Consultant

There is still room for improvement in wireless protection. I don't mean their WiFi device is bad, but there are still things to improve on, such as WiFi roaming.

2018-01-17T17:21:00Z
author avatar
Top 20Real User

Sophos UTM has many improvements that I would suggest, but the main one is for the Application Control to be managed with users as well, and with timeframes (schedules) for the administrator to allow certain apps outside an specific timeframe, or vice versa.

2015-08-28T14:14:00Z
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: September 2021.
542,267 professionals have used our research since 2012.