Sophos Cyberoam UTM Reviews

We are a service provider and Sophos Cyberoam UTM is one of the security products that we have experience with, in that capacity. It is primarily used for layer three gateway protection.

This is a managed service, which means that the customer does not need to purchase hardware and employ a system integrator to install it. Rather, they just have to subscribe to it. The service includes reports that we provide to the clients.

The most valuable feature is the layer three gateway protection.

Cyberoam UTM needs to have more certifications with third-parties, such as NSS Labs.

The GUI is not very user-friendly and should be improved. One of our customers had trouble with the configuration and needed somebody to help manage it for them.

The vendor needs to generally invest more in the development of this product.

The product, itself, doesn't seem to have any bugs or glitches. However, one of our customers had a lot of trouble with it because it wasn't being managed.

I have not been in contact with technical support.

We recently had a customer that was using this product, although we later persuaded them to switch to the Fortinet product, FortiGuard UTM. The suitability of Cyberoam UTM depends on the required sizing.

In summary, I don't think that Sophos Cyberoam UTM is a friendly product to work with, and I would recommend the solution by Fortinet instead.

I would rate this solution a five out of ten.

We are a solution provider and Sophos Cyberoam UTM is the main product that we sell. We also use it as part of our own network security solution as well.

The primary use cases are setting data quotas on a per-user level, web filtering, and granting or denying access to resources. In Sri Lanka, the data is always limited, which is one of the biggest problems that we have.

In some companies, productivity is not as good because people are using sites like Facebook and YouTube. This can consume a lot of data without the organization being aware of it, and Cyberoam is really good in these kinds of cases.

Having a firewall solution with a data quota is very important when the bandwidth is limited, which really distinguishes it from other products. When it comes to small and medium-sized organizations, one of their main concerns is that their data quota is not exceeded. It is quite an advantage for the administrators.

There is training material available on the website for the administrators to learn how to set it up and use it. This is very helpful and can be done easily with a one or two day course.

When it comes to web filtering and application filtering, it does not contain enough signatures to determine all of the sites that need to be blocked. This is something that higher-end firewalls are better at.

I have been working with Cyberoam for the past four years. My company has been using it for at least five or six.

Prior to the acquisition of Cyberoam by Sophos, the product was not very stable. Currently, it is really stable and we are happy with it.

One of our clients has 200 employees and they are all relying on protection from Sophos Cyberoam UTM. Nonetheless, it is all on-premises and it does not work through the cloud, so I don't consider it to be a highly scalable product. I would say that it is better for a company with a single branch, rather than for one with multiple branches or with branches connected to a head office.

Although we have people who are knowledgable about the product, if there is a level of configuration that we are not used to then we contact our distributor for help.

I have also worked with similar products from Cisco and I find them quite difficult to set up compared to this. Cisco also has training available, but I think that you will need two weeks or a month to learn how to set it up and maintain it.

The initial setup is between easy and intermediate. For a basic configuration, it is straightforward. I would say that compared to a Cisco product, it is easier.

We have engineers who are qualified and we deploy Cyberoam for our clients.

For companies with approximately 200 employees, having two or three system administrators is enough to maintain it.

This is a cost-effective solution compared to other vendors, such as Cisco.

Our customers look at many options but they normally choose Cyberoam because of the data quota, as well as the competitive pricing. After you buy the device, you can get subscriptions for different features. Companies normally buy it for one year or three years at a time.

There are also basic features that are available without purchasing a license. An example is that web filtering is not available without a license, but the data quota management is. That comes with the appliance itself.

When we transitioned from Cyberoam to Sophos Cyberoam UTM, we were able to back up the rules and then upload them into the new solutions. It was easy to do and within a few hours, it was set up.

If your company does not have a network administrator then this is a good option because the training makes it very easy to use. For larger, enterprise-level organizations, people will look for different solutions.

If I were rating this product only for the Sri Lankan market then I would score it an eight out of ten. However, the majority of other countries do not have the issue of bandwidth limitations, and without the quota being important, I cannot rate it as high.

I would rate this solution a six out of ten.

We are using this solution for remote access to some of our devices.

The most valuable feature is the IPSec forwarding.

The VPN needs to be improved.

Integration with the cloud needs to be improved.

I have been working with Sophos Cyberoam UTM for two years.

The stability is fine and I haven't had any problems.

Cyberoam seems scalable but I have not looked at all of the aspects.

To this point, I have not used technical support from the vendor. When I have had trouble, I just review the site and perform searches using Google.

The initial setup is easy. We deployed over a period of six months.

All of the features are quite good and this is definitely a product that I recommend.

I would rate this solution a seven out of ten.

The majority of it is on-premise protecting the external to internal and then we utilize the features inside the Cyberoam XG series like their IPS and their web application firewall to do the filtering as well as their proxy server inside the application control.

I'm more inclined towards the conventional firewall. So for me, I'm more geared towards the standard firewall type functionalities as well as the web application firewall because that seems to work fine.

I would say there's room for improvement in terms of the GUI. Because it is better than some of the other standard firewalls. They have the drag and drop features.

Also, their logging systems need improvement because their logging systems sometimes look a bit complicated if you're not familiar with it.

We have been using Sophos since the XG version, so around four to five years. 

It's quite stable. When they first started out with the XG series it was a bit buggy but after a few releases, it became quite stable.

The XG series is much better compared to the previous UTM. Because with the XG series you can actually approach the enterprise level. Previously we tried to go for these large enterprises when we talked about the Sophos Firewall. When they moved to Cyberoam XG series Firewall they were much more scalable and they're much more robust compared to earlier ones. 

Most of our clients are enterprise-size. We have one customer that's using almost about 200 units of the XG series firewall. Then we have other customers using it on their larger network, so they cater to about 300 to almost 500 users

I don't have any problems with technical support so far because any time I ever contacted technical support it was for a major issue. Other than that I don't have any issues with technical support.

I previously worked with Nokia, Checkpoint, and FortiGate. Checkpoint is in the enterprise range, it is very high end. It's not a very cheap product compared because when it comes to pricing Checkpoint is very expensive. If you're comparing Sophos to FortiGate they are more or less similar. FortiGate can do a virtual firewall that Sophos cannot.

The initial setup is straightforward. The deployment is very fast. With an engineer, it can take a few hours. 

Sophos is quite flexible when it comes to pricing.

I would just say keep it simple, don't make it too complex. Keep it simple and then from there scale it up.

I would rate it an eight out of ten. 

To make it a higher score, Sophos should look at the virtual firewall feature because most of the current players like Juniper have the option for a virtual firewall. That way you can actually split up into multiple different firewalls or one physical firewall.

It is a good product, but it is being phased out and replaced with Sophos XG line. Now is the time to view other options available.

It did the job well at several locations at an affordable cost. It was easy to maintain by the staff with better support before being acquired by Sophos.

• Threat prevention
• Support of the product by their support team was good; we had no threat issues when using the product in multiple locations.

Sales and support. The sales team is constantly being changed and after acquisition by Sophos, it was treated as a stepchild until they announced the end-of-life cycle with a path to Sophos XG product. We are now looking for options on replacing it and adding e-mail protection. 

My primary use case of this product is as threat protection services and it works well. 

This solution has improved my organization because it provides different angles. 

The most valuable feature of this product is the threat protection.

The reporting should be improved as well as the backup. 

The stability of the product is good. 

The scalability of this product needs improvement.

I have not used tech support. 

I was not involved with the setup of the product.

We are using this solution to act as basic firewall protection.

It's a VPN, and the single box solution serves all your needs like an application firewall. In addition, you can set the proxy server.

I think that it would be helpful to have advanced application layer security. It's time for Cyberoam to upgrade themselves and add new relevant add ons to their product.

Compared to other firewalls, it is similar to the same generation of products. It isn't great yet, but it will be.

The scalability is not that great. I think that the Sophos XG product is more scalable than the Sophos Cyberoam.

When selecting a vendor, we always consider the capability to deliver on their technical background.

I have no comment about the solution.

The primary use is for our firewall, for intrusion detection and prevention. Other uses include internet web filtering, application content blocking, and some VPN. We also look at bandwidth optimization. We don't want users to abuse the network.

One of the benefits has been cost reduction because I am now able to monitor my bandwidth. I have just enough bandwidth to utilize within the organization, without having to spend significant amounts toward additional bandwidth. That has been one of the major benefits.

It has also increased productivity within the organization because now, fewer people are spending time abusing the network, and are focusing more on their jobs. I have not totally blocked everything, they do get their social life after hours, it's just a control during work hours.

For me, the web and content filtering are valuable because that, unfortunately, is where the abuse happens a lot. People are abusing the network and pushing up the bandwidth price.

Once in a while, an unwanted email will slip in. You have to set your parameters to avoid that happening, but once in a while, an email has slipped past firewall. Once you update the firmware, you notice that it doesn't happen. If an email slips in, I get a little bit worried. I do get the report, but you just don't want that situation happening in the first place.

When I look comparatively at certain products like Check Point - I haven't used Check Point but I have seen it in action - the people who have actually used it have confirmed that they have not had that experience before. 

However, I do know that Cyberoam is upgrading from Cyberoam to Sophos. I'd love to see the upgrade. I'd love to see a swap-out of the device. I should be able to swap out my device rather than I have to buy the whole unit again.

One of the places that viruses spread is through the browser. Unfortunately, Cyberoam configuration is done through the browser. That makes the configuration process is easier. But if your PC is clean and you're configuring Cyberoam then you should have no issues in the first place.

I've never used the console, so maybe that's an area of training that the Cyberoam should look into. That would enable me to configure the device without necessarily using a browser. But then again, if I am going to use a computer to configure it, my PC should be clean.

The solution has been very stable. I have had no issues. Occasionally I do some penetration testing and I put it through its paces. I was quite impressed. I did not see any performance downgrade, which was impressive.

I managed to scale up, but not from the model perspective. It began to fail only when the number of users grew significantly. I had to replace it but that was because we planned for 50 people and, suddenly, the organization doubled to 100 people, which was a significant jump.

It is very good, both local as well as non-local. The technical support for the Cyberoam website was very helpful with regards to the few issues that I had. Here in Zambia, there is a Cyberoam representative, and we have no issues with the support. I have found it very helpful.

One of the reasons we invested in the Cyberoam solution was that we were looking at content filtering. That was the initial discussion. While searching for content filtering, Cyberoam appeared. One of the advantages of Cyberoam, in particular is the Layer 8 technology, the user layer. That pushed us towards Cyberoam.

When selecting a vendor, one of the key issues is the support. It's easy to buy something, but the after-sales support is very critical for me. It is very critical because half the stuff happens not during the purchases, but rather after I've bought the gadgets. I have it on my table, and, yay, it's working and, two days later, it's down and I can't get my support guys on site.

Another one of the determining factors was cost. I chose Cyberoam at a time when the organization was restructuring. We were trying to cut down on cost, so we analyzed the solution critically. Cyberoam has a recurring yearly cost. Competing products are good, but some of the initial setup costs were very high. And then you have to look at the ability to actually get the support in.

So support, pricing, and after-sales were key, as well as the ability to swap out the device should it be faulty. I should be able to swap it out within a specified period. There is no point in having my network down for five hours. Thankfully, I haven't experienced that.

It was very straightforward. I'm a Cyberoam-certified practitioner, but I actually deployed Cyberoam before I got my practitioner license, and I had no issues. So it was very easy.

Cisco has a very good product, but there were only a handful of support people available in the country at that time. My vendors said that Cyberoam has very good support, you can actually learn it and they offer initial support. 

I took up the challenge. I bought the product, did the implementation, went to the user training, and the support was readily available for my vendors.

See what your market is offering. Here in Zambia, Cyberoam has a lot of support. Take your time and make sure that when you're making a decision, your requirements are met. Cyberoam met our requirements. I was only looking at web filtering and I got a whole lot more than that.

Also, your after-sales support is crucial. Train yourself, because if you have the knowledge of a product, it's easy for you to set it up and use it to its fullest potential.

I rate this solution a nine out of ten. It has met many of my requirements even without subscription, just the base model. It's easy to use, easy to install, easy to implement. There isn't too much headache or cabling, you don't have to replace a whole, huge network. You're just replacing one thing and it can be implemented without an issue.