Sophos Cyberoam UTM Reviews

Primary use is monitoring. Having a reporting console to monitor the usage of bandwidth. That's the prime concern.

Let's talk about connecting the branches to the central headquarters. That has really improved our functioning, because we were really facing trouble with remote locations. What we had before was a decentralized mechanism in our organization, but after having this product we were able to get the remote locations into the same LAN. We were able to control the bandwidth and were able to take virtual access of those machines and give them the support, as and when required.

The best feature is the flexibility the product offers, in terms of remote access. We have bout 35 locations across the kingdom, and connecting those remote locations with the minimal bandwidth was a challenge. A few of my branches are connected via 3G. So that is the most advanced feature I like about Cyberoam, the flexibility the solution offers.

There is a lot or room for improvement, because it is still not a fourth or fifth generation firewall. It lacks security features. I would say security is something that is not that appealing in this product, so that's where they can improve.

There were no issues with stability.

I'm not sure about scalability because the number of users I had was approximately 250 and the headquarters model, which is CR300iNG, supports about 350 users. The threshold was good, so I did not find any major issues with it.

Average, average, average. Their customer service has to be improved a lot, especially the ticketing mechanism they have. First we do have to first raise a ticket, wait for their availability. And the people, I found they don't have much knowledge, so normally a lot of escalations after which the issue gets resolved.

Earlier, I was using Cisco ICER. I switched because it's not a UTM box, and it requested a lot of add-ons, when it comes to flexibility of those devices. For example, if I needed to extend my user limit, every time I need to purchase a slot and increase the firmware. That was not so appealing. That is the reason I switched to the new, next-generation UTM firewall.

It was very user friendly. It was a straightforward integration. We had no issues. In fact, no system integrator deployed it. We did it ourselves.

It is worth the value. 

I did evaluate FortiGate.

The first drawback is that Sophos has acquired Cyberoam. So, if I was a new customer who wanted to choose between Cyberoam and Sophos, I would definitely go for Cyberoam because it has additional features in it. I don't understand the strategy behind it, because the same owner has two different products under one umbrella. It's a bit confusing.

Six out of ten is the best I can rate Cyberoam at this moment. To get it to a 10, it's up to the manufacturer. They need to really upgrade their firmware to match up with the fourth or fifth generation firewalls that other vendors have to offer. My advice would be that the manufacturer needs to focus on security.

Helps us to aggregate/manage bandwidth from two ISPs, as a fail-safe.

Bandwidth Management and aggregation. It is valuable for combining two ISPs. Switching to a secondary/redundant ISP is thus seamless, in the event that the primary ISP goes down. 

The Bandwidth Management is also valuable for limiting heavy downloaders that may impact negatively on the experience of other users.

Needs a mail alert/notification when the device loses any of its connections, during ISP redundancy implementation.

No stability issues.

No scalability issues.

No previous solution.

My network engineers were able to find their way around it in a short time.

It’s value for the money.

Check Point, Fortinet.

I give it an eight out of 10. It’s functionally competitive with higher priced alternative brands.

The product has helped control bandwidth utilization, as well as enhanced connectivity and security to remote locations.

1. URL filtering
2. Content Filtering
3. Remote Access/Site-to-Site VPN features
4. Traffic Shaping/QoS
5. Packet Capture

These features have helped control internet utilization and compliance in the organization.

• Web Filtering using wildcards
• Clarity on the firewall rules
• Granular reporting features

No stability issues.

No scalability issues.

Tech support is good.

Yes, I used other solutions previously. This product provides more technical options to solve critical issues.

The initial setup was straightforward, without any issues.

Contact partners for more information about pricing and licensing.

I evaluated Checkpoint, FortiGate and Cisco Firepower.

The product is stable, and after migrating to the SFOS it is much better.

• Easy to deploy.
• Great IPS
• Managing APs is now easy
• Infected machines cannot connect the ERP until it is clean, so my internal servers are protected. 
• Great reporting tool
• User, app, and protocol all are in control.

It has many features that no other competition has in single box so far, such as:

• Dual AV engine for web and email.
• Optimized three-clicks-to-anywhere navigation.
• New unified policy model enabling all business.
• User and network policies to be managed on a single screen with powerful filtering and search options.
• Policy Templates for common business applications, like Microsoft Exchange, SharePoint, Lync, and many more defined in XML enabling customization and sharing.
• Custom IPS, Web, App, and Traffic Shaping (QoS) settings per user or network policy on a single screen.
• Sophos Security Heartbeat connecting Sophos endpoints with the Firewall to share health status and telemetry to enable instant identification of unhealthy or compromised endpoints
• Policy support for Sophos Security Heartbeat to automatically isolate or limit network access to compromised endpoints
• Application Risk Meter provides and overall risk factor based on the risk level of applications on the network
• FastPath Packet Optimization
• Hotspot support for (custom) vouchers
• Password of the day
• T&C acceptance

Other valuable features include:

• Wireless guest Internet access with walled garden options
• Time-based wireless network access
• Wireless repeating and bridging meshed network mode with supported APs

• Advanced Threat Protection (detect and block network traffic attempting to contact command and control servers using multi-layered DNS, AFC, and firewall).
• Sandstorm Cloud Sandbox Protection
• Patent-pending SPX encryption for one-way message encryption
• Recipient self-registration SPX password management
• Hundreds of on-box reports with custom report options: Dashboards (Traffic, Security, and User Threat Quotient).
• Applications (App Risk, Blocked Apps, Search Engines, Web Servers, and FTP)
• Network and Threats (IPS, ATP, Wireless, and Security Heartbeat)
• VPN
• Email
• Compliance (HIPAA, GLBA, SOX, FISMA, PCI, NERC CIP v3, and CIPA)
• Robust hardware
• Huge RAM
• SSD

On-box sandstorm should be available. As of now, it is from their cloud.

No issues.

No issues.

Customer Service:

Very nice.

Technical Support:

Very good.

Used cyberoam iNG firewall/UTM. 

The new model is Sophos XG and I am upgraded to that, which is a great solution.

The initial setup is very easy.

Very good.

Almost 100%. It saves a lot of man hours and bandwidth. Management loves its reporting.

The price is very competitive and the licensing is easy.

Cyberoam iNG.

• Value for money
• Easy deployment
• Sophos has a great vision, works on information security, products are available like endpoint, mobile mgmt., encryption, WiFi, server protection, email gateway, web gateway, and many more. 
• Sophos Cloud is great.

• Reliability
• Good user interface
• Versatility

Perhaps the SSL VPN.

We use different workarounds and find different solutions for it, depending on the client's needs. We shouldn't have to, we should just be able to use the product as it comes with Cyberoam, rather than having to revert to other products.

It's a stable product.

Tech support is knowledgeable.

You need special training to set it up.

It is more expensive than cheap routers, but it offers a lot of functionality, and that warrants the price.

I would warmly recommend it.

However, the reason I don't give it a 10 out of 10 is because we sometimes find the customer service or the support lacking.

By using this UTM, I can set bandwidth for a particular user. For example, If user A is downloading lots of stuff then I can restrict him through the application Web and Bandwidth Management features.

Web Filtering and Application Filtering saves a lot of my bandwidth and improves the user's productivity.

The Web Filter and Application Filter need improvement.

In the Web Filter, there is a problem to block YouTube by HTTPS, so this needs to improve.

There were no stability issues.

There were no scalability issues.

I would give the technical support a 10/10 rating.

The setup was straightforward and user-friendly.

Compared to the other products, it is good.

We evaluated SonicWall.

Close your eyes and just go for it.

It has made internet usage more productive for internal users.

Web application filtering eases internet access control.

The Traffic Discovery feature should allow administrators to disconnect unnecessary live connections.

No.

Yes.

Great.

No.

Straightforward.

Licensing is a bit costly, mostly for features requiring subscription.

No.

Good networking knowledge is essential for a smooth implementation.

There has been great productivity as, during working hours, I have managed to to set them to view that which relates to the nature of our business.

Content filtering, as this enables me to control that which employees can view at different time quotas.

VPN configuration is not very swift.

None.

None.

Seven out of 10.

Cisco. Changed solutions due to its command based interface.

It was straightforward and much simpler to set up than expected.

It is very reasonably priced as compared to other solutions in the market.

I only evaluated Cyberoam and found it to not be user friendly.

It is certainly worth a try as it does the job well.

Firewall, Web Filter, Application Filter, VPN SSL, VPN Ipsec. in one applicance. For a small-medium enterprise this solution is easy to manage and operate. All features are ways to control the security of you network.

Maybe network traffic analysis for malware and malicious behavior.

No.

No.

8

Yes, the older solution was very limited.

None that I remember.

None.

Yes, Fortinet.

Enjoy!

Usability: The admin interface is great and easy to use, no need to search documentation; stability and performance are what my company demands.

Web AV, Content Filter, reliable site to site VPN.

Reporting.

Close to a year, and the Sophos UTM 9 for almost two years.

Nope.

So far, no.

I never used it, but I hear it is quite good.

We use to have a few old Microsoft TMGs; it was time to replace.

If you know what you are doing it is really straightforward and quite simple to deploy, setup and then go have a drink.

The hardware has no user limit (the hardware is the limit) while the virtual edition has user limits (I do not like limits). It is a bit expensive, but totally worth the money.

Yes, Palo Alto (awesome product, but a firewall cannot be more expensive than a kidney). SonicWall, a little cheaper, but I’ve found it to be a lot more counter-intuitive to use, did not like that at all.

Go for-it! If you don't have solid knowledge of firewalls, hire someone who does.