Sophos Firewall Reviews

XGS' most valuable feature is ransomware protection. 

In the next release, XGS should include mobile features like two-factor authorization.

I've been using XGS for seven years.

XGS is stable.

XGS is scalable.

Sophos' technical support has degraded in the last couple of years. They seem to need to ask a lot of questions, even with simple problems, and take a long time to provide solutions.

The initial setup is simple.

XGS' price could be lower, though it's moderately priced in the market.

I also evaluated SonicWall and FortiGate.

XGS is a perfect product for small and medium businesses. I would rate it as eight out of ten.

Primarily, I use XGS for security and authentication.

Sophos XGS' most valuable features are protection and intrusion prevention detection.

Sophos XGS's response to zero-day attacks could be improved. In the next release, Sophos XGS should include signature filtering, hybrid cloud support, and the ability to scale without replacing the hardware.

I've been using Sophos XGS for four to five years.

Sophos XGS is a stable product.

Sophos XGS can scale up and down to 1,200 users, but if you want more users, you have to change the appliances too.

Sophos' technical support is good.

Positive

Sophos XGS is easy to set up if you have knowledge of the system.

Sophos XGS costs around $6,000 for a basic license.

I would give Sophos XGS a rating of seven out of ten.

I am a cyber professional. I support customers with this solution. Sophos XGS is primarily a firewall. The product allows my customers to manage their internet access for their employees while protecting their environment from things like malware.

The solution requires one administrator as it does not require much maintenance. It depends on the usage and the environment. For example, in some account configurations, the environment has only four or five rules, other times there are over 100 rules. More rules will require more maintenance. 

The most valuable feature of Sophos XGS is the application control. I also enjoy the dashboard and reporting that it provides to my customers. 

Sophos helps my customers manage applications from accessing the internet, not only websites. We can ensure there is limited access to applications like Facebook. For example, Facebook is not accessible, but Facebook Messenger for chatting is. This prevents posting and sharing. We make restrictions without prevention.

Sophos XGS would benefit from further development in the SD-WAN area. It would be great if they could give technical people access to all the WAN links that we are connecting to, including inside the SD-WAN. 

They should make available or round robin inside the SD-WAN. This would allow us to move to another link if one goes down.

I have been using Sophos XGS for six years.

There have been issues with the stability of this product. Sometimes it requires restarting. We have looked into the client environment and this is not causing the instability. The problem is common.

Sophos XGS is not scalable. It is a hardware appliance and we should migrate the settings if we need to. In order for it to scale, you require additional hardware.

Sophos' technical support is responsive. There are times we need to push them to accelerate the process because there is a delay in replying. Sometimes, the first stage of first-line support does not have enough knowledge.

Overall, I would rate their technical support a three out of five.

Neutral

The initial setup of Sophos XGS is straightforward. I would rate it five out of five for ease of setup.

The cost of Sophos XGS is based on per unit, per appliance, and capacity. The capacity depends on the environment. Based on the size, we choose the model. The model selected dictates the pricing.

When comparing the pricing of Sophos to the competition, I give them a five out of five. It is competitively priced.

I have worked with Fortinet and WatchGuard. Other solutions have better performance and security value than Sophos XGS. 

Sophos has most of the features. If they don't have the features one year, they are added the next. At one point they did not have SGON, but now they do. It is not performing like Fortinet or Watch Guard, they need to do some enhancements. 

Sophos has the upper hand on reporting on the firewall itself. For small to medium-sized businesses Sophos is better than the competition.

If the organization is small or medium-sized I would recommend this solution. I would give it a nine out of 10 in this case. If the company is enterprise level, I would rate the solution a five out of 10.

Overall, I rate the Sophos XGS a seven out of 10.

We primarily use the solution as a firewall.

The most valuable features are the Sophos management or the central management, including the reporting and managing of multiple firewalls using Sophos Central.

The synchronized security, which also integrates with the Sophos endpoint, is great. That's one of a few of the main features which is beneficial with Sophos XGS.

The solution is stable.

The setup is simple.

There were certain lacking capabilities, for example, the searching of its settings et cetera, previously in Sophos XG. There have been some features that were not visible or unavailable compared to the one here on Sophos XGS. Right now, Sophos XGS is stable with its current firmware and hardware versions. It’s gotten better.

I can’t speak to which features could be added.

As long as they just maintain the stability of the firmware version, we will remain happy.

Support is great, however, it can always be improved.

I’ve been working with the solution for one year. We’ve used it since 2021.

We’ve found the product to be stable. There are no bugs or glitches. It doesn’t crash or freeze. It’s reliable and the performance is good.

In general, the solution is scalable.

Its features and configuration can expand. As long as the engineer or the implementer knows which policies are needed, the Sophos firewall integrator can also help with that. If he or she does not know any complicated solution, Sophos support is also there to help.

I’ve had interactions with Sophos support.

They are actually quite responsive with their cases, as long as the open cases is properly informed or properly included with the right information.

They could always improve support a little bit.

Positive

The initial setup is just a simple set of options. Sophos also provides a lot of data sheets and tutorials online. During the initial setup, there is a guide, which the user can just follow as long as he or she knows their internal network. It’s pretty straightforward.

The maintenance isn’t too intense. However, it is on a case-by-case basis and depends on the complexity of the environment and size.

I really don't have visibility with the pricing. However, the price depends on the size of the box, which indicates that the more users you have, the bigger the box, the higher the price you have to pay.

I haven't had the opportunity to work with other solutions. There are a lot, like Palo Alto, which, in terms of security, are much better than Sophos, as people say. However, Sophos can also work well. It just depends on the company's complexity or preference in the firewall.

I'm currently an agent and a Sophos engineer here in the Philippines. We’re partners.

While we work primarily with on-premises deployments, it is also available on the cloud.

I’d rate the solution eight out of ten.

It is a firewall appliance that is used to provide security for network infrastructures. We have it deployed at the edge of our network and we also sell it to other clients to protect their network infrastructure. 

This solution is really easy to use and deploy. It has a dashboard where you can see everything going on within your network. There is also a cloud component so if you need to secure your computers or servers, this can be done using Central Intercept X Advances. Everything is connected to their cloud platform where you can manage either your end point solution or your firewalls.

I have been using this solution for five years. 

It is very stable. I have not heard of any issue where clients would have to replace hardware. It's been really stable for a long while.

This is a scalable solution. This does depend on the are different categories of the XGS. The license you buy would be determined by the number of users intended to use it. 

The support team are helpful when you eventually get hold of them which takes a long time. They can improve how quickly you get technical support.

Neutral

The initial setup is straightforward and takes 15 minutes. The time it takes to setup depends on what you're trying to achieve and how complex you want your configuration to be. 

We completed the implementation in-house for our business and for some of our clients. 

We have started seeing ROI using this solution because one of their products helps you to prevent ransomware. It has helped to prevent ransomware from encrypting one of the systems of one of our staff. That is a huge return on investment

The cost is $10,000 for an annual subscription. 

This is a good product for small and medium enterprises. I can't say how it performs in a large environment. It is a very stable solution. Just like every other product, you need to have someone that has the necessary skill set to manage it. Somebody needs to learn how to set it up and configure it depending on the environment.

Basically, we are using these products for our waste filtering, then application filtering and bandwidth management purpose.

The major benefit is that I can shape my bandwidth, basically. In Bangladesh, we do not have a lot of bandwidth management or bandwidth capacity. We have a limited capacity and we share the many people in this capacity. I can shape my bandwidth using this Sophos file, so everyone gets a minimum level of bandwidth. If the user is higher-end, then getting the lower end and the user has the minimum level or less than 1000 or 500, and they're getting better than that.

Sophos has a feature for user credentials, which means if users are not logging into the capital portal of Sophos, they're not using any internet. We can advertise some products and features using these portals for our university. Basically, I am working at a university, so the university's different features and the different departments are using this portal. If students see this advertisement and then after they log in to the credential in the capital portal and use the internet.

Sophos is good for a mid-level company, not a large-level one. If the user level is very large, Sophos is not capable of handling such a high level of users. It, therefore, needs to improve the devices so that they work in larger organizations and with a large number of users.

When we use the hardware level of the device, the RAM or other storage capacity is fixed. We could not change the memory or other capacity of this device. If we need some improvement in capacity, we get different types of problems. If RAM usage is too high or capacity moves higher, the Sophos device does not work properly.

Sophos has a number of additional features, however, the user graphical interface, the graphical interface when we are using CyberRoam, the user portal, or user interfaces, are so much smarter than Sophos. In Sophos, the user portal is not user-friendly. This needs to change, the UI.

I've worked with the solution for the last four years. 

The solution is stable and reliable. There are no bugs or glitches, and it doesn't crash or freeze. I'd rate the performance at 75%. Some improvements could be made. 

We have 4,000 or 5,000 people that are connected in Sophos.

It is not easily scalable as it has fixed capabilities and that means C2 RAM is fixed. That makes it not easily scalable.

We use the product on a daily basis. 

Sophos' technical support is not good. I have not been getting better support from their technical people. The response time needs to be better.

I am also using the Cisco Firepower model 4110.

The main difference is basically Sophos is not like a Firepower. Sophos we can call by the UTM device management. For security purposes, we are using a Cisco firewall for different types of attacks. For bandwidth management with filtering and other activities, just normal activities, we are using Sophos.

The initial deployment is not complex, however, it's mid-level. You do need some experience. It depends on the device model. If we purchase the higher model, then the price or other investment is also more.

The deployment takes a maximum of one month. We do maintenance on the devices maybe once a year. 

For the deployment process, the partner helped us deploy the devices and three people were working on the deployment.

The initial price is high and we purchased a three-year licensing model. Every three years, after every three years, we need to renew Sophos. Everything is included under the license. 

The pricing is quite low, and we are quite happy with it.

We're a customer and end-user.

We are using the hardware version of the product. It's the latest version. 

I'd rate the solution a seven out of ten.

Sophos XGS is used as a firewall to protect my home network.

Sophos XGS that's a good firewall. If you use the endpoint, then you have what Sophos calls synchronized security. That will mean that if one of the endpoints is affected, it will be automatically set in isolation.

In the new release 19, there should be the implementation of a cloud service that you can use to set up the IPSec tunnels, and the SD-WAN from the WAN dashboard, and then you can push that configuration out to every firewall that you have.

I have been using Sophos XGS within the last 12 months.

Sophos XGS is highly stable.

The hardware is more scalable than the MSPs, you can have a firewall as big as your want. The solution is scalable.

The technical support in Norway is very good. I have had an excellent experience with them. However, I am the technical support for the Sophos XGS in my country of Norway. 

We have very good contact with the Sophos SEs in Scandinavia. I think we're good.

When comparing Sophos XGS to other similar solutions they are 80 to 90 percent similar. But Sophos firewall has a web application firewall that you can license and use in the firewall. Not every firewall has that functionality. Typically you have to buy another client if you want the web application firewall but within Sophos XGS, you can have it within the firewall.

I have used other solutions, such as CheckPoint, SonicWall, and WatchGuard.

The initial setup could be difficult depending on what you are looking to do with it. However, if you only use it as a firewall, it's straightforward. You can make complex SD WANs and other configurations. You can do whatever you want with it. At home, I can just configure it straight as it is by clicking next until it is finished. If you have a complex environment then the setup of Sophos XGS could be difficult.

The price of the solution is reasonable and their target market is small to medium-sized companies.

We do not have any complaints from our customers and have the functionality that our partners and customers need.

I rate Sophos XGS a ten out of ten.

We use it for network protection. We use Sophos XG as a firewall in our own company, and we have also implemented it for customers. I have been using Sophos XG for a small office for my own family. 

We have also implemented Sophos Email Gateway for government mailing servers. It is not so elaborate, but for basic usage, it works very well.

We have implemented version 17 to the latest version of Sophos XG.

I like it for its simplicity. It is very simple to configure and implement. It is a very good product for medium-sized organizations.

There should be web caching to improve bandwidth utilization. It should have a very good caching feature. That's because we are in a very poor continent, and the connectivity cost is very high. We have low bandwidth, and the intensive usage of bandwidth is not easy here in Africa. If they improve services for web caching, it would be better.

It should also support a feature for Virtual Domains. Similar to FortiGate, we should be able to use a single device to create two or more virtual units. Such a feature is useful for separating the traffic between departments in a large enterprise.

When I try to use Sophos for Email Gateway, it's not easy to check a user in the LDAP directory. It's not as good as other products, such as HCL Domino. Sophos is good, but it is not so good. When we use the LDAP filter to select some users, we have small problems, but overall, Sophos is very good for me.

Their support in Africa is not so good, which is a problem. Their support can be improved.

I have been using Sophos technology for four years.

It is very stable.

Generally, when we implement a Sophos product, we do the sizing and plan the resources based on the expected traffic. We anticipate the resource usage for one or two years, which helps with scalability, but it is a product for medium enterprises. In my company, we have around 20 employees.

Their account manager and support in Africa are not so good. Their community support is very good, and a lot of times, I use their community when I need any kind of support, and I get a response for my issue. 

I use Sophos and Fortinet. I sometimes also use Cisco Firepower. We are an integrator in West Africa, and my choice also depends on a customer's choice. Sometimes, they are telecom operators, and sometimes, they are small companies, such as non-governmental organizations.

It is very easy to implement.

Its price is good. All features are grouped in the same license. It is an all-in-one license, and the license price is acceptable.

I would rate it a nine out of 10.

Network Security

Performance has been as per expectations and productivity has greatly improved as there are no downtimes experienced.

All of Sophos XG's features are valuable.

Sometimes when you roll out a new firmware, you find that the rules you already have in place are broken, so it's difficult to migrate to a new firmware without going through release notes and user reviews. That's the only downside I've experienced in Sophos.

I've been using Sophos XG for about four years now.

So far, so good. Sophos XG has been stable, and we have not had any challenges.

I find Sophos XG to be scalable. I only have one site, so I still see room for that kind of deployment. I don't see a challenge when it comes to the scale. I have around 150 users.

I rate Sophos support 10 out of 10. When my device was freezing, I contacted them, and they sent me a replacement. I didn't have a redundant device, so it was urgent. It only took a couple of days for Sophos to ship the device to Kenya. 

Positive

I rate Sophos UTM eight out of 10 for ease of deployment. We didn't have any serious issues. The only challenge we had was migrating from Sophos UTM to XG. There was no direct migration, so we had to do a manual configuration. 

After deployment, the solution doesn't require much maintenance. So as long as my connections are up and running, I don't need to do any maintenance. All the updates are automatic.

Both teams were involved. The in-house team was more familiar with the network environment and requirements. I would rate the vendor team's expertise 8 out of 10.

Sophos XG's price is affordable for most organizations, so I rate it six out of 10 for affordability.

We looked at FortiGate to see how it performs compared to Sophos. I wouldn't speak for the other vendors because I'm mainly using XG, so I will praise Sophos.

I rate Sophos XG eight out of 10. I recommend Sophos XG. If you subscribe to the enhanced support, you get 24/7 customer service, so you can get help any time you need it. I wouldn't hesitate to advise people to implement Sophos.

I use this product for my VPN. It links site-to-site between us and my client's VPN.

All of the users have a unique ID that they use to connect to the VPN.

The product also does site blocking based on the category of the website that the users are trying to access.

I can also use it to monitor all of the users' activities.

We use this in our physical environment.

During the pandemic, this product helped our employees connect with the office network. Security-wise, it provides IPS filtering, which is also quite benefiticial.

The most valuable feature is the VPN. Over the past two years, during the COVID pandemic, the VPN has helped us a lot. All of the users are able to connect with our office network using their own devices.

The interface can bit a bit more user-friendly. For me, it's still user-friendly and I don't find it difficult to use. However, the configuration should be more user-based. As an example, IPSec is complex and a little bit difficult to configure. If it were more like Microsoft Azure and the way their online configuration works, it would be an improvement. As it is now, I have all of the settings inside the device, so I can clone them and use them for customers. But, on the customer's side, it is difficult for people to understand.

Our Wi-Fi network is not working as well as expected.

I have been working with Sophos XG since December 2019.

This is a product that we use every day. Without it, it is very difficult for us to work. I really like the reliability and the performance of the Sophos device, but I'm facing a few issues with my Wi-Fi networks. This device supports the Wi-Fi network, but it's not quite as good as we expected. I'm not sure why it is not working so well for me.

This is quite a reliable device, even as we scale it. We have fewer than 35 people in the company that uses it.

It has been a very long time since I have contacted Sophos technical support. It was very difficult to get connected with customer service. Finally, after reaching customer care, which was handled by Cyberoam, they helped me out and fixed whatever issue I was facing.

My customer care team is not in India, and this is something that we expected to have.

Prior to Sophos XG, I was using the Cyberoam product. Cyberoam was acquired by Sophos. Aside from this, I don't have much experience with other providers.

It is not complex to set up. Initially, it is a simple configuration but they should have default profiles available. For example, many companies only need a generic configuration. Even if it's just a static IP to get them started and then they can assign a default profile for all of the users inside the company.

Our initial deployment took between two and three days to complete. This included deploying a new server. In advance of beginning deployment, we spent one day gathering requirements. The Sophos part of the deployment only took between three and four hours.

The initial deployment was done by the vendor and me together. We had an integrator to set up the rack, and they supplied us with Sophos. Most of the configuration was done by me because the integrator did not have enough time.

I also take care of the maintenance including the patching and updating. One person is enough for this. I used to have an assistant but now, I'm the only person that takes care of it.

The price of this product is fine for me. For example, there are open-source solutions available on the market, but I trust Sophos. I know the vendors in India and I trust the product.

I paid approximately 57,000 Rupees ($750 USD) for three years.

Personally, I like this product and I like the vendor. The platform is very good and apart from the wireless interface issue that I am having, working with this product has been a very good experience.

I would rate this solution an eight out of ten.