Sophos Firewall Reviews

We primarily use Sophos XG as edge routers and edge firewalls, also known as border firewalls. We configure rules where specific users are allowed internet access and use rules for policy routing. We also control traffic for specific services, such as directing emails to one service provider while normal internet usage goes to another.

Sophos XG has helped us reduce virus and malware attacks. This allows our IT team to spend less time on troubleshooting and more on productive work. The ability to control what comes into and goes out of the network improves overall efficiency.

Sophos XG's most effective features for threat detection and management are its UTM components, which are useful for malware prevention and intrusion detection.

The firewall could be made more robust, particularly by simplifying two-factor authentication. It should also improve SD WAN capabilities. Additionally, there are issues with site-to-site VPNs dropping connections, which can be frustrating.

We have been using the solution since 2018.

Stability is generally okay. Customers have used the equipment all the way to end of life without major issues.

Scalability is not very flexible. You can't upgrade memory or storage on a specific model, which limits scalability.

The quality of support varies. The team handling application control is very good, but we have had bad experiences with the VPN support team. It all depends on the specific team you are dealing with.

The setup is user-friendly and quite straightforward, especially for basic configurations.

Sophos XG reduces virus and malware attacks, addressing network efficiency and cost savings indirectly by minimizing the time spent on troubleshooting.

Pricing is reasonable. You get a perpetual license. That said, you must pay for support and updates. The cost depends on the package you are in, such as full threat management or basic.

We have also worked with Fortinet Firewalls and Palo Alto. Price-wise, Sophos XG is reasonable when comparing similar models.

When recommending Sophos, we consider the customer's specific requirements and infrastructure compatibility. Sophos is user-friendly and suitable for environments without highly technical staff because it is easy to manage.

I'd rate the solution eight out of ten.

Our main use case at the moment for Sophos XG is to create a site-to-site VPN with one of our clients. We cannot use AWS VPN, so we use Sophos XG.

We only used the VPN functionality. We did not explore other aspects of the product beyond the VPN capabilities.

The IPsec VPN is the only feature we utilized in Sophos XG. We did not explore the web and application filtering capabilities, and these features have not helped our organization in managing bandwidth or access to malicious sites.

The user-friendly interface of Sophos XG is acceptable but too complicated. There are many options and configurations, but it is very complicated to navigate through all those options if you are not familiar with the product.

Sophos XG can be improved by making the UI more user-friendly. They should add packet capture functionality in the UI instead of requiring users to access the server directly for this purpose, as it is a very useful tool that everyone needs. Additionally, it can be confusing when working in the AWS Marketplace, as users might mistakenly purchase the old version of Sophos XG.

I have been using Sophos XG for three or four months. It is new, and we may discontinue using this product because it has not met our requirements.

Considering the deployment flexibility of the Sophos XG firewall, hybrid deployments have not supported our organization's diverse technological infrastructure.

It is a bit early to tell, but Sophos XG is adequate for my company's growing needs at present.

I have not tried their customer service and technical support.

Positive

I have considered other solutions before Sophos XG, including pfSense, AWS firewall, and Kato firewall.

I was previously using AWS firewall and Kato firewall before switching to Sophos XG.

My experience with deploying Sophos XG was easy.

My experience with pricing, setup costs, and licensing was through AWS.

I do not use the security heartbeat functionality.

I have not tried the synchronized security feature of the Sophos XG firewall.

I am not particularly interested in being a reference to the vendor. We do not use Sophos extensively, so I may not provide substantial insights.

What led me to consider changing was that we thought the VPN configuration was not working because of the product we used to work with, so we tried other alternatives.

On a scale of 1-10, I would rate Sophos XG a seven or eight, though this rating is limited by our minimal usage of the product.

We work with the entire portfolio of Sophos as we are a Sophos partner. We always wish to sell Sophos's entire portfolio to the client.

The features that I find most effective in enhancing network security include EDR and XDR.

Sophos needs to do a lot of roadshows to attract enterprise customers. Their marketing strategy is quite low, and they need to enhance engagement with partners. There's room for improvement in their response time for technical support.

It's been almost four years.

Technical support is good enough. That said, since the changeover of their ERP system, they are facing problems, and the partners are also facing problems in the portal. The response time should be improved.

Positive

We are dealing with other vendors like Fortinet, Palo Alto, and Check Point. When the client uptake is known for Sophos, then we try to pitch Fortinet.

When it comes to email security and endpoint securities, Sophos pricing is higher than other vendors when compared competitively. For firewalls, to some extent, it is okay. People don't consider Sophos as an enterprise product; they consider it as an SME product.

I recommend Sophos Next. Js to others. But when people don't consider Sophos as an enterprise product, we try to pitch Fortinet.

I'd rate the solution seven out of ten.

We can recommend Sophos XGS for industrial software companies, small businesses at the entry-level, as well as enterprise companies. We offer it for a range of customers, from entry-level to high-end.

The reporting in XGS is a major benefit for us. In other platforms, we can't get reports for one or two months. Secondly, it's very easy to handle and understand, and the deployment process helps enhance our skill set. 

The integration with Azure SSO and IPsec is also great. I like the remote access feature, and I would like to see IPS included as well, where we get more detailed reports and can identify and block issues from a single source.

There are a lot more features I haven't explored yet. We just implemented it based on our colleagues' recommendations and are currently working through the support checklist.

Migration and support processes are improving. Even people new to Sophos are finding it easier to manage now.

A lot of training is required. When I train our engineers, they aren’t able to get sufficient training from Sophos-hosted sessions. We only find textbooks and some videos on Sophos portal. 

More live sessions or time-bound training would help us understand how to pitch the firewall or use specific features, like advanced photo settings or integration with SD-WAN. 

We need to know which feature is suited to different environments. Right now, that knowledge gap makes us more dependent on OEM support, which could be reduced by up to 40% if more training was available.

For me, reporting is a major area for improvement. Detailed reports help pinpoint issues like usage bottlenecks or abnormal activities, allowing us to fine-tune the firewall. IPS in XGS is great because it provides timely attack reports we can present to management. Integration with Active Directory could also be better. Sophos Central integration is good, but the firewall’s performance is slow when accessed through Sophos Central. Our clients also experience slow access when using their credentials. That’s a bottleneck I’d like to see resolved.

I have been using it for the last three years.  

The customer service and support have been very good. It's much better now than it was a year ago. Back then, responses were slower, but now their technical support is good. However, RMAs (Return Merchandise Authorization) can still take a while. For instance, recently it took two days to analyze a faulty box. 

Maybe it was due to the weekend, but after I raised the request on a Friday, the replacement box only arrived by Thursday. This caused a delay, and we didn't have any alternatives for providing Internet services to our clients during that period. It takes longer with XGS devices. So, I would deduct points for the delays in RMA and pricing.

Positive

Along with XGS, we push antivirus with laptop encryption, and also Sophos Intercept X for endpoint protection. We push all these products, along with the red devices (hardware appliances).

We're not pushing Sophos MDR because of the pricing. Clients aren't accepting it because competitors offer lower prices, and clients don't fully understand the additional features of MDR. 

For endpoint protection, I only push Sophos antivirus with all the compliance features, like web filtering, data encryption for laptops, and protection for remote users. For MDR, we focus on larger companies.

We deal with corporate offices. For those types of clients, we push for MDR/XDR. However, they are also checking out other features and platforms because we've had some large opportunities. 

Compared to other products [like Fortigate, SonicWall and Palo Alto], Sophos's pricing is a little higher. 

The second thing is that support is very good, but we're having more issues getting pricing for the Sophos device on time from our vendors. Whenever we request pricing, we simply drop an email. 

We create comparison sheets for Sophos XGS when pitching to our clients. We highlight the benchmarks and advanced features, like reporting, that aren't available in other products. We emphasize the value of the bundle that comes with the firewall role. This is a major factor in convincing clients to choose Sophos XGS. The reporting capabilities and overall features are good.

I would recommend using Sophos. We push Sophos to most of our clients. Almost 99% of them use it. Only a few clients prefer FortiGate due to company policies, and some use Check Point, but we mostly recommend Sophos XGS.

Overall, I would rate it an eight out of ten. 

When compared to older versions, after the 2021 update, there have been significant improvements. Routing has become easier, and integration with third-party platforms like Azure and IPsec is seamless. Creating policies for different VLAN compliance requirements is also simpler, and the flexibility now is much better than earlier versions.

I am using the Sophos firewall, such as the XG series 2300. Some other branches have Sophos and Fortinet. There is an additional failover feature for site to site vpn in Sophos.

Sophos firewall has failover facilities for site to site vpn. When one active tunnel goes down, backup tunnel goes up automatically. It helps my organization to keep the service up always.

Sophos has a centralized management system where I can manage and control all the Sophos firewalls at the same time. They have introduced MDA threats in their latest version. Sophos firewall is a little bit cheaper than Fortinet. Some features are free. There is a central management system, which is a free service from Sophos.

There is no option for right-clicking on any feature after logging into the firewall. I am unable to open a feature in a new tab. In FortiGate, I can do it; in Sophos, I cannot.

I have been working with Sophos for around one and a half years.

When Sophos introduced firmware version twenty, there was a bug in DHCP server. Later, they removed it, and a bug-fix firmware was introduced. Now, the latest firmware version of the firewall is stable

I am satisfied with the support team.

Positive

Before using Sophos, I was working with Cisco ASA Firewall and Fortinet.

It's really easy to configure the firewall.

I will recommend both Sophos and Fortinet. 

Overall, I rate Sophos firewall nine out of ten. There is no option for right-clicking on any feature after logging into the firewall. It would be helpful if there is right-click option here.

The major support that my company gets from Sophos is in the areas of web and content filtering. Users are able to filter out the web traffic, so they can consume whatever they need, and they can stop at the gateway level whatever they don't need. If social networking websites are not required for my company's developers, I can stop them right away. The categorization of the websites is pretty good, and people are very happy when they can do the customization. If users need to have some kind of exceptions, they can go for the exceptions very easily without any disturbance to the other end users. The best part of the product is associated with its web and content filtering features.

As my company does not cater to the needs of customers with very large networks, I haven't faced any challenges with Sophos XGS and my company is happy with the solution till date.

When it comes to the telemetry data, which comes under what you call the tool's service part, better known as MDR, I feel Sophos should add more telemetry data to its products. The tool should support multiple vendors and multiple OEMs. Right now, I think there are only less than a dozen vendors or OEMs supported by Sophos. I feel Sophos should support tools from more vendors.

I have been using Sophos XGS for four years.

When it comes to the process of scaling up, it is okay upto 5,000 users that I manage. Sophos has the appliances to cater to the requirements of 5,000 user networks and I know it because it is the customer range in which I deal. I don't go to a customer or a client that has more than 5,000 user networks.

The solution's technical support is excellent. I rate the technical support a ten out of ten.

Positive

My company does deal with other vendors in the market, but we feel that Sophos XGS is much more customizable and a readily available solution. A good thing about my company is that we have very good hands-on expertise, especially in areas like pre-sales and post-sales, where we have tech teams that are well-versed in areas like technologies, training, and modules while also ensuring that they stay up-to-date so that the team has all the sufficient knowledge to support themselves and also our customers' networks.

The product's initial setup phase is very straightforward. The GUI and everything else associated with the product are very straightforward.

The solution can be implemented in a couple of hours.

Only very large enterprise customers will have an edge with a tool similar to Sophos XGS because they have that kind of device and hardware, which can cater to around 10,000 or 20,000 user networks. My company does not deal with any large enterprise-sized customers, and so we are happy with Sophos.

Speaking about how the tool is deployed in our company's customers' network environment, I would say that it is done at the gateway level. With the gateway-level firewall, my company protects the network of our customers by applying the firewall, as well as the endpoint security, both provided by Sophos.

Speaking about the tool's threat intelligence capabilities on security posture, I would say that after content filtering, it obviously comes to threat monitoring. Sophos has SophosLabs, and it always gets updated. Users need not worry about the new threats or new landscapes coming in, as Sophos will take care of the aforementioned areas by default. Users need not depend on any third party for threat intelligence as the tool is sufficient to manage any kind of threat.

Sophos XGS has contributed to the reduction of the overall security costs of our company's customers. The biggest good point about the tool is related to the area of sizing. Sophos offers firewall tools for each and every size of the network. Irrespective of whether I have a small network in a branch office or a large network, I can get the appliances from Sophos to fit any size. I need not worry even if I am a company with just 25 users, as I need not spend lakhs of rupees. If I have a large network, even then, my hardware will be sufficient enough, and the cost offered by Sophos is obviously very competitive compared to the solutions offered by competitors in the markets.

Considering the sales, support, and post-sales services, I rate the tool a nine out of ten.

Sophos XGS is primarily used for similar use cases as Fortinet. It is utilized for network security, with a focus on cost-effectiveness in comparison to Fortinet.

Sophos offers a centralized system available to everyone, even for their smaller models, which is an advantage over Fortinet, which requires separate purchases for similar services.

Some of the most critical features for enhancing network security with Sophos XGS include their centralized management system, vulnerability system, and integrated IDS. Additionally, Sophos offers a centralized system available to everyone, even for their smaller models, which is an advantage over Fortinet, which requires separate purchases for similar services.

Hardware stability needs improvement. I have experienced multiple hardware complaints, particularly during firmware updates that sometimes cause crashes. Improvements to the hardware would be a critical enhancement.

I have been working with Sophos for more than three years.

While the software and policy implementations are stable, hardware can be critical, reflecting in a rating of seven point five out of ten.

In terms of scalability, Sophos XGS can be improved due to hardware faults, reflected in a rating of seven point five out of ten.

Sophos has a good technical support team, with a rating of nine out of ten.

Positive

We are working with both Fortinet and Sophos, deploying solutions based on customers' needs.

The initial setup of Sophos XGS is user-friendly and can be done within a few hours.

We have eight network security engineers in our team, and the number involved in deploying Sophos varies depending on the complexity of the task.

As for the commercials, they are cost-effective, and the price is justified by the overall results.

The pricing is justified, and the solution is considered budget-friendly compared to other vendors.

We have evaluated solutions from Fortinet and other vendors to address different customer needs.

The overall rating for Sophos XGS is eight out of ten. It is a good option for a budget-friendly environment, despite hardware issues.

I am already a partner for service, and I recommend Sophos to our customers. I usually resell the company's products and do not directly implement them. Mainly, I recommend Sophos XGS to medium businesses.

The UI for Sophos is very simple.

There could be improvements for IPsec VPN setup. They could also improve their marketing strategy and lower their prices.

I have been familiar with Sophos XGS for around five to six years.

The technical support by Sophos is great. I rate their support nine out of ten.

Positive

One company I worked with switched from Sophos to Fortinet. Their marketing strategy for Fortinet is very high. We choose Fortinet first, then Sophos.

Sophos pricing is very high. The last instance I purchased was for three years, around $3,700 for SDG 125. Maintenance and support are included.

In the market, the best options these days are Sophos and Fortinet. Fortinet seems to have a better marketing strategy.

I still recommend Sophos, mainly for its simple UI. Improvements could be made for IPsec VPN, and their pricing should be lowered.

I'd rate the solution eight out of ten.