Sophos Firewall Reviews

We have experience with Sophos XG, which is the older version as well. It has been around three or four years that I have been working with Sophos XG.

We are the partners of Sophos XG, and we are in the partners platform.

For Sophos XG, we are not using it in our on-premise environment, so we pitch it to customers based on their requirements.

In some scenarios, we offer maintenance for the firewalls, especially in high availability situations.

The interface of Sophos XG is basic, and we can manage it easily compared to other firewalls; for example, it is much easier for configurations than Palo Alto.

Regarding the security level in Sophos XG, we need to see the Gartner reports because there are competitors such as SonicWall that we have to consider.

As for valuable features in Sophos XG, I am not able to recall many at this moment, but it has good integrations with Active Directory Protocol and others.

I do not have any specific ideas on what disadvantages Sophos XG could improve upon.

Everything has been good; I have not encountered any major challenges or problems.

AI could be one of the area for improvements.

It has been around three or four years that I have been working with Sophos XG.

We have found that Sophos XG is stable; I would say it is stable overall.

I am not sure how scalable Sophos XG is.

We have not reached any enterprise customers pitching for Sophos XG, so I have no clarity on its effectiveness for them.

The technical support from Sophos XG is good, and the response times are also good.

Positive

The installation of Sophos XG is quite easy, and we have not found any difficulties in the process.

That is the older version of Sophos XG.

Generally, Sophos XG is used in an on-premise environment.

Adding AI features would be practical, especially given the current trend of integrations across products.

Clients would use AI in the product for addressing configuration issues or simply to query the AI when they face problems.

Regarding disadvantages, only the potential for AI in configuration seems to be the area for improvements; I cannot clarify any more disadvantages.

I give Sophos XG an overall experience rating of nine out of ten.

On-premises

The primary use case for Sophos XG is for two reasons: the firewall capability for protection against malware and Sophos XG's extended capability in routing and IP routing. I use it in a small organization.

The most valuable feature of Sophos XG is its routing and network routing capabilities. I particularly appreciate the routing capabilities that Sophos XG has.

There is room for improvement in the cybersecurity and personal information protection areas of Sophos XG.

I have been using Sophos XG for about seven years.

The initial setup was complex, but since our last conversation, I am happy with what I have.

I rate the stability of Sophos XG as nine out of ten.

I would rate the scalability of Sophos XG at about an eight.

The technical support directly from Sophos is not that great, which is why I had to employ a local company that deals with it more to assist me.

Negative

I used a different solution before Sophos XG, but it did not provide the routing capabilities that Sophos XG has, which is why I switched.

The initial setup of Sophos XG was complex, but after our last conversation, I am content with the product.

As an end user, I am not involved in the installation process.

The problem with the return on investment for Sophos XG is the three-year license. The license fees are extremely expensive, and in most cases, once the license has expired, Sophos requires the purchase of new hardware if one decides to run it online, which is a major drawback.

Sophos XG is extremely expensive compared to other products, but its capabilities warrant the cost. However, the three-year license fees are significantly high.

I looked between Sophos and FortiGate before deciding on Sophos XG.

Based on my experience, I would recommend Sophos XG to other people. The overall rating I would give this solution is seven.

On-premises

We use the product for traffic and security control. 

We currently have multiple clients, and many users are working remotely. We need antivirus protection to guard against malware introduced from public networks. One of the most beneficial features of Sophos XG is its integration with Sophos Central. If any file is detected as malicious on any endpoint or firewall, Sophos Central immediately identifies the threat and publishes the information across all endpoints and firewalls. If a single system gets infected, the threat is communicated and addressed across the entire network, including all sites and remote users.

One drawback I've noticed with Sophos XG is that sometimes, the platform can become unresponsive. I've observed that it occasionally hangs, causing traffic to get stuck. During these times, users cannot access the internet or any services routed through the Sophos Firewall. This issue happens randomly and isn't something we've encountered with other firewalls like FortiGate, which we used in the past.

Dealing with licensing has been a big challenge for us. Despite our efforts to resolve issues through our sales contact, we've faced limitations. After confirming our purchase orders, we had to escalate the issue. We were ready to extend our licenses for two or three months.

I have been working with the product for a year. 

We haven't seen any major issues with customer support from Sophos. We have faced some problems, but we understand that the support team can sometimes be unresponsive.

Positive

When comparing FortiGate to Sophos XG, I would say that if I'm working on large-scale asset monitoring and security purposes, especially if I have a data center that requires firewall security, then FortiGate would be my choice. It's faster and more responsive than Sophos XG support. 

The tool's deployment takes two to three hours to complete. It doesn't require any maintenance. You would need one engineer to handle one application. 

I can say there has been some return on investment. It's good, but I would still say it's higher by about 10-15 percent compared to other market products with similar configurations.

The tool's pricing and licensing are very complex. As a developing company, we need approvals from management to make a purchase, which can take time. We asked Sophos XG to renew our current firewall license for one or two months while we plan to accommodate our increasing IT assets.

I rate the overall product an eight out of ten. 

We mostly deploy Sophos XG to our customers because we are an IT system integrator. Our primary use case involves working with small to medium businesses to control internet usage, perform web filtering, application control, and manage bandwidth.

Sophos XG is popular among small to medium businesses, allowing them to control internet usage, perform web filtering, application control, and manage bandwidth. Additionally, AI assists in configuration, offering clues when users are stuck, which enhances user convenience and efficiency.

There is interest in seeing more features related to AI and customization in future releases.

I have been working with Sophos XG for at least five to six years.

The installation process is straightforward and easy due to the training we receive. In new site setups, it's quick, but migrating from one vendor to another requires more planning and can take a couple of days.

I would rate the stability of Sophos XG as nine out of ten.

I would rate the scalability of Sophos XG as nine out of ten.

Customer service and support for Sophos XG is excellent, and I would rate it as a ten.

Positive

I worked with other vendors like Cisco, Palo Alto, and Microsoft long ago.

The initial setup varies by scenario: it's quick for new sites, but it takes longer for vendor migrations due to the need for seamless planning.

I have a dedicated team of five engineers who handle installations.

There are cost savings compared to competitors, providing more financial benefits.

Sophos XG offers good pricing compared to competitors. While there are extra expenses for additional features, overall licensing costs are well-regarded.

I would rate Sophos XG as a nine out of ten. The cost savings make it suitable for small to medium businesses with 50 to 300 users. Overall, I am very satisfied with the product.

On-premises

We primarily use Sophos XG as edge routers and edge firewalls, also known as border firewalls. We configure rules where specific users are allowed internet access and use rules for policy routing. We also control traffic for specific services, such as directing emails to one service provider while normal internet usage goes to another.

Sophos XG has helped us reduce virus and malware attacks. This allows our IT team to spend less time on troubleshooting and more on productive work. The ability to control what comes into and goes out of the network improves overall efficiency.

Sophos XG's most effective features for threat detection and management are its UTM components, which are useful for malware prevention and intrusion detection.

The firewall could be made more robust, particularly by simplifying two-factor authentication. It should also improve SD WAN capabilities. Additionally, there are issues with site-to-site VPNs dropping connections, which can be frustrating.

We have been using the solution since 2018.

Stability is generally okay. Customers have used the equipment all the way to end of life without major issues.

Scalability is not very flexible. You can't upgrade memory or storage on a specific model, which limits scalability.

The quality of support varies. The team handling application control is very good, but we have had bad experiences with the VPN support team. It all depends on the specific team you are dealing with.

Neutral

The setup is user-friendly and quite straightforward, especially for basic configurations.

Sophos XG reduces virus and malware attacks, addressing network efficiency and cost savings indirectly by minimizing the time spent on troubleshooting.

Pricing is reasonable. You get a perpetual license. That said, you must pay for support and updates. The cost depends on the package you are in, such as full threat management or basic.

We have also worked with Fortinet Firewalls and Palo Alto. Price-wise, Sophos XG is reasonable when comparing similar models.

When recommending Sophos, we consider the customer's specific requirements and infrastructure compatibility. Sophos is user-friendly and suitable for environments without highly technical staff because it is easy to manage.

I'd rate the solution eight out of ten.

Our main use case at the moment for Sophos XG is to create a site-to-site VPN with one of our clients. We cannot use AWS VPN, so we use Sophos XG.

We only used the VPN functionality. We did not explore other aspects of the product beyond the VPN capabilities.

The IPsec VPN is the only feature we utilized in Sophos XG. We did not explore the web and application filtering capabilities, and these features have not helped our organization in managing bandwidth or access to malicious sites.

The user-friendly interface of Sophos XG is acceptable but too complicated. There are many options and configurations, but it is very complicated to navigate through all those options if you are not familiar with the product.

Sophos XG can be improved by making the UI more user-friendly. They should add packet capture functionality in the UI instead of requiring users to access the server directly for this purpose, as it is a very useful tool that everyone needs. Additionally, it can be confusing when working in the AWS Marketplace, as users might mistakenly purchase the old version of Sophos XG.

I have been using Sophos XG for three or four months. It is new, and we may discontinue using this product because it has not met our requirements.

Considering the deployment flexibility of the Sophos XG firewall, hybrid deployments have not supported our organization's diverse technological infrastructure.

It is a bit early to tell, but Sophos XG is adequate for my company's growing needs at present.

I have not tried their customer service and technical support.

Positive

I have considered other solutions before Sophos XG, including pfSense, AWS firewall, and Kato firewall.

I was previously using AWS firewall and Kato firewall before switching to Sophos XG.

My experience with deploying Sophos XG was easy.

My experience with pricing, setup costs, and licensing was through AWS.

I do not use the security heartbeat functionality.

I have not tried the synchronized security feature of the Sophos XG firewall.

I am not particularly interested in being a reference to the vendor. We do not use Sophos extensively, so I may not provide substantial insights.

What led me to consider changing was that we thought the VPN configuration was not working because of the product we used to work with, so we tried other alternatives.

On a scale of 1-10, I would rate Sophos XG a seven or eight, though this rating is limited by our minimal usage of the product.

Public Cloud

Amazon Web Services (AWS)

We work with the entire portfolio of Sophos as we are a Sophos partner. We always wish to sell Sophos's entire portfolio to the client.

The features that I find most effective in enhancing network security include EDR and XDR.

Sophos needs to do a lot of roadshows to attract enterprise customers. Their marketing strategy is quite low, and they need to enhance engagement with partners. There's room for improvement in their response time for technical support.

It's been almost four years.

Technical support is good enough. That said, since the changeover of their ERP system, they are facing problems, and the partners are also facing problems in the portal. The response time should be improved.

Positive

We are dealing with other vendors like Fortinet, Palo Alto, and Check Point. When the client uptake is known for Sophos, then we try to pitch Fortinet.

When it comes to email security and endpoint securities, Sophos pricing is higher than other vendors when compared competitively. For firewalls, to some extent, it is okay. People don't consider Sophos as an enterprise product; they consider it as an SME product.

I recommend Sophos Next. Js to others. But when people don't consider Sophos as an enterprise product, we try to pitch Fortinet.

I'd rate the solution seven out of ten.

We can recommend Sophos XGS for industrial software companies, small businesses at the entry-level, as well as enterprise companies. We offer it for a range of customers, from entry-level to high-end.

The reporting in XGS is a major benefit for us. In other platforms, we can't get reports for one or two months. Secondly, it's very easy to handle and understand, and the deployment process helps enhance our skill set. 

The integration with Azure SSO and IPsec is also great. I like the remote access feature, and I would like to see IPS included as well, where we get more detailed reports and can identify and block issues from a single source.

There are a lot more features I haven't explored yet. We just implemented it based on our colleagues' recommendations and are currently working through the support checklist.

Migration and support processes are improving. Even people new to Sophos are finding it easier to manage now.

A lot of training is required. When I train our engineers, they aren’t able to get sufficient training from Sophos-hosted sessions. We only find textbooks and some videos on Sophos portal. 

More live sessions or time-bound training would help us understand how to pitch the firewall or use specific features, like advanced photo settings or integration with SD-WAN. 

We need to know which feature is suited to different environments. Right now, that knowledge gap makes us more dependent on OEM support, which could be reduced by up to 40% if more training was available.

For me, reporting is a major area for improvement. Detailed reports help pinpoint issues like usage bottlenecks or abnormal activities, allowing us to fine-tune the firewall. IPS in XGS is great because it provides timely attack reports we can present to management. Integration with Active Directory could also be better. Sophos Central integration is good, but the firewall’s performance is slow when accessed through Sophos Central. Our clients also experience slow access when using their credentials. That’s a bottleneck I’d like to see resolved.

I have been using it for the last three years.  

The customer service and support have been very good. It's much better now than it was a year ago. Back then, responses were slower, but now their technical support is good. However, RMAs (Return Merchandise Authorization) can still take a while. For instance, recently it took two days to analyze a faulty box. 

Maybe it was due to the weekend, but after I raised the request on a Friday, the replacement box only arrived by Thursday. This caused a delay, and we didn't have any alternatives for providing Internet services to our clients during that period. It takes longer with XGS devices. So, I would deduct points for the delays in RMA and pricing.

Positive

Along with XGS, we push antivirus with laptop encryption, and also Sophos Intercept X for endpoint protection. We push all these products, along with the red devices (hardware appliances).

We're not pushing Sophos MDR because of the pricing. Clients aren't accepting it because competitors offer lower prices, and clients don't fully understand the additional features of MDR. 

For endpoint protection, I only push Sophos antivirus with all the compliance features, like web filtering, data encryption for laptops, and protection for remote users. For MDR, we focus on larger companies.

We deal with corporate offices. For those types of clients, we push for MDR/XDR. However, they are also checking out other features and platforms because we've had some large opportunities. 

Compared to other products [like Fortigate, SonicWall and Palo Alto], Sophos's pricing is a little higher. 

The second thing is that support is very good, but we're having more issues getting pricing for the Sophos device on time from our vendors. Whenever we request pricing, we simply drop an email. 

We create comparison sheets for Sophos XGS when pitching to our clients. We highlight the benchmarks and advanced features, like reporting, that aren't available in other products. We emphasize the value of the bundle that comes with the firewall role. This is a major factor in convincing clients to choose Sophos XGS. The reporting capabilities and overall features are good.

I would recommend using Sophos. We push Sophos to most of our clients. Almost 99% of them use it. Only a few clients prefer FortiGate due to company policies, and some use Check Point, but we mostly recommend Sophos XGS.

Overall, I would rate it an eight out of ten. 

When compared to older versions, after the 2021 update, there have been significant improvements. Routing has become easier, and integration with third-party platforms like Azure and IPsec is seamless. Creating policies for different VLAN compliance requirements is also simpler, and the flexibility now is much better than earlier versions.