Sophos Firewall Reviews

I use Sophos XG as a content filtering, web filtering, and application filtering utility, as well as to integrate with the endpoint antivirus software. 

I have Sophos Endpoint Antivirus installed on the user machines as well, i.e. the Central Cloud Management version. That's our main use. 

Sophos XG has cybersecurity. It integrates with the antivirus software.

I have a serious problem because our offices are scattered around the world in very remote areas. We cannot deploy proper branch office guides, active directory sites, and software services. 

It is impossible to apply any sort of group policy on the user machines, which makes it very hard to control issues like USB ports, access to cameras, or access to any preferences on the user machines. 

With the integration between Sophos UTM and the installed endpoint antivirus, you can now manage all those features from your cloud subscription. You can allow and block whatever you want from the cloud. 

You can allow whatever USB ports you want for specific devices with specific IDs, serial numbers or modems. The machine gets updated online or updated from the antivirus settings, i.e. the UTM unit itself.

The UTM unit itself has a cache update on it. Once the clients behind the UTM get updated, they get access or they get denied access to the hardware resources they are applying for. This is a major benefit for us.

The application filters available with Sophos XG are brilliant. The sandboxing and the way the firewall or the UTM integrates with the installed endpoint antivirus clients on the user machines is brilliant. You get the chance to isolate network threats before they become active or become distributed on your network. 

With the cloud version of Sophos XG, you get the proper visibility of your network and the user machines. With the cloud versions of the antivirus, i.e. the cloud central management of the antivirus, you get high visibility.

With the application between the installed Sophos UTM, you get a high level of visibility of what's happening on your network or on your client machines. You get protected against threats. You get proper visibility. That solves a major issue.

There was a big issue with the Cyberoam and with the SG units as well, i.e. the previous Sophos UTM model. With Sophos XG, you get the chance to block what sites operate on SSL or that operate with HTTPS, without the need of extracting and distributing a certificate. 

On older Cyberoam and Sophos SG old versions, if you wanted to block something like YouTube or Facebook or any other websites that operate with HTTPS, you had to extract the certificate. Then you had to export that certificate. Then you had to re-import that certificate in all the user browsers. 

The only problem was if you needed to use an active directory where those certificates would be automatically thrown into the user browsers once they logged in to the domain. 

For a scenario like mine where you don't have a group policy, it is a disaster and ends up with you setting the rules to block certain websites with HTTPS on the firewall, even while they are not being blocked so that the user will still have access to them. This problem is now 100% sorted out with Sophos XG.

Now you can actually block whatever you want, whether it's using HTTPS or HTTP keys from the firewall without the need for extracting certificates. That's a major improvement. That problem with the HTTPS settings was a huge issue. 

I know other people must be enjoying that it's sorted out now. It was a serious and major issue for Sophos. The only issue that Sophos XG now needs to improve is the product's reporting capabilities.

Sophos XG is stable enough for our requirements.

We have about 450 Sophos XG users currently using this edition and 300 for the antivirus platform installed on the machines, plus in-service, around 310. We also have around 15 additional units deployed around the world.

I'll give Sophos XG technical support an eight out of ten for their service.

I used Cyberoam previously, although I always used it as a UTM only. What made me move to Sophos is that they were acquired, i.e. they acquired Cyberoam to start with the development. At that time the software had many features that were not available with FortiGate, in terms of content filtering, and it was an appliance when Websense was the software to be installed on a server. 

There was a problem with our operating system with some of the updates, i.e. with the operating system or the hardware. I moved from Websense to Cyberoam because it wasn't applying properly.

The initial setup is definitely something different than the old Cyberoam and it's a bit complex. If you've been dealing with UTMs and you understand the concept, it is still complex but then I find it enjoyable.

Sophos XG is not hard to configure. Too much detail is always good. 

I required three or four hours for the initial setup. One day for the testing, fine-tuning, optimizing, and categorizing. Three days for the first unit with the initial setup and the customization including testing. Finally, three days for testing all the rules, the QA, and then putting everything live. 

I used to work for an integrator myself years ago, as well as my team. We are all trained. We are all professional in what we are doing. No external help was used.

Our ROI is 100%. I've got the ransomware attacks being blocked. I've got the users' consumed bandwidth by using proxy bypasses and all sorts of applications being blocked now. 

It's saving on the companies and the employees working hours and time. It's saving on minimizing virus infections and applications that the users like to use on their machines in order to bypass blocking USB ports or cameras. 

It is saving the company money by saving bandwidth and saving employees time by not allowing them to access time-wasting websites.

We have the annual license for Sophos XG. It all depends on what you would like to have in the package that you are purchasing.

I evaluated FortiGate but wasn't happy with it. I evaluated another group called WatchGuard. WatchGuard has good features in it, but it's for a smaller business scale than the Sophos clients.

I evaluated Cisco ASA or PIX but now, I use Sophos XG as the firewall. I have confidence in their unit. Before Cyberoam and Sophos, I used FortiGate and Websense for our UTM requirements.

I recommend that everyone should have a proper understanding of new network requirements and then enjoy it. Sophos XG is definitely a good product.

On a scale of 1 to 10, I would give Sophos XG an eight.

Our primary use case for this solution is to act as the main broadband device in our data center. The XG 210 model is being used for a hospitality solution.

The main improvement for us is with our email. The email options and email security features are good. 

We have found that the simplicity of the XG 210 is its most valuable feature. There are a lot of options available for the default firewall rules, such as email and web, that are used to secure the network.

I like all of the options, but the most important thing is that it is easy to understand how to configure everything, compared to other firewalls.

We are having a lot of issues with conflicts and user sessions, and Sophos has suggested that we change the device to the XG 400.

Aside from these issues with scalability, the email security features are good, but there are not many options. We would like to know why an email is being blocked, and how we can allow delivery. It does not keep emails in the queue for delivery. It can only log whether it is delivered or not delivered. If I need more details then I have to log in using SSH to get that information.

When an email comes in from the outside it is detected. When we check the log it only tells us that it is not delivered. We would like to create an exception, but there are not many options available for this. For example, a domain space is not allowed. Only the user name can be used to do that. We need a domain-based exception for email.

Next, the XG 210 is easy to configure, but when we are looking for more details then we can only get this information through SSH. It is quite difficult. If we can get all of those details then it would help us to understand, so this needs to be improved.

There are a lot of options and it gets confusing sometimes. If they can give limited options, with more information, then it would be good for the large sites.

The product is stable, but by stable, I mean that we still have issues. The issues are more technical, which is why they suggest that we change the device to fix the problems.

Our main data center has more than seventy servers that host a web server and internal applications. This is where we use the XG 400.

We have installed the XG 210 model at a smaller data center. We have between three and four hundred users at the most. However, because we have more than three hundred sessions, the vendor has suggested that we change to the XG 400. We do not yet know if this will fix our problem.

At our remote sites, we use the XG 135 model, and we do not have many issues.

I am not sure why Sophos suggested using the XG 210 model after doing a site check, but we are facing issues and they suggested that we replace the model.

When I call, I have to wait for at least one to two hours to reach them. Sometimes they will pick up the call immediately, but most of the time they will not. I usually have to wait one hour before they pick up the phone.

When a ticket is created we have to wait three days before getting a reply from them. When they create a ticket for a critical issue, the response is delayed. This is a new device, and we expect support from Sophos. At least the partner should support the product, but the partners are always looking for money. Even if they deploy the device, for example, the XG 450, then they only offer support for one day. After that, there is no support.

We have been using the Sophos XG 135 model at our remote sites and it works.

This year we deployed the XG 210 model at our data center, but prior to this we used Barracuda. We switched because Barracuda is too expensive. The options are very limited because you have to pay for each additional option. Each one represents a different service, like ADP (Active DDoS Prevention) or firewall. In contrast, Sophos is only a single payment, so we switched even though we lost some options that we liked.

The initial setup is very easy.

Our deployment took only two to three days. The problem is that we had a lot of issues, especially with the email. The SMTP did not work, so I could not continue with the deployment. It took between fifteen and twenty days to resolve this. I do not know what they did to fix it, but we were delayed between twenty-five days and a month.

We had contacted the Sophos partner for help, but they were not able to fix our issue. After the problem was resolved I re-initiated the deployment. Only one staff member is required to maintain the solution.

Even when you purchase the product from Sophos, they ask for a separate contract for support which is on an hourly basis.

For licensing the XG 210, we paid approximately $3000 for three years. There are no additional fees on top of this.

Other than the Barracuda and the Sophos models, I did not evaluate other solutions.

Because of the problems that we are having, I cannot recommend this solution to anyone at this time.

I would rate this solution five out of ten.

We use Sophos XGS primarily for VPN and security with clients and supplies.

Sophos XGS has some rules and intelligence to scan all vulnerabilities in our network.

The most effective feature in enhancing our network security is the threat intelligence capability.

The technical support could be improved as it is currently not competent and pretty slow.

I have been working with Sophos XGS for three years.

The technical support is rated three out of ten, indicating it needs significant improvement.

Negative

The pricing of Sophos XGS is okay. It is approximately two thousand and a half per year.

I would rate it an eight out of ten.

We use the solution to control the network and for web browsing. It provides threat protection.

It increases productivity in our company. Everything is protected.

Deployment could be easier.

I have been using Sophos XGS for three years.

I have the company we bought from Cisco, which provides technical support. If anything goes wrong, we call them for any help and support.

Positive

With Cisco, You have to buy everything separately and request many options. It's preferable to get a full bundle like Sophos offers. Sophos includes everything in one package, and any additional features are less expensive than Cisco.

It is 20% more expensive than Sophos.

The initial setup is difficult. You need to take a course to learn how to deploy Sophos. With training and hands-on experience, it’s manageable now, but setting up Sophos for the first time was time-consuming. Deploying the security and configuring the network took a lot of effort initially, but the process becomes much easier once that's done.

Overall, I rate the solution an eight out of ten.

Users have distributed networks. They use it as an SD-WAN to connect the branch’s site or multiple locations. We are using RED channels or devices for branch-to-branch connectivity.

You don't need an additional subscription for IPS or an antivirus. It has an engine of antivirus applications for IPS. You have an email gateway for people who are still using on-prem exchange. Comparatively, other firewalls might need multiple subscriptions separately for each feature.

Sophos might discontinue the UTM features, as they've been promoting the newer XGS Series appliances. While the XGS offers great features like detailed logging and audit reports, it currently lacks essential functions in the UTM. For example, the XGS doesn't provide basic audit tracking for configuration changes, which is crucial for understanding who made modifications, what was changed, and when. Sophos claims they'll add this functionality later. Its absence significantly hinders the usability of the new firewall.

Additionally, while XGS offers decent day-to-day management, there's room for improvement. Many users transitioning from UTM find the XGS interface less intuitive, causing a learning curve.

I have been using Sophos XGS as a reseller for a long time. We are working with the latest version of the solution.

The newer version is stable. Earlier versions, like V8, were quite unstable.

I rate the solution’s stability an eight-point five out of ten.

The solution’s scalability is good. We cater the solution to small, medium, and enterprises.

I rate the solution’s scalability an eight out of ten.

Support is mostly good, but sometimes it takes too long to escalate the solution.

Neutral

The initial setup is very easy. It depends based on the scale of the deployment. There are different use cases according to the customers. Based on the requirements, the deployment can take between one day to a month. We have a small customer with a few hundred users. We can configure that within two to three days and finish the deployment quickly. It requires meticulous planning, and doing it then takes time based on the size of the customer , especially if it's a big customer. A small deployment is very easy. Larger deployments take time based on the customer requirements and different timescopes of the customer and downtime.

Sophos is comparatively cheaper than other products. The total cost of ownership is better in Sophos.

I rate the product’s pricing a five out of ten, where one is cheap and ten is expensive.

Overall, I rate the solution an eight-point five out of ten.

We used it to create rules to monitor our network environment properly, using the standard.

It's great because we can create and manage firewall rules, add policies to those rules, and generate detailed reports. It has helped us protect our network and meet compliance requirements.

The policies are the greatest feature. They allow us to configure granular control over our network traffic.

The speed of report generation could be improved.

I have been using it for one year. I used version 16.5, and I also used version 17 of the product.

I would rate the stability a ten out of ten. 

I would rate it highly for scalability. I would rate the scalability a ten out of ten.

I had a little bit of experience with another firewall solution, but not much.  

It is easy to deploy and manage.

The pricing is okay. 

I would recommend go ahead and use it. It's a great product. I have this product in my house as well. 

Overall, I would rate the solution a ten out of ten. 

We use the solution to secure networks and traffic for our customers.

The solution is easy to use and provides regular updates. Along with this, it is network friendly as well. Thus, we can easily control and monitor the devices.

The solution's pricing and stability could be better.

We have been using the solution for three years.

It is a stable solution. I rate its stability a seven or eight. Sometimes, we encounter stability issues.

It is a scalable solution. I rate its scalability an eight or nine. Our clients for the solution are enterprise businesses.

The solution's technical support is good.

Positive

The solution is easy to install. It takes a day or two to complete depending on the use cases. We require one technician for its deployment. Also, its maintenance process involves adding connections, managing them, and checking the errors.

We have the solution's annual license. Its price is moderate, but it could be cheaper. Also, there are additional costs involved as it requires appointing IT experts.

I recommend the solution to others and rate it as seven out of ten.

The primary use case is for recommending it to my customers who are using it right now.

The feature that I find most valuable is the synchronized security option where the endpoint talks to the firewall.

Level one technical support is not good at all and needs to be improved.

I have been using Sophos XGS for the past six years or more. 

The stability is very good for Sophos XGS.

Sophos XGS is scalable. I am currently working with anywhere between five to forty users.

I was working with Fortinet before switching to Sophos XGS.

The initial setup is straightforward. The basics are easy, but it is all the extra features that take a long time to deploy.

The pricing for Sophos XGS is reasonable.

I would rate Sophos XGS an eight out of ten.