Sophos UTM Reviews

Firewall and Web Protection

Advanced Threat Protection is a good "dashboard" feature to see if there is any network issues

Its a key point of keeping your network secure which once setup requires minimal ongoing monitoring. Also this unit can act as the whole security suite so everything in your network is protected.

Its identification of users without the need of setting up Proxies or Identity software could be better, that is probably the trickiest section to setup.

2 years

No issues other than ensuring what has been configured matches the requirement of the company/client.

The only stability issue we have encountered was an update caused the unit to over process things. Everything kept running but it did slow down Internet access because of this.

I have only done basic High Availability setup which is very good but not Scalable solutions. However, as long as you follow the sizing guides and get the right UTM for the company there has been no issues.

Excellent

Not outstanding but I have noticed significant improvements over the last 12 months

We used to use SonicWall. I still think its a good product though its web filtering and SMTP filtering were no where near as good as Sophos UTM. The reason we switched was the partner relationship between Dell and the IT Solutions company soured.

You can setup the unit in simple mode and get 90% of what you want done. That is very straightforward

You can also setup each component manually. This requires understanding of the unit but even that is not difficult.

Probably the only difficult part of the Sophos UTM is the WebControl as this can be setup many ways. Ensuring you have mapped out a solution that is adaptable to the company is probably the most complex part.

As we are a supplier, we bounce off ideas with their sales engineers. They are excellent.

Unsure as I don't deal in the money side of things but I think the clients get excellent returns as their security is totally covered if they include EndPoint protection.

Most companies I have dealt with handing them a unit find they don't have to do much ongoing work on the unit. Once its working, its working and adjustments to rules and policies are easy.

No, we had a good relationship with Sophos and after comparing it to our previous solution (SonicWall) we were convinced it was a good product.

If you are a IT Consultant shop, become a partner and do the training.

If you are the IT of a company, you can either get a IT Service company to set the unit up for you or if you are confident with firewalls you can purchase premium support to get assistance for troubleshooting purposes.

The web application firewall and web filtering. We are using the UTM to be the gateway for the private cloud solutions we offer.

Easy management of the firewall, with one URL to control the firewall/web filters for our entire cloud.

HA needs to be improved for the software appliance because if Sophos is deployed in ESXI/Hyper-V then the HA is unstable. Also, the web application firewall only allows the use of ports 80 and 443, and if we could use others ports than that would be a welcome addition.

For two years now in our datacenter, and also several deployments at some of our customers.

Setting up the link aggregation group (NIC teaming) gave us some problems with the ethernet VLAN option for WAN, but after a firmware update, the issue was resolved.

If you enable the intrusion prevention option in the firewall any Wordpress deployments on a Plesk server behind the firewall slows down to a crawl, and there is no fix yet. The current workaround is disabling the intrusion prevention option at the moment.

No issues yet.

7/10. Getting a new license for the SG220 sometimes takes a long time, but they will give you a 30 day demo license to compensate for it.

9/10. Any question or issue is solved within minutes after calling technical support.

SonicWALL was our previous product, and we switched to Sophos because of its ease of use.

When you start the initial setup you`re helped with wizards, but if you use the software appliance and make a mistake by selection wrong interfaces in the wizard it can result in the firewall becoming unreachable.nThe hardware appliance is (almost) plug & play.

We implemented it in-house.

It's around six to nine months.

We looked at several open-source firewall options whose names I will not mention, and the reason we did not use them was because of the ease of use, and what our support desk could do.

If you want an easy to manage, and powerful firewall then take look at Sophos UTM.

Proven UTM technology, excellent security and threat management are valuable features. The fact that I can provide scalable solutions for a SoHo environment on a small appliance, run on my own PC/server or even a virtualized environment allows me to accommodate almost any business, regardless of size. The software works in the same way across all the models. I have managed all my clients via the Sophos UTM Manager, a centralized console. I am a MSP, so having a centralized system to managed and maintain all of my client UTM firewalls is just gravy.

Customers appreciate the extensive built in reporting, rock solid IPS and security features. Coupled with a centralized Wireless and Remote Ethernet Device (RED) Device extends my service offerings. Lastly, the Total Protect bundle offers an affordable, comprehensive solution for the SMB market.

Using the SUM (Sophos UTM Manager) Central Console, each client UTM is configured to report to my RMM and CRM system for monitoring, SLA, ticketing, and support. We can administer a majority of our management such as firmware updates from our Sophos UTM manager. With many other products, this needs to be done and case by case basis.

We also schedule weekly automatic backups of the clients UTM configuration. These backups are emailed to our support portal and preserved. We keep spare/loaner equipment in stock so if a client’s UTM has a catastrophic failure, we prep a spare unit, apply their most recent configuration, and within 5 minutes have a functioning loaner unit we can deliver while their warranty replacement is processed. A simple drive to the client’s location and a swap out is done which gets them back in business on the same day. You can also get a 30 day full trial license for appliance or software. My sales staff can place a 30 day trial of fully functional unit as part of a proof of concept.

The unit offers great failover and load balancing features that can be complex to understand, some streamlining of the process would help. More predefined port rules would help the novice user/technician as well.

I have been a Sophos/Astaro Partner for over 10 years. I started with Astaro v6 and have continued with them following their acquisition by Sophos a few years ago. The product keep getting better and better. I have over 200 units I have installed and managed. I am currently selling the SG Series with UTM v9.309. The SG series have models that fit small business up to large enterprise environments.

Alongside the hardware versions, we also use a virtualized version running UTM 9.

The only issues I have, have been due to human error.

The solution is very stable if you size the unit to the environment. An SG125 is great for a 25 person office with web, email filtering, application control, etc. but it would not work well in a 100 person office. You need to know the proper sizing prior to deployment.

As stated, unit needs to be scaled to the environment. So if I don’t do my job of understanding the client's environment, it is possible to undersize the unit just like every other product. For clients who are planning major growth, we tend to sell either a virtualized UTM or software base unit. Then it is simply a matter of adding license capacity, RAM, CPU, etc. when needed.

They have a great account team and customer service is solid. 85% of the time the issues are resolved on the same day, and 97% by the next business day.

They have excellent technical support. I can submit a ticket request via their portal, with a call, etc. I can get someone 24/7 and usually within an hour. They also have a great escalation procedure.

I have used many, such as SonicWALL, Cisco, Juniper, WatchGuard, and FortiGate. Sophos is consistent and deep in their solutions and I like a consistent platform and support.

Simple small offices are a breeze. We have some template configurations, which only require us to stage and activate a license(s), install a basic template and modify the interfaces to meet client specifics and then add the unique definitions. More complex setups start with a basic template which even my technicians can load, and then require an engineer or security specialist to finish off.

We are a managed service provider (MSP) so we do it in-house for clients. We provide our customers with basic training and complete documentation package.

As with most hardware, margins could always be better. I can get competitive pricing on larger deals. Our biggest ROI is the monthly management fee, which is very reasonable for our clients. Since we do all of our management (updates, reports, etc.) from the SUM we spend very little time on this and a technician can do it. It has a very good economy scaling and the annual subscription renewals are pretty standard with not much of a margin. This solution fits the MSP model very well due to it being a centralized control/management solution.

A SoHo setup takes about an hour, which is US$125 and the monthly management/maintenance is US$30, but it all adds up.

We have evaluated many

• WatchGuard
• SonicWALL
• Cisco
• FortiGate
• Smoothwall, etc.

The product has a shallow and a deep end. Getting a small business/SoHo running up quickly and reliably is straight forward, but the deep end takes some technical skills, just like any solution. What I really like is that my Tier One guys can get a quick status update, have a look very quickly, and then resolve most basic issues. Tiers two and three are not as involved unless there is a major issue or complexity. Also, when buying the product, get the audit/chance tracking built in too!

Valuable Features include Sophos Remote Access VPN, Country Based Firewall, Web Application Firewall, Ease of access (via browser) and Reporting.

Sophos UTM helps us to control incoming and outgoing network traffic. It also helps employees connect to the AWS VPC environment from remote locations. Web application firewall protects applications from different hacking attempts like SQL Injection, Cross site scripting, Cookie signing, URL hardening etc. On top of that, it also helps the organization adhere to compliance rules and provides an audit trail of the environment.

Sophos UTM is not a highly available and scalable product. Till now, it is a single point of failure.

2.5 years.

No issues encountered. We had a very smooth deployment.

No issues with stability.

Yes. Sophos UTM on AWS is not an scalable product. Sophos is actively working on scalability part from using a UTM manager which can control configuration deployment on multiple UTM's

Customer service level is top notch.

Very Good. All our queries were properly answered on time.

Yes. Earlier, we had used Checkpoint. But the deployment procedure and user interface for Checkpoint was very complicated. The amount of time to invest in checkpoint is nearly 2x than Sophos. Checkpoint requires tool to be installed on your system while Sophos is a browser based tool.

It was a very straightforward setup. As it is a browser based tool, it helps administrator to access it from different location and system. We don't have to download desktop clients on our local system. Also, we can access this product from different operating systems (linux, windows and Mac).

We deployed it in-house.

ROI for the product is very high. The cost of the product is based on the number of users and the licensing is not too expensive.

On AWS, instances/servers are charged on hourly basis. The yearly licensing cost for 10 years is nearly around $200-300.

While we were looking for deployment of UTM product on AWS in year 2011, there were only 2 stable products available in market i.e., Sophos and Checkpoint. We choose to go ahead with Sophos.

Easy to use, Easy to access, good for compliance. It is a very good product as compared to others available on AWS.

Regarding the use cases, the solution was deployed for a production client, which was a hardware production company.

The features that I have found most valuable in Sophos UTM are its scalability and feasibility, as well as the quality of its customer service, followed by the ease of maintenance and configuration of the product itself.

Palo Alto has a different market because of their dashboard, overall looks, and other features. They are costly, but their services are quite good. And they offer a different platform compared to their competitors. Their device operates differently from others. While Palo Alto and Sophos have similar features, they operate on different platforms, providing a superior user experience compared to existing devices. In short, the UI and UX are the areas of improvement in Sophos UTM and similar solutions compared to Palo Alto.

I have experience with Sophos UTM for nearly two years. Recently, I deployed two Sophos solutions, one with HA and one on a primary device. The deployment process for one of the companies was done last month.

It is a stable product.

It is a scalable product. So it is easy to scale it up.

The solution's customer service is good. I rate the solution's technical support a nine out of ten.

Positive

The initial setup is quite easy because they have all the information on their website. Customer service is available anytime, especially when you set to start the device's configuration.

Since I was just a part of the initial configuration after deployment, I don't know the steps in the deployment process.

Both the technical and cost aspects are feasible since it is possible to obtain and use the device as a PnP solution. Considering cost and technical aspects, I rate the solution a ten out of ten.

Even if I compare Sophos UTM with other solutions, I don't think any pros or cons stick out since our clients are okay with the solution, and there has been no complaint regarding Sophos UTM.

My advice to others planning to use the solution is that it is quite easy. You can simply refer to the solution's blog or YouTube videos and install the solution. It's also quite easy to configure it. So, if you purchase it by yourself, you can configure it and use it on your particular network.

I love working with Palo Alto. So, I would like to give it a ten out of ten. Also, Palo Alto has a different market. So, I would always give a nine out of ten for other solutions. Overall, I rate the solution a nine out of ten.

We use this product for network security and implement using a Sophos SD-RED device. 

The solution is easy to handle and configure. 

The product also offers remote deployment capability with a Sophos SD-RED device. 

The reporting could be a lot better and technical support could be improved.

We have been using this solution for two years.

The solution is stable. 

The solution is relatively scalable, we have over 500 users in our company and use three people for maintenance. 

In our experience it has been hard to get to customer support, even premium support doesn't offer much availability.  

The initial setup is quite simple. 

The price is comparable to other products of this kind. 

We considered implementing a SonicWall product, but went with Sophos UTM because it is easier to handle and configure.  

I would rate this solution a nine out of ten. 

We are satisfied with Sophos UTM and will continue implementing it for the foreseeable future. 

It is a very good product. The threat monitoring process is the most valuable feature. 

Sophos is good for endpoint security but Trend Micro is better than Sophos. APEX is better than Sophos because it has a friendly, usable dashboard, and the implementation is very easy.

Sophos should be more user-friendly, have more dashboards, and an easier implementation.

It is the cheapest product available. It's good if you have a low budget. 

I would rate Sophos UTM a ten out of ten. 

I am an implementor and I provide support for customers' use cases. The solution is used as a load balancer, and for VPN access.

The most valuable feature of Sophos UTM is the simple-to-use interface.

Sophos UTM could improve if there was no limitation on users.

I have been using Sophos UTM for approximately six months.

I rate the stability of Sophos UTM a ten out of ten.

I rate the scalability of Sophos UTM a ten out of ten.

The support from Sophos UTM is good.

I rate the support of Sophos UTM an eight out of ten.

Positive

The implementation of Sophos UTM is simple. The documentation of the solution is satisfactory.

I rate the initial setup of Sophos UTM an eight out of ten.

We use two engineers for the deployment of Sophos UTM.

The price of the solution is high. The price from USD to my currency is expensive.

I rate the price of Sophos UTM a five out of ten.

This is a good solution and they should try it.

I rate Sophos UTM a ten out of ten.