Sophos UTM Reviews

We use Sophos UTM for our organization's network security.

The most valuable feature of Sophos UTM is the endpoint protection feature.

The technical support team’s response time could be improved.

I have been using Sophos UTM since 2018.

I rate the solution ten out of ten for stability.

We use the solution daily in our organization.

I rate the solution ten out of ten for scalability.

I previously used Kaspersky. I switched to Sophos UTM because of the features that it is offering.

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution’s initial setup ten out of ten.

The solution's deployment took a week for the first time because our organization is big and has over 300 endpoint equipment. It takes a few hours to do the renewals now. We deployed Sophos UTM from the Active Directory. Three people were involved when we deployed the solution for the first time.

You cannot really say that the solution is expensive, given the protection it gives.

Sophos UTM has improved our network's threat detection and response. It has been good so far because we don't have many attacks. We use the solution's web filtering feature for our organization's security. We use the firewall to protect our endpoint equipment and protect against any infiltration in our network. We also use the solution’s VPN feature.

Around one or two people are required for the solution’s maintenance. I would recommend the solution to other users because it has helped us. The solution's installation and deployment are seamless, and its protection is secure.

Overall, I rate the solution ten out of ten.

I deploy Sophos UTM FullGuard for each of my clients. It is a complete bundle of security subscriptions that include web filtering, dual inline antivirus, etc.

The packet filtering's great. You get out what you put into it. It works great as long as you know your security and configure everything adequately. If you just pop one in and it's not configured, then it's basically wide open. It kind of depends on the admin skill, but it's an excellent product.

UTM has sand-storming, got dual inline virus scanning, filtering, DNAT, translations, etc. You can implement Google Safe Search for schools and stuff.

Email spam filtering only works if you have an on-prem Exchange server. It doesn't interface with Office 365 like the XG model. That would be one feature that they could improve. They're not going to do it because they're trying to push us all to XG.

I have almost 30 years of experience in IT, and I've been deploying Sophos UTM and its predecessor for the last 14 years. Originally, the product was called Astaro ASG, which is short for "Astaro security gateway." Sophos bought Astaro in 2010 or 2011, and it became Sophos UTM.

I've been using this stuff forever, and I've only had to replace a couple. That was due to lightning strikes, power surges, and other things that are out of our control. It's a highly stable platform with very few hardware issues. As long as you set it up right. I have my solution scripted so I receive backups and nightly config files in the email. Each night, I look at the executive report to monitor the solution. As long as the administrator takes the time to set it up correctly, I think it's a highly stable product.

The Sophos UTM and XG lines are highly scalable. It's the same OS and security across all modules. The scalability is based on the size of the hardware.  If you have a small network, then you go with an SG 115 or something. If you have a network of up to around 50 people, then you bump that up to a 210. If you have a couple of hundred people, you bump it up to a 310. To scale up, you increase the hardware for higher throughput and such.

The initial setup is pretty easy for anyone with a security background. Sophos has a wizard that holds your hand through the initial setup to get you up and running, but an administrator needs to get in and fine-tune the solution after the fact. 

The deployment time depends on the size and scope of the client. I've put a bunch of them in small networks of fewer than 10 machines. Those don't take more than a couple of hours. I've also done larger companies with 120-150 people and multiple departments. I like to lock everything down, so I know it's secure, and I create exemptions for things that don't work. It just depends on how many applications, end users, departments, etc. For a big customer, it's a one or two-day process.

I started in corporate networking for large enterprise clients, but I've been running my own business for the last 13 years. A good rule of thumb is about 200 endpoints per technician. That's doing everything, including desktop support and security, etc. For security administration,  one person who knows what they're doing can set it up and administrate it fine.

Now, I have a team of a couple of people underneath me because I have a lot of companies all over the place. It takes more than one person to keep everybody going. If I were the full-time IT guy for a company of 200 people, I could deploy it, manage it, and do it all by myself.

I run a managed service provider, and I put everybody on UTM appliances. Those licenses are all renewed annually, and I have to manage their networks. I get a great return on investment.  With the XG line, you can get into the Sophos Flex program, where I only get billed monthly for it. We charge the customer monthly for their security subscriptions, so we get a return every single month.

I keep my prices reasonable. Lots of people charge twice what they pay, and they get a lot more money in their pocket, but I just don't like gouging people.

Sophos is actually fairly expensive. When it was Astaro, it was the most expensive solution in the same tier as Cisco PX and Barracuda's line with multiple different blades to do different things. Astaro was the first solution to have unified threat management all in one blade. You don't need to get full-blown security at the top price. You can get the network security subscription or the web security subscription, etc.

On a scale of one to five, I'd probably give it about a four for affordability because it's pretty expensive. It's good stuff. I've always been a firm believer that you get what you pay for.

I rate Sophos UTM nine out of 10. I think Sophos UTM is pretty close to perfect.  I wish they weren't discontinuing the UTM line. They're forcing all of us partners to switch to XG. XG has a lot of AI integrated into it, so it's probably more secure, and there are more features. At the same time, it's a lot harder to work on, and I don't care for the UI. I like the way that the UTM is laid out.

You get out of it what you put into it. That's true of any security appliance, whether Sophos, Barracuda, WatchGuard, Juniper Systems, etc. If you want to secure your networks, this is a great device, but you have to put some time into it. You need to understand your customer's environment. I like to lock it down and create exemptions for things that they need. That way I don't have to waste my time cleaning up viruses, ransomware, and all these threats that happen all the time.

My company deals with eight clients who use Sophos UTM. My company's clients mainly use Sophos UTM for protection against threats and for other purposes like content filtering, web filtering, and VPNs.

The most valuable features of the solution are application filtering and web filtering.

Sophos UTM needs to streamline the VPN configuration. It also needs to fix the concerns related to the solution's Port Address Translation (PAT) rule.

In the future, I want Sophos UTM to provide users with sandboxing features.

The scalability of the product is an area with certain shortcomings where improvements are required. Sophos should give some flexibility to users, especially when you run low on things like memory and storage.

The support team's turnaround time is an area of concern where improvements are required.

I have been using Sophos UTM since 2018. My company has a partnership with Sophos UTM.

It is a stable solution. Stability-wise, I rate the solution an eight out of ten.

Scalability-wise, I rate the solution a five out of ten.

With Sophos UTM, I have noticed that you cannot upgrade the physical devices, meaning you cannot change the memory or the hardware. If you want an upgrade, then you have to go to select the next model or a bigger model offered by Sophos.

One of my company's clients uses the tool in an environment consisting of 20 people, while another client uses the tool in an environment consisting of 20,000 people.

Whenever my company contacts the support team of Sophos, we get really good support.

I rate the technical support a seven out of ten.

Neutral

I have experience with Fortinet FortiGate, Check Point, and Cisco ASA. My company uses different products depending on the preferences of our customers.

The product's initial setup phase was relatively easy. I rate the product's initial setup phase a six out of ten.

The solution is deployed on an on-premises model.

The solution can be deployed in three days, depending on the size of an organization. If it's a small company, you can finish the deployment process in a day, but if it's a big company with a lot of requirements, it could even take a week to do the full deployment. The product's initial deployment takes a few hours, but the customization to be carried out to suit an organization's structure takes time, and it depends on how big the company is and what customizations the customer wants in terms of modules.

Sophos UTM is a reasonably priced product.

I rate the product's price a five on a scale of one to ten, where one is cheap, and ten is expensive.

Sophos UTM is a good tool, especially for SMBs. Sophos UTM has a lot of features that enterprise-sized businesses ask for, but they don't really work very well. For SMBs, the product's features are very good. The setup phase of Sophos UTM can be carried out quickly. In Sophos UTM, it is easy to troubleshoot.

I rate the overall tool a seven out of ten.

We primarily use the solution for firewall security.

The protection on offer is pretty good.

Direct controller management has been quite useful.

It offers reasonable pricing.

The scalability is good.

It is stable. 

Technical support has been fine. 

I don't have any notes for improvements at this time.

I'd like to see some filter features added in the next release. 

There can be a delay when it comes to reaching out to technical support. 

I've been using the solution for one year. 

The solution is stable. I'd rate it nine out of ten in terms of reliability. There are no bugs or glitches, and it doesn't crash or freeze. 

We have about 1,000 users on the solution at this time. The solution is very scalable. I'd rate it nine out of ten. 

We use the solution quite extensively. 

Technical support has been fine. They are helpful and responsive. That said, sometimes, there is a delay when we try to reach out to them. 

Positive

It is very simple to set up. I'd rate the ease of implementation nine out of ten. 

I cannot recall how long the original deployment took. 

We did not use any outside assistance. We handled the setup ourselves. 

I'd rate the affordability of the solution seven out of ten. The pricing is decent. 

We're a customer and end-user.

I'm not sure which version of the solution we're using. I do not have the version number on hand. 

Overall, I would rate the solution eight out of ten. I'd recommend the solution to others. 

It's easy to use.

I didn't like it much. It suits only small businesses. It isn't scalable and reliable. There is a very critical issue with the power supply.

I've been using this solution for four years.

Its stability is very bad. It needs to be improved. The power supply issue that I faced is a very critical one.

I feel that the hardware itself needs to be improved. We have about 50 users. 

Their support is very bad. They don't respond at all.

It's easy to set up. One day is enough for its full implementation.

We implemented it in-house. We had two administrators for its implementation.

It's expensive. It has a yearly license.

I'd not recommend this solution. I'd rate it a four out of ten.

We have deployed Sophos UTM on cloud and on-premises. The cloud provider is Azure.

There are about 200 people who are using this solution in my organization.

From Cyberoam and the early builds of Sophos SG, they have developed higher integration between Sophos UTM and the computers' endpoint antiviruses. We can isolate the infected machine from the network, but an IT technician or cybersecurity professional can remove it from the machine and disinfect it. 

It has the capability of blocking HTTPS traffic, but you need the Sophos Central Intercept X subscription for that. It gives us the ability to manage our firewalls from the cloud and deploy a unified configuration onto them. Other competitors like Meraki have that ability, but they fail to optimize it in the way that Sophos has.

Last year, Sophos had some major internal management changes that negatively impacted their support. 

I would like to see better reporting and better alerting.

I would rate the stability as nine out of ten.

The scalability is the same as support and the initial setup. The scalability depends on the person who is doing the initial design. If I choose a device that will serve 10 users and my users jump to 50, then I definitely have a big problem. If I choose a firewall that has 30 GBs of throughput, and all of a sudden I jump to 50 GBs throughput, it's my problem because I didn't do the initial design properly. It's not a problem with the device.

If you do a proper design, assume growth, and buy a model or brand that can digest that growth, then it's scalable. Sophos can handle more requests and requirements than what is in the data sheet.

I would rate the scalability as nine out of ten.

I would rate technical support as three out of five.

The level of support might be acceptable for a smaller company. My organization works in mining and drilling, and we operate in 18 countries and five continents. We needed a better response time, especially in regards to cyber security.

I've used multiple other solutions. At one point in time, we were going to replace all of our Sophos units with Meraki, but I canned that completely because they're incomparable. I also compared the Sophos firewall with other virtual firewalls, but that's a bit unfair because that's an on-premises device and the others are virtual. I've used Microsoft Azure Firewall and Sophos Azure Firewall, but I canceled Microsoft Azure Firewall.

We compared Sophos with Cisco Meraki, and we chose Sophos. On the virtual side as a UTM, I compared Sophos XG for Azure with the Microsoft firewall for Azure. Sophos won on the cost side, which I consider to be a minor cost. 

In terms of benefits, features, and ease of configuration, Sophos won.

Compared to other solutions, initial setup is very simple, but it depends on the configuration design that you want. That's where the complexity is.

First, you get the firewall or the router, connect it to the LAN pool, do the initial setup, and then setup the LAN, WAN, and the basic tools. It's the same for FortiGate, IBM ISS, Cisco, Meraki, IronPort, and Websense. Across all those products, the setup is very easy. If there's any problem with initial setup, It has more to do with the lack of experience from the technician setting it up than the complexity of the hardware. 

The only interaction we do with Sophos units is when we are adding new users, removing users, and for other administration tasks. There are two people involved with maintenance, upgrading the firewalls, and testing new scenarios.

My whole team does administration. Comparing Cyberoam to Sophos, the overhead of troubleshooting performance issues is at a minimum. The only time I need to replace a firewall is when it gets burnt out because of a power problem, which is usually something major and doesn't have to do with the product itself.

I would rate the pricing as 2.5 out of 5.

The problem with the Sophos is not the cost of the hardware but the cost of the modules, packages, and the subscription.

I would rate this solution as eight out of ten.

There are multiple use cases, and a few examples would be its use in the education, banking, or financial sectors. There are so many other locations and sectors where they deploy this solution.

One of the features of Sophos UTM that I find valuable is its user authentication functionality.

In Sophos UTM, there is room for improvement in certain areas. For instance, I believe that its feature known as Synchronized Security could be enhanced. The solution's technical support for India needs to be improved.

I will need to think about the additional features the solution needs to include in its next release.

I have been using Sophos UTM for almost ten years now. It is a good solution. My company is a partner and an integrator of Sophos UTM.

Stability-wise, I rate this solution a ten out of ten.

Scalability-wise, I rate this solution a ten out of ten. If I talk about the solution's suitability, then it is suitable for enterprises.

Dealing with technical support can be time-consuming when communicating over the phone. I am unable to provide a rating for the technical support team. My suggestion to others would be that they provide the country location of the toll-free number in the solution. Although a toll-free number has been provided for India, the people in India are good. Compared to the UK, there may be issues with understanding and timing, which could lead to many problems.

We use Sophos Access Point, Sophos Firewall, Sophos Switches, Sophos MDR, and Sophos XDR. We have been using Sophos MDR for three years.

Whether the initial setup is straightforward or complex depends on the number of users or people to whom the solution is given.

Compared to the current market offerings, like FortiGate or SonicWall, Sophos offers its solution at a good price.

I compared Sophos UTM with Fortinet and found that Fortinet's EPP, ATP, and hardware are good. Sophos UTM has also improved its hardware by updating its dual-core processors with a second processor that uses advanced technology, whereas previously, the hardware was handled by a single processor. However, we are still facing some problems with Multicast User Authentication.

I recommend Sophos UTM, Sophos Access Points, Sophos Endpoint, and Sophos Switches to other users. Overall, I rate this solution a ten out of ten.

Our company is a partner and reseller of the solution. We lease, sell, and license boxes for our clients. Use cases are rather unique and not uniform. 

We provide support for a few SMBs around the country. 

Some customers are heavy users, with involved configurations, and the setup may include high availability configured with two boxes. 

Others use it as just a gateway between their infrastructure and the internet with very simple configurations that don't include web filtering. 

Active directory integration domain is used for some, but not all customers. Common items include DNATs and SSL VPN. Most customers use VPNs, and site-to-site connections (REDs or IPsec).

We also use virtualized UTMs for LABs.

The firewall itself is very strong and provides great security for the internet. Some clients don't use any other special feature but all customers depend on the firewall as a secure gateway.

A lot of thinking went into the user experience because the UTM interface is streamlined, good, and feels like a web application. It does have hiccups here and there but effectively treats everything as an object. You can quickly see where objects are being used or referred to and change them. 

The UTMs are end-of-life so the web interface is not top-notch and needs more speed. There is still support for the UTMs so they are the best we have right now. 

The solution needs better captive portals and they could have faster UIs. 

An improvement to the transparent proxy would help. A user should be able to open a webpage and be redirected to the captive portal like with WIFI or XGs. From there, the user should be able to log in with a username and password to gain internet access. Many clients migrate to XG due to this missing feature. 

I have been actively using the solution for a some time.

The stability is pretty good and better than XG. We don't have any issues directly related to the solution.

Stability is rated a ten out of ten. 

The solution scales pretty well. Even with a heavy load, the solution shows no issues. 

Scalability is rated an eight out of ten. 

Technical support is not stellar. We have some good experiences and some not so good experiences. We do not have a lot of support requests for the solution.

Support is rated a seven out of ten. 

Neutral

The setup is straightforward.

We implement the solution for customers. We have a specialist, an architect, and four analysts who handle implementations and maintenance. 

I recommend you complete the solution's training because it is pretty good. Rely on the documentation and any tech training available.

I rate the solution a nine out of ten.