Sophos UTM Reviews

During the pandemic, telework grew, however, so did attacks. There was a higher degree of ransomware and so on. With Sophos, we have not had any incidents this year. The security provided has been good. It has proven to be okay for our needs.

The initial setup is very simple.

The solution is stable.

the scalability is good.

The solution needs to do better at covering mobile devices, although they may have an integrated solution for that purpose. 

I don't really know how it behaves when it comes to web server protection. We have no web servers of our own. I don't know how it behaves if we open our servers to the outside. My sense is that the degree of protection must be higher.

We haven't used the solution for very long. We've been using it for less than a year at this point. 

The stability has been good. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

The scalability on offer is quite good. If a company needs to expand, it can do so. 

We are not a big company. We have about 70 or so people. 

Technical support is okay. It is provided by a local company, not Sophos directly.

Previously we did not have any integrated solutions. We had an antivirus of one kind, and a firewall of another. It was a good step for us to integrate all these features into one solution.

The initial setup was simple and straightforward. The deployment was fast. It only took about a week or so, maybe less. 

The pricing is reasonable. Of course, the customer would always like it to be lower, however, the quality to price ratio is positive.

I'm also aware of Fortinet options, however, they are more expensive if you look at Fortinet vs Sophos. 

We are customers and end-users. We came into the pandemic situation needing a VPN and the one offered by the Sophos behaves quite well. From the point of view of our users, it has been a positive experience.

I don't quite know by heart the version of the solution, however, it's quite recent. It's not the newest one. I saw that the brand new one which came out this year and we don't have that.

I'd rate the solution at an eight out of ten.

We primarily used the solution to replace Cyberoam. For a client recently, we replaced their old SD device with the latest version, XG 210.

At the moment we have deployed the web filtering application as they have their own web servers and their email protection. The web filtering is great. At the moment, we haven't heard any negative feedback from the client.

There is plenty of documentation that can help you check scenarios or different situations that might you have.

The stability is great.

The cost of the solution is very reasonable.

I can't recall dealing with any missing features.

Lately, I've dealt more with Fortinet, and haven't focused too much on Sophos.

The initial setup may be difficult for those not familiar with the product.

If I recall correctly, I've been dealing with the solution for about five or so years. It's been a while at this point. 

The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

We are actually in the process of discussing scaling with a client. We're working on the business planning aspect right now. We're looking at opportunities on how to protect their network, besides just the webserver and the email servers.

I haven't made any request for technical support previously. That is due to the fact that even the local authorized distributor here in the Philippines is very helpful in deploying and configuring the product. Therefore, we have no need to contact Sophos directly.

There's also lots of documentation to reference. 

Recently, I've used a lot of Fortinet products. 

Although I hadn't done a setup in a while, I quickly recalled the steps taken. If you've handled a setup before, you're likely to find the implementation process rather straightforward. I found I was able to adapt quickly and figure out the necessary configurations.

In terms of licensing, here in the Philippines, we just pay on a yearly basis. The renewal is up for this year in Q3. We are talking now with the distributor where we purchased the hardware for a possible renewal with the client.

Overall, they provide very reasonable pricing.

My company is a reseller of Sophos.

I haven't deployed one of their latest solutions yet. We just had a recent project for a basic firewall, and they were actually 210. That's the last project I had with Sophos.

We are in the process of taking up certification exams for Sophos.

I definitely recommend Sophos. It's one of our top products in the company.

I'd rate the solution at a nine out of ten.

I use this solution for my severs.

At some point in time, it seemed to be ravaging organizations around us and we couldn't definitely outrightly isolate ourselves from it. While we were attacked, I want to believe that it was solely because there was that in addition to the fact that there are triggers. 

We also know very well that Sophos is proactive in monitoring and protecting against malware and brute-force attacks.

It's one of the things that it is quite good for.

The most valuable feature is ransomware protection. It is known for ransomware protection.

In terms of additional features, I'm still getting to understand more about how it works.

I'm still exploring the features and I haven't used them in totality. 

I think that additional metrics features are needed to be able to monitor other areas or to monitor as much as you can, at a fine-grain resolution. This would be good. Somewhat similar to what Darktrace can do. 

Proactively understand and using AI intelligence to monitor and see activities that are away from the norm and then proactively see how they can either isolate the quarantine system and inject it back into the system upon validation.

They could explore most of the products in Symantec's and Fresh Services and run from the same file to see what additional feature one is offering.

I would also like it if they could work on the price because it is expensive.

I have been using Sophos UTM for approximately three years.

I understand that it's had a couple of releases too frequently but I want to believe that it's relatively stable. 

I still believe that in terms of stability, Symantec is better, so this can be improved.

Sophos UTM is quite scalable.

I haven't had any reason to contact support directly because I have MacBytes, which happens to be a local vendor that we have been using. It's been pretty good. 

They are very good at supporting us technically when the need arises.  

I am currently using Symantec for my own workstations and I use Sophos for my server Endpoint protection.

The initial setup is relatively straightforward.

The prices can be better, they could make it a lot cheaper.

You are on the right track with Sophos UTM, but you should keep up with the trends as they become available.

I would rate Sophos UTM a nine out of ten.

The solution's user interface is very user-friendly. It's very easy to navigate.

They have an all-in-one product for small businesses. Basically, I do not want to manage the firewall for four products. I'll take it all in one. It makes everything easier to manage. 

It's really good and it's been working really well over the last few years. 

The initial setup has been very simple and straightforward. 

The stability, overall, is excellent. I haven't had a problem in the last two years.

It is a fine product, however, I need more endpoint protection.

They should release a license for more than 50 IPs. As of now I have had some discussion about with management, and we need to do some planning and around that to see if we can change things.

The pricing is too high. There are other options that are less expensive, such as Bitdefender. In fact, Bitdefender is very good, aside from lacking a firewall such as this. Beyond that, it's a very good product with central management on-premises. 

It would be nice if it had basic features, such as DLP (Data Loss Prevention).

I've only been using the solution for about two years or so at this point.

The stability has been excellent. It doesn't crash or freeze. There are no bugs or glitches. It's very good and very reliable. 

This solution is perfect for small businesses. 

I don't have too much experience with technical support. I only recall one case where I had to contact them directly. I recall them being very helpful and responsive. I had a good experience and was satisfied with their level of service. 

The solution is being discontinued. Hopefully, whatever they replace it with will be very good for small businesses as well. 

The initial setup was not complex. It was very simple and very straightforward. It was not difficult at all. A company shouldn't have any trouble with the process. Specifically, if you have experience in IT, you will find it very easy to deploy these products.

I am a Sophos customer.

I'm using UTM for home use only. It's only four 50 IPS.

I'd rate the solution at a ten out of ten. Overall, it's worked really really well. Everything from the updates to the signatures has been very helpful for our business. 

I would recommend this product to other users and other organizations. 

We use this solution as a firewall, for DCP filtering, applications, and training.

We need to speed up the support.

We have been using this solution for three years.

It's a stable solution.

It is a scalable solution but the only disadvantage is that when we use a proxy, we can bypass Sophos.

We have 50 customers. The maximum number of users in one device is approximately 4,000. It's a large network.

The support is okay, but it takes time to connect to the support team.

It is easy to install.

We only require one engineer to deploy and maintain this solution.

The appliance should be purchased and there is a fee for the license.

There is an option for a yearly licensing fee or for three years.

We recommend this solution. We complete between 20 and 30 installations per month.

I would rate Sophos UTM a nine out of ten.

We primarily use the solution for a number of use cases, including the firewall, web filtering, email filtering, and email encryption. UTM does it all. The only thing that we don't use it for is web application and protection. We don't really have any web servers in-house.

The web and email filtering are the two biggest and most valuable aspects of the solution for us.  

The solution overall has just been a good, cost-effective solution for us.

The solution offers a lot of functionality.

The solution scales well.

We've found the technical support to be helpful.

The stability and performance are quite good.

The ease of use could be a bit better. It's something they could work on.

The ease of configuration could be improved. It's not as simple as it could be just yet. However, it's kind of the nature of it.

They're kind of difficult to get set up sometimes.

Some of the detail in the web filter and the email filtering could be better outlined in the reporting. It is not as good as the two separate standalone solutions we used previously. However, it does also gives us a lot of other stuff that those two solutions didn't. It's a trade-off.

I've been using the solution for the last five years at this point.

The stability and performance are good. The solution is reliable. There are no bugs or glitches. It doesn't crash or freeze. It's good.

We've been using the same hardware for five years and it's always had a very good performance. I would say it scales pretty well. We have around 80 users on the solution currently. We've had double that. Actually, until COVID hit, we did have double that, as of a year ago.

We've been very happy with Sophos, despite the fact that most of their support is based out of Europe. When you get them on the phone, they're actually very good. Their support is very good. We've been happy with them, and have no concerns about renewing the maintenance.

We currently use a few Cusco solutions. We had a SurfControl web filter previously - a standalone server for that. We also had an email filtering package, that was on a separate server by itself. We found that the Sophos UTM did both of those things, and it gave us a firewall, and it saved us money. That's largely why we switched. The downside to Sophos is the reporting wasn't as good, however, everything else was better.

There was nothing wrong with the other solutions that we had other than it would cost us twice as much money to get a lot fewer capabilities. We don't really have the manpower to fully utilize those other solutions in great detail, which is why a simple web filter and email filter that was built into the Sophos solution worked for us. Plus, it does a lot more than that. We could run everything through it. We could - and we may do this - move away from using the Cisco solutions altogether, and just use the two Sophos firewalls. Once we get the XG up and running, we can upgrade the UTM to XG also and have the two XG firewalls in our two locations, and use it for the LAN connection between the locations. I don't know that we'll do that, however, it's definitely something that we can do. It's just a lot of additional capability and flexibility. 

While the configuration can sometimes be tricky, it was pretty much straightforward to initially set everything up. It helped that we had paid support through Sophos, so their technicians helped us get it up and running.

The deployment took a couple of weeks in total. It wasn't too big of a deal.

We don't really have any staff dedicated to deployment and maintenance. I tend to handle those aspects myself.

I've watched a few webinars, even on implementation, and it's just that a lot of the stuff is really different. You need to work on it a bit to get the hang of everything.

We had Sophos directly assist us. They were great at helping us implement everything. We physically got it in place, and then got it up and running, and then finished it off with some assistance from Sophos.

We've found the solution to be cost-effective overall.

Normally we do a three-year license with maintenance on a firewall.

Beyond the standard maintenance fee, the solution doesn't require any other licensing costs.

We are a manufacturing company. We're not a technology company. We don't need to have the very latest state-of-the-art technology, however, we want to try to be close to it. For us, Sophos is perfect.

We also plan to use Sophos XG, however, we haven't implemented it yet. We're hoping it might be easier to configure and set up than UTM.

Our antivirus, actually, was the antivirus that was managed by the UTM. Now they've since retired that capability, and they've gone to endpoint security software being managed in the cloud. Sophos Central can manage all of the Sophos security products, including all the firewalls, the endpoint security. Basically, you end up with one web interface for all of your security stuff. That's actually going to be a big feature, especially moving forward with XG, due to the fact that, if XG detects anything fishy going on, you can shut down individual client networks, and not allow any traffic to go through.

 Our Exchange ActiveSync is actually behind a Cisco firewall. We have a Cisco ASA also.

We use the latest version of the solution.

I'd rate the solution at an eight out of ten. We've largely been satisfied with the product.

As a company, you're looking to get the best solution out there. Once you have something in place, and it's worked well for you, and it hasn't cost you any excess money, you don't need to have too much contact with anyone. I rarely contact Sophos. That's a good indication of how good the product is working for us. If I was looking for something new, or if when maintenance comes up, and we've had hardware that's been in operation for a while, maybe we just need something new. Then you look and see if there's something out there that works better for you. That's basically it. We're not looking for anything new. We've actually been very happy with Sophos. I liked the way that there's a lot of good stuff there.

We are a solution provider and I am the architect of solutions that employ Sophos UTM.

Sophos was one of the first firewall products that were free, so you can install it at home and test it. Then when you have the experience, you can recommend it to customers.

Sophos UTM is the simplest of these products to setup. If you follow the instructions using the wizard, which is just a few steps, then you will have a firewall to protect you and your customer.

Sophos UTM is sensitive when it comes to setting up the SSL VPN, with the certificate.

The bandwidth speeds are limited, although this could be because they're doing web filtering. They need to have the time to filter all of the traffic.

The logs are not clear, which means that you need an additional piece of software in order to read them clearly. This is the main issue with Sophos UTM. Essentially, you need to spend time looking through the logs and if you want quicker access then you need to have third-party software.

I have been working with Sophos UTM for eight years.

This is a stable product. In my experience, I have only seen one case where, after four years, a customer's UTM was completely dead. The motherboard just died.

This customer had a license, so they contacted Sophos and within one week, they had a replacement.

It is easy to scale. You can set up a failover with a second Sophos device, where the second one is available as a backup. You have the option to set up Sophos Lite, which is a small device from Sophos that can link with your main unit.

For example, if you have remote offices, you can have the main Sophos device in your main office, and then all the branch offices connected using the lite model. All of the traffic goes to your main site, and it will provide all the web filtering.

The quality of technical support depends on who answers the call. When you reach the proper support person, they are really good and know what they're doing.

There is a lot of information available online, partly because Sophos is the old Cyberoam. Most of the time, I try to solve problems by myself. However, if I can't, I contact Sophos.

I am a certified Sophos architect, so I help to create the solution.

I have never had any trouble setting it up. There are some things that you have to do from the command line, but that's how Sophos and other products work. It is the same with Meraki and FortiGate. 

For the most part, it's straightforward and you just follow the wizard. The questions regard your internet connection, what service you expect Sophos to provide, and of course, the main one is the license because, for home users, it is free.

This product is free for home users. There is a limitation to the number of devices that can be connected, but nobody expects at home that there will be more than 50 devices connected to the firewall.

For business users, if you have the proper license, it will provide full protection not only as a firewall, but will protect your web server, Exchange Server, network, and provider web filtering capabilities. These days, that is really important. You don't want somebody to get in, or when a user clicks a link, they could lose some information.

The more expensive products have better performance. If you have fast broadband then you will need a bigger device, otherwise, it will slightly reduce the speed of your throughput. For example, if you have a gigabit connection with the cheapest model, perhaps a UTM 320, then it will cut the speed by approximately 50% to 500 megabits.

We sell the Meraki MX solution to protect some of our customers, and we are resellers of FortiGate as well.

Sophos is easier to set up than Meraki.

When it comes to reading the logs of other devices, it is much easier with Meraki, FortiGate, or even the Sophos XG firewall.

At the moment, all of the firewalls on the market are doing the same thing. Once you buy the license, it will cover everything.

Sophos UTM is a comprehensive product that does the job that it should. They have another product now, called the XG firewall, that covers everything that UTM does not. The best part about this is that you can run the XG firewall on the same hardware where UTM is installed. This means that if you're thinking that Sophos UTM is not good for you, you can always migrate to the XG firewall. That said, I have never had a problem setting up UTM and can't think of a problem that I couldn't solve with it.

Overall, UTM is good, but if you want something better that can handle more complex rules then you can use the XG firewall. My only complaint is that they limit the bandwidth, depending on the model.

The suitability of this product depends on the customer's needs. If they don't need really complicated firewall rules, yet want to protect the network and want really good web filtering, then I recommend using Meraki. If on the other hand, they have a really complicated setup and want better filtering, then Sophos is the better option.

Also, if you have your own web server or mail server on-site, then I recommend Sophos. If instead, you have a normal office network with mail stored in the cloud, then I recommend Meraki.

I would rate this solution a nine out of ten.

We are partners with Palo Alto and several IT certificate vendors, like Sophos. We deploy Sophos UTM for customers.

Internally we use Sophos, but we deploy solutions including both Sophos and Palo Alto Networks to our customers. We are an IT integration company. Our services include the deployment of security appliances.

Our environment includes Sophos UTM for internal use, which means it is protecting the network. It is protecting our environment.

We publish our services like the help desk, mail server, and other servers. Sophos UTM offers us protection for publishing and the VPN.

When we started with Sophos UTM, we were using Microsoft Threat Management Gateway (TMG) which formed part of the firewall. It's not anymore there, it has been discontinued. 

Sophos UTM is an SSD appliance. It has a solid state hard drive and can boot in less than sixty seconds. It is an appliance that has more stability than software solutions. It all depends on which hardware you have installed.

Sophos UTM has improved the porting section. It has improved security by seeing the gaps. For example, when you discover that an entry has been using a certain application, with Sophos UTM acting as a Layer 7 firewall, you can block the application, not the port.

In the application firewall, you can block the next update for Bitcoin or for Facebook. It has settings to block a port or wifi or just block the application and firewall. Sophos UTM will be able to detect the application type and filter network users.

Sophos UTM did help us a lot on the throughput of the internet because at that time we were using ADSL. Now it is fiber, which means we are able to manage the throughput of the firewall by also putting the quality of service first. 

For example, we are able to configure 2MB for YouTube or 5MB are guaranteed for the service which is published. In the past, with TMG you had to buy third-party tools that also did not have the same functionality.

Currently, Sophos UTM and XG are helping our customers. The features available in the UTM and XG are a combination of all the firewalls in the market which means all the features.

The IT Admin or IT Security in any organization would like to have Sophos UTM because it is full of all the features you think about for enterprise. 

Sophos UTM normally will deploy a batch or an upgrade and add more features, every six to eight months based on the RMD.

To be quite honest, from my personal experience all the features of Sophos UTM are useful, which includes publishing templates and the ease of publishing any servicing needs. 

From the VPN side, all the VPN protocols are available so you can choose from SSVPN to PPTP to other versions of VPN, and it's easy to deploy within minutes.

The firewall includes very good logging where you can see what's hacking your network. The IDS and IPS settings are based on your reliance and also alerts you if there is an attack. 

We're happy with Sophos and we also have an XG version being used for other services, because we are a company that provides services. We have two versions, we have the XG and the latest one. 

The Sophos UTM which is the previous version but still being in production is our main firewall for the company.

We happy with all the features, we have no negative comments on any of the features except that the XG has more ability to block based on countries.

On the previous model, the blocking of countries we had a problem with, i.e. if you use the NAT feature, you can't block countries. You have to enter the IP network. 

With the XG version, you can just select when you publish via NAT not via WAF. You can select the countries. 

That is the only difference between XG and the UTM which we did not really like, but other than that its all cool.

There is definitely room for improvement with Sophos UTM. For the SG version of Sophos UTM, they can add blocking of countries in the NAT section, not only in the firewall section. 

When you are mapping, they should also add the ability to block countries in that section. That's not available right now. It's only available in the firewall if you want to block incoming traffic.

With Sophos UTM, there is a general rule in the firewall when the country blocking can block some countries from accessing your data. In the current version, you still need to add it by putting in the IP range. 

This feature would be helpful for administrators and it gives them the advantage to block stuff in less time. 

The web filter needs additional enhancement but that's the point of the XG upgrade. If they're going to continue with the production of the XG, then they will not add the same features to the basic version of Sophos UTM.

With the ability of the hardware, we haven't experienced any problems with Sophos UTM so far. Neither have our customers. 

At the beginning of the XG version, three years back, they had hardware issues. After that Sophos deployed division two, three, and four as hardware appliances.

Sophos fixed the hardware issue for the lower models, i.e. the 525, the XG 125, and the XG 85. All of the larger Sophos UTM models were fine.

Now, all are stable, all are fine. We haven't seen any crash. One of our customers had a DDoS attack. Since he had the proper rules, we did not record any incident. 

Sophos UTM blocked the DDoS. Although it is not a dedicated anti-DDoS solution, Sophos UTM has the features. 

Sophos UTM is stable. I haven't seen any claims or issue tickets from our customers regarding stability.

Sophos UTM has different aspects. If you have an HA distribution, high availability, you can scale up.

When you go and purchase Sophos UTM, you have to plan and say what the environment is. This planning has to be done before buying. If you buy a small appliance and after two years, you are 50 or 70 employees there are upgrade options. 

It should be between you and Sophos. They can give you a free appliance if you subscribe for three years on subscription, for example.

If you have an existing subscription and you want to have HA, this means another device has to be set as redundant. The only downside is that it has to be the same version and the same model. 

In my company, we have around 35 loyal customers. These customers have purchased and are redeeming Sophos UTM with us. Altogether, we are 55 employees. Most of them are at the office. Concurrently around 35 others are on site at other clients. We have around 35 servers. 

We have the published Sophos UTM on the main server, help desk, share point, etc. We've got around nine published services, plus 10 VPNs running concurrently for our support engineers to connect and work on our internal infrastructure for the allotment servers. 

We have 50 Sophos UTM installations at least that are actively browsing, downloading, and being protected by the web filter and other features there.

It depends on the organization, but for us we only require one person to manage this solution, even working remotely at home.

We don't have much need to speak with the vendor because we are educated and experienced with Sophos UTM. We are an integrator company.

For our customers, in the beginning, we give them training. After a week we do expect to have some calls because they are not yet educated or they're not yet used to it. 

After that, that's it. They already told us if they are ready or not. Sophos' support is better than others because Sophos also can sell endpoint solutions.

If one of our customers has an issue and Sophos did support and send their team for the investigation it could be conflicting.

For example, one of our customers had an endpoint which is an antivirus and they had an issue. We have teams that were actively taking care of the customer based on our relationship with the client and their Sophos UTM device license.

We have no comment on the Sophos UTM support which we have seen at our customer sites because it was only with a government customer. 

The customer told us that the Sophos UTM representative mentioned that they wanted to have the vendor take care of this issue.

Other than that, I have had no negative experiences with Sophos' technical support.

The initial setup of Sophos UTM is straightforward for both versions, the XG & UTM. In addition, they both provide a proper manual.

In the beginning, seven years back, Sophos UTM wasn't straightforward for beginners. You had to be already excellent in security. Now, it is very easy because you install the IP address, you log in, and you do the initial setup by routine. 

These days its much easier than in the past but not everyone that has a firewall is secured. If you do it properly by choosing the right network, the right topology, and the right firewall rules, Sophos UTM will work.

There are orders for most of the rules. For example, if you put a deny rule below an allow rule, you are not going to have the proper result. 

Sophos UTM requires knowledge. It's easy to deploy but also there is a responsibility on the person who is deploying to understand. 

You must have the knowledge of security and networking, to make sure that the solution is working properly. Sophos UTM is very easy compared to other vendors somehow.

In our environment, we have defined previously the VLAN rules on our sheets because we had another firewall. In the beginning, we just copied the current rules and then enhanced them slowly so deployment took place quickly.

After fixing the appliance physically on the rack, it took one hour to be up and running and ready based on the rules. If you are a small environment that would take you less than 20 minutes. 

It all depends on how many rules you have, how many demands, how many users, and public services. For example: if you have five websites, the main server, and a starter business, you might need more time because you would need to define the rules properly. 

It all depends on how complex your environment is. Sophos UTM is easy and straightforward for me and for somebody who is certified on security levels.

We haven't opened a ticket with Sophos for 60 days, but we still have support. All our customers use us as the first level of support, even if they have to chase it. 

Sophos UTM comes with a license. We are very aware and updated on Sophos solutions. We have good experience with it.

Although we sell other solutions, we are looking forward to building, selling, and integrating Sophos XG/UTM versus other vendors because of the ease of use.

We are more focused now. Our entire team is certified in Sophos Enterprise, while other vendors would likely still have just one or two members who are certified.

We feel more comfortable using Sophos equipment and solutions.

I can't mention anything on ROI because I'm more focused on the technical part. I'm not needed in the financial part. In our company, we have saved bandwidth and lots of network hardware waste. 

The Sophos UTM solution did help us because we were depending on a software base from Microsoft. Microsoft is a great company but they are not great for our security. Now they have improved. When you go out and buy something, buy it from the specialists.

For example, if you go for virtualization, VMware is a company that only does virtualization. Go for specialized people. Don't go for people who are doing everything at once. 

It's like when you go to a physician or a doctor and you have a problem with certain things. i.e you have a problem with the bones. Go to the doctor that is specialized in the bones, not a general doctor. 

The Sophos UTM license is annual or you have a choice for a two or three-year term.

The Sophos UTM licensing is based on if you have an appliance. There are several layers of subscription you can take:

• Sophos UTM Full Guard includes everything but a few features.
• Sophos UTM Full Guard Plus includes all the most used features, i.e Wifi, ITF, ITS, web publishing WAF, etc. 

There is a huge price list. The prices in the MENA area (the Middle East and North Africa) is completely different than North America.

The products are completely different in the MENA area from the United States. Each region has its own scheme of pricing based on the VAT and the tax refund. 

The price might be different for the people who are in the United States and the UK.

After you select the level of subscription, you pay once.

We tried and tested Fortigate from Fortinet. We tested several appliances about six years back. Not Palo Alto at that time, only Fortinet. 

We evaluated other open-source Linux software but not appliances. We decided to go with Sophos UTM based on several factors related to the tests we did at that time.

Evaluation is very important so that you can see what are you buying and what you are going to face in the future.

My recommendation is that businesses should go for the XG version, not the SG because the XG version of Sophos offers next-generation firewall support and has more improvements.

Sophos XG is the next generation firewall that is not available on the UTM version. The difference is in the features between the two and how you deploy them. 

Sophos XG version covers what is in the SG version plus additional bonuses: the dashboard, the heartbeat between the firewall and the input, etc. 

I advise first evaluate, know your network, know your needs, and plan for the upcoming two or three years before you purchase. 

Get in touch with the vendors because these days every vendor wants to sell. They are willing to help the customers and willing to show them what they will get. 

Make sure you evaluate properly many platforms. Don't just go with one vendor. Go with two or three vendors. Evaluate and then short-list and choose the best for you.

The rating has to have criteria: 

• On performance, I would give Sophos UTM a 10 out of 10 rating. 
• On price, it is a long discussion because you can get a discounted price if you are an integrator. 
• As a user and a customer, I would give Sophos UTM a 9 out of 10 rating.