Sophos UTM Reviews

We use Sophos UTM as an on-premise firewall.

All of Sophos UTM's features are valuable. The intrusion prevention is great, and I like dual virus scanning on the network layer because we scan it through Avira and Sophos. Web filtering is also a fantastic option for clients who want to really lock down internet access. And of course, it has the basic firewall features like port blocking and all of the stuff that most standard firewalls include.

I've been using Sophos UTM for over 12 years. I started using the solution before it became Sophos. It was originally called the Astaro Security Gateway, and then Sophos acquired Astaro and renamed it Sophos UTM.

Very stable. Very good.

I have Sophos UTM deployed for all my IT clients. There are 40 of them in the field serving about 500 users total.

We get put on hold for a long time. Otherwise, I'm not unhappy with their support at all. 

If you have a networking background and understand how to configure it, it's very straightforward. Somebody off the street can't just come in and do it, but yeah, it's pretty straightforward.

I would rate Sophos UTM a strong eight. I'm not giving it a ten because they're putting all their efforts into the XG model, so the UTM model will probably be phased out before long. I love the security of the XG. It's better with artificial intelligence and all of this type of stuff, and you can manage it from the Sophos Central Cloud. But Astaro ASG, now Sophos UTM, was the first unified threat management system and everybody else was copycatted it. I think its web filtering's great. If there are any security vulnerabilities, it's the fault of the administrator configuring the product, not the solution itself. You can lock networks down tight with this if you know what you're doing.

I'm IT head at our company in India and we are customers of Sophos UTM.

The solution has many good features. There was a steep learning curve moving to version 18 but we're now at a point where the solution is more efficient and effective. When talking about VLANs the solution makes it easy to separate rules for everything. The solution is easy to use with simple implementation.  

The application server needs to be improved because currently, the classification segregation of applications needs to be more defined. Also, we used to be able to open the firewall using LAN IPS but that's no longer possible and needs to be solved. I'd like to see an improvement in central categorizing. These days with all the applications and threats, getting everything filtered down needs to be a finer, more granular process. There are times when you find that a website seems to be legit, but there is a code running behind it that can act as a proxy or some kind of a bot. The sites are always logged on, but at times we have to open for a few clients or a few sites and in that time they're open to attack.

We've been using this solution for at least six years. 

This solution is absolutely stable. 

The solution is scalable; we jumped from 135 to 230 users without any problems at all. 

Technical support used to be good but it's lagging a bit now. Support staff was better trained and more efficient than they are now. It could be because of Covid but it's a bit of a challenge at the moment. 

We worked with SonicWall many years ago. We then switched to Cyberoam and then we primarily used Cisco Firepower. There were support issues with Cisco and it wasn't easy to find the KB articles and training was lacking. Even the training personnel had problems when we had issues with implementation. The same thing happened when we used Palo Alto with the support being the biggest problem. It was so unstructured and I hope that has changed in the last 12 months. When it comes to firewalls we are happy with two products; Fortinet is our preference but when you take cost into account, we prefer Sophos. 

The initial setup was relatively straightforward. 

The licensing costs for Sophos are reasonable. It's clear to me that there are no full solutions, you can't win it all, and the cost is always an issue. We're on the winning side with Sophos in that respect. We renew our license every three years. 

I rate the solution eight out of 10. 

Sophos UTM is a virtual appliance used for network security.

Sophos SG UTM had all the basic functionality that you needed. It is user-friendly and easy to manage for any integrator.

There were a lot of features and functionality in Sophos SG UTM but nothing was state of the art in terms of technology. You did not get the latest functions. It was very monolithic as it was based on an old Linux PuTTY system.

Everything has changed in the newer version of the solution from the SG to the XG. It was a completely new reborn version. You are not able to migrate from SG to XG using scripts. it is very difficult because of the differences. There was not a simple migration path from one to the other.

In the Sophos SG UTM version, you cannot have any other functions. Sophos will tell you "It's a closed version. We will not have any more functions." However, in the new version, you have a lot of new functions, and every two or three months you have new features. For example, you can use Sophos Central to synchronize both strategy policies and even security, if you are equipped with Sophos antivirus on workstation and server. If your antivirus on the workstation finds a threat, your firewall will have the information of the station, what issue it had, and what other stations it communicated with.

Sophos has to enable the Intercept X or an EDR function on the firewall because for the moment, the firewall is only equipped with sandboxing or something similar. Which, is quite good but there should be something easier for the user. For example, the logs at the moment are not as simple as they are in other solutions, such as Fortinet, it is very important to have a logging tool, log reporting, or a reporting engine. We need to see logs and find information within. However, 10 years ago, we do did not care about the logs but things have changed. We need them to analyze, to have a view of some of the layers but we do not have this. They could improve by providing better log functionality and features.

I have been using this solution for approximately five years.

For the whole life of Sophos SG UTM, it has been highly stable.

On the newer XG version, we have had a lot of small bugs on the very first version. We were having lots of small bugs on different functions and it had been a mess for a lot of integrators to make it work and to keep confidence in the XG. The XG had a lot of functions and all functions could have a lot of bugs. Even if everything is under control on one or several functions, there were some functions that had many, such as the VPN. However, in version 18 the stability was a lot better. 

You rely on the stability of a firewall and if you have some bottlenecking from the communication from or to the internet. It is very difficult to be confident in Sophos and we lost some confidence in Sophos in the very earlier version.

Overall, we had more problems with the XG than with the SG version.

I have used other Sophos solutions, such as Sophos XG UTM.

The installation of Sophos SG UTM is very easy. There are detailed manuals that can help with the installation if you run into difficulties. There is some basic transferring training you can take that is not complicated.

It is very complicated to migrate everything you put in SG to another version. You need to redefine many aspects manually on the XG because you are not able to extract the configuration from a confidential file to import it into the XG. They are very different and will not work in the same way. It is very confusing for a new customer.

If customers want to buy the XG because it is the new version and they want to migrate through a Sophos or integrator, it will take a lot of days for engineers from SG to XG to implement because it is not the same solution anymore. It is very much similar to if you were migrating from SG to a Fortinet or to a Palo Alto firewall. You have to recreate the configurations manually on your side, with no migration paths. It is a very important point. We do not have migration paths from one to another.

The solution is very low cost compared to competitors. You have a good firewall, a lot of functions for less than the price of some omni firewall competitors.

I have evaluated other solutions, such as Sophos XGS.

There are two versions of the Sophos UTM. The old one is the SG, and the newer ones are the XG and XGS UTM, the next-generation firewalls.

Sophos UTM was a rebranded solution that was bought from the Astaro company. It was one of the first UTM and was a very stable solution. Everything was inside a small box, you could start to enable or disable some functions, such as TCP, HTTP proxy, or firewalling. It allowed you to manage everything you wanted in this Unified Threat Management solution. It was a very nice multi-functioning security tool. If you adapted to the way of working with the UTM you could do everything with it. 

It was a nice solution. Sophos still allows the use of the SG UTM. For example, if you want to buy an XG Firewall, which is their new next-generation firewall, you still can purchase the older SG UTM. Sophos is able to still deliver this solution.

I rate Sophos UTM a seven out of ten.

We implemented the solution into our infrastructure here in the insurance company, to protect the flow between the company and its partner.

The solution is quite stable. 

The scalability has been great.

The initial setup is straightforward.

Technical support is very responsive.

The integration capabilities could be better.

I originally implemented the solution when it was Cyberoam. After that, we migrated to Sophos UTM. I've used the solution since 2011.

The solution is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. 

The scalability is great. If a company needs to expand it, it can do so. It's not a problem.

We currently have 800 people using the solution.

We do pay for Sophos' support and we find them to be quite helpful and responsive. We're satisfied with the level of assistance we receive. 

We have used other solutions. We have various levels of firewalls. 

The implementation process is straightforward. It's not overly difficult. A company shouldn't have any issues with the process. 

It's a good idea if you are migrating from another solution, to do a review of security policy. That way, you can better optimize for security when you set everything up.

We have a team of six that can handle implementation and maintenance duties. We have two managers. One covers organizational security and the other cover operational security.

We do pay extra for Sophos support services.

The license is easy to acquire and implement. 

I'm currently performing a benchmarking of the other solutions against Sophos.

We're a custoer and an end-user.

When Cyberoam was acquired by Sophos, we migrated to the new hardware and new solution in Sophos.

We've been very happy with its capabilities. We would rate the solution at a nine out of ten.

I'd recommend, if a company sincerely wants to try out Sophos, that they test everything before implementation. It will help them understand what the solution can do and how to implement it into their infrastructure. 

I use this solution for my severs.

At some point in time, it seemed to be ravaging organizations around us and we couldn't definitely outrightly isolate ourselves from it. While we were attacked, I want to believe that it was solely because there was that in addition to the fact that there are triggers. 

We also know very well that Sophos is proactive in monitoring and protecting against malware and brute-force attacks.

It's one of the things that it is quite good for.

The most valuable feature is ransomware protection. It is known for ransomware protection.

In terms of additional features, I'm still getting to understand more about how it works.

I'm still exploring the features and I haven't used them in totality. 

I think that additional metrics features are needed to be able to monitor other areas or to monitor as much as you can, at a fine-grain resolution. This would be good. Somewhat similar to what Darktrace can do. 

Proactively understand and using AI intelligence to monitor and see activities that are away from the norm and then proactively see how they can either isolate the quarantine system and inject it back into the system upon validation.

They could explore most of the products in Symantec's and Fresh Services and run from the same file to see what additional feature one is offering.

I would also like it if they could work on the price because it is expensive.

I have been using Sophos UTM for approximately three years.

I understand that it's had a couple of releases too frequently but I want to believe that it's relatively stable. 

I still believe that in terms of stability, Symantec is better, so this can be improved.

Sophos UTM is quite scalable.

I haven't had any reason to contact support directly because I have MacBytes, which happens to be a local vendor that we have been using. It's been pretty good. 

They are very good at supporting us technically when the need arises.  

I am currently using Symantec for my own workstations and I use Sophos for my server Endpoint protection.

The initial setup is relatively straightforward.

The prices can be better, they could make it a lot cheaper.

You are on the right track with Sophos UTM, but you should keep up with the trends as they become available.

I would rate Sophos UTM a nine out of ten.

The solution's user interface is very user-friendly. It's very easy to navigate.

They have an all-in-one product for small businesses. Basically, I do not want to manage the firewall for four products. I'll take it all in one. It makes everything easier to manage. 

It's really good and it's been working really well over the last few years. 

The initial setup has been very simple and straightforward. 

The stability, overall, is excellent. I haven't had a problem in the last two years.

It is a fine product, however, I need more endpoint protection.

They should release a license for more than 50 IPs. As of now I have had some discussion about with management, and we need to do some planning and around that to see if we can change things.

The pricing is too high. There are other options that are less expensive, such as Bitdefender. In fact, Bitdefender is very good, aside from lacking a firewall such as this. Beyond that, it's a very good product with central management on-premises. 

It would be nice if it had basic features, such as DLP (Data Loss Prevention).

I've only been using the solution for about two years or so at this point.

The stability has been excellent. It doesn't crash or freeze. There are no bugs or glitches. It's very good and very reliable. 

This solution is perfect for small businesses. 

I don't have too much experience with technical support. I only recall one case where I had to contact them directly. I recall them being very helpful and responsive. I had a good experience and was satisfied with their level of service. 

The solution is being discontinued. Hopefully, whatever they replace it with will be very good for small businesses as well. 

The initial setup was not complex. It was very simple and very straightforward. It was not difficult at all. A company shouldn't have any trouble with the process. Specifically, if you have experience in IT, you will find it very easy to deploy these products.

I am a Sophos customer.

I'm using UTM for home use only. It's only four 50 IPS.

I'd rate the solution at a ten out of ten. Overall, it's worked really really well. Everything from the updates to the signatures has been very helpful for our business. 

I would recommend this product to other users and other organizations. 

We use this solution as a firewall, for DCP filtering, applications, and training.

We need to speed up the support.

We have been using this solution for three years.

It's a stable solution.

It is a scalable solution but the only disadvantage is that when we use a proxy, we can bypass Sophos.

We have 50 customers. The maximum number of users in one device is approximately 4,000. It's a large network.

The support is okay, but it takes time to connect to the support team.

It is easy to install.

We only require one engineer to deploy and maintain this solution.

The appliance should be purchased and there is a fee for the license.

There is an option for a yearly licensing fee or for three years.

We recommend this solution. We complete between 20 and 30 installations per month.

I would rate Sophos UTM a nine out of ten.

We primarily use the solution for a number of use cases, including the firewall, web filtering, email filtering, and email encryption. UTM does it all. The only thing that we don't use it for is web application and protection. We don't really have any web servers in-house.

The web and email filtering are the two biggest and most valuable aspects of the solution for us.  

The solution overall has just been a good, cost-effective solution for us.

The solution offers a lot of functionality.

The solution scales well.

We've found the technical support to be helpful.

The stability and performance are quite good.

The ease of use could be a bit better. It's something they could work on.

The ease of configuration could be improved. It's not as simple as it could be just yet. However, it's kind of the nature of it.

They're kind of difficult to get set up sometimes.

Some of the detail in the web filter and the email filtering could be better outlined in the reporting. It is not as good as the two separate standalone solutions we used previously. However, it does also gives us a lot of other stuff that those two solutions didn't. It's a trade-off.

I've been using the solution for the last five years at this point.

The stability and performance are good. The solution is reliable. There are no bugs or glitches. It doesn't crash or freeze. It's good.

We've been using the same hardware for five years and it's always had a very good performance. I would say it scales pretty well. We have around 80 users on the solution currently. We've had double that. Actually, until COVID hit, we did have double that, as of a year ago.

We've been very happy with Sophos, despite the fact that most of their support is based out of Europe. When you get them on the phone, they're actually very good. Their support is very good. We've been happy with them, and have no concerns about renewing the maintenance.

We currently use a few Cusco solutions. We had a SurfControl web filter previously - a standalone server for that. We also had an email filtering package, that was on a separate server by itself. We found that the Sophos UTM did both of those things, and it gave us a firewall, and it saved us money. That's largely why we switched. The downside to Sophos is the reporting wasn't as good, however, everything else was better.

There was nothing wrong with the other solutions that we had other than it would cost us twice as much money to get a lot fewer capabilities. We don't really have the manpower to fully utilize those other solutions in great detail, which is why a simple web filter and email filter that was built into the Sophos solution worked for us. Plus, it does a lot more than that. We could run everything through it. We could - and we may do this - move away from using the Cisco solutions altogether, and just use the two Sophos firewalls. Once we get the XG up and running, we can upgrade the UTM to XG also and have the two XG firewalls in our two locations, and use it for the LAN connection between the locations. I don't know that we'll do that, however, it's definitely something that we can do. It's just a lot of additional capability and flexibility. 

While the configuration can sometimes be tricky, it was pretty much straightforward to initially set everything up. It helped that we had paid support through Sophos, so their technicians helped us get it up and running.

The deployment took a couple of weeks in total. It wasn't too big of a deal.

We don't really have any staff dedicated to deployment and maintenance. I tend to handle those aspects myself.

I've watched a few webinars, even on implementation, and it's just that a lot of the stuff is really different. You need to work on it a bit to get the hang of everything.

We had Sophos directly assist us. They were great at helping us implement everything. We physically got it in place, and then got it up and running, and then finished it off with some assistance from Sophos.

We've found the solution to be cost-effective overall.

Normally we do a three-year license with maintenance on a firewall.

Beyond the standard maintenance fee, the solution doesn't require any other licensing costs.

We are a manufacturing company. We're not a technology company. We don't need to have the very latest state-of-the-art technology, however, we want to try to be close to it. For us, Sophos is perfect.

We also plan to use Sophos XG, however, we haven't implemented it yet. We're hoping it might be easier to configure and set up than UTM.

Our antivirus, actually, was the antivirus that was managed by the UTM. Now they've since retired that capability, and they've gone to endpoint security software being managed in the cloud. Sophos Central can manage all of the Sophos security products, including all the firewalls, the endpoint security. Basically, you end up with one web interface for all of your security stuff. That's actually going to be a big feature, especially moving forward with XG, due to the fact that, if XG detects anything fishy going on, you can shut down individual client networks, and not allow any traffic to go through.

 Our Exchange ActiveSync is actually behind a Cisco firewall. We have a Cisco ASA also.

We use the latest version of the solution.

I'd rate the solution at an eight out of ten. We've largely been satisfied with the product.

As a company, you're looking to get the best solution out there. Once you have something in place, and it's worked well for you, and it hasn't cost you any excess money, you don't need to have too much contact with anyone. I rarely contact Sophos. That's a good indication of how good the product is working for us. If I was looking for something new, or if when maintenance comes up, and we've had hardware that's been in operation for a while, maybe we just need something new. Then you look and see if there's something out there that works better for you. That's basically it. We're not looking for anything new. We've actually been very happy with Sophos. I liked the way that there's a lot of good stuff there.