Sophos UTM Reviews

We mainly use it for web filtration — we have a number of small websites. It's also a VPN — that's filtering, firewalling, and IPS.

Within our organization, there are roughly 250 people using Sophos UTM. Also, we have around 15 XG users.

We plan on using XG for the next few years, but we are going to stop using UTM on our main site.

I think the behavior with the zones was a little bit tricky to understand at the beginning of this project. It can be hard to manage at first, but overall, we don't have many problems with this solution.

I have been using this solution for one and a half years.

It's stable, but the reaction time of the GUI is terrible; however, in my opinion, UTM is more stable than XG.

Sometimes, It can be quite a time-consuming process to book a session with Sophos' support.

The initial setup was not straightforward because we had experience with UTM, but not with XG. It's a completely different system. 

We had it up and running within one week.

We installed it on our own.

I would recommend UTM over XG because it's easier to manage.

On a scale from one to ten, I would give XG a rating of 6. Conversely, I would give UTM a rating of nine.

We primarily use this solution for:

• VLAN separated network
• Proxy / SSL-Interception
• VPN (IPsec and SSL)
• Reverse Proxy / Webserver Security
• Email Security / Mail gateway
• HA (Hot-Standby)
• IPS / ATP

This is a very good security solution for SMB, so this solution is a good fit for many of our customers.

We find all of the features valuable because together they fit the needs of our customers.

We would be happy with fewer new features over the same time, but with more stable updates!

We would like to have unique viewable IDs for rules and in the packet filter logfile, for easier debugging of old log files.

Sophos UTM shouldn't die.

We use this solution for IPsec & site-to-site SSL VPN.

My environment involves connecting all of our branches with the head office through one Sophos XG 210 device. This is done using IPsec and SSL VPN, after which we apply a web filter, as well as an application filter to ensure that we are getting a secure connection.

It allows me to easily connect with more than forty-five remote sites and more than fifty remote users between IPsec and SSL VPN, applying the web filter and application filter to ensure a secure connection.

This solution also gives me varieties of VPN policies for good data encryption.

The most valuable features of this solution are:

• High Availability between IPsec site tunnels provides a valid continuous connection and ensures we have no downtime affecting our business.
• Log Viewer allows me to monitor all incoming and outgoing traffic, as well as view and block vulnerabilities.

I would like to see the SD-WAN feature improved. I want to manage many lines and load-balance them, getting high availability by making SLA tests according to:

1. Check interval.
2. Failures before inactive.
3. Restore link after.
4. SD-WAN Rules to control bandwidth, download and upload stream.

I switched to Sophos as it is more reliable.

This solution is less expensive than FortiGate. 

We did not evaluate other solutions prior to choosing this one.

I use this solution in both the home and office, and I am also a reseller of the product. It is used for Unified Threat Management for SMB to Mid-Size companies. It provides VPN solutions for our clients, and it has the absolute best UI in the industry.

This solution makes remote support of clients extremely easy and flexible. Modifications can be made in minutes. New definitions of network objects, users, groups, etc. can be made from anywhere in the UI.

The most valuable feature is the user interface, which is flexible, powerful, and easy to understand. Configuration troubleshooting is eased by the use of the color-coded, live firewall log. Live logs for most features are also available.

Support for IKEv2 is needed in this solution. But, the handwriting is on the wall that Sophos will probably stop development in favor of their XG Firewall. No timeframe on that yet though.

We have been using this solution since it was the Astaro Security Gateway (/products/sophos-utm-reviews ).

We use this solution for communication endpoint, encryption, and network security. We are focused on providing security software to the small to mid-market enterprises; the essence of our delivery is internet security.

The features that I've known to be the most valuable are both the web security features as well as the web firewall capabilities. As a partner of Sophos firewall, we have some clients that are using Sophos firewall UTM and we use it as well.

One additional feature that should be included in the next release is
synchronized security, which would enable all the security to work together as a system. Another suggestion is to add advanced threat protection (ATP) to defend against sophisticated Malware. Seeing these additional improvements would be a great thing going forward.  

The product is stable. It's a product that our clients are able to use and enjoy. We haven't had many complaints about the product at all. Internally we haven't experienced any problems. 

The scalability is also fine. Currently, we have 20 employees using the product to date and only one employee needed to maintain the product. At the moment we don't have any plans to increase usage in the company. Not now, next year maybe.

We train our employee's on technical support. I don't need any outside technical support.

The only time we faced a problem or issue is when we place a ticket. We have found that the response is very slow. That seems to be our biggest problem.

We previously used Cyberoam but Sophos acquired Cyberoam. That's why we migrated to Sophos.

The initial setup was done with our engineers, they also set up that server firewall. The setup was straightforward.

The deployment took one month. We're a support base reseller. Our in-house team took care of it. We don't use anyone from the outside, we can deploy the product on our own.

Everything involving pricing and licensing is maintained by our Bangladesh Sophos country managers. The pricing is okay and the licensing is also included in the price.

Sophos UTM is a good product for security purposes and maybe if Sophos provided another company option to implement their products then I would say that Sophos UTM is great.

On a scale of one to ten with 10 being the best, I would give this solution a nine out of 10. 

SMB firewall.

Protected it against malware and allowed us to serve our servers safely.

Application layer filtering.

Setup: Getting an exchange server to work behind Sophos is incredibly difficult with rules invoked that are simple numbers (e.g. 9054).

• Network border protection for clients and internal company
• It is used for small to medium-sized businesses and networks.

Sophos SG has provided us with the tools to protect our networks, detect malicious activity, and customize security to our clients' needs.

• Sophos UTM Manager (SUM): It allows us to manage over 50 Sophos UTM devices from a central management console. 
• Creating rules, exceptions, and managing most features from SUM, and pushing to all or a section of devices as needed.

• SUM cannot manage app control
• Improve app control system as a whole
• Extend support for SG until XG has improved significantly.

Our primary use case of this solution is IDS and IPS. We also use it for application availability. 

The most valuable feature is the IPS. It also protects us from malware. 

The solution could be improved by adding cloud soundboxing.

The stability is OK. 

The scalability is not something I have experience with because our organization is pretty lean.

I have not used technical support. 

It was easy to set up and quite straightforward.

When considering a new solution, I always make sure that there is good technical support. Also, the pricing is an important aspect.