Sophos XG Reviews

We generally deploy this solution for our clients for its basic functionality; our clients generally don't have sophisticated requirements. The solution is used for the firewall rules and the VPN rules, as well as the WAF functionality. We are silver resellers of this product and I'm head of the software department. 

The most useful aspect of the solution is the concept of integrated security which is why I use and recommended this firewall to clients. However, given that we never use endpoint protection, there is less incentive for us to continue using it. Initially it provided a specificity which enabled one kind of endpoint protection managed through the appliance together with the WIFI integrated within the firewall, managing all basic security aspects for TPD. However, because the endpoint protection is not that good and there are problems with malware and we can't prioritize facility management over security of the finances, we can't continue to work this way.

I think the management console could be improved. I also find the partner portal difficult to work with because it never functions correctly and it's exhausting to deal with. They should also improve the failover management and the reliability of failover, and there are sometimes issues with the WAF functionality, whereby a number of applications can't be used correctly. Finally, I think the support could be improved because when you open a ticket, there's a long wait time for a response. 

I've been using this solution for three years. 

The stability is quite good there are no major vulnerabilities. 

The technical support is a real weakness but that seems to always be the case. Sophos has improved over the last couple of years. It's better than before but it's still not good.  

I find the solution too expensive, to be honest. It's one of the reasons I'm looking for an alternative. It's overpriced for what they offer.  When you buy a commercial appliance, the only thing you really need is good support, and they don't provide that, so the cost for hardware and software is too expensive. If the support was responsive, I'd be happy to pay. Now I'd prefer to acquire my own hardware and install pfSense and spend the money helping technicians and engineers gain good skills and improve our own support. We'd have the same level of protection at a lower cost. 

I rate this solution a seven out of 10. 

It is a firewall. It is used in my defense line. It provides defense and a form of security for my internal network.

IPS and advanced threat protection (ATP) are the most valuable features. I am able to segment my network traffic and block incoming connections. It is also easy to use.

I would like to have better SSL decryption and HTTPS decryption. There should be filtering of SSL and HTTPS traffic.

Sophos XG consumes a lot of endpoint resources. It consumes a lot of RAM and CPU resources, and they should look into this.

I have been using this solution for two years.

It is stable.

Its scalability is fine. We have about 40 users. We don't have any plan to increase its usage at the moment. However, it depends on recruitments and other things. If required, my company would change my box to a bigger one for better processing speed.

Their technical support is okay. Sometimes, during the webinars, when I have some questions, they respond to them, but sometimes, I don't get any response.

I have worked with Check Point before. Check Point is very expensive. At this time, we are not thinking of switching to another solution. If we were switching, Cisco Firepower would have been an option, but my colleagues, who have good experience with such solutions, would prefer to stay with Sophos XG. Cisco Firepower is a little bit complicated to use. It is also expensive. Cisco and Check Point have different boxes for different things, whereas Sophos brings everything into one box.

It was straightforward.

Its price is fair. It is cheaper and way better than others.

I like this solution. I would rate Sophos XG an eight out of ten.

We are a solution provider and Sophos XG is one of the security products that we implement for our customers. We always provide them with the latest version.

The number of ports, especially on the entry-level appliances, should be increased.

The price of adding ports should be reduced to make it more competitive.

The vendor needs to create materials to show the differences between Sophos products and those from other vendors.

Network management needs to be included in the package.

As it is now, it only supports ten multiple users, which is something that should be increased.

I have been working with Sophos XG for approximately two years.

This solution is stable.

This is a scalable product and we have approximately 150 users.

We get our support from the local distributor.

Prior to Sophos XG, we used products from Fortinet and Forcepoint. 

The Forcepoint product is doing well. We have a different perimeter firewall for our data center that uses it because we use different vendors for different sites.

This is an on-premises appliance and the installation is straightforward. It can be deployed in less than an hour. However, according to the number of users and the number of ports that will be connected, the design may vary. This makes it difficult to estimate the time required to do a full implementation of the product.

We have four people in charge of maintenance, although they do not work exclusively with Sophos. We have another appliance from another vendor. The entire team, including their manager, is about 10 people.

The price is in the mid-range and it is very good for small to medium-sized businesses. One license opens everything.

Overall, this is a good product and I would recommend it for small to mid-sized customers.

I would rate this solution an eight out of ten.

We were able to integrate the solution using existing infrastructure installed, such as different firewalls and security software. We have integrated the solution in multiple sectors, for example, the education and banking sectors. 

UTM appliances have generally improved organization networks and given away to multiple link management, identity management, and easy firewall options. SOPHOS has a better GUI and dashboard which can be easily understood and managed in an organization.

The solution was able to be integrated well with exciting hardware and software and in multiple business sectors.

With the proliferation of fiber connectivity becoming available at our homes, consumers should not have to go and buy another module for fiber to ethernet converters or another device to get the fiber options. I understand all UTM models should have direct SFP ports available so that FFTH is directly terminated to UTM for better management and uptime. 

I have been using the solution for the past five years.

I have found it to be a stable product.

I can say it is more stable rather than scalable. I do not think they have the ability for scalability with the options currently included esp in SMB segment. However, if they did have better options then I believe the product would have better scalability.

Some of our clients have been enterprise and SMB customers. Overall the range of our clients has been between medium and enterprise clients.

The customer support is not that good. We found the support to be extremely slow in response.

I rate Sophos XG support a three out of ten.

We have used other products as well and we understand those products work well which has better and local support. In addition, it depends on the company's focus. SOPHOS has focused on small to enterprise customers but support needs improvement to be in the market. SOPHOS channel partnership program needs also improvement and commitment so that System Integrators and partners are able to pitch the products well in the market. 

Setup is good and the integration is very easy. The technology creates several good products.

We do the deployment and implementation of the solutions.

They should include fiber SFP ports on smaller product models as well and the tools should be improved for scalability.

I can definitely recommend the product because it is good. There is no doubt.

I rate Sophos XG a 6 out of 10.

• URL Filtering: because of the importance of controlling what and individual might access from the organization’s network. Sophos XG has 90+ categories, providing a level of granularity that eliminates the need to create customized categories.
• IPS (Intrusion Prevention System): because of the importance of preventing hackers from using exploits and other mechanisms that might compromise the network
• Anti-malware: Sophos XG comes with two anti-malware engines: its own and Avira, making the UTM more effective at catching malicious code.
• Control Center: an interface crammed with the most vital information like security issues, appliance performance, and Internet link status.

With a very intuitive and easy-to-use interface, it made it much easier to setup access and business rules, VPNs and to identify issues like Internet link outages and security issues.

Sophos XG lacks link load balancing options like ratio and spill over, both useful in some scenarios.

I also think they might consider improving the RAM of some of the appliances, since there are processes that are very memory intensive.

Lastly, I would say packet monitor is another area for improvement as it lacks capabilities like exporting the capture from inside the GUI tool.

A year and a half.

Yes, on the SFOS Version 15, I had to upgrade the firmware of an appliance since it had a problem with the JAMVM process (an apparently known issue in which that process consumes almost all of the CPU resources).

No.

I would say that Sophos Brazil has an excellent support team.

No.

It was very straightforward. And I credit that to the great job Sophos did on its OS interface, providing different ways of accessing the same option, hiding some of the complexities of a firewall system, and deploying it with many pre-built policies, objects and rules that for most of the environments makes it unnecessary to spend hours tuning the system.

Sophos is clearly trying to position itself as the market leader in the UTM niche. One way they are doing this is by having an aggressive pricing policy and this makes it a good moment to start using their products.

Yes, FortiGate.

Try to have the help of a Sophos Partner for the correct sizing and purchasing of an adequate licensing bundle.

In addition, I would recommend having a PoC in place in order to make sure that the solution is what the organization needs.

It is important to notice that the XG is available for a 30 days free trial and that there are virtual appliances available for the main virtualization platforms on the market.

For one, its ease of use is the most valuable feature. It's very easy to look at the logs and troubleshoot issues as they arise. Things just make sense and it is a very intuitive interface.

It is easier to use than Cisco ASA, so it has reduced our SLAs by a considerable margin.

The VPN and central management need to be improved, but that's being nit-picky.

The IPsec VPNs are a little on the buggy side and you sometimes have to jump through hoops to get it to work. When I looked at them last, they were still in development for the centralized management of the firewalls, so when I saw it, it was very much in its infancy.

One more thing to add to what they can improve is the firewall policy presentation, they have their own special way of doing it which takes time for some to get used to, especially if you’re used to Cisco ASA.

I have used this solution for about a year.

There were no stability issues.

There were no scalability issues, it is very scalable.

I would rate the technical support a 10/10; they are very professional. I know a couple of those guys over there on a first name basis.

Previously, we were using another solution. However, we switched as we needed to upgrade our infrastructure.

The setup was pretty straightforward. They had someone come in, walk us through it and train us on the platform.

Get the professional support contract; it is well-worth it and those guys know their product very very well.

It is a very solid product, easy to use and implement.

It's primarily for on-premise firewall functionality and functionality of internet lines.

The appeal to our IT team is that this is an easy to deploy, user friendly, and easy to work with solution that includes antivirus software.

I'd like to see a more simplified functionality for our customers. We also had a negative experience with the sales team of Sophos, which offered a three-year renewal to our customer. We'd suggested one year, keeping the customer's cashflow in mind and Covid. The result was that it affected our credibility with the customer. These are some of the irritants in the sales policy.  

I've been using this solution for four years. 

The solution is stable. 

We have deployed it for 100 users to date, so it's quite scalable. We mainly work with small and medium size organizations. 

The implementation is straightforward. It depends on your environment, and the number of users as well as the complex rules you're making. That aside, it is easy to deploy.

I rate the solution eight out of 10. 

We use this solution as a firewall for everyone to connect to the internet.

We protect ourself and we use it as a VPN to connect to the internal network. 

It is improved significantly. 

It is simple to use.

The interface should be changed. It should be more user-friendly.

They should also update the policies and statistics because Fortinet is better, but Sophos could grow.

In the next release, I would like to see improvements to simplify the interface and more policy deployments.

It was Cyberoam and we upgraded to Sophos XG. We have been using Cyberoam for more than 10 years and more than one year with Sophos XG.

We were on version 17 and have just upgraded to version 18.

It's stable. We have no problem at all with stability or with Sophos XG.

Its high availability is fine, it's good. It's scalable as well.

 We have approximately 500  employees using this solution.

We will continue and increase our usage of this product.

We had one issue with Cyberoam, but it was upgraded with Sophos. They helped us, but it takes a bit of time to resolve it but it's fine. 

We also use Fortinet FortiGate for large locations. The Fortinet usage is completely different than Sophos. Sophos is simple, but I prefer Fortinet.

It's easy to install. 

It takes the team one hour to launch it.

We have a team of 15 people to deploy and maintain this solution.

We completed the installation ourselves.

We purchased the technical appliances for on-premises.

We have our license for three years.

Yes. Fortinet. However the price is much better to Fortinet.

I would recommend Sophos XG to others, but it would depend on their capacity.

I would rate Sophos XG a seven out of ten.