Sophos XG Reviews

We use this product to protect all of the connections to our sites and for web filtering.

The most valuable feature is web filtering.

The behavior with the zones was a little bit tricky to understand and the beginning of the project.

Sophos XG is difficult to manage and it is difficult to understand when you first begin.

The reaction time of the GUI is terrible when compared to other manufacturers. 

We have been using Sophos XG for about a year and a half.

This is a stable product, although the web GUI is slow. We plan to use it for another couple of years.

This is a small site, and we have 15 users.

The initial setup for Sophos XG was not straightforward. We already had experience with Sophos UTM, but they are completely different systems. The deployment took us one week to complete.

We deployed this solution in-house.

I now have a proof of concept with a FortiGate firewall and we are trying some test cases on it.

For now, this is not a product that I can recommend.

I would rate this solution a six out of ten.

We use this firewall as part of our security solution.

The most valuable feature is the intrusion prevention system.

The two main areas where this product needs improvement are routing and reporting.

The security can be improved, as well.

I have been using Sophos XG for more than two or three years.

Stability has not been a problem for us.

I am satisfied with the scalability.

The technical support from Sophos is excellent.

I previously used the Microsoft Firewall. It is easy to use but it doesn't the IPS and malware detection capabilities that Sophos has.

The initial setup and configuration are not difficult for somebody with firewall experience. However, for somebody who has not worked on one in the past, it will be complicated.

We had assistance with the deployment.

The price is cheaper than that of some competing vendors.

Prior to implementing Sophos, I tried using a solution by Fortinet. However, it was much more expensive.

My advice for anybody who is implementing this solution is to ensure that somebody with firewall experience handles the deployment.

Overall, I find that this is a good product. That said, there are improvements that need to be made in the routing, reporting, and security.

I would rate this solution a seven out of ten.

We are going to be hosting our own website and we are using the Sophos XG because we want to make sure that it is well protected. We also want to make sure that the rest of our LAN is not compromised.

In addition to using this firewall ourselves, we resell the product to our customers. We have a well-trained team that can perform the implementation and deployment.

Our network is now much better protected than it was. If you don't have your network and your infrastructure secured, as a business, which is about more than just putting a firewall in place, then you're asking for trouble. There is a lot of hunting going on, and it's not just the large corporations. It's the small businesses, too.

The most valuable feature is that it scans all of the data for any kind of malware.

It logs everything that goes in or out, and the logs are helpful.

The simplicity of the setup is very good. I can add whatever ports I need and it's pretty easy to set up.

It would be helpful if they had a set of standard templates because it would assist in the beginning, when you are just getting started. They do have a template, but I mean specifically for different use cases. For example, an existing template for setting up a web page would suggest what kind of security we need to have in place. They do have help menus and videos, but additional templates would be useful.

I have been using Sophos XG for about eight months.

The stability has been rock solid and it hasn't gone down once.

For me, there is essentially no limit when it comes to scaling. I have never used all of the connections but the limitation is between 50,000 and 200,000. I would say that scalability is enormous. If we had a bigger network then I would probably get a bigger Sophos.

At this point, we're just starting and only have three or four people who are regularly using it.

The technical support is awesome.

We did have a Cisco router prior to using Sophos XG, but I don't know much about Cisco or how to get it operational. I also realized that it was getting old, so we switched to a high-end Sophos model. With malware in this day and age, where we have a 6000% increase in the number of malware attacks compared to two years ago, we wanted to be well protected.

The initial setup is straightforward. If I can do it then anyone can do it. The deployment took a couple of hours. Because we are new to this type of solution, our strategy will be to begin by blacklisting everything and then whitelisting only the things that we need.

Our in-house team handled the implementation and deployment. We have more than 200 people that are very well trained, so we can set up pretty much anything. 

We paid for our licensing for three years, upfront, and there are no costs in addition to the standard fees.

I evaluated several options and sought out advice before selecting Sophos XG.

I am happy with this solution, which is one of the reasons that we are selling it. I don't like to sell or recommend things that I have not used. I have tried a lot of the features but I would say that there is a lot more potential I haven't even tested at this point.

I would rate this solution a ten out of ten.

We are a managed service provider and the primary firewall that we sell and maintain is Sophos XG. It is also used in the company.

The most valuable feature is that it is a next-generation firewall.

The fact that it is integrated between endpoints and the firewall, and then the firewall and a central Sophos operation center, is very good.

The cloud-based interface makes it easy to manage.

The integration with the Intercept X approach means that Sophos XG can do things that none of the others are doing.

The main area that needs improvement is the documentation.

Sophos needs to be a little better at communicating with partners about changes, issues, patches, and so forth. 

The weakest point is the technical support because they are difficult to get into contact with.

We have been using the Sophos XG series for three years.

This solution has been very stable and it's a good product, otherwise, I wouldn't be using it.

The technical support team is knowledgeable and they are good, although it is very hard to get a hold of them. You sometimes have to wait in queue for over an hour to speak with somebody. To me, that is the most frustrating thing about Sophos.

We did not use another similar solution prior to Sophos XG. Since the MSP business started, it has been our primary firewall product because of the pricing and support.

The initial setup is complex, as is setting up any next-generation firewall today. You have to know what you're doing with firewalls in general, although beyond that, it isn't as bad as some of the firewalls that I have seen.

The deployment typically doesn't take longer than a few hours or a day, depending on the type of client and what it is that we have to do.

The Sophos pricing, in general, is better than SonicWall, Fortinet, WatchGuard, or anybody else. Because of the partner program, the pricing I get is extremely good compared to what I would get from any of the others.

I have evaluated several firewall products and I think that Sophos is better in terms of ease of use, performance, and pricing.

I would highly encourage others to evaluate Sophos and adopt it. I've discovered that compared to other products, it is easier to manage and I think that it operates better.

Overall, I think that they've got a pretty complete set of features and they seem to be on a really good path. My only complaints are about the documentation and the availability of technical support. 

I would rate this solution a nine out of ten.

I was using the Sophos XG firewall in my last job, where it was part of our security solution.

We had multiple locations with the internet being provided from a central location. Each of our locations was connected point-to-point using MPLS lines. Using Sophos meant that we didn't need to have a router.

The default templates are helpful because if you want to create new policies, they make it easy to do anything you want.

Sophos XG is a very robust technology.

This solution is very user-friendly and even a non-professional can configure the policies.

There are unlimited SSL VPN clients and it is free with Sophos.

The cloud support needs to be improved. As it is, they only have support for Microsoft Azure. They should expand it to include providers like Amazon and Alibaba.

I have not heard complaints of bugs or glitches occurring.

Sophos is a scalable technology that is being regularly updated.

I have been in contact with technical support many times and they are very good.

Currently, in my new company, I am using Fortinet. This is a very basic firewall and ultimately, I would like to update them.

The initial setup is not complicated. For somebody with an intermediate level of knowledge, it will take between three and four hours to deploy. For a more experienced person, it may take two or three.

I am currently in the process of evaluating the different firewalls that are available in India.  One of the options is Sophos, and I am also considering others such as SonicWall and Palo Alto.

With Fortinet and SonicWall, there is a limit of 10 people who can simultaneously connect using the VPN.

Sophos XG is a firewall that I would recommend for people who are looking for good security in a medium-scale organization.

I would rate this solution a nine out of ten.

We use the solution for application control and web filtering. We also use it as a VPN point, and we use it on other occasions for tracing and reporting about usage and high application rates.

We are able to trace any user and pinpoint any vulnerability or any malicious software. We are able to synchronize between the local and active directories so we can catch users easily through their login names and IDs.

The reporting on the solution is excellent.

There needs to be a way that we can distinguish between educational institutions on Youtube and other Youtube videos. You can do this on Fortinet. Basically, they can block all other Youtube videos besides those that are from educational institutions. With Sophos, you either allow for all Youtube videos or none at all. They need to allow for more specification on different websites.

They only have one single location for training videos. They must offer them elsewhere as well. When the site goes down, everything stops, and you can't access the videos when you need them, so they need to diversify that. It's limiting.  

The stability of the solution is excellent.

The scalability is good. We could only handle around 5,000 users but even when we reached 3,000 users, Sophos only consumed around 24% and 40% of Prime usage. 

The solution's technical support is not the best. When I take a step to open a case with Sophos support I can't understand them at all; I can't understand their accent. I always appreciate if they can communicate with me through e-mail instead, which makes it much easier. 

Many cases take a long time to be resolved. Some cases they seem to ignore or don't reply to for a long time so I have to remind them that the case is still open before they will respond. 

The initial setup was straightforward. The implementation took about a day. There were only two people needed for deployment.

We had a consultant assist with the setup. They were very good.

We use the on-premises deployment model.

I would rate the solution nine out of ten. It's a very good firewall. It helps a lot with protection, and every organization needs a firewall to ensure they are protected.

We primarily use the solution internally in our company and we also deploy it for our customers.

We have many Sophos solutions that we use together. We use Sophos UPM and Sophos XG. Next, there are just firewalls. The Sophos UPM is the basic firewall; Sophos XG is a mix of Cyberoam and Surface (Sophos acquired Cyberoam three years ago). We use all the features within these solutions and we have a full set of licenses. They offer IPS, IBS, BPM, web publishing, web protection, etc. We're using everything. 

They should expand their DDoS feature. It's basic. They need to enhance it.

Technical support needs to be improved.

The solution needs a mobile application for the administrator. Today, as an administrator, you cannot manage the solution from your tablet or from your mobile. You can only go through a web console. Other vendors have mobile apps. Some vendors also have the ability to manage and check the chart report and change some settings from a mobile application. This would be an excellent add-on for administrators who are traveling. It could help a lot. 

For the past seven years, we haven't had any issues with the hardware or software. It's stable. If a customer misconfigured it, they might face issues. Out of the box, however, it's stable; it is an appliance that customers can depend on.

The solution is scalable. Sophos has plans for customers who want to upgrade or add another appliance in the same environment. As a customer, I've deployed to as many as 300 users or as few as 30.

Technical support isn't as good as it needs to be. In most cases, these days, the partner has to work hard to support the customer. The response time and the experience of the support team are not as expected. As a partner, we've never opened a case. Our customers, however, have told us they have had issues.

The solution is straightforward. Deployment took about 30 minutes.

Price-wise the solution offers acceptable rates. You can find cheaper solutions on the market, but when you go cheaper you have fewer features. Today, based on iQuate market the price is very reasonable and affordable, and it's good if you get a good discount. Discounts can be offered by the vendor. If it's a competitive upgrade which means the customer is upgrading from another vendor, Sophos provides extra discounts so they can win the deal. In general, it is a good price.

We are a Sophos partner. We both use the solution and recommend it to clients.

Compared to other competitors, I'd rate the solution nine out of ten. However, for very large enterprises, the largest firewall appliance from Sophos might not be enough for thousands of users. If I was rating the solution for enterprises, I would rate it eight out of ten because of this. 

I would recommend the solution, however. We often recommend the solution to our clients and it works very well for them.

I use the solution as my endpoint firewall and at the same time, I use it for load balancing and spillover.

What I like the most is the reporting. 

The integration with the Sophos firewall is brilliant. I don't need to be physically present in the office. I can monitor everything from Sophos Central. That is a great feature and it's one thing that I really appreciate about the solution.

I like the fact that it can self remove malware and do updates on the cloud via Sophos Central.

The interface is good.

Although I enjoy the reporting elements of the solution, it can still be improved. I still can't drill down. There is some information that I would really, really like to see, but I still can't access it.

On reports, they sometimes give a summary, but it lists different users as unknown. There are times that I really want to know which user or which IP is causing a problem. 

There is something that have observed and I don't know what exactly the problem is. Right now, from my ISP I'm supposed to have unlimited bandwidth, but I observed behind the firewall my bandwidth seems low. I'm not exhausting what I have from my ISP. I've checked the TOS and there's no limit. When I spoke with one of the resellers they said that they too had experienced it before and that probably I should restart the device.

That they observed that the clients that restarted had their internet service improve. I don't think that is a good solution. I don't want to have to restart my device to have the internet service improved.

I've checked the setup. I even checked with the reseller, who told me everything is okay. I've gone for XG training. Even after the XG training, I've gone back to look at my setup. I can't see anywhere the bandwidth is being shared. I'm not sure if it's the device itself, but I've checked everything.

The scalability is okay. We have about 200-250 users.

Technical support can be improved upon. There are times that I've had some issues that I've tried escalating in technical support and it takes a while before we really get it resolved. 

Once I was getting a particular malware from an unknown source on one of my servers which was behind the firewall. I asked their support why. Later they advised that I should install Intercept X for servers on that particular device. I was confused about how it was behind a firewall; the firewall should be able to detect which system is getting infected. The system doesn't really go to the internet and nobody browses on it. The only thing I could imagine that could cause it was a Windows update. If it was from an update they least it should have been able to say, "Okay, it was from this particular update that this malware was filtered in."

Out of ten, I would give their service a five.

The solution we were using previously was Cyberoam.

The Cyberoam device was about five years old and had started malfunctioning. It wasn't giving us the output it had previously provided. At that time, Sophos had already bought Cyberoam. We had the option to either upgrade the OS to a Sophos OS or to a Sophos device.

We decided to go for a Sophos device since the Cyberoam device was already problematic.

The initial setup is straightforward.

I used a reseller to assist with implementation.

We pay on a yearly basis. 

We have Sophos XG, but we also have Intercept X for our endpoint and recently we just deployed Intercept X for the servers. I've not done a calculation of the costs of all three to know what my yearly maintenance costs would be.

Once you have basic networking skills and firewall management it's easy to set up. With Sophos Central, I think it's a good solution for any IT department.

I would rate the solution eight out of ten.

As it is now, the solution is good, but I believe that there's still room for more improvement. I still believe the reporting could be improved. Sophos, from my experience, seems to affect my bandwidth. I didn't set any limit, so I don't know where that is coming from, but it's something that we've noticed with the XG.