Try our new research platform with insights from 80,000+ expert users
PeerSpot user
Technical & Pre-Sales Manager at GateLock
Real User
Multifaceted security protection to protect us and our customers
Pros and Cons
  • "All of the features are amazing, especially Sandstorm, which prevents bad traffic or downloaded files from reaching our customers' and partners' networks."
  • "Network security is in need of improvement."

What is our primary use case?

This solution is implemented for medium and large enterprises to protect their network from attacks and to filter the web traffic through web protection and application protection modules.

This solution includes Email protection, IPS, Antivirus gateway, ATP, Reporting, VPN, Sophos Wireless controller, load balancer, WAF, and traffic shaping.

How has it helped my organization?

  1. It's protecting our networks from threats.
  2. Block URLs and web applications based on business needs.
  3. Not expensive when compared to other vendors, with a great added value.
  4. Impressive synchronized security with its endpoint solution.

What is most valuable?

All of the features are amazing, especially Sandstorm, which prevents bad traffic or downloaded files from reaching our customers' and partners' networks.

What needs improvement?

Network security is in need of improvement.

Buyer's Guide
Sophos XG
July 2025
Learn what your peers think about Sophos XG. Get advice and tips from experienced pros sharing their opinions. Updated: July 2025.
865,384 professionals have used our research since 2012.

For how long have I used the solution?

I have been using this solution for five years.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Support Services Manager at a wholesaler/distributor with 51-200 employees
Real User
An easy to use firewall solution that improves our security
Pros and Cons
  • "The solution seems pretty stable. We've had no issues so far."
  • "It's easy to use, but it's hard to configure exact settings. They need to make it easier to access advanced features."

What is our primary use case?

We use the solution mainly as a firewall.

What is most valuable?

The solution improves security.

What needs improvement?

It's easy to use, but it's harder to configure when you want detailed settings. They need to make it easier to access advanced features.

For how long have I used the solution?

I've been using the solution for three years.

What do I think about the stability of the solution?

The solution seems pretty stable. We've had no issues so far.

What do I think about the scalability of the solution?

We haven't had to scale anything so far, so I'm unsure about the scalability of the solution.

How are customer service and technical support?

I've never had to deal directly with technical support.

Which solution did I use previously and why did I switch?

We did not previously use a different solution.

How was the initial setup?

Implementation is straightforward. The only thing that was difficult was that we had some special cases and we had to dig in a lot to find the information for accessing very specific features. Deployment took about a week, however, we did about 6 months of research beforehand. You can deploy the solution with maybe one or two people, but we used five. We only need one person for ongoing maintenance.

What about the implementation team?

We handled the implementation ourselves.

What's my experience with pricing, setup cost, and licensing?

We don't have any costs above the licensing of the solution itself.

What other advice do I have?

We are using the on-premises deployment model.

The solution is easy to implement, however, if you do decide on this solution, I would make sure that you have someone that has experience with this kind of solution or to hire someone to implement the solution properly. It will make everything much easier in the long run.

I would rate the solution 9.5 out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Sophos XG
July 2025
Learn what your peers think about Sophos XG. Get advice and tips from experienced pros sharing their opinions. Updated: July 2025.
865,384 professionals have used our research since 2012.
it_user736143 - PeerSpot reviewer
Operations Manager at iBound
Real User
Excellent endpoint protection and easy filtering but needs a slightly better UTM
Pros and Cons
  • "The filtering is very easy to do. You can segment and create profiles for usage very easily."
  • "The UTM itself needs improvement. When you're navigating it seems like it takes forever to load anything. The hardware is okay. It's just the software that could be more responsive."

What is most valuable?

The endpoint protection plan is the most valuable feature of the solution. 

The filtering is very easy to do. You can segment and create profiles for usage very easily.

What needs improvement?

The UTM itself needs improvement. When you're navigating it seems like it takes forever to load anything. The hardware is okay. It's just the software that could be more responsive. 

For how long have I used the solution?

I've been using the solution for four years.

What do I think about the stability of the solution?

We do updates periodically, but the solution is very stable. We haven't had to go back to the site to reconfigure it or anything like that.

How are customer service and technical support?

At the moment, we haven't had a reason to contact technical support.

How was the initial setup?

The initial setup is very straightforward.

What about the implementation team?

We implemented the solution ourselves.

What's my experience with pricing, setup cost, and licensing?

We tend to go for the bundle because it's pricing is competitive. If a unit comes out and they bundle the hardware with the software, it seems to work for us. I've seen that with future upgrades coming up, that features like this will be taken away. The option to get a combo with hardware means the software portion is mostly free, and then you pay upfront for the three-year license for everything.

However, with the changes, I don't think that's going to be available anymore. It might sway our clients away from Sophos. Maybe there's something that can be worked out. Other than that, we've been happy with the price. It's competitive if you compare it to the competition, from a price point of view.

What other advice do I have?

We use a variety of deployment models, including public cloud, private cloud, and on-premises.

For what we are using the solution for, its practically perfect. We don't need other features added. The solution offers exactly what we need.

I would rate the solution seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer. Partner.
PeerSpot user
PeerSpot user
Network & Hardware Administrator at Nile Projects & Trading Co.
Real User
Top 20
Secure and stable tunnels with web filtering and application control give us confidence in our security
Pros and Cons
  • "It gives me a very good, stable connection in all tunnels."
  • "I would like to have remote access to clients using a static IP for a certain period of time."

What is our primary use case?

We use this solution for connecting site-to-site and client-to-site VPN for two protocols, IPsec and SSL VPN. We use encrypted tunnels to achieve fully secure connectivity between sites and clients.

It gives me a very good, stable connection in all tunnels.

How has it helped my organization?

Of course, it improves my organization to achieve fully secure connectivity between sites and clients.

It has a good web filtering database and a good application control database in addition to intrusion prevention. Together, these give me confidence in our security.

What is most valuable?

All of the features in this solution are good. The most valuable is the IPsec VPN tunneling and SSL VPN tunneling, both site-to-site and client-to-site.

The log viewer is extremely helpful for analyzing all incoming and outgoing traffic.

What needs improvement?

I would like to have remote access to clients using a static IP for a certain period of time. This would allow me to log in to any client, remotely, with a known and fixed IP address.

For how long have I used the solution?

We have been using this solution for five years.

Which solution did I use previously and why did I switch?

This is the first solution that we implemented.

What's my experience with pricing, setup cost, and licensing?

It's a suitable price and license.

Which other solutions did I evaluate?

We did not evaluate other options before choosing this solution.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
SherifFouad - PeerSpot reviewer
ICT Manager at a mining and metals company with 1,001-5,000 employees
Real User
Top 20
Gives us customizable policies, modifiable templates, and customized rules for single users
Pros and Cons
  • "It has a very friendly interface like the Cyberoam iNG units, it has customizable policies, it has proper templates that you can even modify, and you can customize the rules, down to each single user."
  • "The dashboard is customizable as well. It gives you the feature of including what you need to see as soon as you open the dashboard and to remove the non-necessary stuff, which varies from one organization to the next and from one IT manager to the next. And it has a wide variety of reports as well, template and customizable reports."
  • "Let's say I set up a rule to block users from accessing YouTube or Facebook. The rule will only block the HTTP traffic, which is non-secure traffic... The problem comes when you are trying to block, or allow, similar traffic that uses HTTPS. You have to create a certificate and import it into the users' web browsers, whatever they are using... The problem occurs when you're dealing with roaming users who use laptops and have to move between different sites that have different types of policies applied to them. You have to import all sorts of certificates from each site into their browser. Doing so will most probably conflict with something else that is totally irrelevant and cause a problem."
  • "Since Sophos took over Cyberoam, the online technical library and support library have become super messy. To get a piece of information is becoming a nightmare. They need to reorganize the online technical support and technical library."

What is our primary use case?

It's being used as a UTM, no firewalling. So it acts as a bridge. It doesn't provide the IP services, it doesn't provide DNS, it doesn't provide DHCP services, and it doesn't operate as a router or a point of mapping. It's only being used for filtering: Web and application filtering, as well as antivirus. I usually disable the anti-spam on all those units, because I have a gateway anti-spam server in place.

What is most valuable?

The web and application filters, as well as the quality of service. It has a very friendly interface like the Cyberoam iNG units, it has customizable policies, it has proper templates that you can even modify, and you can customize the rules, down to each single user.

It gives flexibility in the rules and the filters that you apply, based on, for example, the level of usage and the managerial level, etc. It's highly customizable.

The dashboard is customizable as well. It gives you the feature of including what you need to see as soon as you open the dashboard and to remove the non-necessary stuff, which varies from one organization to the next and from one IT manager to the next. And it has a wide variety of reports as well, template and customizable reports.

What needs improvement?

The major problem that I am facing, and I know that others are facing as well, is with the HTTPS classic, in general, or any classic that works on Secure Socket Layers. Let's say I set up a rule to block users from accessing YouTube or Facebook. The rule will only block the HTTP traffic, which is non-secure traffic. But most websites right now, most of the reputable web services providers, for extra security for their own web servers and for the user's security, provide a connection over Secure Socket Layer.

The problem comes when you are trying to block, or allow, similar traffic that uses HTTPS. You have to create a certificate and import it into the users' web browsers, whatever they are using. Now, this is not a problem when you're dealing with users stationed and fixed in a specific site or location. They are using desktops, they will never take the desktops and go home with them, nor will they ever take the desktops and travel to another country, or another site with it. The problem occurs when you're dealing with roaming users who use laptops and have to move between different sites that have different types of policies applied to them. You have to import all sorts of certificates from each site into their browser. Doing so will most probably conflict with something else that is totally irrelevant and cause a problem.

A way around this is if you are using authentication with Active Directory. But most of the time, especially if you're operating in a remote site with a very slow internet connection, if it's available in the first place, authentication with Active Directory is impossible. 

So it needs an easier way to apply HTTPS filters, without importing certificates into users' browsers and without the need for using an Active Directory. There must be a way around it. There are workarounds. But with applied workarounds, it will work out once, it won't work out properly 10 other times. That is my only request.

Also, since Sophos took over Cyberoam, the online technical library and support library have become super messy. To get a piece of information is becoming a nightmare. They need to reorganize the online technical support and technical library. The easiest way to overcome this is to look at how the Cyberoam online technical library was structured and to build the Sophos technical library the same way. It is messy, totally unorganized, time-wasting. Instead of getting what you want in five minutes it takes half an hour.

What do I think about the stability of the solution?

Stability is good. I was so happy with the Cyberoam iNG unit, and I think the Sophos XG series is exactly the same as the Cyberoam iNG unit. It's a very good unit for a smaller or medium business. It's very stable and it takes overload easily, so it can add to the throughput. It has versatility, it will support extra users, it will support extra bandwidth, to a limit, and it keeps on working as a monster. I have barely replaced any of those units through the years.

What do I think about the scalability of the solution?

Scalability is brilliant.

How are customer service and technical support?

I usually deal with one of the major partners in Egypt. The name is Gateworx. I've been dealing with those guys since my previous company, back to 2002. Even when we're buying devices that will be used in other countries outside of Egypt, we get them from them.

They provide outstanding technical support and they provide outstanding pre-sales services. If I require a device to be delivered to a country outside of Egypt, they contact the partner directly and they set up everything, and I get the hardware delivered. They are outstanding.

This is one of the major reasons we didn't look at another UTM or firewall through the years. These guys were a proper representative of Sophos and Cyberoam.

Which solution did I use previously and why did I switch?

I've used heaps of them through the years. I've used Fortigate, which is now Fortinet. I've used Websense, they issued something like that years ago. ISS issued something like that years ago.

Sophos UTM, along with Cyberoam UTM, since they are both the same - it's only a different interface and a different hardware look - they provide the best value for the money. You get the best features for the best cost. They are the best, to a certain limit for a certain usage. I never use any of those units as a firewall. What I usually do is, I have an edge firewall responsible for routing, switching, and firewalling. And then I deploy the UTM behind it, only for filtering.

The most important criteria when selecting a vendor include getting the best features that you can get for an equivalent cost, so you're paying for what you're getting. You don't want to be paying for the name or the brand or the reputation of it. Also important are pre-sales services and "1000-percent" technical support services, in the environment and the remote areas we operate in, the warranty services as well.

How was the initial setup?

The setup is straightforward. But what could be a straightforward setup for me might be complex for others. It depends on your level of experience, the training that you got, and the engagements.

They have a setup wizard, and I have had heaps of technicians, over the years to set it up, even initially.

Which other solutions did I evaluate?

I was looking at either Cyberoam iNG or Sophos XG.

What other advice do I have?

My advice would vary based on your requirements. If you have a dedicated edge firewall, like Cisco ASA, you should get Cyberoam iNG and Sophos XG. They will do the job brilliantly. They will take the load, they will do a fantastic job.

If you are looking at units that will do both jobs - being an edge firewall and a UTM at the same time - with routing features, if you are going with Cyberoam and Sophos XG, I'd always recommend that you buy a higher model than what will meet exactly their requirements. So let's say that I'm looking at features that could be fulfilled with an XG 125 or 115, but I want to use the same unit as a firewall. I'd step up and buy an XG 135. You will always need those extra machine resources when you're providing routing, switching, and firewalling as well. Both of those products provide the best support ever, for the money being paid.

I rate it at eight out of 10. It's not higher because of the HTTPS issue that I told you about. That's my major issue. That's a super-disastrous issue that, unfortunately, cannot be solved easily.

And, sometimes we'll get a specific detailed report, stressing a certain aspect and it's not straightforward. I'll be able to do it, but then I'll have to combine or merge more than one, two, or three reports to get the results that I want. So more specific reports would be good. But then, again, there is a work-around by customizing the reports you want and then getting several reports and comparing them together. It's workable. My only issue is trying to save time, administration time is an issue for us.

But other than that, I'm happy. The product is brilliant, support is brilliant.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
it_user846270 - PeerSpot reviewer
Senior IT Infrastructure Solutions Engineer at a tech services company with 51-200 employees
Real User
Cloud portal allows me to manage firewall from any location; interface is user-friendly
Pros and Cons
  • "Valuable features include: the ease of setting up the VPN connection; the fact they have the cloud management option, so I can manage the firewall on a cloud platform from anywhere I am; the user interface is very user-friendly, so it's very easy for the administrator to make any policy changes."
  • "I would like the update process to be easier, to update the firmware of the boxes. I think it's much better automatically than having to do it manually: Download the file, do network discovery. I they can make the update process much more automatic that would help."

What is our primary use case?

We use it for VPN connectivity with remote sites, as well as general IPS and IDS.

It's a satisfactory solution so far, no problems. It's very easy to use, and we have technical support for any issues, so it's quite good.

How has it helped my organization?

It's cost-effective. We are not that big a company. It gives us the features that we need.

What is most valuable?

  • The ease of setting up the VPN connection. 
  • The fact they have the cloud management option, I can manage it on a cloud platform. So anywhere I am, I can always manage the firewall.
  • The user interface is very user-friendly, so it's very easy for the administrator to make any policy changes.

What needs improvement?

I would like the update process to be easier, to update the firmware of the boxes. I think it's much better automatically than having to do it manually: Download the file, do network discovery. If they can make the update process much more automatic that would help.

What do I think about the stability of the solution?

The stability, so far, is actually quite good. I think the only issue we have had is some flapping on the connection, but it was a bug. The support is quite good, so the issue was resolved in no time at all. We have not had many issues at all. It's been working fine.

What do I think about the scalability of the solution?

I don't think this applies in our own case because we just bought the medium-range box, so it's adequate for our needs.

How are customer service and technical support?

It's very good, very responsive, and they resolve our issues in no time at all.

Which solution did I use previously and why did I switch?

We were previously using a different solution, a Cisco ASA firewall, but it was not a next-generation of firewall, next-generation meaning it can do unified threat management. We wanted a new solution that would also give us next-generation features, like anti-malware and end-point management and the like. That informed our choice of Sophos.

When selecting a vendor, the stability of the solution and then the technical support are very important. Also, the cost-to-reward ratio, the value we get from the product compared to what we pay for it. In addition, ease of management; how easy is it to manage? If it's too complex to manage it's a problem because you don't want to spend too much time managing it.

How was the initial setup?

It was completely straightforward, but our internal network is not that complex.

Which other solutions did I evaluate?

We evaluated Sophos vs Fortinet and Sophos vs Cisco

The cost of Sophos was more competitive compared to the rest. We also considered the management and it was easier to manage than the rest. That's how we came to our conclusion.

What other advice do I have?

I would rate it an eight out of 10. I don't rate it "perfect" because it can always improve. But the features that come along with Sophos are very, very extensive. It gives me so many options, the ability to remotely manage my firewall from anywhere, given the cloud portal. The solution hasn't given us too many problems at all, and even when we did have an issue, it was resolved.

My advice is to take advantage of the trials, they have a trial on their website where you can see how the cloud management works; you can have a free account for one month and play around with it and see how easy it is to manage. That way you can know if it can handle the services you are going to require. Take advantage of training on their website as well. Check the industry ratings, they are pretty highly rated.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
MelvynLee - PeerSpot reviewer
MelvynLeeNetwork Cooperations at STEVENSON ASTROSAT LIMITED
Real User

Good advice. Thanks. I am currently coparing the Sophos XG125 against the Fortigate 60E. Both close on performance and facilities but I suspect Sophos is going to be cheaper.

PeerSpot user
IT Infrastructure & Security Manager at a university with 1,001-5,000 employees
Real User
Firmware flexibility allows us to run multiple rules with different configurations
Pros and Cons
  • "The most valuable feature, according to the setup we have at our work place here, is the flexibility of the system or the firmware that's running the appliance. It's so flexible, performing multiple rules with different configurations. According to the set up here, we need to implement several firewalls with different access levels, because we have a variety of users. For this requirement, it's very flexible and very easy to use."
  • "It is performing well. However, the only challenges that we are facing are the effectiveness with blocking the proxy and tuneling applications, aside from proxy and similar applications. So the application filter on the product is not really performing 100%. Every now and then there are some updates that are happening on such applications, and it takes time until it gets the appropriate updates and becomes capable of capturing such applications and blocking them. A new feature I would really like to see would be some sort of an enhanced application filter with greater efficiency when it comes to the applications that can bypass firewall policies. These applications are really a nightmare. Once they are on the network and not detected, or the appliance is not really successful in capturing them and unblocking them, the bandwidth gets wasted all the time."
  • "Scalability it is a bit limited. We did a sizing exercise before the purchase. But that was just to fit our current needs. There was no room for having an option to upgrade the device. The only option that we have if we are grow in the near future, is to go for another model with higher specs, which is actually more expensive. In other words it doesn't have that modularity ."

What is most valuable?

The most valuable feature, according to the setup we have at our work place here, is the flexibility of the system or the firmware that's running the appliance. It's so flexible, performing multiple rules with different configurations. According to the set up here, we need to implement several firewalls with different access levels, because we have a variety of users. For this requirement, it's very flexible and very easy to use.

What needs improvement?

It is performing well. However, the only challenges that we are facing are the effectiveness with blocking the proxy and tuneling applications, aside from  proxy and similar applications. So the application filter on the product is not really performing 100%. Every now and then there are some updates that are happening on such applications, and it takes time until it gets the appropriate updates and becomes capable of capturing such applications and blocking them.

A new feature I would really like to see would be some sort of an enhanced application filter with greater efficiency when it comes to the applications that can bypass firewall policies. These applications are really a nightmare. Once they are on the network and not detected, or the appliance is not really successful in capturing them and unblocking them, the bandwidth gets wasted all the time.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It's stable. So far we haven't experienced any instability issues with. 

What do I think about the scalability of the solution?

As for scalability, I think it is a bit limited. We did a sizing exercise before the purchase. But that was just to fit our current needs. There was no room for having an option to upgrade the device. The only option that we have if we are grow in the near future, is to go for another model with higher specs, which is actually more expensive. In other words it doesn't have that modularity feature. 

How are customer service and technical support?

From time to time I use technical support provided by the seller and sometimes I use the online support, but not that much actually. It has only been for a very few issues. And the support I have received is not bad.

Which solution did I use previously and why did I switch?

Before Sophos there was mix of various legacy solutions that were not really considered firewall grade. The only specific thing that was used was a software-based firewall, but it was used on a very limited scale and only temporarily.

How was the initial setup?

It was very straightforward. 

Which other solutions did I evaluate?

The other vendors on the list were Fortinet and Palo Alto. Although it was really great with outstanding features, Palo Alto was far beyond our budget. And as for Fortinet, I was not really happy with the ease of use of the firewall and the features that were coming with it. Sophos was better compared to Fortinet.

What other advice do I have?

When it comes to selecting a vendor I think the most important thing would be the level of support and how fast they can respond in critical cases.

I would rate Sophos at eight out of 10. I cannot give it the best rating because there are the issues that I mentioned, and I believe there are other products on the market that are much better, like Palo Alto. And there is another product that I've come across recently, which is called Clavister. It's a Swedish product, if I'm not mistaken. They are current with features and have more stability. So for Sophos, it would be the appropriate rating for the time being, unless they come up with some new features and add some enhancements.

There is no straightforward advice in this case because there are many factors that may limit the person who wants the solution. Budget is an issue. If you don't have any budget limitations I would recommend going for Palo Alto. If not, consider Sophos or Clavister.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
it_user431136 - PeerSpot reviewer
Consultant Information Technology at a tech company with 51-200 employees
Real User
Efficiently protects against malware attacks, gives visibility into ports, apps, and websites
Pros and Cons
  • "My clients gain efficiency in protecting against attacks from malware such as ransomware and hacker attacks. It also provides them efficient internet access control, and full visibility of ports, applications, and websites."
  • "Excellent product, meets most of the security needs of companies of various sizes. You can buy it without fear."
  • "It could offer a DNS Filter for blocking botnet networks."

How has it helped my organization?

My clients gain efficiency in protecting against attacks from malware such as ransomware and hacker attacks. It also provides them efficient internet access control, and full visibility of ports, applications, and websites.

What is most valuable?

  • IPS
  • Very efficient
  • Web Filter
  • Captive Portal with Voucher and Application Control.

What needs improvement?

It could offer other important functions such as a DNS Filter for blocking botnet networks.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

No stability issues.

What do I think about the scalability of the solution?

No scalability issues.

How are customer service and technical support?

Satisfactory.

Which solution did I use previously and why did I switch?

I still use Fortigate, also Sophos UTM. As I'm a solution consultant, I have different clients where each solution fits the environment.

How was the initial setup?

Simple and easy.

What other advice do I have?

Excellent product, meets most of the security needs of companies of various sizes. You can buy it without fear.

Disclosure: My company has a business relationship with this vendor other than being a customer. Partner.
PeerSpot user
Buyer's Guide
Download our free Sophos XG Report and get advice and tips from experienced pros sharing their opinions.
Updated: July 2025
Product Categories
Firewalls
Buyer's Guide
Download our free Sophos XG Report and get advice and tips from experienced pros sharing their opinions.