Sophos Cyberoam UTM Reviews

We are a solution provider and Sophos Cyberoam UTM is the main product that we sell. We also use it as part of our own network security solution as well.

The primary use cases are setting data quotas on a per-user level, web filtering, and granting or denying access to resources. In Sri Lanka, the data is always limited, which is one of the biggest problems that we have.

In some companies, productivity is not as good because people are using sites like Facebook and YouTube. This can consume a lot of data without the organization being aware of it, and Cyberoam is really good in these kinds of cases.

Having a firewall solution with a data quota is very important when the bandwidth is limited, which really distinguishes it from other products. When it comes to small and medium-sized organizations, one of their main concerns is that their data quota is not exceeded. It is quite an advantage for the administrators.

There is training material available on the website for the administrators to learn how to set it up and use it. This is very helpful and can be done easily with a one or two day course.

When it comes to web filtering and application filtering, it does not contain enough signatures to determine all of the sites that need to be blocked. This is something that higher-end firewalls are better at.

I have been working with Cyberoam for the past four years. My company has been using it for at least five or six.

Prior to the acquisition of Cyberoam by Sophos, the product was not very stable. Currently, it is really stable and we are happy with it.

One of our clients has 200 employees and they are all relying on protection from Sophos Cyberoam UTM. Nonetheless, it is all on-premises and it does not work through the cloud, so I don't consider it to be a highly scalable product. I would say that it is better for a company with a single branch, rather than for one with multiple branches or with branches connected to a head office.

Although we have people who are knowledgable about the product, if there is a level of configuration that we are not used to then we contact our distributor for help.

I have also worked with similar products from Cisco and I find them quite difficult to set up compared to this. Cisco also has training available, but I think that you will need two weeks or a month to learn how to set it up and maintain it.

The initial setup is between easy and intermediate. For a basic configuration, it is straightforward. I would say that compared to a Cisco product, it is easier.

We have engineers who are qualified and we deploy Cyberoam for our clients.

For companies with approximately 200 employees, having two or three system administrators is enough to maintain it.

This is a cost-effective solution compared to other vendors, such as Cisco.

Our customers look at many options but they normally choose Cyberoam because of the data quota, as well as the competitive pricing. After you buy the device, you can get subscriptions for different features. Companies normally buy it for one year or three years at a time.

There are also basic features that are available without purchasing a license. An example is that web filtering is not available without a license, but the data quota management is. That comes with the appliance itself.

When we transitioned from Cyberoam to Sophos Cyberoam UTM, we were able to back up the rules and then upload them into the new solutions. It was easy to do and within a few hours, it was set up.

If your company does not have a network administrator then this is a good option because the training makes it very easy to use. For larger, enterprise-level organizations, people will look for different solutions.

If I were rating this product only for the Sri Lankan market then I would score it an eight out of ten. However, the majority of other countries do not have the issue of bandwidth limitations, and without the quota being important, I cannot rate it as high.

I would rate this solution a six out of ten.

On-premises

It is an excellent product with lots of pros such as- 1) AntiVirus 2) AntiSpam 3) Web and application level filtering 4) Intrusion detection with instant prevention of zero day attacks 5) Identity based policy creation 6) Access control criteria 7)Flexible policy creation with stacking and VPN support

Few cons of the product are 1) Incapable of handling new attacks without degradation in performance 2) High pricing 3) ASIC based hence cannot be reprogrammed for newer attacks, falls victim to new vulnerabilities and exploits 4) Older software architecture and lack of multi core technology 5) Performance is a legitimate concern under high traffic conditions

Unified Threat Management System is an elite product which has been engineered for security, productivity, and connectivity to users across the wide area and local area networks. It specializes in application level filtering according to the OSI Model. Its Layer 8 technology makes it a class apart from the other firewalls available. Layer 8 filtering mechanism enables the user to filter keywords, URLs, and services for application layer filtering. It also has a built in packet inspection engine for packet intrusion prevention.

The primary use cases for Sophos Cyberoam UTM in my environment vary depending on client requirements. I have employed it for VPN tunneling, web filtering, and firewall configurations.

The tool's robust features allow for the customization of policies, objects, and firewall settings. 

The product needs to improve its pricing. 

I've been using Sophos Cyberoam UTM since around 2010. 

The product is stable. 

The initial setup of Sophos Cyberoam UTM is straightforward. 

I rate the solution a ten out of ten. 

We primarily use the product as a firewall solution. 

The firewall capabilities have been good so far. 

The security capabilities are okay.

It is easy to maintain. 

We found the initial setup to be very easy.

The product is stable.

It can scale easily. 

The product strategy of the manufacturer is strange. I don't understand what they are doing in that regard. Therefore, I'm seeking a different solution. I want something that has a clear roadmap.

Technical support could be better. 

I've been using the solution for ten years. 

The solutiois stable. It is reliable;e. There are no bugs or glitches. It doesn't crash or freeze.

It is quite scalable. You can expand it if you need to. 

We have around five users on the solution right now. It's a firewall that protects the network, so anyone in contact with the network would be in contact with the firewall. 

Technical support could be better. We aren't fully satisfied with the level of service.

We did not previously use a different solution. We've always used Sophos. 

The initial setup is very simple and straightforward. The maintenance, once it is installed, is also simple. You only need one person to maintain the solution.

I've used it for more than ten years and therefore cannot recall the exact deployment time. Likely, you need a half-day or so to deploy it.

Installation was handled by our own team. 

I cannot speak to the exact cost of the product.

I'm currently evaluating other potential solutions.

We're a partner. 

I'm using the latest version of the solution. 

I am not sure if I would recommend the solution to others right now. It's a good idea to look at a variety of options. I'm also looking into alternatives. 

I'd rate the solution seven out of ten. The support isn't great, and my understanding is it is coming up on end-of-life. 

On-premises

We used it for the POC so we tried it. We used it continuously for testing purposes for four to five months.

I find Sophos very good. What I like about it is that users can make hotspots in Mac and Windows systems through this solution.

I also like the feature of being able to block off Mac IDs that host users. For example, you have a Mac or Windows laptop and you created a hotspot. Other devices like mobiles and tablets e.g. iPads connected to that hotspot. We can block those devices that are connected to the hotspot we created, only through Sophos.

It's a good feature we didn't find in other UTMs.

The product had a hang issue. We needed to reboot, recreate the image, and reconfigure the previous image because the product hanged frequently.

Being able to block applications and services could also be a product improvement.

We used this solution for four to five months.

The stability of this product is very good.

I find the scalability of this product very good.

Our experience with technical support is not good. I didn't understand if there was an issue with the physical device, or if it was a technical issue, or if it was their technical support. If our issues were properly managed, for sure we will purchase again, but we did not purchase because technical support is not good. They're not supportive as well.

The initial setup of this solution was straightforward.

We deployed it both in-house and through the vendor team.

In my team, I am capable of implementing Sophos. I tried implementing it with the vendor team who didn't have much of an idea and also saw that we weren't getting enough support from the Sophos technical team.

Suppose we have two side-to-side VPNs and we're using cloud servers. For example, my requirement is one public IP. If I go in any server part in the cloud, then I want one IP for sending data, while the other IP would be used for receiving data.

Sophos technical support couldn't help. Suppose we are already configured things on our Cisco router. They had no idea how to move the Cisco device configuration in Sophos. That was a big concern.

We deployed it physically via hardware, particularly the router, and not via cloud.

I evaluated Cisco Meraki.

We got was the PUC part only. We are not using it right now. We are currently using ASA.

The product often had hang issues which was why we stopped using it. We will purchase again if there were no hardware issues.

The pricing for this product is good. Though its quality may not be that good, its pricing is very low, enticing small businesses to purchase it over its competitors.

I'm giving it a rating of eight out of ten because the product is really good, but you need to prepare the team, including the team handling the vendors because there are too many devices in the market. Everyone in the team needs to know how to move these things in Sophos devices, or in Sophos cloud-based technologies and application software.

On-premises

The majority of it is on-premise protecting the external to internal and then we utilize the features inside the Cyberoam XG series like their IPS and their web application firewall to do the filtering as well as their proxy server inside the application control.

I'm more inclined towards the conventional firewall. So for me, I'm more geared towards the standard firewall type functionalities as well as the web application firewall because that seems to work fine.

I would say there's room for improvement in terms of the GUI. Because it is better than some of the other standard firewalls. They have the drag and drop features.

Also, their logging systems need improvement because their logging systems sometimes look a bit complicated if you're not familiar with it.

We have been using Sophos since the XG version, so around four to five years. 

It's quite stable. When they first started out with the XG series it was a bit buggy but after a few releases, it became quite stable.

The XG series is much better compared to the previous UTM. Because with the XG series you can actually approach the enterprise level. Previously we tried to go for these large enterprises when we talked about the Sophos Firewall. When they moved to Cyberoam XG series Firewall they were much more scalable and they're much more robust compared to earlier ones. 

Most of our clients are enterprise-size. We have one customer that's using almost about 200 units of the XG series firewall. Then we have other customers using it on their larger network, so they cater to about 300 to almost 500 users

I don't have any problems with technical support so far because any time I ever contacted technical support it was for a major issue. Other than that I don't have any issues with technical support.

I previously worked with Nokia, Checkpoint, and FortiGate. Checkpoint is in the enterprise range, it is very high end. It's not a very cheap product compared because when it comes to pricing Checkpoint is very expensive. If you're comparing Sophos to FortiGate they are more or less similar. FortiGate can do a virtual firewall that Sophos cannot.

The initial setup is straightforward. The deployment is very fast. With an engineer, it can take a few hours. 

Sophos is quite flexible when it comes to pricing.

I would just say keep it simple, don't make it too complex. Keep it simple and then from there scale it up.

I would rate it an eight out of ten. 

To make it a higher score, Sophos should look at the virtual firewall feature because most of the current players like Juniper have the option for a virtual firewall. That way you can actually split up into multiple different firewalls or one physical firewall.

On-premises

• Easy to deploy.
• Great IPS
• Managing APs is now easy
• Infected machines cannot connect the ERP until it is clean, so my internal servers are protected. 
• Great reporting tool
• User, app, and protocol all are in control.

It has many features that no other competition has in single box so far, such as:

• Dual AV engine for web and email.
• Optimized three-clicks-to-anywhere navigation.
• New unified policy model enabling all business.
• User and network policies to be managed on a single screen with powerful filtering and search options.
• Policy Templates for common business applications, like Microsoft Exchange, SharePoint, Lync, and many more defined in XML enabling customization and sharing.
• Custom IPS, Web, App, and Traffic Shaping (QoS) settings per user or network policy on a single screen.
• Sophos Security Heartbeat connecting Sophos endpoints with the Firewall to share health status and telemetry to enable instant identification of unhealthy or compromised endpoints
• Policy support for Sophos Security Heartbeat to automatically isolate or limit network access to compromised endpoints
• Application Risk Meter provides and overall risk factor based on the risk level of applications on the network
• FastPath Packet Optimization
• Hotspot support for (custom) vouchers
• Password of the day
• T&C acceptance

Other valuable features include:

• Wireless guest Internet access with walled garden options
• Time-based wireless network access
• Wireless repeating and bridging meshed network mode with supported APs

• Advanced Threat Protection (detect and block network traffic attempting to contact command and control servers using multi-layered DNS, AFC, and firewall).
• Sandstorm Cloud Sandbox Protection
• Patent-pending SPX encryption for one-way message encryption
• Recipient self-registration SPX password management
• Hundreds of on-box reports with custom report options: Dashboards (Traffic, Security, and User Threat Quotient).
• Applications (App Risk, Blocked Apps, Search Engines, Web Servers, and FTP)
• Network and Threats (IPS, ATP, Wireless, and Security Heartbeat)
• VPN
• Email
• Compliance (HIPAA, GLBA, SOX, FISMA, PCI, NERC CIP v3, and CIPA)
• Robust hardware
• Huge RAM
• SSD

On-box sandstorm should be available. As of now, it is from their cloud.

No issues.

No issues.

Customer Service:

Very nice.

Technical Support:

Very good.

Used cyberoam iNG firewall/UTM. 

The new model is Sophos XG and I am upgraded to that, which is a great solution.

The initial setup is very easy.

Very good.

Almost 100%. It saves a lot of man hours and bandwidth. Management loves its reporting.

The price is very competitive and the licensing is easy.

Cyberoam iNG.

• Value for money
• Easy deployment
• Sophos has a great vision, works on information security, products are available like endpoint, mobile mgmt., encryption, WiFi, server protection, email gateway, web gateway, and many more. 
• Sophos Cloud is great.

We use Sophos Cyberoam UTM to protect company networks from attacks from the internet and to separate internal networks into different nodes. The Intrusion Prevention system of Sophos Cyberoam UTM protects different networks from attacks from other networks. This includes the company's network or from the outside of the company's networks.

There are plenty of features that are valuable in the Sophos Cyberoam UTM. We use all the features, such as email Security, firewall rules, web server security, web devices, web protection.

Sophos Cyberoam UTM could improve by adding VPN site-to-site capabilities. The correct version does not work with Microsoft Azure Cloud.

I have been using Sophos Cyberoam UTM for approximately 18 years.

Sophos Cyberoam UTM is a very stable solution and it's a well-formed and clear-built solution. You can easily have flexibility in configuring. The Sophos XG has a strong connection to the cloud and that's not good for security.

The solution is scalable.

We have approximately 30 customers using this solution. We support other IT service providers who don't have knowledge about IT security.

The installation is straightforward. The length of time it takes for the implementation can vary drastically based on the organization's network structure. Addiotnanly, how well the organizations want to be protected. An easy installation can be done in two to three hours, and other implementations need much more time to prepare the firewall or to create an object. Adding more complexity to the installation can add one to three days.

The technical team that is needed to support the solution depends on the size of the organization. For smaller companies, we only need one technical engineer on our side and IT support from the customer. Larger companies with substantial-sized departments need much more support personnel. Additionally, we need one person from the management because we have to prepare outage times.

There are many options for payment of the subscription license. You purchase a subscription every one, two, or three years. You can also have monthly subscriptions but we typically offer subscriptions for three years because from the financial perspective it is better to have a three-year subscription.

We don't like Cloud solutions in the IT security area. Firewalls feature critical infrastructures, such as networks. We don't advise our customers to use Cloud solutions.

I would recommend Sophos Cyberoam UTM.

I rate Sophos Cyberoam UTM an eight out of ten.

On-premises