Sophos Cyberoam UTM Reviews

We are using this product to protect our networks, by blocking some websites and applications such as YouTube or WhatsApp.

The most valuable feature is the protection that it provides.

It's coming to the end of its life. I would like to change to another solution.

Technical support could be faster.

I have been using Cyberoam for five years.

It's stable and we have not had any issues.

We have thousands of users in our organization.

Technical support is fine, but they could be faster.

Previously, I was using the Cisco ASA.

The initial setup was straightforward. It was not complex.

It took 10 to 20 minutes to install it.

We don't require a lot of people to maintain and deploy this solution.

I did not use an integrator or reseller. I worked with someone else.

It's not an expensive product.

This is a product that I can recommend to others.

I would rate this solution an eight out of ten.

• Web filtering
• Application filtering
• IPS
• QoS

I used to work for a Cyberoam distributor. In one of my projects, I deployed it in a university with 1500 users (students), all of whom had different QoS and web category policies, different authentication policies. I then had to connect the university’s branches, in different cities, with a Site to Site VPN using AD authentication available for just the account. This was to restrict access only to the accounting application server of the other branch. It was quite complicated to do, but it was very successful.

In another project for a bank, I secured a banking application server and attached a database using two Cyberoam devices on the edge, with a Juniper device in the middle. This was for securing three different segments - internal users, internal developers and external visitors. The final topology was so secure that, even for some testing purposes, we were not able to break in to change the configuration and access the system as a third party.

Not very often, but there are some minor bugs in the products. I think their quality control can improve.

I’ve used it since 2008, so seven years so far.It is a complex product so I’d rate the performance and number of features as 10/10, and 7/10 for the consistency and programing.

Generally speaking, the Cyberoam development is quite simple, easy and straight forward. Overall it depends on the network complexity.

Compared to a Cisco router, Cyberoam UTMs need to be restarted more often. From my point of view, this is acceptable, since many aspects of the product functions in layer seven, while a Cisco router just routes!

Since all the products models from the smallest to the strongest have the same features and capabilities, I can say that the product is extremely scalable. However, if you need to upgrade the whole device to a stronger model, I would say scalability is 8/10, which considering the differences between the number of ports in different models (I could even give 9/10, but let’s stay with 8/10!).

It really depends on the retailer, representative and local distributor. Nothing much to say.

One of the most considerable advantages of Cyberoam over the competitors is the after sales support. The 24/7 support assists the customers, even from minor to very major issues, and they chase up the issue until the final resolution by email and phone. They are really trustworthy.

In a different continent, a different company, and as a customer (not a distributor) I still used the same brand, Cyberoam! It’s cheap, flexible, easy to configure and easy to manage.

I’ve been using the product for ages and I have deployed it in hundreds of networks and complexities. However, using the configuration wizard, the initial configuration is extremely easy and straightforward (depending on the network complexity of course).

I have always installed it myself.

It's hard to estimate, as it depends on the complexity, and scale of the network.It takes anywhere from one day to less than a week in normal situations.

I have evaluated Juniper, WatchGuard and a couple of minor brands. So far, I can still raise the flag of Cyberoam.

Since the features on the model are the same, and it is just the hardware that gets improved for higher models, I usually advise a model one and a half times bigger than the number of the network users. For instance a 1000 user network can be easily served by a 1500NG. However based on my experience, since not all the users are active simultaneously, even 1 to 1 is sufficient. Considering the capability of HA, expansion is simple if needed.

It's a UTM device, unified threat management, and we use it for web and application filtering and of course to scan the traffic that comes from the internet to the LAN. Due to the pandemic issues and people working from home, a lot of these devices were configured for the SSL VPN.

The endpoint protection part of the product can all be centrally managed from the cloud as well. Even the firewall, as an MSP, can be configured and then managed from the cloud.

The solution is excellent for web and application filtering and remote access with the VPN.

The initial setup is pretty easy.

The solution is stable and reliable. 

Sometimes, during part of the configuration, if you don't have a lot of technical knowledge, then you may struggle a bit to configure it - especially for the exit through the internal server. When you are doing the business application publishing and if you don't know much of the port forwarding or how the business application configuration is done, then you may struggle a bit.

The pricing could always be better. It would make it a win-win for everyone.

I'm currently configuring one right now. I've been using the solution for a while.

The solution is very stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. 

There are modular firewalls. The entry-level devices do not have the slot for adding more network ports or things like that. Therefore, it depends on the organization as to what level of configuration they want. If it's a small organization, then the entry-level product, something like XG86 or XG115 et cetera, all those are sufficient. However, if it's an organization that requires adding more ports or more cards to their plans, then starting with an appliance version XG125 is ideal as it has the optional modular port whereby you can add additional cards.

Technical support is okay. I had issues with the technical support in that they did not respond on time. However, we have to deal with the different time zones.

The solution is pretty straightforward. Within 10 minutes, it was put in production on the network.

In-house certified team implementation

Licensing is on a yearly basis. They also offer a month-to-month extension if required. After 12 months, if your license expires and you want to exchange it for one month or two months, then that is possible as well.

The pricing on the partner portals is okay. The challenge comes as there's sort of a monopoly for the distributor in Tanzania. There is just one distributor and that is where the challenge comes. Sometimes the distributor is out of stock or they set up their own freight charges. Sometimes they're out of stock and the stock takes maybe four to six weeks and is then delayed. Basically, the challenge comes up when the distributor is out of stock.

Before choosing this option, we looked at Cisco ASA, Fortinet, and Juniper.

We're a gold partner. We configure it for our clients on-premises. 

Cyberoam was actually taken over by Sophos about three years ago.

The latest versions were announced just about a few weeks ago, if not more. It was the XGS Firewall. So what I'm configuring right now is a Sophos XG firewall.

It's just a firewall. Basically, it's the hardware. Either you have the hardware or you can have it as a virtual machine.

I'd recommend the solution to other users.

I'd rate the product at a nine out of ten.

We are a service provider and Sophos Cyberoam UTM is one of the security products that we have experience with, in that capacity. It is primarily used for layer three gateway protection.

This is a managed service, which means that the customer does not need to purchase hardware and employ a system integrator to install it. Rather, they just have to subscribe to it. The service includes reports that we provide to the clients.

The most valuable feature is the layer three gateway protection.

Cyberoam UTM needs to have more certifications with third-parties, such as NSS Labs.

The GUI is not very user-friendly and should be improved. One of our customers had trouble with the configuration and needed somebody to help manage it for them.

The vendor needs to generally invest more in the development of this product.

The product, itself, doesn't seem to have any bugs or glitches. However, one of our customers had a lot of trouble with it because it wasn't being managed.

I have not been in contact with technical support.

We recently had a customer that was using this product, although we later persuaded them to switch to the Fortinet product, FortiGuard UTM. The suitability of Cyberoam UTM depends on the required sizing.

In summary, I don't think that Sophos Cyberoam UTM is a friendly product to work with, and I would recommend the solution by Fortinet instead.

I would rate this solution a five out of ten.

The primary use is for our firewall, for intrusion detection and prevention. Other uses include internet web filtering, application content blocking, and some VPN. We also look at bandwidth optimization. We don't want users to abuse the network.

One of the benefits has been cost reduction because I am now able to monitor my bandwidth. I have just enough bandwidth to utilize within the organization, without having to spend significant amounts toward additional bandwidth. That has been one of the major benefits.

It has also increased productivity within the organization because now, fewer people are spending time abusing the network, and are focusing more on their jobs. I have not totally blocked everything, they do get their social life after hours, it's just a control during work hours.

For me, the web and content filtering are valuable because that, unfortunately, is where the abuse happens a lot. People are abusing the network and pushing up the bandwidth price.

Once in a while, an unwanted email will slip in. You have to set your parameters to avoid that happening, but once in a while, an email has slipped past firewall. Once you update the firmware, you notice that it doesn't happen. If an email slips in, I get a little bit worried. I do get the report, but you just don't want that situation happening in the first place.

When I look comparatively at certain products like Check Point - I haven't used Check Point but I have seen it in action - the people who have actually used it have confirmed that they have not had that experience before. 

However, I do know that Cyberoam is upgrading from Cyberoam to Sophos. I'd love to see the upgrade. I'd love to see a swap-out of the device. I should be able to swap out my device rather than I have to buy the whole unit again.

One of the places that viruses spread is through the browser. Unfortunately, Cyberoam configuration is done through the browser. That makes the configuration process is easier. But if your PC is clean and you're configuring Cyberoam then you should have no issues in the first place.

I've never used the console, so maybe that's an area of training that the Cyberoam should look into. That would enable me to configure the device without necessarily using a browser. But then again, if I am going to use a computer to configure it, my PC should be clean.

The solution has been very stable. I have had no issues. Occasionally I do some penetration testing and I put it through its paces. I was quite impressed. I did not see any performance downgrade, which was impressive.

I managed to scale up, but not from the model perspective. It began to fail only when the number of users grew significantly. I had to replace it but that was because we planned for 50 people and, suddenly, the organization doubled to 100 people, which was a significant jump.

It is very good, both local as well as non-local. The technical support for the Cyberoam website was very helpful with regards to the few issues that I had. Here in Zambia, there is a Cyberoam representative, and we have no issues with the support. I have found it very helpful.

One of the reasons we invested in the Cyberoam solution was that we were looking at content filtering. That was the initial discussion. While searching for content filtering, Cyberoam appeared. One of the advantages of Cyberoam, in particular is the Layer 8 technology, the user layer. That pushed us towards Cyberoam.

When selecting a vendor, one of the key issues is the support. It's easy to buy something, but the after-sales support is very critical for me. It is very critical because half the stuff happens not during the purchases, but rather after I've bought the gadgets. I have it on my table, and, yay, it's working and, two days later, it's down and I can't get my support guys on site.

Another one of the determining factors was cost. I chose Cyberoam at a time when the organization was restructuring. We were trying to cut down on cost, so we analyzed the solution critically. Cyberoam has a recurring yearly cost. Competing products are good, but some of the initial setup costs were very high. And then you have to look at the ability to actually get the support in.

So support, pricing, and after-sales were key, as well as the ability to swap out the device should it be faulty. I should be able to swap it out within a specified period. There is no point in having my network down for five hours. Thankfully, I haven't experienced that.

It was very straightforward. I'm a Cyberoam-certified practitioner, but I actually deployed Cyberoam before I got my practitioner license, and I had no issues. So it was very easy.

Cisco has a very good product, but there were only a handful of support people available in the country at that time. My vendors said that Cyberoam has very good support, you can actually learn it and they offer initial support. 

I took up the challenge. I bought the product, did the implementation, went to the user training, and the support was readily available for my vendors.

See what your market is offering. Here in Zambia, Cyberoam has a lot of support. Take your time and make sure that when you're making a decision, your requirements are met. Cyberoam met our requirements. I was only looking at web filtering and I got a whole lot more than that.

Also, your after-sales support is crucial. Train yourself, because if you have the knowledge of a product, it's easy for you to set it up and use it to its fullest potential.

I rate this solution a nine out of ten. It has met many of my requirements even without subscription, just the base model. It's easy to use, easy to install, easy to implement. There isn't too much headache or cabling, you don't have to replace a whole, huge network. You're just replacing one thing and it can be implemented without an issue.

We use Cyberoam UTM as a firewall.

Cyberoam UTM's most valuable feature is that it can be configured any way you like.

The configuration requires an expert to be set up, so it could be made simpler.

I've been using Cyberoam UTM for over a year. 

Cyberoam UTM is very stable.

We chose Sophos because it's presented as being scalable in any way if you have the license.

Sophos' technical support is good.

The initial setup is complex and requires the presence of an expert.

We used the supplier's team, who did not live up to our expectations - we even had to assist them in reading the manual.

Separate license keys are required for different solutions that we implement in the server room, which are an additional cost.

Cyberoam UTM is a very good product, but those installing it should make sure they have the right technical person there when implementing it. I would give this solution a score of eight out of ten.

It is a good product, but it is being phased out and replaced with Sophos XG line. Now is the time to view other options available.

It did the job well at several locations at an affordable cost. It was easy to maintain by the staff with better support before being acquired by Sophos.

• Threat prevention
• Support of the product by their support team was good; we had no threat issues when using the product in multiple locations.

Sales and support. The sales team is constantly being changed and after acquisition by Sophos, it was treated as a stepchild until they announced the end-of-life cycle with a path to Sophos XG product. We are now looking for options on replacing it and adding e-mail protection. 

We are using this solution to act as basic firewall protection.

It's a VPN, and the single box solution serves all your needs like an application firewall. In addition, you can set the proxy server.

I think that it would be helpful to have advanced application layer security. It's time for Cyberoam to upgrade themselves and add new relevant add ons to their product.

Compared to other firewalls, it is similar to the same generation of products. It isn't great yet, but it will be.

The scalability is not that great. I think that the Sophos XG product is more scalable than the Sophos Cyberoam.

When selecting a vendor, we always consider the capability to deliver on their technical background.

I have no comment about the solution.