Sophos Cyberoam UTM Reviews

It is a good product, but it is being phased out and replaced with Sophos XG line. Now is the time to view other options available.

It did the job well at several locations at an affordable cost. It was easy to maintain by the staff with better support before being acquired by Sophos.

• Threat prevention
• Support of the product by their support team was good; we had no threat issues when using the product in multiple locations.

Sales and support. The sales team is constantly being changed and after acquisition by Sophos, it was treated as a stepchild until they announced the end-of-life cycle with a path to Sophos XG product. We are now looking for options on replacing it and adding e-mail protection. 

Usability: The admin interface is great and easy to use, no need to search documentation; stability and performance are what my company demands.

Web AV, Content Filter, reliable site to site VPN.

Reporting.

Close to a year, and the Sophos UTM 9 for almost two years.

Nope.

So far, no.

I never used it, but I hear it is quite good.

We use to have a few old Microsoft TMGs; it was time to replace.

If you know what you are doing it is really straightforward and quite simple to deploy, setup and then go have a drink.

The hardware has no user limit (the hardware is the limit) while the virtual edition has user limits (I do not like limits). It is a bit expensive, but totally worth the money.

Yes, Palo Alto (awesome product, but a firewall cannot be more expensive than a kidney). SonicWall, a little cheaper, but I’ve found it to be a lot more counter-intuitive to use, did not like that at all.

Go for-it! If you don't have solid knowledge of firewalls, hire someone who does.

We are using this product to protect our networks, by blocking some websites and applications such as YouTube or WhatsApp.

The most valuable feature is the protection that it provides.

It's coming to the end of its life. I would like to change to another solution.

Technical support could be faster.

I have been using Cyberoam for five years.

It's stable and we have not had any issues.

We have thousands of users in our organization.

Technical support is fine, but they could be faster.

Previously, I was using the Cisco ASA.

The initial setup was straightforward. It was not complex.

It took 10 to 20 minutes to install it.

We don't require a lot of people to maintain and deploy this solution.

I did not use an integrator or reseller. I worked with someone else.

It's not an expensive product.

This is a product that I can recommend to others.

I would rate this solution an eight out of ten.

On-premises

Most valuable feature I am using I would say is the bandwidth management for users. I have users who misuse the net and I have given them caps so it is properly utilized. Another feature I use is the VPN. I have an entity that requires 24x7x365 connectivity and the Cyberoam is very simple when it comes to monitoring that or refreshing that connection.

A simple example would be the bandwidth usage. We do not have misuse of bandwidth and the firewall and anti-spam filter work great for me. I see a lot of dos attacks that are stopped which is also a plus point. So organizations productivity is higher thanks to the Cyberoam as users are restricted from unnecessary websites and bandwidth is capped and company functions do not suffer.

Not many things would need to be added but I strongly feel it could be made more robust. For example, the cooling system in the device could do with a good revamp. There are times when the device gets too hot and begins to misbehave. Other things that could be improved are the password complexity policy and the password history policy. One thing that could be done as well is to create role based users like we have in the active directory. There are times when we have users who are not admins but need to monitor the device and access levels do not exist for such users.

We don't contact Sophos directly. It is usually through a local partner/vendor.

I would recommend for others to go and view the demo. Make sure this device will suit you needs especially in terms of expansion. Also look into support as not many times support is available. It is a simple to understand product but does require some skill to manage and maintain the device for optimal usage.

We use Cyberoam UTM as a firewall.

Cyberoam UTM's most valuable feature is that it can be configured any way you like.

The configuration requires an expert to be set up, so it could be made simpler.

I've been using Cyberoam UTM for over a year. 

Cyberoam UTM is very stable.

We chose Sophos because it's presented as being scalable in any way if you have the license.

Sophos' technical support is good.

The initial setup is complex and requires the presence of an expert.

We used the supplier's team, who did not live up to our expectations - we even had to assist them in reading the manual.

Separate license keys are required for different solutions that we implement in the server room, which are an additional cost.

Cyberoam UTM is a very good product, but those installing it should make sure they have the right technical person there when implementing it. I would give this solution a score of eight out of ten.

It's a UTM device, unified threat management, and we use it for web and application filtering and of course to scan the traffic that comes from the internet to the LAN. Due to the pandemic issues and people working from home, a lot of these devices were configured for the SSL VPN.

The endpoint protection part of the product can all be centrally managed from the cloud as well. Even the firewall, as an MSP, can be configured and then managed from the cloud.

The solution is excellent for web and application filtering and remote access with the VPN.

The initial setup is pretty easy.

The solution is stable and reliable. 

Sometimes, during part of the configuration, if you don't have a lot of technical knowledge, then you may struggle a bit to configure it - especially for the exit through the internal server. When you are doing the business application publishing and if you don't know much of the port forwarding or how the business application configuration is done, then you may struggle a bit.

The pricing could always be better. It would make it a win-win for everyone.

I'm currently configuring one right now. I've been using the solution for a while.

The solution is very stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. 

There are modular firewalls. The entry-level devices do not have the slot for adding more network ports or things like that. Therefore, it depends on the organization as to what level of configuration they want. If it's a small organization, then the entry-level product, something like XG86 or XG115 et cetera, all those are sufficient. However, if it's an organization that requires adding more ports or more cards to their plans, then starting with an appliance version XG125 is ideal as it has the optional modular port whereby you can add additional cards.

Technical support is okay. I had issues with the technical support in that they did not respond on time. However, we have to deal with the different time zones.

The solution is pretty straightforward. Within 10 minutes, it was put in production on the network.

In-house certified team implementation

Licensing is on a yearly basis. They also offer a month-to-month extension if required. After 12 months, if your license expires and you want to exchange it for one month or two months, then that is possible as well.

The pricing on the partner portals is okay. The challenge comes as there's sort of a monopoly for the distributor in Tanzania. There is just one distributor and that is where the challenge comes. Sometimes the distributor is out of stock or they set up their own freight charges. Sometimes they're out of stock and the stock takes maybe four to six weeks and is then delayed. Basically, the challenge comes up when the distributor is out of stock.

Before choosing this option, we looked at Cisco ASA, Fortinet, and Juniper.

We're a gold partner. We configure it for our clients on-premises. 

Cyberoam was actually taken over by Sophos about three years ago.

The latest versions were announced just about a few weeks ago, if not more. It was the XGS Firewall. So what I'm configuring right now is a Sophos XG firewall.

It's just a firewall. Basically, it's the hardware. Either you have the hardware or you can have it as a virtual machine.

I'd recommend the solution to other users.

I'd rate the product at a nine out of ten.

On-premises

We are using this solution to act as basic firewall protection.

It's a VPN, and the single box solution serves all your needs like an application firewall. In addition, you can set the proxy server.

I think that it would be helpful to have advanced application layer security. It's time for Cyberoam to upgrade themselves and add new relevant add ons to their product.

Compared to other firewalls, it is similar to the same generation of products. It isn't great yet, but it will be.

The scalability is not that great. I think that the Sophos XG product is more scalable than the Sophos Cyberoam.

When selecting a vendor, we always consider the capability to deliver on their technical background.

I have no comment about the solution.

It is an excellent product with lots of pros such as- 1) AntiVirus 2) AntiSpam 3) Web and application level filtering 4) Intrusion detection with instant prevention of zero day attacks 5) Identity based policy creation 6) Access control criteria 7)Flexible policy creation with stacking and VPN support

Few cons of the product are 1) Incapable of handling new attacks without degradation in performance 2) High pricing 3) ASIC based hence cannot be reprogrammed for newer attacks, falls victim to new vulnerabilities and exploits 4) Older software architecture and lack of multi core technology 5) Performance is a legitimate concern under high traffic conditions

Unified Threat Management System is an elite product which has been engineered for security, productivity, and connectivity to users across the wide area and local area networks. It specializes in application level filtering according to the OSI Model. Its Layer 8 technology makes it a class apart from the other firewalls available. Layer 8 filtering mechanism enables the user to filter keywords, URLs, and services for application layer filtering. It also has a built in packet inspection engine for packet intrusion prevention.