Sophos UTM Reviews

The primary use case for using this product is as a firewall.

It has ease-of-use and it fits the purpose of our firewall protection needs.

The most valuable feature is that it is easy to administer. 

The price is an issue to consider for improvement.

The stability of the product is good.

We are not a very big organization, so we do not see any issues going into the future. We feel that it will continue to scale appropriately for our organization's needs.

We have experience with Sophus, as well.

The price is something that one will need to consider.

All the features are valuable.

• Web protection: Allows me to control unnecessary web traffic into the company network.
• Email protection: Protects the company from spam and malicious emails.
• RED and VPN: Provides an easy and secure way to connect branch offices so I can easily control them.
• WAF and DMZ: Provides an easy and very secure way to publish your internal servers. Enables you to have more than one WAN and to use them for load balancing and controlling the traffic through them.

Before implementing Sophos UTM, we had a lot of problems with:

• Malicious URLs
• Spam
• Unnecessary internet traffic
• difficulties in connecting and controlling branch offices

After implementing Sophos UTM, the percentage of infected computers because of bad URLs was been reduce by 90%. A lot of spam emails were blocked. Additionally, I created a whitelist for company emails and a blacklist for unnecessary emails.

Branch offices have the same protection like the main office and communication between offices is very easy. We created rules for one-way communication for some branch offices and two-way communication for another office. You have got a lot of abilities for different configurations between offices.

But after migrating to Sophos XG and the new XG OS, things got easier, more secure, and more interesting. Specifically, we had the ability to generate different reports for different protection types, different end users, or different services.

With the new XG OS, I have better control of my network and I can easily detect malicious and unnecessary traffic.

We used UTM for four years, and XG for one year.

At the beginning, there were stability issues, due to a poorly configured switch. I had problems with HA, but after that, there were no stability issues.

I only contacted technical support five or six times. They were very professional. I will rate them as excellent.

We did not use a different solution before this one.

The initial setup, at the beginning, was very complex. After some time, everything got clear. I did the migration of UTM to the new OS XG by myself and I didn't need help from technical support.

Think twice when you are choosing your Sophos UTM/XG. I made a mistake the first time because I needed more powerful hardware for my network. I did not choose very well. The price and the license are definitely elements for which you must think twice. I had excellent cooperation with the Sophos sales team and my mistake was quickly resolved.

We evaluated SonicWall, Palo Alto, and Untangle.

I love all Sophos products, but the combination of Sophos XG, Sophos RED, and Sophos advanced endpoint protection with intercept X is something that all IT professionals and security officers will love and want to have.

• Reliability
• Usability
• Number of features that fully cover goals
• Perfect support
• Possibility to get “under the hood”

The Sophos solution provides a branch to head office distributed network for a construction company across New Zealand, and the reliability of the equipment makes it possible to provide stable connections and is easy to implement and support.

Would be great if it would be possible to improve IPSEC site-to-site VPN connectivity over slow/unstable internet connections.

This particular configuration has been in use for about two and a half years.

No issues encountered.

Very rare cases of appliance lost admin password or web-service hangs.

No issues encountered.

Since I’m an engineer, I probably cannot evaluate this aspect, however as far as I know equipment order and upgrade was always fine

4.99 out of 5 – support is very helpful, only once there were misunderstanding about licensing and number of supported Sophos WAPs and that was resolved promptly and fully.

For this project, the Sophos infrastructure has been planned and deployed from the start and there has been no need to change it

It's logically straightforward and the transparent interface made possible a quick deployment. However, a little time was needed to get familiarized with the interface.

It was implemented in house.

Nothing is perfect, but with Sophos those are really small – sometimes it is incorrect firmware upgrade paths, or rare log in problems (device forgetting admin password). All those though can be fixed, there is plenty information in the Internet and support is usually awesome. Also, you need to plan the solution and costs involved, while having in mind potential growth of users/connections; e.g. creating virtual appliances and allocating resources (RAM, CPU, NICs) minding potential workload.

Mostly when we see that the client has no security product, we offer both of the products: firewall and endpoint security. We offer endpoint security solutions: EDR and XDR.

Most of the time, we offer Sophos UTM and firewall products, but when we see that the customer has a firewall already deployed, we pitch endpoint security. If they're already using a different product, we cross-sell a product. For example, if someone has an environment with just endpoint security and doesn't have XDR or EDR, we'll suggest upgrading to XDR or we'll upsell XDR.

The overall visibility of the console is what I find most valuable, plus it's very user-friendly. It can be integrated with other solutions such as SOAR, SIEM, etc., even when you have an existing firewall. I really like that the console can be integrated. You'll see everything on the same window, and the single window feature of the machine is so good. These are the features I really like.

I have no suggestions for improvement for Sophos UTM. It's been a decade and it has been a very good product throughout the Pakistan market.

Pricing could be improved. After-sales service is much better. Once you have a sales team and a technical team for any product, it definitely becomes very easy to pitch or get the revenues out of that product. Flexibility in pricing matters a lot.

This is the fourth year we've been implementing this solution.

Sophos UTM is stable which is why I like it.

I find Sophos UTM scalable and it is one of the reasons I like it.

For Sophos support: the distributor is responsible for providing maintenance, support, and after-sales service. Most of the time, we try to have an agreement between the customer and affiliates which is binding for two or three years.

The support team here is from the distributor. The first layer of support is really fine when compared to the support provided by other products, e.g. McAfee or Kaspersky. This means it doesn't go to the principal for resolution because the distributor or the partner experts try to fix it on their own before logging in to further complaints. We are good with this kind of solution for our customers, and we prefer those distributors who have their support team.

This is why I really like Softech, although everyone does this, Sophos relies on the Softech technical team. They fix the issues most of the time, so it's very rare for us to go to the principal solution. This is the first line of support we have here in Pakistan.

The principal response time is so quick. It took them only two or three hours maximum. I had the experience of addressing an issue to the principal and they were able to answer me in two or three hours maximum. They have a good TA team.

Although Sophos UTM is a good product, other products have more flexibility with their pricing. It is a very fine product, but when someone wants more relaxed pricing or more leverage in pricing, Sophos is more rigid.

For example, Kaspersky is successful in Fintechs because of its services, plus they offer flexible pricing to their end users. It's a comparative advantage here in Pakistan because Pakistan is a very price-conscious market. This is the reason why every time we pitch, we have to pitch more than one product here in Pakistan. They spend their money on SIEM and other kinds of security firewall, but for endpoint solutions, they say any low-budget product could easily be implemented. Most of the customers here in Pakistan like it this way.

We also implemented Kaspersky and McAfee.

We are a partner for all these products. We market these products to the end customers or the end users. We are both selling and implementing these products. We're partners with Sophos. There's a distributor in Pakistan called Softech Microsystems, and we have a silver-level partnership with them.

We've been working with Sophos since 2019.

In the financial market, however, Kaspersky is being used more than Sophos because of its credibility, integration, and extra features offered by Kaspersky. We always try to recommend Sophos as it's what we want, but sometimes, because we also carry a Kaspersky partnership, when a customer demands for Kaspersky, we have to let the customer test it and we have to give them a quote for Kaspersky. We also carry another product, e.g. McAfee, aside from Kaspersky and Sophos. Sophos UTM is a product I want to go further. I try to pitch Sophos UTM rather than Kaspersky or McAfee.

I'm giving this solution a nine out of ten.

Whenever we go for the public tenders, because there's no price flexibility, most of the time I find other products win. Although we have completed our POCs and all that, convincing customers to go with our product, but when it goes to the tenders: in the tenders they mention specification rather than mentioning a particular product, so we'll have to qualify. We qualify technically, but when it comes to the commercial opening or the financial opening, we fail.

We use Sophos UTM to protect our infrastructure.

There are things missing when it comes to policies.

The web filtering capability should be improved.

Anti-phishing functionality should be improved.

We have been using Sophos Unified Threat Management (UTM) for two years.

This is a very stable product.

Scaling this solution works fine.

The initial setup is complex.

Our licensing fees are paid on a monthly basis.

Overall, this product is very good and I recommend it for other users.

I would rate this solution a seven out of ten.

Regarding the use cases, the solution was deployed for a production client, which was a hardware production company.

The features that I have found most valuable in Sophos UTM are its scalability and feasibility, as well as the quality of its customer service, followed by the ease of maintenance and configuration of the product itself.

Palo Alto has a different market because of their dashboard, overall looks, and other features. They are costly, but their services are quite good. And they offer a different platform compared to their competitors. Their device operates differently from others. While Palo Alto and Sophos have similar features, they operate on different platforms, providing a superior user experience compared to existing devices. In short, the UI and UX are the areas of improvement in Sophos UTM and similar solutions compared to Palo Alto.

I have experience with Sophos UTM for nearly two years. Recently, I deployed two Sophos solutions, one with HA and one on a primary device. The deployment process for one of the companies was done last month.

It is a stable product.

It is a scalable product. So it is easy to scale it up.

The solution's customer service is good. I rate the solution's technical support a nine out of ten.

Positive

The initial setup is quite easy because they have all the information on their website. Customer service is available anytime, especially when you set to start the device's configuration.

Since I was just a part of the initial configuration after deployment, I don't know the steps in the deployment process.

Both the technical and cost aspects are feasible since it is possible to obtain and use the device as a PnP solution. Considering cost and technical aspects, I rate the solution a ten out of ten.

Even if I compare Sophos UTM with other solutions, I don't think any pros or cons stick out since our clients are okay with the solution, and there has been no complaint regarding Sophos UTM.

My advice to others planning to use the solution is that it is quite easy. You can simply refer to the solution's blog or YouTube videos and install the solution. It's also quite easy to configure it. So, if you purchase it by yourself, you can configure it and use it on your particular network.

I love working with Palo Alto. So, I would like to give it a ten out of ten. Also, Palo Alto has a different market. So, I would always give a nine out of ten for other solutions. Overall, I rate the solution a nine out of ten.

I mainly use Sophos UTM to provide network security.

Sophos UTM's best feature is synchronized security.

Sophos UTM's internet security could be better.

I've been using Sophos UTM for three years.

I would rate Sophos UTM's stability eight out of ten.

Sophos UTM is easy to scale.

Sophos's technical support is very good and easy to connect to.

The initial setup was simple.

Sophos UTM is moderately priced, but it could be improved.

I evaluated Fortinet, but Sophos UTM is easier to manage and more efficiently priced.

I would rate Sophos UTM eight out of ten.

• Network border protection for clients and internal company
• It is used for small to medium-sized businesses and networks.

Sophos SG has provided us with the tools to protect our networks, detect malicious activity, and customize security to our clients' needs.

• Sophos UTM Manager (SUM): It allows us to manage over 50 Sophos UTM devices from a central management console. 
• Creating rules, exceptions, and managing most features from SUM, and pushing to all or a section of devices as needed.

• SUM cannot manage app control
• Improve app control system as a whole
• Extend support for SG until XG has improved significantly.