Sophos UTM Reviews

We use Sophos UTM for our organization's network security.

The most valuable feature of Sophos UTM is the endpoint protection feature.

The technical support team’s response time could be improved.

I have been using Sophos UTM since 2018.

I rate the solution ten out of ten for stability.

We use the solution daily in our organization.

I rate the solution ten out of ten for scalability.

I previously used Kaspersky. I switched to Sophos UTM because of the features that it is offering.

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution’s initial setup ten out of ten.

The solution's deployment took a week for the first time because our organization is big and has over 300 endpoint equipment. It takes a few hours to do the renewals now. We deployed Sophos UTM from the Active Directory. Three people were involved when we deployed the solution for the first time.

You cannot really say that the solution is expensive, given the protection it gives.

Sophos UTM has improved our network's threat detection and response. It has been good so far because we don't have many attacks. We use the solution's web filtering feature for our organization's security. We use the firewall to protect our endpoint equipment and protect against any infiltration in our network. We also use the solution’s VPN feature.

Around one or two people are required for the solution’s maintenance. I would recommend the solution to other users because it has helped us. The solution's installation and deployment are seamless, and its protection is secure.

Overall, I rate the solution ten out of ten.

My company deals with eight clients who use Sophos UTM. My company's clients mainly use Sophos UTM for protection against threats and for other purposes like content filtering, web filtering, and VPNs.

The most valuable features of the solution are application filtering and web filtering.

Sophos UTM needs to streamline the VPN configuration. It also needs to fix the concerns related to the solution's Port Address Translation (PAT) rule.

In the future, I want Sophos UTM to provide users with sandboxing features.

The scalability of the product is an area with certain shortcomings where improvements are required. Sophos should give some flexibility to users, especially when you run low on things like memory and storage.

The support team's turnaround time is an area of concern where improvements are required.

I have been using Sophos UTM since 2018. My company has a partnership with Sophos UTM.

It is a stable solution. Stability-wise, I rate the solution an eight out of ten.

Scalability-wise, I rate the solution a five out of ten.

With Sophos UTM, I have noticed that you cannot upgrade the physical devices, meaning you cannot change the memory or the hardware. If you want an upgrade, then you have to go to select the next model or a bigger model offered by Sophos.

One of my company's clients uses the tool in an environment consisting of 20 people, while another client uses the tool in an environment consisting of 20,000 people.

Whenever my company contacts the support team of Sophos, we get really good support.

I rate the technical support a seven out of ten.

Neutral

I have experience with Fortinet FortiGate, Check Point, and Cisco ASA. My company uses different products depending on the preferences of our customers.

The product's initial setup phase was relatively easy. I rate the product's initial setup phase a six out of ten.

The solution is deployed on an on-premises model.

The solution can be deployed in three days, depending on the size of an organization. If it's a small company, you can finish the deployment process in a day, but if it's a big company with a lot of requirements, it could even take a week to do the full deployment. The product's initial deployment takes a few hours, but the customization to be carried out to suit an organization's structure takes time, and it depends on how big the company is and what customizations the customer wants in terms of modules.

Sophos UTM is a reasonably priced product.

I rate the product's price a five on a scale of one to ten, where one is cheap, and ten is expensive.

Sophos UTM is a good tool, especially for SMBs. Sophos UTM has a lot of features that enterprise-sized businesses ask for, but they don't really work very well. For SMBs, the product's features are very good. The setup phase of Sophos UTM can be carried out quickly. In Sophos UTM, it is easy to troubleshoot.

I rate the overall tool a seven out of ten.

We primarily use the solution for firewall security.

The protection on offer is pretty good.

Direct controller management has been quite useful.

It offers reasonable pricing.

The scalability is good.

It is stable. 

Technical support has been fine. 

I don't have any notes for improvements at this time.

I'd like to see some filter features added in the next release. 

There can be a delay when it comes to reaching out to technical support. 

I've been using the solution for one year. 

The solution is stable. I'd rate it nine out of ten in terms of reliability. There are no bugs or glitches, and it doesn't crash or freeze. 

We have about 1,000 users on the solution at this time. The solution is very scalable. I'd rate it nine out of ten. 

We use the solution quite extensively. 

Technical support has been fine. They are helpful and responsive. That said, sometimes, there is a delay when we try to reach out to them. 

Positive

It is very simple to set up. I'd rate the ease of implementation nine out of ten. 

I cannot recall how long the original deployment took. 

We did not use any outside assistance. We handled the setup ourselves. 

I'd rate the affordability of the solution seven out of ten. The pricing is decent. 

We're a customer and end-user.

I'm not sure which version of the solution we're using. I do not have the version number on hand. 

Overall, I would rate the solution eight out of ten. I'd recommend the solution to others. 

We primarily use the solution for security purposes. 

We use it as a WAF with an application firewall.

We can use it for VPN SSL as a remote-access VPN. We have used it on the internet for applications and web servers.

The product is easy to manage and easy to install. It's straightforward to manage.

It is stable.

The solution is scalable. 

They could use more SSL VPN support.

We'd like the setup to be even easier, if possible. 

I've been using the solution for four to five years.

It is stable and reliable. The performance is good. There aren't bugs or glitches. It doesn't crash.

The product can scale well.

We have about 500 users on the solution. We don't have plans to increase usage at this time. 

We have three years of support services. 

We have the Juniper SRX firewall, for local zones, process zones, and server zones.

The initial setup is very straightforward. It's not complex at all. 

It takes about two hours to set up. 

We have three to five engineers that are able to handle deployment and maintenance tasks. 

We handled the implementation ourselves. 

We have a three-year license and have support services as well. 

I'd recommend the solution to others.

I would rate it nine out of ten.

Proven UTM technology, excellent security and threat management are valuable features. The fact that I can provide scalable solutions for a SoHo environment on a small appliance, run on my own PC/server or even a virtualized environment allows me to accommodate almost any business, regardless of size. The software works in the same way across all the models. I have managed all my clients via the Sophos UTM Manager, a centralized console. I am a MSP, so having a centralized system to managed and maintain all of my client UTM firewalls is just gravy.

Customers appreciate the extensive built in reporting, rock solid IPS and security features. Coupled with a centralized Wireless and Remote Ethernet Device (RED) Device extends my service offerings. Lastly, the Total Protect bundle offers an affordable, comprehensive solution for the SMB market.

Using the SUM (Sophos UTM Manager) Central Console, each client UTM is configured to report to my RMM and CRM system for monitoring, SLA, ticketing, and support. We can administer a majority of our management such as firmware updates from our Sophos UTM manager. With many other products, this needs to be done and case by case basis.

We also schedule weekly automatic backups of the clients UTM configuration. These backups are emailed to our support portal and preserved. We keep spare/loaner equipment in stock so if a client’s UTM has a catastrophic failure, we prep a spare unit, apply their most recent configuration, and within 5 minutes have a functioning loaner unit we can deliver while their warranty replacement is processed. A simple drive to the client’s location and a swap out is done which gets them back in business on the same day. You can also get a 30 day full trial license for appliance or software. My sales staff can place a 30 day trial of fully functional unit as part of a proof of concept.

The unit offers great failover and load balancing features that can be complex to understand, some streamlining of the process would help. More predefined port rules would help the novice user/technician as well.

I have been a Sophos/Astaro Partner for over 10 years. I started with Astaro v6 and have continued with them following their acquisition by Sophos a few years ago. The product keep getting better and better. I have over 200 units I have installed and managed. I am currently selling the SG Series with UTM v9.309. The SG series have models that fit small business up to large enterprise environments.

Alongside the hardware versions, we also use a virtualized version running UTM 9.

The only issues I have, have been due to human error.

The solution is very stable if you size the unit to the environment. An SG125 is great for a 25 person office with web, email filtering, application control, etc. but it would not work well in a 100 person office. You need to know the proper sizing prior to deployment.

As stated, unit needs to be scaled to the environment. So if I don’t do my job of understanding the client's environment, it is possible to undersize the unit just like every other product. For clients who are planning major growth, we tend to sell either a virtualized UTM or software base unit. Then it is simply a matter of adding license capacity, RAM, CPU, etc. when needed.

They have a great account team and customer service is solid. 85% of the time the issues are resolved on the same day, and 97% by the next business day.

They have excellent technical support. I can submit a ticket request via their portal, with a call, etc. I can get someone 24/7 and usually within an hour. They also have a great escalation procedure.

I have used many, such as SonicWALL, Cisco, Juniper, WatchGuard, and FortiGate. Sophos is consistent and deep in their solutions and I like a consistent platform and support.

Simple small offices are a breeze. We have some template configurations, which only require us to stage and activate a license(s), install a basic template and modify the interfaces to meet client specifics and then add the unique definitions. More complex setups start with a basic template which even my technicians can load, and then require an engineer or security specialist to finish off.

We are a managed service provider (MSP) so we do it in-house for clients. We provide our customers with basic training and complete documentation package.

As with most hardware, margins could always be better. I can get competitive pricing on larger deals. Our biggest ROI is the monthly management fee, which is very reasonable for our clients. Since we do all of our management (updates, reports, etc.) from the SUM we spend very little time on this and a technician can do it. It has a very good economy scaling and the annual subscription renewals are pretty standard with not much of a margin. This solution fits the MSP model very well due to it being a centralized control/management solution.

A SoHo setup takes about an hour, which is US$125 and the monthly management/maintenance is US$30, but it all adds up.

We have evaluated many

• WatchGuard
• SonicWALL
• Cisco
• FortiGate
• Smoothwall, etc.

The product has a shallow and a deep end. Getting a small business/SoHo running up quickly and reliably is straight forward, but the deep end takes some technical skills, just like any solution. What I really like is that my Tier One guys can get a quick status update, have a look very quickly, and then resolve most basic issues. Tiers two and three are not as involved unless there is a major issue or complexity. Also, when buying the product, get the audit/chance tracking built in too!

There are multiple use cases, and a few examples would be its use in the education, banking, or financial sectors. There are so many other locations and sectors where they deploy this solution.

One of the features of Sophos UTM that I find valuable is its user authentication functionality.

In Sophos UTM, there is room for improvement in certain areas. For instance, I believe that its feature known as Synchronized Security could be enhanced. The solution's technical support for India needs to be improved.

I will need to think about the additional features the solution needs to include in its next release.

I have been using Sophos UTM for almost ten years now. It is a good solution. My company is a partner and an integrator of Sophos UTM.

Stability-wise, I rate this solution a ten out of ten.

Scalability-wise, I rate this solution a ten out of ten. If I talk about the solution's suitability, then it is suitable for enterprises.

Dealing with technical support can be time-consuming when communicating over the phone. I am unable to provide a rating for the technical support team. My suggestion to others would be that they provide the country location of the toll-free number in the solution. Although a toll-free number has been provided for India, the people in India are good. Compared to the UK, there may be issues with understanding and timing, which could lead to many problems.

We use Sophos Access Point, Sophos Firewall, Sophos Switches, Sophos MDR, and Sophos XDR. We have been using Sophos MDR for three years.

Whether the initial setup is straightforward or complex depends on the number of users or people to whom the solution is given.

Compared to the current market offerings, like FortiGate or SonicWall, Sophos offers its solution at a good price.

I compared Sophos UTM with Fortinet and found that Fortinet's EPP, ATP, and hardware are good. Sophos UTM has also improved its hardware by updating its dual-core processors with a second processor that uses advanced technology, whereas previously, the hardware was handled by a single processor. However, we are still facing some problems with Multicast User Authentication.

I recommend Sophos UTM, Sophos Access Points, Sophos Endpoint, and Sophos Switches to other users. Overall, I rate this solution a ten out of ten.

We are a solution provider and I am the architect of solutions that employ Sophos UTM.

Sophos was one of the first firewall products that were free, so you can install it at home and test it. Then when you have the experience, you can recommend it to customers.

Sophos UTM is the simplest of these products to setup. If you follow the instructions using the wizard, which is just a few steps, then you will have a firewall to protect you and your customer.

Sophos UTM is sensitive when it comes to setting up the SSL VPN, with the certificate.

The bandwidth speeds are limited, although this could be because they're doing web filtering. They need to have the time to filter all of the traffic.

The logs are not clear, which means that you need an additional piece of software in order to read them clearly. This is the main issue with Sophos UTM. Essentially, you need to spend time looking through the logs and if you want quicker access then you need to have third-party software.

I have been working with Sophos UTM for eight years.

This is a stable product. In my experience, I have only seen one case where, after four years, a customer's UTM was completely dead. The motherboard just died.

This customer had a license, so they contacted Sophos and within one week, they had a replacement.

It is easy to scale. You can set up a failover with a second Sophos device, where the second one is available as a backup. You have the option to set up Sophos Lite, which is a small device from Sophos that can link with your main unit.

For example, if you have remote offices, you can have the main Sophos device in your main office, and then all the branch offices connected using the lite model. All of the traffic goes to your main site, and it will provide all the web filtering.

The quality of technical support depends on who answers the call. When you reach the proper support person, they are really good and know what they're doing.

There is a lot of information available online, partly because Sophos is the old Cyberoam. Most of the time, I try to solve problems by myself. However, if I can't, I contact Sophos.

I am a certified Sophos architect, so I help to create the solution.

I have never had any trouble setting it up. There are some things that you have to do from the command line, but that's how Sophos and other products work. It is the same with Meraki and FortiGate. 

For the most part, it's straightforward and you just follow the wizard. The questions regard your internet connection, what service you expect Sophos to provide, and of course, the main one is the license because, for home users, it is free.

This product is free for home users. There is a limitation to the number of devices that can be connected, but nobody expects at home that there will be more than 50 devices connected to the firewall.

For business users, if you have the proper license, it will provide full protection not only as a firewall, but will protect your web server, Exchange Server, network, and provider web filtering capabilities. These days, that is really important. You don't want somebody to get in, or when a user clicks a link, they could lose some information.

The more expensive products have better performance. If you have fast broadband then you will need a bigger device, otherwise, it will slightly reduce the speed of your throughput. For example, if you have a gigabit connection with the cheapest model, perhaps a UTM 320, then it will cut the speed by approximately 50% to 500 megabits.

We sell the Meraki MX solution to protect some of our customers, and we are resellers of FortiGate as well.

Sophos is easier to set up than Meraki.

When it comes to reading the logs of other devices, it is much easier with Meraki, FortiGate, or even the Sophos XG firewall.

At the moment, all of the firewalls on the market are doing the same thing. Once you buy the license, it will cover everything.

Sophos UTM is a comprehensive product that does the job that it should. They have another product now, called the XG firewall, that covers everything that UTM does not. The best part about this is that you can run the XG firewall on the same hardware where UTM is installed. This means that if you're thinking that Sophos UTM is not good for you, you can always migrate to the XG firewall. That said, I have never had a problem setting up UTM and can't think of a problem that I couldn't solve with it.

Overall, UTM is good, but if you want something better that can handle more complex rules then you can use the XG firewall. My only complaint is that they limit the bandwidth, depending on the model.

The suitability of this product depends on the customer's needs. If they don't need really complicated firewall rules, yet want to protect the network and want really good web filtering, then I recommend using Meraki. If on the other hand, they have a really complicated setup and want better filtering, then Sophos is the better option.

Also, if you have your own web server or mail server on-site, then I recommend Sophos. If instead, you have a normal office network with mail stored in the cloud, then I recommend Meraki.

I would rate this solution a nine out of ten.

Threat management for servers is our primary use case. We're not using it on all workstations, just a few. We're primarily using it on servers.

The version we're using is fully in the cloud, not on-prem.

We don't have to worry about viruses anymore. Before Sophos, we didn't have anti-virus at all because we're a newer company and we're just now starting to get into business-level stuff. When we installed it on a few of the users' machines, we saw that they did have very minor infections - they downloaded something they shouldn't have, something that could have hurt the computer. We were able say, "Well, we're glad they didn't click on that."

The isolation of infected machines is a big feature. Also, the ability to detect external sources that change files on a file server is really big.

The third key feature is something called EDR. It's a type of advanced file analysis. If you aren't sure what a file is you can click on it and it will upload a sample to Sophos and it will respond saying, "That's malicious," or "Not malicious." You can see every individual file and registry key that that file has ever interacted with, and what they did. It will show you every single thing it's done to the machine so you can clean up everything or check everything that it has ever touched. You don't have to worry about, "Oh, did I clean everything up?"

It does have built-in policies which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them.

In terms of stability, it's definitely top-notch, a market leader. The ability to do things and the availability of it being online aren't an issue.

It seems very scalable. All you do is install the client, and it pulls it in. You don't have to actually have more Sophos servers running. It all goes back to their central, cloud-based platform, which is nice.

I haven't had to use Sophos' technical support.

The initial integration and configuration of Sophos in our AWS environment was incredibly easy. They give you a license key and a file. You download that file on the operating system type that you're trying to install it on. Install it and it's done. There's nothing else at all to do. It gets auto-configured for you.

We haven't seen ROI because we just got it two or three months ago. Over time we will.

The biggest issue with Sophos is the pricing. It's definitely more expensive. We looked at Webroot, which is a big alternative, and Sophos was almost three times the price of Webroot. That's a pretty big difference.

We actually went with both Webroot and Sophos. We went with Webroot for most of the client machines. We're only using Sophos for the servers and the really important client machines, like the ones the managers use. That way, we can split our cost up a little bit.

We looked at Webroot, primarily. That was pretty much the only one we evaluated that was even close to being a competitor. We did look at a few others, but we didn't even do the trials because \Webroot and Sophos offered so much more.

Webroot seemed really nice for Windows, but we have a lot of Macs. Our servers are Windows, and we definitely went with Sophos for the servers because it has a little bit more capability with Webroot.

An example would be that if you have a file server, it will actually detect if a source is changing stuff on the file server. Suppose that a client was connected to them. That client wouldn't even need protection. Sophos is smart enough to understand, "Hey, a client just uploaded this virus." Webroot wouldn't do that. Sophos also lets us do full isolations of the servers or workstations. So if something gets infected, we can isolate that machine with the click of a button, clean it up, and then release it back into the network. That's not something Webroot was capable of handling either. Those were two big things to us because both of those features stop viruses from spreading.

Everyone's going to get infected at some point. We just want to stop the spread as soon as possible.

If you're running a full Windows-based shop you're going to have a lot more options, so make sure you shop around. If you're running a Mac-based shop like we are, Sophos is definitely the way to go. Just make sure you can afford it.

Regarding how well Sophos integrates with other products, so far we haven't integrated it with anything. We have it on the servers and we have it scanning our Amazon accounts, but that's it. The integration with Amazon is cool. Maybe they could work on that because it seems like a newer feature. You can see what's available but not really do anything yet.

For the features, how well it works, and how easy it is to use, I would give Sophos a ten out of ten. Overall, I would give it a nine because it is very costly compared to all competitors.