Sophos UTM Reviews

Threat management for servers is our primary use case. We're not using it on all workstations, just a few. We're primarily using it on servers.

The version we're using is fully in the cloud, not on-prem.

We don't have to worry about viruses anymore. Before Sophos, we didn't have anti-virus at all because we're a newer company and we're just now starting to get into business-level stuff. When we installed it on a few of the users' machines, we saw that they did have very minor infections - they downloaded something they shouldn't have, something that could have hurt the computer. We were able say, "Well, we're glad they didn't click on that."

The isolation of infected machines is a big feature. Also, the ability to detect external sources that change files on a file server is really big.

The third key feature is something called EDR. It's a type of advanced file analysis. If you aren't sure what a file is you can click on it and it will upload a sample to Sophos and it will respond saying, "That's malicious," or "Not malicious." You can see every individual file and registry key that that file has ever interacted with, and what they did. It will show you every single thing it's done to the machine so you can clean up everything or check everything that it has ever touched. You don't have to worry about, "Oh, did I clean everything up?"

It does have built-in policies which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them.

In terms of stability, it's definitely top-notch, a market leader. The ability to do things and the availability of it being online aren't an issue.

It seems very scalable. All you do is install the client, and it pulls it in. You don't have to actually have more Sophos servers running. It all goes back to their central, cloud-based platform, which is nice.

I haven't had to use Sophos' technical support.

The initial integration and configuration of Sophos in our AWS environment was incredibly easy. They give you a license key and a file. You download that file on the operating system type that you're trying to install it on. Install it and it's done. There's nothing else at all to do. It gets auto-configured for you.

We haven't seen ROI because we just got it two or three months ago. Over time we will.

The biggest issue with Sophos is the pricing. It's definitely more expensive. We looked at Webroot, which is a big alternative, and Sophos was almost three times the price of Webroot. That's a pretty big difference.

We actually went with both Webroot and Sophos. We went with Webroot for most of the client machines. We're only using Sophos for the servers and the really important client machines, like the ones the managers use. That way, we can split our cost up a little bit.

We looked at Webroot, primarily. That was pretty much the only one we evaluated that was even close to being a competitor. We did look at a few others, but we didn't even do the trials because \Webroot and Sophos offered so much more.

Webroot seemed really nice for Windows, but we have a lot of Macs. Our servers are Windows, and we definitely went with Sophos for the servers because it has a little bit more capability with Webroot.

An example would be that if you have a file server, it will actually detect if a source is changing stuff on the file server. Suppose that a client was connected to them. That client wouldn't even need protection. Sophos is smart enough to understand, "Hey, a client just uploaded this virus." Webroot wouldn't do that. Sophos also lets us do full isolations of the servers or workstations. So if something gets infected, we can isolate that machine with the click of a button, clean it up, and then release it back into the network. That's not something Webroot was capable of handling either. Those were two big things to us because both of those features stop viruses from spreading.

Everyone's going to get infected at some point. We just want to stop the spread as soon as possible.

If you're running a full Windows-based shop you're going to have a lot more options, so make sure you shop around. If you're running a Mac-based shop like we are, Sophos is definitely the way to go. Just make sure you can afford it.

Regarding how well Sophos integrates with other products, so far we haven't integrated it with anything. We have it on the servers and we have it scanning our Amazon accounts, but that's it. The integration with Amazon is cool. Maybe they could work on that because it seems like a newer feature. You can see what's available but not really do anything yet.

For the features, how well it works, and how easy it is to use, I would give Sophos a ten out of ten. Overall, I would give it a nine because it is very costly compared to all competitors.

It's easy to use.

I didn't like it much. It suits only small businesses. It isn't scalable and reliable. There is a very critical issue with the power supply.

I've been using this solution for four years.

Its stability is very bad. It needs to be improved. The power supply issue that I faced is a very critical one.

I feel that the hardware itself needs to be improved. We have about 50 users. 

Their support is very bad. They don't respond at all.

It's easy to set up. One day is enough for its full implementation.

We implemented it in-house. We had two administrators for its implementation.

It's expensive. It has a yearly license.

I'd not recommend this solution. I'd rate it a four out of ten.

We use Sophos UTM as a firewall and access control. The firewall has web filtering and anti-fishing tools. We synced Sophos UTM with our Microsoft Windows Active Directory.

Sophos UTM is a robust solution and it provides flexibility.

I have been using Sophos UTM for approximately five years.

The stability of Sophos UTM is very good. The solution has been stable since Sophos took over Cyberoam which was the original company providing this solution.

The scalability of Sophos UTM is seamless if you have the right UTM device. However, for every device there are limitations, we have 150 users on it at this time.

The support from Sophos is very helpful. We raise a support ticket on the portal and we receive a response.

The initial setup was straightforward. The full deployment takes approximately two days which could be simplified to reduce the time. The major part of the process is the configuration and the policy setup.

We did the implementation of Sophos UTM using our internal team. We have certified engineers that can handle the process. If there are any issues we can reach out to the support of Sophos.

We have two people that handle the maintenance for the solutions.

There is a license for the device and for the software. We pay annually for the solution and the cost is competitive.

Sophos has an aggressive 360-degree security deployment. They are securing your mobile phone and data, both data security and also device security. They're on the cloud too, if you look at the company they really working hard on a 360 approach for security. The coverages they offer makes them robust. You can always start from somewhere, and then you scale up. You can start with their device management solution, or with their firewall, and then you begin to scale up with other features seamlessly. The flexibility they provide is also very good with Sophos, I can recommend Sophos confidently.

I rate Sophos UTM a nine out of ten.

The Sophos UTM planform has allowed us to improve or implement the following security practices:

• Details Web filtering and user access Control
• SaaS QoS
• Network segmentation with firewall and IPS
• WiFi protection
• Web Application Proxy everywhere, inside and out
• WAN expansion with SSL VPN and IPsec VPN over the Internet
• Two Factor Authentication requirement for PCI compliance
• Reduced the need for expensive MPLS deployments

The UTM/SG platform starts off with the basic functionality of being a good Firewall, adding the additional modules opens up the products set and allows for full web filtering and application control, reverse proxy, APT detection, IPS, VPNs, User portal etc.

The licensing model works very nicely to allow you to get the right protection at the right price point for the right deployment size.

In the increasingly cloud focused word the Sophos UTM’s ability to deliver Safe web access, Web Filter and Cloud Application control has gone from being a nice to have to being a must have for any size company or organization. The rich access logs it records allows you to get real insight into what your users and devices are accessing on the cloud. Native reporting is basic, but can easily be improved by adding Fastvue Sophos Reporter.

At Enterprise level the SUM (UTM Manager) needs to be updated to reflect all of the capabilities

At the Reporting level for user internet browsing the On-box Reporting is very basic and even adding the Sophos iView only give you limited improvement. Having said that, Fastvue’s Sophos Reporter provides all of this and more and integrates seamlessly with the UTM platform to unlock all of the log data’s value.

The SG platform does however not scale to a large enterprise deployment. You can deploy at scale but this is where the platform shows its age and limitations. For Large and Enterprise the better option is to go with the Sophos XG Platform.

Major firmware release can sometimes be buggy initially but are soon pathed and stabilized. My advice would be to sit tight for 9.x release for about a week before implementing 9.x.yyy releases often fix bug without introducing stability issues.

The platform scales-out in a great way, if your deployment is basic and you do not exceed the capabilities of the current SUM. Several companies run large UTM connected networks with hundreds of site across multiple countries.

The platform scales up admirably in the format of the large tin deployments such as the SG550 or SG650 models. They are ably to handles massive throughput rates on the firewall modules but the Proxy and WAF modules cap out at a 10 000+ users or devices depending on the traffic, of course.

For anyone with Proxy and firewall experience the setup is pretty straight forward with a wizard that will get you up and running in no time. The UTM / SG is also available in Hardware Software / Hyper-V/ AWS / ESXi / Oracle Virtual Box so you can set up a test or lab environment on almost anything to get started.

The licensing options with virtual are great and scaling up and down is typically not an issue if you reseller is involved. Sometimes buying the hardware makes more sense than going virtual. The hardware is great and unlike the virtual licensing is unrestricted by user numbers. There are huge numbers of OS models that range from very small to very large. You will likely find a good fit for your deployment.

A great benefit is that you can migrate your Sophos SG license to a Sophos XG license in the future. You can safely Deploy on SG and later migrate over to the newer XG platform when you are ready. It offers a great feature set at a good price point.

Various other platforms were evaluated before choosing the Sophos SG including CheckPoint – UTM1, FortiGate, and Sophos XG (Beta – at the time). All have their own areas where they shine and should be short listed candidate for anyone looking to implement a UTM.

Sophos is a great security partner for any organization. Investing in their suite of products gives you a good cohesive strategy for security. Adding Fastvue Sophos Reporter allows you to get better visibility into how well your UTM is protecting your environment as well as adding the ability to add real time alerts. It really adds additional features to the product without increasing the cost much and a relatively short ROI is often realized.

Our company uses the solution as an edge firewall. 

We have 500 users and the solution is managed by five technicians. 

The solution's sandboxing, application center, and database engine are good. 

The endpoint device detection tool integrates very well with Edge devices. 

The reporting system needs to allow for customizations because many reports do not include details that we expect. 

It would be beneficial to have a security fabric feature like FortiGate that integrates with UTM devices and reports to expose issues. 

I have been using the solution for four years. 

The solution is stable. 

The solution is very easy to scale up and has no limitations. 

Technical support is very knowledgeable and responds immediately to issues.

I rate technical support a ten out of ten. 

Positive

The initial setup is easy and I rate it an eight out of ten.

We implemented the solution in-house and it does not require much maintenance at all. Three technicians handle any maintenance needed. 

The solution's pricing is based on a licensing model and is competitive. 

The solution was 20,000 Rial about five years ago. 

I rate pricing a ten out of ten. 

Per market analysis, the solution is in the top three with FortiGate and Palo Alto. 

All three solutions are comparable so the best fit depends on your engines, environment, and requirements. 

I rate the solution an eight out of ten. 

The solution's user interface is very user-friendly. It's very easy to navigate.

They have an all-in-one product for small businesses. Basically, I do not want to manage the firewall for four products. I'll take it all in one. It makes everything easier to manage. 

It's really good and it's been working really well over the last few years. 

The initial setup has been very simple and straightforward. 

The stability, overall, is excellent. I haven't had a problem in the last two years.

It is a fine product, however, I need more endpoint protection.

They should release a license for more than 50 IPs. As of now I have had some discussion about with management, and we need to do some planning and around that to see if we can change things.

The pricing is too high. There are other options that are less expensive, such as Bitdefender. In fact, Bitdefender is very good, aside from lacking a firewall such as this. Beyond that, it's a very good product with central management on-premises. 

It would be nice if it had basic features, such as DLP (Data Loss Prevention).

I've only been using the solution for about two years or so at this point.

The stability has been excellent. It doesn't crash or freeze. There are no bugs or glitches. It's very good and very reliable. 

This solution is perfect for small businesses. 

I don't have too much experience with technical support. I only recall one case where I had to contact them directly. I recall them being very helpful and responsive. I had a good experience and was satisfied with their level of service. 

The solution is being discontinued. Hopefully, whatever they replace it with will be very good for small businesses as well. 

The initial setup was not complex. It was very simple and very straightforward. It was not difficult at all. A company shouldn't have any trouble with the process. Specifically, if you have experience in IT, you will find it very easy to deploy these products.

I am a Sophos customer.

I'm using UTM for home use only. It's only four 50 IPS.

I'd rate the solution at a ten out of ten. Overall, it's worked really really well. Everything from the updates to the signatures has been very helpful for our business. 

I would recommend this product to other users and other organizations. 

The solution is used mainly for user management and access control. 

It's a little bit easier to use. It's user-friendly, and then there's a lot of documentation for it online, so it's easy to manage without necessarily dealing with a big learning curve. It is easy to understand, basically.

If you need to troubleshoot, everything is basically on Google. 

The solution is stable. 

It's a scalable product.

The support could be better.

They need to improve their email protection. Their email protection is horrible. They have an email protection license that is paid for. However, they need to improve on email protection capabilities.

They need to have proper reporting. What they offer no is weird. I need to get another application to give me a clear diagram of my network. This should instead come directly from Sophos. 

I've been using the solution for two years now. 

The product is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. 

It is redundant enough. I don't have any issues with it.

The solution scales well. 

We have about 500 people on the product right now. We also have 100 users on the VPN.

It is better to Google rather than use technical support. 

They are slow to respond and then the response doesn't exactly give you what you want.

I understand they can't give you a solution to something that you'd expect them to. They try to give you something. You're going to go to Google and find the information on Google faster and easier anyway. 

We worked with Cisco mainly in the past. When we went to renew with Cisco, we found the pricing to be quite high. We're happy now with Sophos. We have no interest in switching to anything else.

The initial setup is very easy. The interface makes it simple.

I'm not sure how long the deployment took exactly.

We have four people that are able to handle maintenance. 

I was able to set it up myself, however, you do really need to know it or work with someone who does.

The cost could be considered reasonable based on other plans. However, when I was looking at when you renew our licenses, the pricing is a little bit weird. When you renew your license, the licenses are at the cost of buying a new device in your plan. I haven't renewed yet. However, I would need to figure out that aspect. 

I can't recall the exact costs of the product as it's been a while since we originally licensed it. 

Compared to Juniper, the difference is the pricing. It's more affordable than Cisco or Juniper, actually.

I'm a user and a consultant.

I'd advise potential new users that they should let someone that knows how to do it set it up fast. You should work with someone that knows how to do it.

I'd rate it an eight out of ten. 

The features that we're currently using are mainly just for the endpoint protection, which is for the service and the workstations. We basically use it for the servers, the main servers, and then from there for the client, which is basically the laptops and the PCs.

The fact that it's not heavy on the machines has really helped. It's basically lightweight. One advantage is that we, having a cloud solution, do not require a physical machine that we have to administer on our network.

The fact that it's on the cloud means we don't have to administer it on our network or deal with a physical machine, which saves us money.

The solution has many great features.

From the console, we can start different scannings on different machines. We enjoy the centralized reporting part of it. 

The initial setup is simple.

We enjoy its general stability.

The solution can scale.

So far, the solution has been problem-free.

We don't need any extra features. We only use it for the servers and the workstations. We'd like to see them offer their services on mobile devices like tablets. I'm not sure if that's an option or not.

I've been using the solution for over a year now.

It's been very stable. In fact, we haven't had any complaints or any issues with it. There are no bugs or glitches. It doesn't crash or freeze. The performance is great.

The scalability is quite good.

Right now, we have 40 users.

We will definitely scale in the future. As we get new employees, we just request additional licenses.

I've never had any issues.

I also use FortiGate.

The implementation process was straightforward. What basically happens is that you just have to pick that certain client from the console and then you just install it on the machines. From there, of course, you handle connectivity after that. It's pretty straightforward.

A full deployment on one machine took less than 20 minutes. The thing is, if you have fast internet, it can even be much less.

Maintenance is very simple. Support is inbuilt from the manufacturer's side. Therefore, internally, if there are any issues on the client machine, you just reinstall it. There isn't much to do really, in terms of maintenance, except maybe the licenses. It's hosted on the cloud and updates are automatic, and are available from the portal.

We did not need a reseller or consultant's assistance. It was all handled internally.

I haven't really explored ROI. I only have worked with it for slightly over a year. Maybe we need to start looking at it. 

That said, so far, we are protected and we haven't been hit so far. We're getting the returns from it in that sense.

Having a cloud option is a real cost saving. 

In terms of licensing, we pay on yearly basis. From there, what happens, in the last month, we request a quotation for renewal, and then from there we just pay through the local reseller. 

We're thinking of maybe dealing with the supplier, the manufacturer, directly, however, right now, we're still using the local supplier for licensing and payments. 

We are on the latest version of the solution.

We are customers.

I would rate the solution at a nine out of ten. We are very happy with it. I would recommend it to others.

I'd advise new users that, if they are going to go with the cloud option, that issues related to maintenance is actually handled within the cloud. The rollout is pretty smooth.