Sophos UTM Reviews

We use Sophos UTM as a firewall and access control. The firewall has web filtering and anti-fishing tools. We synced Sophos UTM with our Microsoft Windows Active Directory.

Sophos UTM is a robust solution and it provides flexibility.

I have been using Sophos UTM for approximately five years.

The stability of Sophos UTM is very good. The solution has been stable since Sophos took over Cyberoam which was the original company providing this solution.

The scalability of Sophos UTM is seamless if you have the right UTM device. However, for every device there are limitations, we have 150 users on it at this time.

The support from Sophos is very helpful. We raise a support ticket on the portal and we receive a response.

The initial setup was straightforward. The full deployment takes approximately two days which could be simplified to reduce the time. The major part of the process is the configuration and the policy setup.

We did the implementation of Sophos UTM using our internal team. We have certified engineers that can handle the process. If there are any issues we can reach out to the support of Sophos.

We have two people that handle the maintenance for the solutions.

There is a license for the device and for the software. We pay annually for the solution and the cost is competitive.

Sophos has an aggressive 360-degree security deployment. They are securing your mobile phone and data, both data security and also device security. They're on the cloud too, if you look at the company they really working hard on a 360 approach for security. The coverages they offer makes them robust. You can always start from somewhere, and then you scale up. You can start with their device management solution, or with their firewall, and then you begin to scale up with other features seamlessly. The flexibility they provide is also very good with Sophos, I can recommend Sophos confidently.

I rate Sophos UTM a nine out of ten.

The Sophos UTM planform has allowed us to improve or implement the following security practices:

• Details Web filtering and user access Control
• SaaS QoS
• Network segmentation with firewall and IPS
• WiFi protection
• Web Application Proxy everywhere, inside and out
• WAN expansion with SSL VPN and IPsec VPN over the Internet
• Two Factor Authentication requirement for PCI compliance
• Reduced the need for expensive MPLS deployments

The UTM/SG platform starts off with the basic functionality of being a good Firewall, adding the additional modules opens up the products set and allows for full web filtering and application control, reverse proxy, APT detection, IPS, VPNs, User portal etc.

The licensing model works very nicely to allow you to get the right protection at the right price point for the right deployment size.

In the increasingly cloud focused word the Sophos UTM’s ability to deliver Safe web access, Web Filter and Cloud Application control has gone from being a nice to have to being a must have for any size company or organization. The rich access logs it records allows you to get real insight into what your users and devices are accessing on the cloud. Native reporting is basic, but can easily be improved by adding Fastvue Sophos Reporter.

At Enterprise level the SUM (UTM Manager) needs to be updated to reflect all of the capabilities

At the Reporting level for user internet browsing the On-box Reporting is very basic and even adding the Sophos iView only give you limited improvement. Having said that, Fastvue’s Sophos Reporter provides all of this and more and integrates seamlessly with the UTM platform to unlock all of the log data’s value.

The SG platform does however not scale to a large enterprise deployment. You can deploy at scale but this is where the platform shows its age and limitations. For Large and Enterprise the better option is to go with the Sophos XG Platform.

Major firmware release can sometimes be buggy initially but are soon pathed and stabilized. My advice would be to sit tight for 9.x release for about a week before implementing 9.x.yyy releases often fix bug without introducing stability issues.

The platform scales-out in a great way, if your deployment is basic and you do not exceed the capabilities of the current SUM. Several companies run large UTM connected networks with hundreds of site across multiple countries.

The platform scales up admirably in the format of the large tin deployments such as the SG550 or SG650 models. They are ably to handles massive throughput rates on the firewall modules but the Proxy and WAF modules cap out at a 10 000+ users or devices depending on the traffic, of course.

For anyone with Proxy and firewall experience the setup is pretty straight forward with a wizard that will get you up and running in no time. The UTM / SG is also available in Hardware Software / Hyper-V/ AWS / ESXi / Oracle Virtual Box so you can set up a test or lab environment on almost anything to get started.

The licensing options with virtual are great and scaling up and down is typically not an issue if you reseller is involved. Sometimes buying the hardware makes more sense than going virtual. The hardware is great and unlike the virtual licensing is unrestricted by user numbers. There are huge numbers of OS models that range from very small to very large. You will likely find a good fit for your deployment.

A great benefit is that you can migrate your Sophos SG license to a Sophos XG license in the future. You can safely Deploy on SG and later migrate over to the newer XG platform when you are ready. It offers a great feature set at a good price point.

Various other platforms were evaluated before choosing the Sophos SG including CheckPoint – UTM1, FortiGate, and Sophos XG (Beta – at the time). All have their own areas where they shine and should be short listed candidate for anyone looking to implement a UTM.

Sophos is a great security partner for any organization. Investing in their suite of products gives you a good cohesive strategy for security. Adding Fastvue Sophos Reporter allows you to get better visibility into how well your UTM is protecting your environment as well as adding the ability to add real time alerts. It really adds additional features to the product without increasing the cost much and a relatively short ROI is often realized.

Our company uses the solution as an edge firewall. 

We have 500 users and the solution is managed by five technicians. 

The solution's sandboxing, application center, and database engine are good. 

The endpoint device detection tool integrates very well with Edge devices. 

The reporting system needs to allow for customizations because many reports do not include details that we expect. 

It would be beneficial to have a security fabric feature like FortiGate that integrates with UTM devices and reports to expose issues. 

I have been using the solution for four years. 

The solution is stable. 

The solution is very easy to scale up and has no limitations. 

Technical support is very knowledgeable and responds immediately to issues.

I rate technical support a ten out of ten. 

Positive

The initial setup is easy and I rate it an eight out of ten.

We implemented the solution in-house and it does not require much maintenance at all. Three technicians handle any maintenance needed. 

The solution's pricing is based on a licensing model and is competitive. 

The solution was 20,000 Rial about five years ago. 

I rate pricing a ten out of ten. 

Per market analysis, the solution is in the top three with FortiGate and Palo Alto. 

All three solutions are comparable so the best fit depends on your engines, environment, and requirements. 

I rate the solution an eight out of ten. 

The solution is used mainly for user management and access control. 

It's a little bit easier to use. It's user-friendly, and then there's a lot of documentation for it online, so it's easy to manage without necessarily dealing with a big learning curve. It is easy to understand, basically.

If you need to troubleshoot, everything is basically on Google. 

The solution is stable. 

It's a scalable product.

The support could be better.

They need to improve their email protection. Their email protection is horrible. They have an email protection license that is paid for. However, they need to improve on email protection capabilities.

They need to have proper reporting. What they offer no is weird. I need to get another application to give me a clear diagram of my network. This should instead come directly from Sophos. 

I've been using the solution for two years now. 

The product is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. 

It is redundant enough. I don't have any issues with it.

The solution scales well. 

We have about 500 people on the product right now. We also have 100 users on the VPN.

It is better to Google rather than use technical support. 

They are slow to respond and then the response doesn't exactly give you what you want.

I understand they can't give you a solution to something that you'd expect them to. They try to give you something. You're going to go to Google and find the information on Google faster and easier anyway. 

We worked with Cisco mainly in the past. When we went to renew with Cisco, we found the pricing to be quite high. We're happy now with Sophos. We have no interest in switching to anything else.

The initial setup is very easy. The interface makes it simple.

I'm not sure how long the deployment took exactly.

We have four people that are able to handle maintenance. 

I was able to set it up myself, however, you do really need to know it or work with someone who does.

The cost could be considered reasonable based on other plans. However, when I was looking at when you renew our licenses, the pricing is a little bit weird. When you renew your license, the licenses are at the cost of buying a new device in your plan. I haven't renewed yet. However, I would need to figure out that aspect. 

I can't recall the exact costs of the product as it's been a while since we originally licensed it. 

Compared to Juniper, the difference is the pricing. It's more affordable than Cisco or Juniper, actually.

I'm a user and a consultant.

I'd advise potential new users that they should let someone that knows how to do it set it up fast. You should work with someone that knows how to do it.

I'd rate it an eight out of ten. 

The solution's user interface is very user-friendly. It's very easy to navigate.

They have an all-in-one product for small businesses. Basically, I do not want to manage the firewall for four products. I'll take it all in one. It makes everything easier to manage. 

It's really good and it's been working really well over the last few years. 

The initial setup has been very simple and straightforward. 

The stability, overall, is excellent. I haven't had a problem in the last two years.

It is a fine product, however, I need more endpoint protection.

They should release a license for more than 50 IPs. As of now I have had some discussion about with management, and we need to do some planning and around that to see if we can change things.

The pricing is too high. There are other options that are less expensive, such as Bitdefender. In fact, Bitdefender is very good, aside from lacking a firewall such as this. Beyond that, it's a very good product with central management on-premises. 

It would be nice if it had basic features, such as DLP (Data Loss Prevention).

I've only been using the solution for about two years or so at this point.

The stability has been excellent. It doesn't crash or freeze. There are no bugs or glitches. It's very good and very reliable. 

This solution is perfect for small businesses. 

I don't have too much experience with technical support. I only recall one case where I had to contact them directly. I recall them being very helpful and responsive. I had a good experience and was satisfied with their level of service. 

The solution is being discontinued. Hopefully, whatever they replace it with will be very good for small businesses as well. 

The initial setup was not complex. It was very simple and very straightforward. It was not difficult at all. A company shouldn't have any trouble with the process. Specifically, if you have experience in IT, you will find it very easy to deploy these products.

I am a Sophos customer.

I'm using UTM for home use only. It's only four 50 IPS.

I'd rate the solution at a ten out of ten. Overall, it's worked really really well. Everything from the updates to the signatures has been very helpful for our business. 

I would recommend this product to other users and other organizations. 

There are multiple use cases, and a few examples would be its use in the education, banking, or financial sectors. There are so many other locations and sectors where they deploy this solution.

One of the features of Sophos UTM that I find valuable is its user authentication functionality.

In Sophos UTM, there is room for improvement in certain areas. For instance, I believe that its feature known as Synchronized Security could be enhanced. The solution's technical support for India needs to be improved.

I will need to think about the additional features the solution needs to include in its next release.

I have been using Sophos UTM for almost ten years now. It is a good solution. My company is a partner and an integrator of Sophos UTM.

Stability-wise, I rate this solution a ten out of ten.

Scalability-wise, I rate this solution a ten out of ten. If I talk about the solution's suitability, then it is suitable for enterprises.

Dealing with technical support can be time-consuming when communicating over the phone. I am unable to provide a rating for the technical support team. My suggestion to others would be that they provide the country location of the toll-free number in the solution. Although a toll-free number has been provided for India, the people in India are good. Compared to the UK, there may be issues with understanding and timing, which could lead to many problems.

We use Sophos Access Point, Sophos Firewall, Sophos Switches, Sophos MDR, and Sophos XDR. We have been using Sophos MDR for three years.

Whether the initial setup is straightforward or complex depends on the number of users or people to whom the solution is given.

Compared to the current market offerings, like FortiGate or SonicWall, Sophos offers its solution at a good price.

I compared Sophos UTM with Fortinet and found that Fortinet's EPP, ATP, and hardware are good. Sophos UTM has also improved its hardware by updating its dual-core processors with a second processor that uses advanced technology, whereas previously, the hardware was handled by a single processor. However, we are still facing some problems with Multicast User Authentication.

I recommend Sophos UTM, Sophos Access Points, Sophos Endpoint, and Sophos Switches to other users. Overall, I rate this solution a ten out of ten.

This solution can be deployed on-premise and on the cloud.

The most valuable feature of Sophos UTM is reporting, it is flexible. I can monitor the end user's devices, even when they are not on my network. It has good drill-down capabilities.

The reporting could improve by providing information on where, or from which device attacks are coming from. We are already given the country where the attack is coming from but more information would be beneficial.

I have been using Sophos UTM for approximately five years.

The stability of Sophos UTM is good.

I rate the stability of Sophos UTM an eight out of ten.

Sophos UTM is scalable.

I rate the scalability of Sophos UTM an eight out of ten.

I have used the support from Sophos UTM a few times. My experience was good. However, the resolution time can improve.

I rate the support of Sophos UTM a seven out of ten.

Neutral

The initial setup of Sophos UTM is simple. It can be down within one hour.

I rate the initial setup of Sophos UTM a seven out of ten.

The solution is affordable compared to others, such as FortiGate. The price is important.

I rate the price of Sophos UTM a seven out of ten.

I rate Sophos UTM an eight out of ten.

The features that we're currently using are mainly just for the endpoint protection, which is for the service and the workstations. We basically use it for the servers, the main servers, and then from there for the client, which is basically the laptops and the PCs.

The fact that it's not heavy on the machines has really helped. It's basically lightweight. One advantage is that we, having a cloud solution, do not require a physical machine that we have to administer on our network.

The fact that it's on the cloud means we don't have to administer it on our network or deal with a physical machine, which saves us money.

The solution has many great features.

From the console, we can start different scannings on different machines. We enjoy the centralized reporting part of it. 

The initial setup is simple.

We enjoy its general stability.

The solution can scale.

So far, the solution has been problem-free.

We don't need any extra features. We only use it for the servers and the workstations. We'd like to see them offer their services on mobile devices like tablets. I'm not sure if that's an option or not.

I've been using the solution for over a year now.

It's been very stable. In fact, we haven't had any complaints or any issues with it. There are no bugs or glitches. It doesn't crash or freeze. The performance is great.

The scalability is quite good.

Right now, we have 40 users.

We will definitely scale in the future. As we get new employees, we just request additional licenses.

I've never had any issues.

I also use FortiGate.

The implementation process was straightforward. What basically happens is that you just have to pick that certain client from the console and then you just install it on the machines. From there, of course, you handle connectivity after that. It's pretty straightforward.

A full deployment on one machine took less than 20 minutes. The thing is, if you have fast internet, it can even be much less.

Maintenance is very simple. Support is inbuilt from the manufacturer's side. Therefore, internally, if there are any issues on the client machine, you just reinstall it. There isn't much to do really, in terms of maintenance, except maybe the licenses. It's hosted on the cloud and updates are automatic, and are available from the portal.

We did not need a reseller or consultant's assistance. It was all handled internally.

I haven't really explored ROI. I only have worked with it for slightly over a year. Maybe we need to start looking at it. 

That said, so far, we are protected and we haven't been hit so far. We're getting the returns from it in that sense.

Having a cloud option is a real cost saving. 

In terms of licensing, we pay on yearly basis. From there, what happens, in the last month, we request a quotation for renewal, and then from there we just pay through the local reseller. 

We're thinking of maybe dealing with the supplier, the manufacturer, directly, however, right now, we're still using the local supplier for licensing and payments. 

We are on the latest version of the solution.

We are customers.

I would rate the solution at a nine out of ten. We are very happy with it. I would recommend it to others.

I'd advise new users that, if they are going to go with the cloud option, that issues related to maintenance is actually handled within the cloud. The rollout is pretty smooth.