Sophos UTM Reviews

Threat management for servers is our primary use case. We're not using it on all workstations, just a few. We're primarily using it on servers.

The version we're using is fully in the cloud, not on-prem.

We don't have to worry about viruses anymore. Before Sophos, we didn't have anti-virus at all because we're a newer company and we're just now starting to get into business-level stuff. When we installed it on a few of the users' machines, we saw that they did have very minor infections - they downloaded something they shouldn't have, something that could have hurt the computer. We were able say, "Well, we're glad they didn't click on that."

The isolation of infected machines is a big feature. Also, the ability to detect external sources that change files on a file server is really big.

The third key feature is something called EDR. It's a type of advanced file analysis. If you aren't sure what a file is you can click on it and it will upload a sample to Sophos and it will respond saying, "That's malicious," or "Not malicious." You can see every individual file and registry key that that file has ever interacted with, and what they did. It will show you every single thing it's done to the machine so you can clean up everything or check everything that it has ever touched. You don't have to worry about, "Oh, did I clean everything up?"

It does have built-in policies which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them.

In terms of stability, it's definitely top-notch, a market leader. The ability to do things and the availability of it being online aren't an issue.

It seems very scalable. All you do is install the client, and it pulls it in. You don't have to actually have more Sophos servers running. It all goes back to their central, cloud-based platform, which is nice.

I haven't had to use Sophos' technical support.

The initial integration and configuration of Sophos in our AWS environment was incredibly easy. They give you a license key and a file. You download that file on the operating system type that you're trying to install it on. Install it and it's done. There's nothing else at all to do. It gets auto-configured for you.

We haven't seen ROI because we just got it two or three months ago. Over time we will.

The biggest issue with Sophos is the pricing. It's definitely more expensive. We looked at Webroot, which is a big alternative, and Sophos was almost three times the price of Webroot. That's a pretty big difference.

We actually went with both Webroot and Sophos. We went with Webroot for most of the client machines. We're only using Sophos for the servers and the really important client machines, like the ones the managers use. That way, we can split our cost up a little bit.

We looked at Webroot, primarily. That was pretty much the only one we evaluated that was even close to being a competitor. We did look at a few others, but we didn't even do the trials because \Webroot and Sophos offered so much more.

Webroot seemed really nice for Windows, but we have a lot of Macs. Our servers are Windows, and we definitely went with Sophos for the servers because it has a little bit more capability with Webroot.

An example would be that if you have a file server, it will actually detect if a source is changing stuff on the file server. Suppose that a client was connected to them. That client wouldn't even need protection. Sophos is smart enough to understand, "Hey, a client just uploaded this virus." Webroot wouldn't do that. Sophos also lets us do full isolations of the servers or workstations. So if something gets infected, we can isolate that machine with the click of a button, clean it up, and then release it back into the network. That's not something Webroot was capable of handling either. Those were two big things to us because both of those features stop viruses from spreading.

Everyone's going to get infected at some point. We just want to stop the spread as soon as possible.

If you're running a full Windows-based shop you're going to have a lot more options, so make sure you shop around. If you're running a Mac-based shop like we are, Sophos is definitely the way to go. Just make sure you can afford it.

Regarding how well Sophos integrates with other products, so far we haven't integrated it with anything. We have it on the servers and we have it scanning our Amazon accounts, but that's it. The integration with Amazon is cool. Maybe they could work on that because it seems like a newer feature. You can see what's available but not really do anything yet.

For the features, how well it works, and how easy it is to use, I would give Sophos a ten out of ten. Overall, I would give it a nine because it is very costly compared to all competitors.

I'm IT head at our company in India and we are customers of Sophos UTM.

The solution has many good features. There was a steep learning curve moving to version 18 but we're now at a point where the solution is more efficient and effective. When talking about VLANs the solution makes it easy to separate rules for everything. The solution is easy to use with simple implementation.  

The application server needs to be improved because currently, the classification segregation of applications needs to be more defined. Also, we used to be able to open the firewall using LAN IPS but that's no longer possible and needs to be solved. I'd like to see an improvement in central categorizing. These days with all the applications and threats, getting everything filtered down needs to be a finer, more granular process. There are times when you find that a website seems to be legit, but there is a code running behind it that can act as a proxy or some kind of a bot. The sites are always logged on, but at times we have to open for a few clients or a few sites and in that time they're open to attack.

We've been using this solution for at least six years. 

This solution is absolutely stable. 

The solution is scalable; we jumped from 135 to 230 users without any problems at all. 

Technical support used to be good but it's lagging a bit now. Support staff was better trained and more efficient than they are now. It could be because of Covid but it's a bit of a challenge at the moment. 

We worked with SonicWall many years ago. We then switched to Cyberoam and then we primarily used Cisco Firepower. There were support issues with Cisco and it wasn't easy to find the KB articles and training was lacking. Even the training personnel had problems when we had issues with implementation. The same thing happened when we used Palo Alto with the support being the biggest problem. It was so unstructured and I hope that has changed in the last 12 months. When it comes to firewalls we are happy with two products; Fortinet is our preference but when you take cost into account, we prefer Sophos. 

The initial setup was relatively straightforward. 

The licensing costs for Sophos are reasonable. It's clear to me that there are no full solutions, you can't win it all, and the cost is always an issue. We're on the winning side with Sophos in that respect. We renew our license every three years. 

I rate the solution eight out of 10. 

It's easy to use.

I didn't like it much. It suits only small businesses. It isn't scalable and reliable. There is a very critical issue with the power supply.

I've been using this solution for four years.

Its stability is very bad. It needs to be improved. The power supply issue that I faced is a very critical one.

I feel that the hardware itself needs to be improved. We have about 50 users. 

Their support is very bad. They don't respond at all.

It's easy to set up. One day is enough for its full implementation.

We implemented it in-house. We had two administrators for its implementation.

It's expensive. It has a yearly license.

I'd not recommend this solution. I'd rate it a four out of ten.

We use all features of Sophos UTM, for example, application control and URL filtering.

What I like about Sophos UTM is that it improves my company's security. The solution is easy to set up, which I like, and it's very stable.

An area for improvement in Sophos UTM is load balancing because my company cannot use it currently. If Sophos could release a new configuration for the load balancing feature to work for my company, that would be great. My team has requested this through the Sophos portal.

Another issue with Sophos UTM is that I cannot monitor YouTube or WhatsApp. I need to block videos and images, but I cannot do that over Sophos UTM.

I've been using Sophos UTM for four years.

Sophos UTM is very stable. It's an eight for me, stability-wise, on a scale of one to ten.

Sophos UTM offers excellent support, so it's an eight out of ten, support-wise.

Positive

Before Sophos UTM, my company used Cyberoam. Sophos UTM has more than one feature, such as VPN, application access, NAT, and SSL inspection. It has more features than Cyberoam, and I can find all that I need in Sophos UTM compared to Cyberoam.

Setting up Sophos UTM was very simple. I configured the solution more than once and found the process very simple.

Pricing for Sophos UTM is OK. Here in Egypt, many companies use the solution because of its price and features.

My company pays the Sophos UTM license fee yearly.

I have experience with Sophos UTM and all its versions within my company.

My rating for Sophos UTM is eight out of ten. I'm not giving the solution a perfect score because of load balancing and social media scanning issues.

My company is a Sophos customer.

We use Sophos UTM for endpoint antivirus.

The management suite is easy and the agent is easy to develop.

At the very least, keep existing. I will continue to use Sophos. If Sophos maintains its current ease of management, I believe I will continue to use it.

I would like them to keep the features as they are.

The GUI can be improved. It is not as good as Trend Micro, but I still like it.

The GUI could be more user-friendly.

Now, they offer a SaaS product in comparison to XDR and, TRM, which stands for automatic analysis of virus behavior or deadline. Currently, for example, when there is a threat, we analyze it ourselves, but now they offer automatic analysis because Sophos' XDR is based on cloud PCS.

I would like them to include automatic analysis for virus behavior and also cloud PCS.

I started using Sophos UTM in 2005.

Sophos UTM is a stable solution.

Sophos UTM is scalable.

The endpoint will be decommissioned next year, but we intend to continue using the Sophos XDR.

Because it is in Indonesia, technical support is only available via email and on the website. There does not appear to be enough technical advice available from support.

The support does not appear to be developed, and they lack expertise.

We are able to manage ourselves.

We have documentation available online

I would rate the technical support a two out of five. Technical support could be improved.

When compared to Trend Micro has a compact and bundle layer, whereas Sophos allows us to select the module. The module layer can be separated. For Trend Micro, we buy as a bundle purchase and they will give us everything.

The initial setup is straightforward. It is easy to set up and configure.

I would rate the initial setup a four out of five.

When compared to Trend Micro, the price is currently competitive.

The pricing is nearly the same. Implying that each endpoint costs approximately one million rupees.

It will cost approximately $67 US per device. We have 300 devices in our organization.

I would rate the pricing a three out of five.

The price could be improved. In my opinion, we could get a discount. We have already contacted Asia Pacific sellers, and they have agreed to keep the reduced price if we upgrade in March 2023.

For the time being, it is enough for us. As I previously stated, some companies that use Sophos may be unfamiliar with the full range of Sophos protocol offerings.

Before you start implementing Sophos UTM  be aware of the protocols.

I would rate Sophos UTM an eight out of ten.

We use Sophos UTM for firewall management and for some of the other modules it provides, such as email and firewall proxies.

The most valuable feature of Sophos UTM is the efficiency and mail filtering module.

Sophos UTM could improve the way the configuration has to be done. I have to do the configuration through the command line interface but if it could be done through the graphical user interface it would be much better.

I have been using Sophos UTM for approximately three years.

Sophos UTM is a highly stable solution. It has high availability.

We have approximately more than 1,000 employees in my company using the solution.

I have used Fortinet previously and I found it to be easier to deploy and maintain than Sophos UTM

The initial setup of Sophos UTM is straightforward. Additionally, the configuration is simple. When we first did the deployment it took approximately two days.

The configuration of this solution is easier than some of the competitors. In some of the other solutions, when there is synchronization between two firewalls there are times you need to break all the configurations and start from the beginning.

When we did the first installation of the solution we used a third party to assist. However, we now do the full implementation of the solution using our team.

The price of the license for Sophos UTM is approximately $5,500. The solution is less expensive than competitors.

The maintenance of the solution is easy, the documentation is very rich in content, and the report information is good. 

I rate Sophos UTM an eight out of ten.

We use Sophos UTM as an on-premise firewall.

All of Sophos UTM's features are valuable. The intrusion prevention is great, and I like dual virus scanning on the network layer because we scan it through Avira and Sophos. Web filtering is also a fantastic option for clients who want to really lock down internet access. And of course, it has the basic firewall features like port blocking and all of the stuff that most standard firewalls include.

I've been using Sophos UTM for over 12 years. I started using the solution before it became Sophos. It was originally called the Astaro Security Gateway, and then Sophos acquired Astaro and renamed it Sophos UTM.

Very stable. Very good.

I have Sophos UTM deployed for all my IT clients. There are 40 of them in the field serving about 500 users total.

We get put on hold for a long time. Otherwise, I'm not unhappy with their support at all. 

If you have a networking background and understand how to configure it, it's very straightforward. Somebody off the street can't just come in and do it, but yeah, it's pretty straightforward.

I would rate Sophos UTM a strong eight. I'm not giving it a ten because they're putting all their efforts into the XG model, so the UTM model will probably be phased out before long. I love the security of the XG. It's better with artificial intelligence and all of this type of stuff, and you can manage it from the Sophos Central Cloud. But Astaro ASG, now Sophos UTM, was the first unified threat management system and everybody else was copycatted it. I think its web filtering's great. If there are any security vulnerabilities, it's the fault of the administrator configuring the product, not the solution itself. You can lock networks down tight with this if you know what you're doing.

As we are a solution provider and not product oriented, we give the best solution for our customers, with a good price. We are the number one company in the region, BTC, and operate in Egypt, Iraq, Jordan, Lebanon, and Saudi Arabia.

As both a firewall and UTM it's perfect.

No issues encountered.

For me, the customer satisfaction, and awareness, is the most important thing. I usually train all my clients on their chosen system.

10/10.

As we are a service provider, we offer various other products to our customer:

• Astaro ASG
• Avaya/Netscreen
• Fortinet
• HP Switches & WiFi
• Juniper SSG
• Juniper SRX 210 & 240
• Juniper WXC
• Sophos next generation SG, including RED, SG, and WiFi
• Telindus Crocus E1Q

For me, the installation and setup is simple. I work hard to do the simulation for the customer, and discuss all the requirements before implementation with the client.

In one project I implemented Sophos for was a bank. I had to involve the Sophos team as the client was asking for WAF in transparent mode with HTTPS inspection. They were 10/10.

Prior to Sophos, it was mainly Juniper and Fortinet.

Give us 10 minutes of your time, and we will show you the differences. When I do presentations, I give potential clients demo access to the solution(s) I am presenting.