Sophos UTM Reviews

Currently, we are using the product on-premise. However, in the future, we would like to deploy an AWS instance too.

This product helped us a lot in having a greater visibility into the network traffic coming inside and passing away from the company. The Sophos’s unique RED devices helped us a lot to build up extremely, easy Layer 2 VPN connections.

• Email and web proxy: for filtering unwanted emails and spam, and for web content and malicious url filtering
• SSL VPN and two-factor authentication: for secure remote access
• Layer 7 app control: for blocking P2P (ex. BitTorrent) and media streaming content 
• WAF/reverse proxy: for securely publishing web applications and protecting Exchange services 
• WAN load balancing: for multiple Internet connection management

• Certificate management (ex. Let’s Encrypt support)
• VPN: IKEv2 Support

We have not encountered any issues with stability.

The Sophos UTM solution is very scalable. You can build a hardware cluster with up to 10 nodes. 

Technical issues addressed to support team have been solved quickly.

Before we were using Cisco solutions, we switched because of the lack of UTM features.

The initial configuration is straightforward thanks to the web GUI. In 30 minutes, you can have a running firewall with UTM protection enabled.

The pricing for Sophos UTM is quite acceptable compared to other UTM vendors. If you would like to run an active-passive HA system, you only need to buy an additional hardware without subscription. At other vendors, you need subscription for both devices.

In the case of a software/virtual appliance subscription, you pay by protecting user/IP addresses. You can do this to as much hardware resources as you like.

We evaluated SonicWall, WatchGuard, and Stormshield (Netasq) solutions.

We highly recommend this solution for SMBs for its reasonable pricing and wide range of network services.

We primarily use the solution for a number of use cases, including the firewall, web filtering, email filtering, and email encryption. UTM does it all. The only thing that we don't use it for is web application and protection. We don't really have any web servers in-house.

The web and email filtering are the two biggest and most valuable aspects of the solution for us.  

The solution overall has just been a good, cost-effective solution for us.

The solution offers a lot of functionality.

The solution scales well.

We've found the technical support to be helpful.

The stability and performance are quite good.

The ease of use could be a bit better. It's something they could work on.

The ease of configuration could be improved. It's not as simple as it could be just yet. However, it's kind of the nature of it.

They're kind of difficult to get set up sometimes.

Some of the detail in the web filter and the email filtering could be better outlined in the reporting. It is not as good as the two separate standalone solutions we used previously. However, it does also gives us a lot of other stuff that those two solutions didn't. It's a trade-off.

I've been using the solution for the last five years at this point.

The stability and performance are good. The solution is reliable. There are no bugs or glitches. It doesn't crash or freeze. It's good.

We've been using the same hardware for five years and it's always had a very good performance. I would say it scales pretty well. We have around 80 users on the solution currently. We've had double that. Actually, until COVID hit, we did have double that, as of a year ago.

We've been very happy with Sophos, despite the fact that most of their support is based out of Europe. When you get them on the phone, they're actually very good. Their support is very good. We've been happy with them, and have no concerns about renewing the maintenance.

We currently use a few Cusco solutions. We had a SurfControl web filter previously - a standalone server for that. We also had an email filtering package, that was on a separate server by itself. We found that the Sophos UTM did both of those things, and it gave us a firewall, and it saved us money. That's largely why we switched. The downside to Sophos is the reporting wasn't as good, however, everything else was better.

There was nothing wrong with the other solutions that we had other than it would cost us twice as much money to get a lot fewer capabilities. We don't really have the manpower to fully utilize those other solutions in great detail, which is why a simple web filter and email filter that was built into the Sophos solution worked for us. Plus, it does a lot more than that. We could run everything through it. We could - and we may do this - move away from using the Cisco solutions altogether, and just use the two Sophos firewalls. Once we get the XG up and running, we can upgrade the UTM to XG also and have the two XG firewalls in our two locations, and use it for the LAN connection between the locations. I don't know that we'll do that, however, it's definitely something that we can do. It's just a lot of additional capability and flexibility. 

While the configuration can sometimes be tricky, it was pretty much straightforward to initially set everything up. It helped that we had paid support through Sophos, so their technicians helped us get it up and running.

The deployment took a couple of weeks in total. It wasn't too big of a deal.

We don't really have any staff dedicated to deployment and maintenance. I tend to handle those aspects myself.

I've watched a few webinars, even on implementation, and it's just that a lot of the stuff is really different. You need to work on it a bit to get the hang of everything.

We had Sophos directly assist us. They were great at helping us implement everything. We physically got it in place, and then got it up and running, and then finished it off with some assistance from Sophos.

We've found the solution to be cost-effective overall.

Normally we do a three-year license with maintenance on a firewall.

Beyond the standard maintenance fee, the solution doesn't require any other licensing costs.

We are a manufacturing company. We're not a technology company. We don't need to have the very latest state-of-the-art technology, however, we want to try to be close to it. For us, Sophos is perfect.

We also plan to use Sophos XG, however, we haven't implemented it yet. We're hoping it might be easier to configure and set up than UTM.

Our antivirus, actually, was the antivirus that was managed by the UTM. Now they've since retired that capability, and they've gone to endpoint security software being managed in the cloud. Sophos Central can manage all of the Sophos security products, including all the firewalls, the endpoint security. Basically, you end up with one web interface for all of your security stuff. That's actually going to be a big feature, especially moving forward with XG, due to the fact that, if XG detects anything fishy going on, you can shut down individual client networks, and not allow any traffic to go through.

 Our Exchange ActiveSync is actually behind a Cisco firewall. We have a Cisco ASA also.

We use the latest version of the solution.

I'd rate the solution at an eight out of ten. We've largely been satisfied with the product.

As a company, you're looking to get the best solution out there. Once you have something in place, and it's worked well for you, and it hasn't cost you any excess money, you don't need to have too much contact with anyone. I rarely contact Sophos. That's a good indication of how good the product is working for us. If I was looking for something new, or if when maintenance comes up, and we've had hardware that's been in operation for a while, maybe we just need something new. Then you look and see if there's something out there that works better for you. That's basically it. We're not looking for anything new. We've actually been very happy with Sophos. I liked the way that there's a lot of good stuff there.

Our Sophos UTM provides a secure VPN solution. It allows us to have a VPN solution that limits access to certain sensitive areas in our environment.

It has made our organization more secure, because we are using a VPN. We are not accessing services directly. It allows us to segregate some of the traffic for individuals which may be more of a developer role rather than an operational role needing access to developer resources, but not necessarily production operational resources.

Previously, it was all intermixed, and access was kept under control by other means. This makes it easier and more streamlined.

1. The VPN side of it.
2. The ease of configuration of the VPN.
3. Some of the end user self-serviceability of it without having to have a whole lot of touch from our operational group

The UI on it could stand a little improvement. In some areas, it is a little slow and clunky. It is sometimes not easy to find something. However, once you get used to it, it is pretty normal to use.

We haven't had an issue with it yet. 

Any given day, we have easily ten to 15 users on it constantly, plus some other ancillary services which go across the VPN to access resources in our environment.

It works for what we have, as we only need a couple of them. Scalability-wise, we don't need a whole lot. 

We have used technical support one time for a weird upgrade issue. Their response was good.

It integrated well with AWS. The documentation was a little fuzzy on getting it to work with how the whole public exposure versus private exposure, then routing some of the traffic. However, once you read the documentation carefully, it comes out well. This goes back to the UI issue.

It makes it a lot easier for us to maintain things. Prior to it, things were more difficult. This means less time on us. We can focus on other things. The recovery is more in man-hours for us than anything else.

Purchasing through the AWS Marketplace is pretty straightforward. Because were entirely on AWS and don't have anything anywhere else. It made the most sense for us as a one stop shop.

The pricing is pretty reasonable. I don't think that it is overly expensive.

We looked at a couple other products. However, overall, Sophos UTM seemed to fit the bill. It has allowed us to have a solution that we can maintain and not have to babysit all the time.

It is definitely worth looking at. It is a pretty good product.

It is integrated with our LDAP solution, and that integration is okay. Any LDAP integration can be hit or miss. It doesn't matter what it is, because it's LDAP. Since we use LDAP as a service, it's a little different, but it does work well.

We use it for the AWS version.

We mostly use UTM for the protection of our network and the web. Some of our customers use it for email protection. We work mainly with governmental organizations. Our company was initially a distributor of the forerunner to UTM, a company called Astaro. We provide UTM to our customers and we are now partners with Sophos. 

It's an easy solution to learn because the graphics are very intuitive. I really like the log because of the amount of information it provides.

Sophos' new generation firewall is missing the link that provides antivirus for each computer. It would be helpful if they could add that element. The technical support used to be excellent but recently they don't seem to be able to solve our problems. 

I've been using this solution for 20 years. 

The solution is stable. 

The solution is scalable although we generally work with smaller organizations. 

The technical support used to be excellent but it's no longer as good as it was and we've had some problems getting solutions to the issues that we're having.

Positive

The initial setup is straightforward. We provide one or two engineers for implementation as well as ongoing support following deployment. 

Licensing can be purchased for one, two, or three years but I'm unaware of the cost. The solution can be downloaded for free if it's for home use which is a good way of testing before implementation.

I recommend testing this product before purchase. It's a good solution and I rate it 10 out of 10. 

We use Sophos to protect the entire network, including the web servers and everything else. 

Sophos UTM has a good user interface and granular security controls.

Sophos UTM could be simplified, and they can improve on the many other features, like SD-WAN and load balancing. Sophos UTM is missing a few features that their competitors have. For example, if you have multiple branches you would like to connect, the load balancing features aren't available on multilink. If we create a VPM for multiple LAN links, we cannot load balance the traffic.

I've been using Sophos UTM for five years.

Sophos UTM is stable.

Sophos UTM is scalable.

Sophos support is good. 

Sophos UTM is easy to set up, and I did it myself.

The price of Sophos UTM is reasonable. 

I rate Sophos UTM eight out of 10.

Most of our clients use Sophos UTM as a perimeter firewall for branch offices. Additionally, we use the Sophos XG, RED firewall for extending the network, and the Sophos Intercept X to complement the firewalls.

The most valuable features of Sophos UTM are the ease of use, it is very user-friendly. You can understand what they implement in the new firmware, and it's easy to manage the firewalls.

When I implement a solution, I have to teach the customers how to use it and when I have used other solutions, such as Check Point, it was difficult.

Sophos UTM has good integration with wireless and endpoint solutions

In Sophos UTM there is always a problem with the routing tables. If you want to see the routing table, you have to use the UI. You can't do it via a web browser. The routing table is better in Fortinet.

I have been using Sophos UTM for approximately six years.

The stability of the Sophos UTM is very good, most of our clients do not have to reboot the firewalls. 

The technical support is good. I tell my customers that we always have the support of Sophos and it is good for us. If you create ticket support in Spanish, you have to wait sometime, because they don't have a lot of people who work in Spanish. We have to do it in English. They should have more other language support agents.

I have previously used Sophos Cyberoam, XGS, and XG solutions. Additionally, I have used Check Point solutions.

The implementation of Sophos UTM firewalls is difficult. There are many aspects that are involved and there is maintenance needed. However, the difficulty level is the same as if you were implementing a Fortinet firewall.

We have a three-person implementation team that works in many cities here in Bolivia.

I have evaluated other solutions, such as Cisco.

I would advise others that the Sophos Academy is really good. You can receive certifications from them. It is important to understand the requirements because some people who don't know much are afraid to use firewalls, and that's a problem. It's important to use firewalls and ask questions proactively about them.

I rate Sophos UTM an eight out of ten.

I use the solution in my home premises to protect my internal network. I am a customer of Sophos. 

Sophos has great security features and does a good job of protecting my network. The firewall feature is very, very good. 

I think the interface configuration could be improved. It's very complex for now. They need to provide more videos and have more documentation. I think that's missing at the moment. By chance, I found something on a video that wasn't in the documentation and it was a lifesaver. I upgraded my hardware from 100 megabytes to 1,000 megabytes and had many problems. I had to start from scratch and get someone to help me with it.

I've been using this solution for seven years. 

The solution is stable. 

I only use the community support.

The initial setup is very, very difficult. When I installed the new Sophos and tried to restore the backups, the restore process did not work. I tried more than 20 times, and in the end, implemented a fresh install which required a lot of work. It was too difficult. It took me a long couple of days. It's worth checking the YouTube videos, they really saved me. 

I'm using the free version. 

I rate this solution eight out of 10. 

We implemented the solution into our infrastructure here in the insurance company, to protect the flow between the company and its partner.

The solution is quite stable. 

The scalability has been great.

The initial setup is straightforward.

Technical support is very responsive.

The integration capabilities could be better.

I originally implemented the solution when it was Cyberoam. After that, we migrated to Sophos UTM. I've used the solution since 2011.

The solution is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. 

The scalability is great. If a company needs to expand it, it can do so. It's not a problem.

We currently have 800 people using the solution.

We do pay for Sophos' support and we find them to be quite helpful and responsive. We're satisfied with the level of assistance we receive. 

We have used other solutions. We have various levels of firewalls. 

The implementation process is straightforward. It's not overly difficult. A company shouldn't have any issues with the process. 

It's a good idea if you are migrating from another solution, to do a review of security policy. That way, you can better optimize for security when you set everything up.

We have a team of six that can handle implementation and maintenance duties. We have two managers. One covers organizational security and the other cover operational security.

We do pay extra for Sophos support services.

The license is easy to acquire and implement. 

I'm currently performing a benchmarking of the other solutions against Sophos.

We're a custoer and an end-user.

When Cyberoam was acquired by Sophos, we migrated to the new hardware and new solution in Sophos.

We've been very happy with its capabilities. We would rate the solution at a nine out of ten.

I'd recommend, if a company sincerely wants to try out Sophos, that they test everything before implementation. It will help them understand what the solution can do and how to implement it into their infrastructure.