We primarily use the solution for perimeter security in order to protect content. We also use it for the XG firewall.
Digital Transformation and Technological Innovation Manager at a educational organization with 501-1,000 employees
Easy to manage with good content filtering and an easy initial setup
Pros and Cons
- "The initial setup is pretty easy."
- "There needs to be some improvement in the IPsec VPN. There is implementation only support. I have version one. I'd be most interested in having IP version two from the protocol."
What is our primary use case?
What is most valuable?
The content filtering is the solution's most valuable aspect.
The initial setup is pretty easy.
The solution is pretty easy to manage.
What needs improvement?
There needs to be some improvement in the IPsec VPN. There is implementation only support. I have version one. I'd be most interested in having IP version two from the protocol.
For how long have I used the solution?
I've been using the solution for about five years or so at this point.
Buyer's Guide
Sophos UTM
November 2024
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.
What do I think about the stability of the solution?
The stability of the product is quite good. We haven't had any issues with bugs or glitches. It doesn't crash or freeze on us. We trust its reliability.
What do I think about the scalability of the solution?
We don't really have scalability in mind right now. I need proof of all that. It's a single device that we have.
We don't plan on increasing usage with this device. In fact, we're considering a switch to Sophos XG.
How are customer service and support?
We've never directly worked with Sophos' technical support. We've always dealt with the Sophos partners.
We also don't really have any experience with online community support or documentation.
Which solution did I use previously and why did I switch?
I previously worked with Microsoft BMG. At the time we switched, Sophos was the better option. We needed a solution that was easy to manage and Sophos fit the bill in that sense. Microsoft didn't really offer any support. Sophos also was integrated with a directory and a single sign-on.
We're actually looking at switching to Sophos XG in the near future. The main difference between the two lines of Sophos products is the level of support provided. XG offers more of what we need. We may also eventually move to a Huawei firewall.
How was the initial setup?
The initial implementation is not complex. We found it to be very straightforward. It was easy.
The deployment took approximately one week. It didn't take too long.
We had two people on staff that handle deployment and maintenance.
What about the implementation team?
We had a consultant help us manage the implementation. hey were very good and quite knowledgable. We were satisfied with the assistance they provided to our team.
What's my experience with pricing, setup cost, and licensing?
We pay for the service on a yearly basis. The last time we paid was in June, for a year. At the time, it was about $20,000.
There are no costs above a standard licensing fee.
What other advice do I have?
We're just customers. We don't have a business relationship with Sophos.
I can't remember the exact version of the solution I am currently using, however, I believe it to be around version 9.
It's a good product, and I would recommend it, however, I would advise other potential users to instead maybe consider Sophos XG.
Overall, I would rate the solution at an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Owner at Technologies International
Application layer filtering is a vital feature
What is our primary use case?
SMB firewall.
How has it helped my organization?
Protected it against malware and allowed us to serve our servers safely.
What is most valuable?
Application layer filtering.
What needs improvement?
Setup: Getting an exchange server to work behind Sophos is incredibly difficult with rules invoked that are simple numbers (e.g. 9054).
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Sophos UTM
November 2024
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.
Brings greater visibility into the network traffic coming inside and passing away from the company
Pros and Cons
- "The initial configuration is straightforward thanks to the web GUI. In 30 minutes, you can have a running firewall with UTM protection enabled."
- "Brings greater visibility into the network traffic coming inside and passing away from the company."
- "Needs to improve the certificate management (ex. Let's Encrypt support)."
What is our primary use case?
Currently, we are using the product on-premise. However, in the future, we would like to deploy an AWS instance too.
How has it helped my organization?
This product helped us a lot in having a greater visibility into the network traffic coming inside and passing away from the company. The Sophos’s unique RED devices helped us a lot to build up extremely, easy Layer 2 VPN connections.
What is most valuable?
- Email and web proxy: for filtering unwanted emails and spam, and for web content and malicious url filtering
- SSL VPN and two-factor authentication: for secure remote access
- Layer 7 app control: for blocking P2P (ex. BitTorrent) and media streaming content
- WAF/reverse proxy: for securely publishing web applications and protecting Exchange services
- WAN load balancing: for multiple Internet connection management
What needs improvement?
- Certificate management (ex. Let’s Encrypt support)
- VPN: IKEv2 Support
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
We have not encountered any issues with stability.
What do I think about the scalability of the solution?
The Sophos UTM solution is very scalable. You can build a hardware cluster with up to 10 nodes.
How are customer service and technical support?
Technical issues addressed to support team have been solved quickly.
Which solution did I use previously and why did I switch?
Before we were using Cisco solutions, we switched because of the lack of UTM features.
How was the initial setup?
The initial configuration is straightforward thanks to the web GUI. In 30 minutes, you can have a running firewall with UTM protection enabled.
What's my experience with pricing, setup cost, and licensing?
The pricing for Sophos UTM is quite acceptable compared to other UTM vendors. If you would like to run an active-passive HA system, you only need to buy an additional hardware without subscription. At other vendors, you need subscription for both devices.
In the case of a software/virtual appliance subscription, you pay by protecting user/IP addresses. You can do this to as much hardware resources as you like.
Which other solutions did I evaluate?
We evaluated SonicWall, WatchGuard, and Stormshield (Netasq) solutions.
What other advice do I have?
We highly recommend this solution for SMBs for its reasonable pricing and wide range of network services.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller and System Integrator.
Network Engineer II at a legal firm with 1,001-5,000 employees
Configuring the network was the easiest part of implementation, but the internet failover needs to work better.
Pros and Cons
- "If a computer does get infected the Sophos appliance lets us know via it's Advanced Threat Protection so we can get a much faster response time."
- "As it stands right now, when we have an internet failure on WAN1, it takes several minutes before our WAN2 connection picks up the traffic"
What is most valuable?
- Firewall
- NAT
- Intrusion prevention
- Site-to-Site VPN
- Web filter
- Anti-virus
How has it helped my organization?
Before using the Sophos appliance, we consistently struggled with users clicking on things they shouldn't be. This led to virus/malware infections that seemed to propagate through the network at an alarming speed. Since we incorporated the appliance into our network, we don't have to worry as much since it does in-line virus checking, and if a computer does get infected the Sophos appliance lets us know via it's Advanced Threat Protection so we can get a much faster response time.
What needs improvement?
I wish the internet failover worked better. As it stands right now, when we have an internet failure on WAN1, it takes several minutes before our WAN2 connection picks up the traffic, with many things not working until I manually fail over to the other WAN.
For how long have I used the solution?
I've used it for seven years.
What was my experience with deployment of the solution?
Initially, we had issues configuring the web filter and getting the right policies applied to the right users. After several calls to Sophos, they were able to assist us in getting to where we wanted to be. Other than that, deployment was easy as long as you pay attention to what you are doing and have the setup guide handy for any questions you have.
What do I think about the stability of the solution?
The appliance has been very stable, only being rebooted to apply patches for security vulnerabilities, which fortunately is not very often.
What do I think about the scalability of the solution?
The UTM 220 has served our purposes very well, it has allowed us to scale up on the computing side as well as the server side with no issues at all.
How are customer service and technical support?
Customer Service:
Their customer service is fantastic.
Technical Support:I have never had an issue go unanswered when I've had to involve Sophos technical support. Above all, it's their technical expertise that truly sets them apart from other vendors we have tried.
Which solution did I use previously and why did I switch?
We did originally try to use PFSense. The software was hard to use, and the level of technical expertise was not good. Ultimately, after several demos of both products, we decided that Astaro (at the time we purchased our original device) was the right vendor to work with. Since that time, Sophos purchased Astaro and it would appear that they kept a lot of the same people working on these devices because the transition was smooth, and the level of knowledge never faltered.
How was the initial setup?
The initial setup was very straightforward. I will say that you do need to have a certain level of knowledge to set up the more advanced functions. Configuring the network was the easiest part, and the firewall was very straightforward once you figured out exactly what rules you needed to put in place. NAT was a bit confusing to start with, but once you went through the process it was easy. Intrusion prevention was easy to set up, flip the switch to the on position and decide what rules you want to apply. Web filtering took a few calls to Sophos to set up properly, as we were trying to set up filtering policies based on Active Directory groups, and were not successful in the initial configuration, but we did finally get this implemented.
What about the implementation team?
I implemented the product in-house. The one bit of advice that I can give is to organize yourself prior to deployment. Determine what services you want to utilize in your environment, and focus your learning to those parts of the guide, this will make your deployment much easier.
What was our ROI?
Our return on investment is the fact that we are protecting the business' data, lowering administrative costs, and are better able to manage every bit of our network security.
What's my experience with pricing, setup cost, and licensing?
The licensing model is very straightforward, it's a bit pricey, but for what you get, it's well worth it.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Head of IT at a construction company with 201-500 employees
Some of the valuable features are web and email protection and VPN.
What is most valuable?
All the features are valuable.
- Web protection: Allows me to control unnecessary web traffic into the company network.
- Email protection: Protects the company from spam and malicious emails.
- RED and VPN: Provides an easy and secure way to connect branch offices so I can easily control them.
- WAF and DMZ: Provides an easy and very secure way to publish your internal servers. Enables you to have more than one WAN and to use them for load balancing and controlling the traffic through them.
How has it helped my organization?
Before implementing Sophos UTM, we had a lot of problems with:
- Malicious URLs
- Spam
- Unnecessary internet traffic
- difficulties in connecting and controlling branch offices
After implementing Sophos UTM, the percentage of infected computers because of bad URLs was been reduce by 90%. A lot of spam emails were blocked. Additionally, I created a whitelist for company emails and a blacklist for unnecessary emails.
Branch offices have the same protection like the main office and communication between offices is very easy. We created rules for one-way communication for some branch offices and two-way communication for another office. You have got a lot of abilities for different configurations between offices.
But after migrating to Sophos XG and the new XG OS, things got easier, more secure, and more interesting. Specifically, we had the ability to generate different reports for different protection types, different end users, or different services.
With the new XG OS, I have better control of my network and I can easily detect malicious and unnecessary traffic.
For how long have I used the solution?
We used UTM for four years, and XG for one year.
What do I think about the stability of the solution?
At the beginning, there were stability issues, due to a poorly configured switch. I had problems with HA, but after that, there were no stability issues.
How are customer service and technical support?
I only contacted technical support five or six times. They were very professional. I will rate them as excellent.
Which solution did I use previously and why did I switch?
We did not use a different solution before this one.
How was the initial setup?
The initial setup, at the beginning, was very complex. After some time, everything got clear. I did the migration of UTM to the new OS XG by myself and I didn't need help from technical support.
What's my experience with pricing, setup cost, and licensing?
Think twice when you are choosing your Sophos UTM/XG. I made a mistake the first time because I needed more powerful hardware for my network. I did not choose very well. The price and the license are definitely elements for which you must think twice. I had excellent cooperation with the Sophos sales team and my mistake was quickly resolved.
Which other solutions did I evaluate?
What other advice do I have?
I love all Sophos products, but the combination of Sophos XG, Sophos RED, and Sophos advanced endpoint protection with intercept X is something that all IT professionals and security officers will love and want to have.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Consultant at a tech services company with 51-200 employees
Sophos's web filtering & SMTP filtering is much better than SonicWall which we previously used.
What is most valuable?
Firewall and Web Protection
Advanced Threat Protection is a good "dashboard" feature to see if there is any network issues
How has it helped my organization?
Its a key point of keeping your network secure which once setup requires minimal ongoing monitoring. Also this unit can act as the whole security suite so everything in your network is protected.
What needs improvement?
Its identification of users without the need of setting up Proxies or Identity software could be better, that is probably the trickiest section to setup.
For how long have I used the solution?
2 years
What was my experience with deployment of the solution?
No issues other than ensuring what has been configured matches the requirement of the company/client.
What do I think about the stability of the solution?
The only stability issue we have encountered was an update caused the unit to over process things. Everything kept running but it did slow down Internet access because of this.
What do I think about the scalability of the solution?
I have only done basic High Availability setup which is very good but not Scalable solutions. However, as long as you follow the sizing guides and get the right UTM for the company there has been no issues.
How are customer service and technical support?
Customer Service:
Excellent
Technical Support:Not outstanding but I have noticed significant improvements over the last 12 months
Which solution did I use previously and why did I switch?
We used to use SonicWall. I still think its a good product though its web filtering and SMTP filtering were no where near as good as Sophos UTM. The reason we switched was the partner relationship between Dell and the IT Solutions company soured.
How was the initial setup?
You can setup the unit in simple mode and get 90% of what you want done. That is very straightforward
You can also setup each component manually. This requires understanding of the unit but even that is not difficult.
Probably the only difficult part of the Sophos UTM is the WebControl as this can be setup many ways. Ensuring you have mapped out a solution that is adaptable to the company is probably the most complex part.
What about the implementation team?
As we are a supplier, we bounce off ideas with their sales engineers. They are excellent.
What was our ROI?
Unsure as I don't deal in the money side of things but I think the clients get excellent returns as their security is totally covered if they include EndPoint protection.
What's my experience with pricing, setup cost, and licensing?
Most companies I have dealt with handing them a unit find they don't have to do much ongoing work on the unit. Once its working, its working and adjustments to rules and policies are easy.
Which other solutions did I evaluate?
No, we had a good relationship with Sophos and after comparing it to our previous solution (SonicWall) we were convinced it was a good product.
What other advice do I have?
If you are a IT Consultant shop, become a partner and do the training.
If you are the IT of a company, you can either get a IT Service company to set the unit up for you or if you are confident with firewalls you can purchase premium support to get assistance for troubleshooting purposes.
Disclosure: My company has a business relationship with this vendor other than being a customer: We are a business partner with Sophos
System Administrator
I like the web filtering options and the link to Sophos antivirus (Close all connections from-to infected PC)
Pros and Cons
- "I like the web filtering options."
- "I would like some features that are available in other brands. For example, I sometimes a person is using too much bandwidth, and it isn't easy to find this information in Sophos. Also, we have to switch connections manually when we are using a VPN and lose the MPLS connection. It isn't automatic."
What is our primary use case?
We use Sophos UTM to secure Internet connection inside our company and to provide secure remote access to the in-office network.
What is most valuable?
I like the web filtering options and the link to Sophos antivirus (Close all connections from-to infected PC).
What needs improvement?
I would like some features that are available in other brands. For example, I sometimes a person is using too much bandwidth, and it isn't easy to find this information in Sophos. Also, we have to switch connections manually when we are using a VPN and lose the MPLS connection. It isn't automatic.
For how long have I used the solution?
I have used Sophos UTM for five years.
How are customer service and support?
I rate Sophos support seven out of 10.
How would you rate customer service and support?
Neutral
What's my experience with pricing, setup cost, and licensing?
Sophos UTM is a little pricey, but it's reasonable if I compare it to Fortinet.
What other advice do I have?
I rate Sophos UTM eight out of 10.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Occupational safety technician at Concremat
Good web filtering with a fine initial setup and the ability to increase usage
Pros and Cons
- "The initial setup has been fine."
- "We need a better VPN client for the customers."
What is our primary use case?
We primarily use the solution for the firewall and VPN.
What is most valuable?
The web filtering is great.
The initial setup has been fine.
You can increase usage if you need to.
What needs improvement?
The VPN could be better. We need a better VPN client for the customers.
We'd like better logging.
For how long have I used the solution?
I've used the solution for six years.
What do I think about the scalability of the solution?
We have about 3,000 users on the product right now. We do have plans to increase usage in the future.
How are customer service and support?
Technical support has been fine. We are satisfied with the level of service we get.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We also use Fortinet and pfSense.
How was the initial setup?
The initial setup is very simple and straightforward. It's not overly difficult or complex to set up.
What's my experience with pricing, setup cost, and licensing?
The licensing is paid on a yearly basis. You just need to pay the standard licensing fee. There are no extra costs.
What other advice do I have?
I'd rate the solution a seven out of ten. It's been okay.
We are a partner of the product.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Download our free Sophos UTM Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Unified Threat Management (UTM)Popular Comparisons
Meraki MX
Check Point NGFW
WatchGuard Firebox
Juniper SRX Series Firewall
Untangle NG Firewall
KerioControl
Zyxel Unified Security Gateway
Stormshield Network Security
Huawei NGFW
Check Point CloudGuard Network Security
Sophos Cyberoam UTM
LANCOM R&S Unified Firewalls
Seqrite UTM
Buyer's Guide
Download our free Sophos UTM Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What Is The Biggest Difference Between Sophos UTM and Sophos XG?
- What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
- What Is The Biggest Difference Between Sophos and pfSense?
- Who provides a better antivirus solution: Bitdefender or Sophos?
- What are the biggest differences between Meraki and Sophos? Which one is good for security and SD-WAN?
- What is the biggest difference between Fortinet FortiGate and Sophos UTM?
- When evaluating Unified Threat Management (UTM), what aspect do you think is the most important to look for?
- What UTM solution do you recommend?
- Why is a UTM solution important?
- Which tool is better for internet protection: Meraki MX or Fortinet?
interesting