We use this solution ourselves and we also deploy to our clients. It is a capable, general-purpose firewall with VPN tunneling built in, and a lot of web features if you're hosting a website. We are resellers of Sophos and I'm a partner in our company.
President at a tech vendor with 1-10 employees
Very good basic firewall functions with advanced firewall scanning
Pros and Cons
- "Good basic firewall functions with advanced firewall scanning."
- "Updates come out agonizingly slowly, a trickle."
What is our primary use case?
How has it helped my organization?
We haven't changed our procedures as a result of using this product but maybe the flip side is the case. We haven't had to change our procedure because we have this great tool that keeps the bad guys away.
What is most valuable?
I would say the email for sure and the basic firewall functions are great features. It also has advanced firewall scanning. If you receive a file, you can have it scanned through Sophos. It's a really complete product.
What needs improvement?
Sophos has a very small crew of people who continue to work on enhancing the UTM. At some point, they had actually stopped enhancing it and the word on the street was that they weren't going to enhance it any more because everybody was going to go over to XG, but they found that 50% of their users were still on the UTM and that was five years after they'd come out with the XG line. They decided they were going to rebuild some core parts of XG, and that would take a while. It's been six years and they're still not there. The updates come out agonizingly slowly. They just trickle out and when there's a problem with an update it takes a while to sort out. It's still a viable product but the more they improve XG, the less you have a need to stick with SG.
Buyer's Guide
Sophos UTM
December 2024
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
831,265 professionals have used our research since 2012.
For how long have I used the solution?
I've been using this solution for 15 years.
What do I think about the stability of the solution?
There are some legacy things that were probably fine back in the day when it was invented in Germany, things like the IPS, the Intrusion Protection engine. It's terrific and it works really well, but it can be a little bit slow. Because of the way that some pieces are built, for example the core for the IPS runs on only core, even if you have a multi-core CPU. 15 years ago that wasn't a big deal because your weak link was going to be your computer. But nowadays, you could have a fast enough computer if they could just let it work with multi-cores. They clearly aren't interested in rewriting large portions of the code because they're going to the XG so all they do is fix it or maybe add a feature that's in the marketplace. Over time, they've been adding more ways to do a VPN tunnel but some things they need haven't been added because it would require a big rewrite and they don't want to go there.
What do I think about the scalability of the solution?
The scalability has worked great for us. Everyone in our company uses it even though some may not know that they're using it. One of our larger clients, with a super computing center and some of the fastest computers in the world, use Sophos, so I would say that it does the job.
How are customer service and support?
Technical support have been very good. They are very knowledgeable but it can take too long to make contact. They're great once you do get hold of them. They've solved every problem we've had.
Which solution did I use previously and why did I switch?
We've tried numerous other solutions. Cisco, and some of the other major ones that were out there, but once we started using this, it was so much better in so many ways, we just dumped all the others.
How was the initial setup?
The initial setup is pretty straightforward. They have a template which takes you through and asks what you want protected. There's still a lot to do after that because there are variations which require more work. For example, if I have clients who need to block certain email addresses, I have to go through and set those up. If I need to allow conversations which require specific ports open in order to get to a particular business or credit card processing, that has to be set up. There is a lot of HIPAA detail in it and it also has credit card compliance things which require a manual set up. The setup requires a knowledge base.
What's my experience with pricing, setup cost, and licensing?
The solution is 100% free. You can just download the software for up to 50 IP addresses. It is a hundred percent free. Throw it on your own machine. Right, it's a native Linux product, a hardened Linux product and it's free for that sort of user.
What other advice do I have?
The solution has email firewall built in with all sorts of functionality, it is an absolutely excellent firewall, the logging is really good, you get great information about what's going on. It does things like GeoIP tracking and you can make decisions based on where people are coming from. It's just really a complete firewall. I would say if you're just starting right now, get the XG. Not that the UPM isn't outstanding, but it's disappearing. You might as well learn the XG. The product still works really well, although it's getting a bit long in the tooth. The sooner that they come out with the XG that can do everything that the UTM does, the faster the rest of the world will make the jump.
I would rate this solution an eight out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Account Executive at a tech services company with 11-50 employees
Highly granular, communicates with other Sophos solutions, and offers good performance
Pros and Cons
- "The initial setup is pretty straightforward."
- "I don't really have any notes for improvements."
What is our primary use case?
We primarily use the solution for firewalls.
What is most valuable?
The firewall in general is very good. It is comparable to other firewalls.
Since any environment needs a firewall, it's been helpful in its ability to be highly granular in its configurations.
Sophos is a security-focused company, which I like. I like that all Sophos products can essentially talk to each other. For example, if a computer has the Sophos antivirus, and it detects something, it actually talks to the Sophos firewall and says, "Hey, I think something is going wrong on this computer." Then, the firewall goes, "You know what? I'm going to shut it down for a while. I'm going to close off all incoming and outgoing connections from that unit until an IT admin comes in and tells me to release it."
It's very scalable.
The solution is stable.
The initial setup is pretty straightforward.
What needs improvement?
I don't really have any notes for improvements. I don't need additional features.
For how long have I used the solution?
I've been using the solution for three or more years.
What do I think about the stability of the solution?
The solution's stability is excellent, and it is reliable. There are no bugs or glitches, and it doesn't crash or freeze.
What do I think about the scalability of the solution?
The solution is very scalable and easily expands.
Which solution did I use previously and why did I switch?
I'm also familiar with Meraki. Sophos, however, has the ability to talk to other Sophos products.
Meraki would be all isolated, meaning you have a different antivirus. It'll try to block and scan and do its thing, however, the firewall will always allow the connection to go through. Nothing is stopping it from isolating it. From a Sophos perspective, every single thing talks to each other, whether it's Sophos Central, Sophos email security, Sophos antivirus, or Sophos firewall.
They all talk to each other and look at how attackers come in because attackers don't just, poof, appear on a computer. There's a route it needs to take and different layers of protection it has to go through. If all of your layers, your roads, and everything is all Sophos, they all jive, and that's great.
How was the initial setup?
The ease of setup is dependent on the level of technical expertise. If you are a qualified tech, all firewalls should be pretty simple to deploy, depending on the environment. It's simple enough to implement in general.
What was our ROI?
We have witnessed a positive ROI while using the solution.
What's my experience with pricing, setup cost, and licensing?
Price-wise, you get the bang for your buck. You get a huge value set. Ask for HA, high availability, since a lot of Sophos resellers sell two firewalls, the second one being free. Then, you only pay for one license. If your first firewall fails, the license migrates to the second one.
What other advice do I have?
We are using a variety of different versions of the solution right now.
It's really, really cool to look into Sophos. I highly recommend it. From an infrastructure, stability, and security perspective in terms of configuring in a granular way, Sophos does it all. It's a really good product and something to look into.
It's also a lot cheaper than Meraki. It does way more than Meraki. Dollar to dollar, Sophos will likely beat Meraki. For example, with Meraki, you're going to be paying two or three times more for nothing spectacular, nothing different. You just get a portal. It's okay. With Sophos, you do have to know what you're doing, however, any network admin should be able to figure it out. It's not like an ancient hieroglyphic language. It's quite straightforward.
I'd rate it nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Sophos UTM
December 2024
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
831,265 professionals have used our research since 2012.
Digital Transformation and Technological Innovation Manager at a educational organization with 501-1,000 employees
Easy to manage with good content filtering and an easy initial setup
Pros and Cons
- "The initial setup is pretty easy."
- "There needs to be some improvement in the IPsec VPN. There is implementation only support. I have version one. I'd be most interested in having IP version two from the protocol."
What is our primary use case?
We primarily use the solution for perimeter security in order to protect content. We also use it for the XG firewall.
What is most valuable?
The content filtering is the solution's most valuable aspect.
The initial setup is pretty easy.
The solution is pretty easy to manage.
What needs improvement?
There needs to be some improvement in the IPsec VPN. There is implementation only support. I have version one. I'd be most interested in having IP version two from the protocol.
For how long have I used the solution?
I've been using the solution for about five years or so at this point.
What do I think about the stability of the solution?
The stability of the product is quite good. We haven't had any issues with bugs or glitches. It doesn't crash or freeze on us. We trust its reliability.
What do I think about the scalability of the solution?
We don't really have scalability in mind right now. I need proof of all that. It's a single device that we have.
We don't plan on increasing usage with this device. In fact, we're considering a switch to Sophos XG.
How are customer service and technical support?
We've never directly worked with Sophos' technical support. We've always dealt with the Sophos partners.
We also don't really have any experience with online community support or documentation.
Which solution did I use previously and why did I switch?
I previously worked with Microsoft BMG. At the time we switched, Sophos was the better option. We needed a solution that was easy to manage and Sophos fit the bill in that sense. Microsoft didn't really offer any support. Sophos also was integrated with a directory and a single sign-on.
We're actually looking at switching to Sophos XG in the near future. The main difference between the two lines of Sophos products is the level of support provided. XG offers more of what we need. We may also eventually move to a Huawei firewall.
How was the initial setup?
The initial implementation is not complex. We found it to be very straightforward. It was easy.
The deployment took approximately one week. It didn't take too long.
We had two people on staff that handle deployment and maintenance.
What about the implementation team?
We had a consultant help us manage the implementation. hey were very good and quite knowledgable. We were satisfied with the assistance they provided to our team.
What's my experience with pricing, setup cost, and licensing?
We pay for the service on a yearly basis. The last time we paid was in June, for a year. At the time, it was about $20,000.
There are no costs above a standard licensing fee.
What other advice do I have?
We're just customers. We don't have a business relationship with Sophos.
I can't remember the exact version of the solution I am currently using, however, I believe it to be around version 9.
It's a good product, and I would recommend it, however, I would advise other potential users to instead maybe consider Sophos XG.
Overall, I would rate the solution at an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
System Administrator Server and Networks at a manufacturing company with 201-500 employees
Provides all of the network security you need in a single modular appliance
Pros and Cons
- "I would recommend UTM over XG because it's easier to manage."
- "It's stable, but the reaction time of the GUI is terrible."
What is our primary use case?
We mainly use it for web filtration — we have a number of small websites. It's also a VPN — that's filtering, firewalling, and IPS.
Within our organization, there are roughly 250 people using Sophos UTM. Also, we have around 15 XG users.
We plan on using XG for the next few years, but we are going to stop using UTM on our main site.
What needs improvement?
I think the behavior with the zones was a little bit tricky to understand at the beginning of this project. It can be hard to manage at first, but overall, we don't have many problems with this solution.
For how long have I used the solution?
I have been using this solution for one and a half years.
What do I think about the stability of the solution?
It's stable, but the reaction time of the GUI is terrible; however, in my opinion, UTM is more stable than XG.
How are customer service and technical support?
Sometimes, It can be quite a time-consuming process to book a session with Sophos' support.
How was the initial setup?
The initial setup was not straightforward because we had experience with UTM, but not with XG. It's a completely different system.
We had it up and running within one week.
What about the implementation team?
We installed it on our own.
What other advice do I have?
I would recommend UTM over XG because it's easier to manage.
On a scale from one to ten, I would give XG a rating of 6. Conversely, I would give UTM a rating of nine.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Owner at Technologies International
Application layer filtering is a vital feature
What is our primary use case?
SMB firewall.
How has it helped my organization?
Protected it against malware and allowed us to serve our servers safely.
What is most valuable?
Application layer filtering.
What needs improvement?
Setup: Getting an exchange server to work behind Sophos is incredibly difficult with rules invoked that are simple numbers (e.g. 9054).
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Business Owner at a tech services company with 1-10 employees
The technical support is really good and the representatives are very responsive.
What is most valuable?
Reverse proxy, SSL VPN, web & email protection
For me, those features were most valuable from a security point of view;
• Reverse proxy is very important for shielding application frameworks.
• For VPN, we all knew that PPTP was broken and is not secure anymore. For Ipsec, you need to have opened ports, and if you are in a hotel who only has ports 80 and 443 opened, you can’t do anything.
SSLVPN is one of the solutions. Yes, you can use DirectAccess, but there are some limitations, too.
For DirectAccess, you need to have all those computers joined in one domain.
• Web & email protection is a nice feature because you have all of those controls in one dashboard. This is of course for small and maybe some mid-size companies. For larger and enterprise, it’s another story.
How has it helped my organization?
Less and faster administration, full control of traffic, and a lot of futures included in the base price.
What needs improvement?
The goal for small companies is to have one administration dashboard -- from where you can manage antivirus for computers, firewalls, IDS, IPS, mobile phones, tablets, etc.
Sophos UTM is on the right path to getting there.
For how long have I used the solution?
Sophos UTM 135 = two years.
Sophos UTM 115 = one year.
What do I think about the stability of the solution?
No problems with stability.
What do I think about the scalability of the solution?
No problems with scalability.
How are customer service and technical support?
The technical support is really good and the representatives are very responsive.
Which solution did I use previously and why did I switch?
Cisco (didn’t achieve expectations), Microsoft TMG (end of life).
How was the initial setup?
The setup is straightforward, but I suggest hiring an expert for integration. This is your first line of defense, and there is no room for mistakes.
What's my experience with pricing, setup cost, and licensing?
Sophos UTM’s are not the cheapest but they are not the most expensive. Create a checklist of what you need, and go through it with a sales representative. They will advise the right license for your company and I’m sure you can get some discount.
Which other solutions did I evaluate?
Cisco, CheckPoint UTM-1
What other advice do I have?
Create a checklist with your requirements, test the solution, and if it passes everything, implement it.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Consultant at a tech services company with 51-200 employees
Sophos's web filtering & SMTP filtering is much better than SonicWall which we previously used.
What is most valuable?
Firewall and Web Protection
Advanced Threat Protection is a good "dashboard" feature to see if there is any network issues
How has it helped my organization?
Its a key point of keeping your network secure which once setup requires minimal ongoing monitoring. Also this unit can act as the whole security suite so everything in your network is protected.
What needs improvement?
Its identification of users without the need of setting up Proxies or Identity software could be better, that is probably the trickiest section to setup.
For how long have I used the solution?
2 years
What was my experience with deployment of the solution?
No issues other than ensuring what has been configured matches the requirement of the company/client.
What do I think about the stability of the solution?
The only stability issue we have encountered was an update caused the unit to over process things. Everything kept running but it did slow down Internet access because of this.
What do I think about the scalability of the solution?
I have only done basic High Availability setup which is very good but not Scalable solutions. However, as long as you follow the sizing guides and get the right UTM for the company there has been no issues.
How are customer service and technical support?
Customer Service:
Excellent
Technical Support:Not outstanding but I have noticed significant improvements over the last 12 months
Which solution did I use previously and why did I switch?
We used to use SonicWall. I still think its a good product though its web filtering and SMTP filtering were no where near as good as Sophos UTM. The reason we switched was the partner relationship between Dell and the IT Solutions company soured.
How was the initial setup?
You can setup the unit in simple mode and get 90% of what you want done. That is very straightforward
You can also setup each component manually. This requires understanding of the unit but even that is not difficult.
Probably the only difficult part of the Sophos UTM is the WebControl as this can be setup many ways. Ensuring you have mapped out a solution that is adaptable to the company is probably the most complex part.
What about the implementation team?
As we are a supplier, we bounce off ideas with their sales engineers. They are excellent.
What was our ROI?
Unsure as I don't deal in the money side of things but I think the clients get excellent returns as their security is totally covered if they include EndPoint protection.
What's my experience with pricing, setup cost, and licensing?
Most companies I have dealt with handing them a unit find they don't have to do much ongoing work on the unit. Once its working, its working and adjustments to rules and policies are easy.
Which other solutions did I evaluate?
No, we had a good relationship with Sophos and after comparing it to our previous solution (SonicWall) we were convinced it was a good product.
What other advice do I have?
If you are a IT Consultant shop, become a partner and do the training.
If you are the IT of a company, you can either get a IT Service company to set the unit up for you or if you are confident with firewalls you can purchase premium support to get assistance for troubleshooting purposes.
Disclosure: My company has a business relationship with this vendor other than being a customer: We are a business partner with Sophos
General Manager of Technical Division at VTI
Good visibility and protection against ransomware attacks
Pros and Cons
- "Sophos UTM's best feature is SIM in the cloud, which combines the gateway solution and endpoint solution to send telemetry data to the cloud and provides full contact visibility regarding security."
- "Sophos UTM's firewall is a bit weak, and some of its features lack depth compared to other products like F5."
How has it helped my organization?
Sophos UTM gives good visibility and prevention against ransomware attacks because they focus on unknown threats, so it's successful in protecting customers.
What is most valuable?
Sophos UTM's best feature is SIM in the cloud, which combines the gateway solution and endpoint solution to send telemetry data to the cloud and provides full contact visibility regarding security.
What needs improvement?
Sophos UTM's firewall is a bit weak, and some of its features lack depth compared to other products like F5.
For how long have I used the solution?
I've been using Sophos UTM for about eight years.
What do I think about the stability of the solution?
Sophos UTM is quite stable.
What do I think about the scalability of the solution?
Sophos UTM is quite simple to scale.
How are customer service and support?
Sophos' technical support is good.
How was the initial setup?
The initial setup takes around seven to nine days.
What was our ROI?
I would rate our ROI from Sophos UTM as three to four out of five.
What's my experience with pricing, setup cost, and licensing?
Sophos UTM's pricing is on the cheaper side.
What other advice do I have?
I would advise starting with the basic firewall before adding other features. I would give Sophos UTM a rating of seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partners/integrators
Buyer's Guide
Download our free Sophos UTM Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Unified Threat Management (UTM)Popular Comparisons
Meraki MX
Check Point NGFW
WatchGuard Firebox
Juniper SRX Series Firewall
Untangle NG Firewall
KerioControl
Zyxel Unified Security Gateway
Stormshield Network Security
Huawei NGFW
Check Point CloudGuard Network Security
Sophos Cyberoam UTM
LANCOM R&S Unified Firewalls
Seqrite UTM
Buyer's Guide
Download our free Sophos UTM Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which would you recommend to your boss, Fortinet FortiGate or Sophos UTM?
- What Is The Biggest Difference Between Sophos UTM and Sophos XG?
- What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
- What Is The Biggest Difference Between Sophos and pfSense?
- Who provides a better antivirus solution: Bitdefender or Sophos?
- What are the biggest differences between Meraki and Sophos? Which one is good for security and SD-WAN?
- What is the biggest difference between Fortinet FortiGate and Sophos UTM?
- When evaluating Unified Threat Management (UTM), what aspect do you think is the most important to look for?
- What UTM solution do you recommend?
- Why is a UTM solution important?