Try our new research platform with insights from 80,000+ expert users
reviewer1019058 - PeerSpot reviewer
Software Sales Manager at a tech services company with 51-200 employees
Real User
Stable and scalable user-friendly software which offers good integration with other solutions
Pros and Cons
  • "Sophos UTM is very user-friendly and has good integration with other solutions."
  • "Flexibility in pricing could be improved. It's more rigid in its pricing compared to its competitor: Kaspersky."

What is our primary use case?

Mostly when we see that the client has no security product, we offer both of the products: firewall and endpoint security. We offer endpoint security solutions: EDR and XDR.

Most of the time, we offer Sophos UTM and firewall products, but when we see that the customer has a firewall already deployed, we pitch endpoint security. If they're already using a different product, we cross-sell a product. For example, if someone has an environment with just endpoint security and doesn't have XDR or EDR, we'll suggest upgrading to XDR or we'll upsell XDR.

What is most valuable?

The overall visibility of the console is what I find most valuable, plus it's very user-friendly. It can be integrated with other solutions such as SOAR, SIEM, etc., even when you have an existing firewall. I really like that the console can be integrated. You'll see everything on the same window, and the single window feature of the machine is so good. These are the features I really like.

What needs improvement?

I have no suggestions for improvement for Sophos UTM. It's been a decade and it has been a very good product throughout the Pakistan market.

Pricing could be improved. After-sales service is much better. Once you have a sales team and a technical team for any product, it definitely becomes very easy to pitch or get the revenues out of that product. Flexibility in pricing matters a lot.

For how long have I used the solution?

This is the fourth year we've been implementing this solution.

Buyer's Guide
Sophos UTM
November 2024
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.

What do I think about the stability of the solution?

Sophos UTM is stable which is why I like it.

What do I think about the scalability of the solution?

I find Sophos UTM scalable and it is one of the reasons I like it.

How are customer service and support?

For Sophos support: the distributor is responsible for providing maintenance, support, and after-sales service. Most of the time, we try to have an agreement between the customer and affiliates which is binding for two or three years.

The support team here is from the distributor. The first layer of support is really fine when compared to the support provided by other products, e.g. McAfee or Kaspersky. This means it doesn't go to the principal for resolution because the distributor or the partner experts try to fix it on their own before logging in to further complaints. We are good with this kind of solution for our customers, and we prefer those distributors who have their support team.

This is why I really like Softech, although everyone does this, Sophos relies on the Softech technical team. They fix the issues most of the time, so it's very rare for us to go to the principal solution. This is the first line of support we have here in Pakistan.

The principal response time is so quick. It took them only two or three hours maximum. I had the experience of addressing an issue to the principal and they were able to answer me in two or three hours maximum. They have a good TA team.

What's my experience with pricing, setup cost, and licensing?

Although Sophos UTM is a good product, other products have more flexibility with their pricing. It is a very fine product, but when someone wants more relaxed pricing or more leverage in pricing, Sophos is more rigid.

For example, Kaspersky is successful in Fintechs because of its services, plus they offer flexible pricing to their end users. It's a comparative advantage here in Pakistan because Pakistan is a very price-conscious market. This is the reason why every time we pitch, we have to pitch more than one product here in Pakistan. They spend their money on SIEM and other kinds of security firewall, but for endpoint solutions, they say any low-budget product could easily be implemented. Most of the customers here in Pakistan like it this way.

Which other solutions did I evaluate?

We also implemented Kaspersky and McAfee.

What other advice do I have?

We are a partner for all these products. We market these products to the end customers or the end users. We are both selling and implementing these products. We're partners with Sophos. There's a distributor in Pakistan called Softech Microsystems, and we have a silver-level partnership with them.

We've been working with Sophos since 2019.

In the financial market, however, Kaspersky is being used more than Sophos because of its credibility, integration, and extra features offered by Kaspersky. We always try to recommend Sophos as it's what we want, but sometimes, because we also carry a Kaspersky partnership, when a customer demands for Kaspersky, we have to let the customer test it and we have to give them a quote for Kaspersky. We also carry another product, e.g. McAfee, aside from Kaspersky and Sophos. Sophos UTM is a product I want to go further. I try to pitch Sophos UTM rather than Kaspersky or McAfee.

I'm giving this solution a nine out of ten.

Whenever we go for the public tenders, because there's no price flexibility, most of the time I find other products win. Although we have completed our POCs and all that, convincing customers to go with our product, but when it goes to the tenders: in the tenders they mention specification rather than mentioning a particular product, so we'll have to qualify. We qualify technically, but when it comes to the commercial opening or the financial opening, we fail.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
System Administrator Server and Networks at a manufacturing company with 201-500 employees
Real User
Provides all of the network security you need in a single modular appliance
Pros and Cons
  • "I would recommend UTM over XG because it's easier to manage."
  • "It's stable, but the reaction time of the GUI is terrible."

What is our primary use case?

We mainly use it for web filtration — we have a number of small websites. It's also a VPN — that's filtering, firewalling, and IPS.

Within our organization, there are roughly 250 people using Sophos UTM. Also, we have around 15 XG users.

We plan on using XG for the next few years, but we are going to stop using UTM on our main site.

What needs improvement?

I think the behavior with the zones was a little bit tricky to understand at the beginning of this project. It can be hard to manage at first, but overall, we don't have many problems with this solution.

For how long have I used the solution?

I have been using this solution for one and a half years.

What do I think about the stability of the solution?

It's stable, but the reaction time of the GUI is terrible; however, in my opinion, UTM is more stable than XG.

How are customer service and technical support?

Sometimes, It can be quite a time-consuming process to book a session with Sophos' support.

How was the initial setup?

The initial setup was not straightforward because we had experience with UTM, but not with XG. It's a completely different system. 

We had it up and running within one week.

What about the implementation team?

We installed it on our own.

What other advice do I have?

I would recommend UTM over XG because it's easier to manage.

On a scale from one to ten, I would give XG a rating of 6. Conversely, I would give UTM a rating of nine.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Sophos UTM
November 2024
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.
Solutions Architect at National Renewable Energy Laboratory
Real User
It meets our compliance needs for antivirus, but the printed provisioning needs improvement.
Pros and Cons
  • "It meets our compliance needs in an elastic computer environment."
  • "It is a little too CPU resource intensive, so we would like to see improvements there."

What is our primary use case?

We use it for antivirus.

How has it helped my organization?

It meets our compliance needs in an elastic computer environment.

What is most valuable?

It meets our compliance needs for antivirus.

What needs improvement?

The printed provisioning is the primary thing that needs improvement.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It is a little too CPU resource intensive, so we would like to see improvements there.

What do I think about the scalability of the solution?

We are running about a couple hundred EC2 instances. Overall, the AWS Marketplace product should be a better fit, but it is a little pricier.

How is customer service and technical support?

When we need technical support, we just engage the vendor, then figure out what our requirements are from there.

How was the initial setup?

The integration and configuration of this product on our AWS environment is a little clunky right now.

The product is a standalone in terms of integration.

What other advice do I have?

Going forward, we need to look at the provisioning pieces and the resource utilization.

The AWS version is easier to provision than the on-premise version.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
DevOps at a computer software company with 11-50 employees
Real User
It works well without any maintenance
Pros and Cons
  • "It works well without any maintenance. So far, it has worked pretty well regardless of the traffic."
  • "The product could be simplified and made more self-explanatory."

What is our primary use case?

  • Firewalls
  • Developer access
  • VPN traffic
  • Rerouting and routing.

I am using it to route traffic for developer access or regular traffic for my instances. I have a web application, and I control access to and from it in one of my environments.

How has it helped my organization?

All my needs are met at the moment.

What is most valuable?

Our policy is launch and forget. It works well without any maintenance. So far, it has worked pretty well regardless of the traffic.

What needs improvement?

The product could be simplified and made more self-explanatory.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

I am stressing it quite a bit, and the stability is great. I haven't performed any maintenance on the instances in quite a while now. It works. I am happy because everything works well.

What do I think about the scalability of the solution?

My throughput is moderate versus high throughput applications.

I am always holding a predefined number of instances, so I haven't had any issues.

How is customer service and technical support?

I have not used the technical support.

How was the initial setup?

The configuration was pretty complex on my side compared to OpenVPN. However, this might imply that Sophos has more use cases and capabilities. It depends.

Which other solutions did I evaluate?

I am also using OpenVPN

Partially, for historic reasons, things were built prior to me being able to evaluate stuff. At the moment, we are using both solutions. In terms of pricing, when I need to spin up anything small with smaller requirements, I am using the free OpenVPN instead of Sophos UTM.

What other advice do I have?

Do your homework. Compare products. Use what you need depending on your needs.

We are only using the AWS version of the product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Business Owner at a tech services company with 1-10 employees
Real User
The technical support is really good and the representatives are very responsive.

What is most valuable?

Reverse proxy, SSL VPN, web & email protection


For me, those features were most valuable from a security point of view;


• Reverse proxy is very important for shielding application frameworks.


• For VPN, we all knew that PPTP was broken and is not secure anymore. For Ipsec, you need to have opened ports, and if you are in a hotel who only has ports 80 and 443 opened, you can’t do anything.

SSLVPN is one of the solutions. Yes, you can use DirectAccess, but there are some limitations, too.

For DirectAccess, you need to have all those computers joined in one domain.

• Web & email protection is a nice feature because you have all of those controls in one dashboard. This is of course for small and maybe some mid-size companies. For larger and enterprise, it’s another story.

How has it helped my organization?

Less and faster administration, full control of traffic, and a lot of futures included in the base price.

What needs improvement?

The goal for small companies is to have one administration dashboard -- from where you can manage antivirus for computers, firewalls, IDS, IPS, mobile phones, tablets, etc.

Sophos UTM is on the right path to getting there.

For how long have I used the solution?

Sophos UTM 135 = two years.
Sophos UTM 115 = one year.

What do I think about the stability of the solution?

No problems with stability.

What do I think about the scalability of the solution?

No problems with scalability.

How are customer service and technical support?

The technical support is really good and the representatives are very responsive.

Which solution did I use previously and why did I switch?

Cisco (didn’t achieve expectations), Microsoft TMG (end of life).

How was the initial setup?

The setup is straightforward, but I suggest hiring an expert for integration. This is your first line of defense, and there is no room for mistakes.

What's my experience with pricing, setup cost, and licensing?

Sophos UTM’s are not the cheapest but they are not the most expensive. Create a checklist of what you need, and go through it with a sales representative. They will advise the right license for your company and I’m sure you can get some discount.

Which other solutions did I evaluate?

What other advice do I have?

Create a checklist with your requirements, test the solution, and if it passes everything, implement it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user163662 - PeerSpot reviewer
Founder at a tech services company with 51-200 employees
Consultant
Sophos UTM helps us to control incoming and outgoing network traffic. Not a highly available and scalable product.

What is most valuable?

Valuable Features include Sophos Remote Access VPN, Country Based Firewall, Web Application Firewall, Ease of access (via browser) and Reporting.

How has it helped my organization?

Sophos UTM helps us to control incoming and outgoing network traffic. It also helps employees connect to the AWS VPC environment from remote locations. Web application firewall protects applications from different hacking attempts like SQL Injection, Cross site scripting, Cookie signing, URL hardening etc. On top of that, it also helps the organization adhere to compliance rules and provides an audit trail of the environment.

What needs improvement?

Sophos UTM is not a highly available and scalable product. Till now, it is a single point of failure.

For how long have I used the solution?

2.5 years.

What was my experience with deployment of the solution?

No issues encountered. We had a very smooth deployment.

What do I think about the stability of the solution?

No issues with stability.

What do I think about the scalability of the solution?

Yes. Sophos UTM on AWS is not an scalable product. Sophos is actively working on scalability part from using a UTM manager which can control configuration deployment on multiple UTM's

How are customer service and technical support?

Customer Service:

Customer service level is top notch.

Technical Support:

Very Good. All our queries were properly answered on time.

Which solution did I use previously and why did I switch?

Yes. Earlier, we had used Checkpoint. But the deployment procedure and user interface for Checkpoint was very complicated. The amount of time to invest in checkpoint is nearly 2x than Sophos. Checkpoint requires tool to be installed on your system while Sophos is a browser based tool.

How was the initial setup?

It was a very straightforward setup. As it is a browser based tool, it helps administrator to access it from different location and system. We don't have to download desktop clients on our local system. Also, we can access this product from different operating systems (linux, windows and Mac).

What about the implementation team?

We deployed it in-house.

What was our ROI?

ROI for the product is very high. The cost of the product is based on the number of users and the licensing is not too expensive.

What's my experience with pricing, setup cost, and licensing?

On AWS, instances/servers are charged on hourly basis. The yearly licensing cost for 10 years is nearly around $200-300.

Which other solutions did I evaluate?

While we were looking for deployment of UTM product on AWS in year 2011, there were only 2 stable products available in market i.e., Sophos and Checkpoint. We choose to go ahead with Sophos.

What other advice do I have?

Easy to use, Easy to access, good for compliance. It is a very good product as compared to others available on AWS.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user297576 - PeerSpot reviewer
it_user297576IT and Data Security Manager at a tech services company
Consultant

The Sophos UTMs are highly available you just need 2 or more. You can also have them in active active or active passive mode

See all 2 comments
reviewer1452492 - PeerSpot reviewer
President at a tech vendor with 1-10 employees
Reseller
Very good basic firewall functions with advanced firewall scanning
Pros and Cons
  • "Good basic firewall functions with advanced firewall scanning."
  • "Updates come out agonizingly slowly, a trickle."

What is our primary use case?

We use this solution ourselves and we also deploy to our clients. It is a capable, general-purpose firewall with VPN tunneling built in, and a lot of web features if you're hosting a website. We are resellers of Sophos and I'm a partner in our company. 

How has it helped my organization?

We haven't changed our procedures as a result of using this product but maybe the flip side is the case. We haven't had to change our procedure because we have this great tool that keeps the bad guys away.

What is most valuable?

I would say the email for sure and the basic firewall functions are great features. It also has advanced firewall scanning. If you receive a file, you can have it scanned through Sophos. It's a really complete product.

What needs improvement?

Sophos has a very small crew of people who continue to work on enhancing the UTM. At some point, they had actually stopped enhancing it and the word on the street was that they weren't going to enhance it any more because everybody was going to go over to XG, but they found that 50% of their users were still on the UTM and that was five years after they'd come out with the XG line. They decided they were going to rebuild some core parts of XG, and that would take a while. It's been six years and they're still not there. The updates come out agonizingly slowly. They just trickle out and when there's a problem with an update it takes a while to sort out. It's still a viable product but the more they improve XG, the less you have a need to stick with SG.

For how long have I used the solution?

I've been using this solution for 15 years. 

What do I think about the stability of the solution?

There are some legacy things that were probably fine back in the day when it was invented in Germany, things like the IPS, the Intrusion Protection engine. It's terrific and it works really well, but it can be a little bit slow. Because of the way that some pieces are built, for example the core for the IPS runs on only core, even if you have a multi-core CPU. 15 years ago that wasn't a big deal because your weak link was going to be your computer. But nowadays, you could have a fast enough computer if they could just let it work with multi-cores. They clearly aren't interested in rewriting large portions of the code because they're going to the XG so all they do is fix it or maybe add a feature that's in the marketplace. Over time, they've been adding more ways to do a VPN tunnel but some things they need haven't been added because it would require a big rewrite and they don't want to go there.

What do I think about the scalability of the solution?

The scalability has worked great for us. Everyone in our company uses it even though some may not know that they're using it. One of our larger clients, with a super computing center and some of the fastest computers in the world, use Sophos, so I would say that it does the job.  

How are customer service and technical support?

Technical support have been very good. They are very knowledgeable but it can take too long to make contact. They're great once you do get hold of them. They've solved every problem we've had. 

Which solution did I use previously and why did I switch?

We've tried numerous other solutions. Cisco, and some of the other major ones that were out there, but once we started using this, it was so much better in so many ways, we just dumped all the others.

How was the initial setup?

The initial setup is pretty straightforward. They have a template which takes you through and asks what you want protected. There's still a lot to do after that because there are variations which require more work. For example, if I have clients who need to block certain email addresses, I have to go through and set those up. If I need to allow conversations which require specific ports open in order to get to a particular business or credit card processing, that has to be set up. There is a lot of HIPAA detail in it and it also has credit card compliance things which require a manual set up. The setup requires a knowledge base. 

What's my experience with pricing, setup cost, and licensing?

The solution is 100% free. You can just download the software for up to 50 IP addresses. It is a hundred percent free. Throw it on your own machine. Right, it's a native Linux product, a hardened Linux product and it's free for that sort of user.

What other advice do I have?

The solution has email firewall built in with all sorts of functionality, it is an absolutely excellent firewall, the logging is really good, you get great information about what's going on. It does things like GeoIP tracking and you can make decisions based on where people are coming from. It's just really a complete firewall. I would say if you're just starting right now, get the XG. Not that the UPM isn't outstanding, but it's disappearing. You might as well learn the XG. The product still works really well, although it's getting a bit long in the tooth. The sooner that they come out with the XG that can do everything that the UTM does, the faster the rest of the world will make the jump.

I would rate this solution an eight out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
PeerSpot user
Senior Expert for Microsoft infrastructure at a computer software company with 51-200 employees
Vendor
It provides firewall, proxy, and VPN in one solution, but be prepared to follow the Zeroeth Rule during implementation.

What is most valuable?

  • SSL VPN
  • HTML5 VPN portal
  • Application control
  • Reverse proxy
  • Web filtering

How has it helped my organization?

We used several vendor products before UTM, and now it is all in one box - firewall, proxy, and VPN. Sophos is much easier to manage and configure.

What needs improvement?

Every product has room for improvement.

For how long have I used the solution?

I have used it for three years actively with several projects utilizing UTM.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

No issues encountered.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

We don't have direct contact with Sophos support so I can’t rate the level of customer service and technical support properly.

Which solution did I use previously and why did I switch?

I did. Sophos UTM is far more easier to configure and it is very intuitive with configuration.

How was the initial setup?

Setup is easy and straightforward. It is a browser based tool, so you can access it from every location, and with different operating systems.

What about the implementation team?

We did it in-house.

What other advice do I have?

I have some technical advice, but generally, always prepare steps to implement Sophos UTM and test your implementation before using it in production environment.

The Zeroeth Rule:

Start with a hostname that is an FQDN resolvable in public DNS to your public IP. If you didn't do that, start over with a factory reset; it will save you hours of frustration.

  1. Whenever something seems strange, always check the Intrusion Prevention, Application Control and Firewall logs
  2. In general, a packet arriving at an interface is handled only by one of the following, in order, DNATs first, then VPNs and proxies and, finally, manual routes and manual Firewall rules, which are considered only if the automatic Routes and rules coming before hadn't already handled the traffic
  3. Never create a Host/Network definition bound to a specific interface. Always leave all definitions with 'Interface
  4. When creating DNATs for traffic arriving from the internet, in "Going to:" always use the "(Address)" object created by WebAdmin when the interface or the Additional Address was defined. Using a regular Host object will cause the DNAT to fail as the packets won't qualify for the traffic selector.
  5. In NAT rules, it is a good habit to leave a field blank when not making a change. In the case of a service with a single destination port, this makes no difference. In the case of a service with multiple ports, or a Group, repeating the service makes the NAT rule ineffective.
  6. There are only four reasons to sync users from AD to the ASG/UTM:
    • The user should be able to log on to a Remote Access VPN that uses certificates to authenticate the user
    • Email Protection is enabled and the user should receive Quarantine Reports and be able to manage personal black/whitelists and/or use Email Encryption/Signing
    • You want to do Reporting by Department for Web Protection (and I consider it a bug to require this when doing AD-SSO)
    • You want to use the Authentication Agent to populate "username (User Network)" objects
    • There's no other reason to sync users to WebAdmin - certainly not with AD-SSO
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Sophos UTM Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free Sophos UTM Report and get advice and tips from experienced pros sharing their opinions.