We're using Sophos XG within one business unit for security. We use it for the firewall and mapping some services.
Infrastructure/Telcom Coordinator at Schnellecke Group AG & Co. KG
The price is right and it's easy to manage, so it's a good fit for our current needs
Pros and Cons
- "Sophos XG's price is right, and it's easy to manage. It's a good fit for our current needs at the moment."
- "Sophos XG's user interface has some room for improvement."
What is our primary use case?
What is most valuable?
Sophos XG's price is right, and it's easy to manage. It's a good fit for our current needs at the moment.
What needs improvement?
Sophos XG's user interface has some room for improvement.
For how long have I used the solution?
We started using Sophos XG in June of this year, so it has only been a few months.
Buyer's Guide
Sophos XG
March 2025

Learn what your peers think about Sophos XG. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.
What do I think about the stability of the solution?
I think Sophos XG is stable.
What do I think about the scalability of the solution?
Sophos XG is scalable. We have about 600 users here in Mexico, and everyone is behind this solution. I think it's possible we might increase usage, and we've discussed this with our corporate office in Germany. We could decide to go with another product, but we might expand Sophos if it performs well.
How are customer service and support?
Support is one area where I have some issues. Sophos support isn't that good.
Which solution did I use previously and why did I switch?
In some companies where I've worked, I used Fortinet and ASA with FirePOWER from Cisco. In some places, I used Meraki with the MX and the Advance Security licensing. I have some issues with other technologies. Last year, they had Sophos UTM on the devices, but there was an opportunity was to switch our clients to Sophos XG and try out the solution.
How was the initial setup?
Setting up Sophos XG is too easy. It took about two hours. The only part of the solution that I deployed was the firewalls. It's something I do all the time in my business unit, so it was quick. We have two people responsible for deployment and maintenance, including me.
What about the implementation team?
I had some support from a partner.
What's my experience with pricing, setup cost, and licensing?
A Sophos XG license costs approximately $45,000
What other advice do I have?
I rate Sophos XG nine out of 10. Our experience so far has been good, but maybe we'll come across another solution that's at the same or a higher level.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Engineer at a engineering company with 11-50 employees
Easy to deploy and configure, good documentation, and works as advertised
Pros and Cons
- "It is very easy to configure and straightforward. The firewall rules are straightforward. It works great out of the box. It has been working as advertised, and I haven't had any issues with it."
- "Its user interface is a little bit slow."
What is our primary use case?
We are using it for our VPN and firewall. It acts as our firewall for the external portal into our network.
What is most valuable?
It is very easy to configure and straightforward. The firewall rules are straightforward.
It works great out of the box. It has been working as advertised, and I haven't had any issues with it.
What needs improvement?
Its user interface is a little bit slow.
For how long have I used the solution?
I have been using this solution for a couple of weeks.
What do I think about the stability of the solution?
It has been up and running for probably three weeks and hasn't had any issues. I didn't have a lot of time on it yet to make a good call about that, but so far, so good.
What do I think about the scalability of the solution?
It scales for our purposes. We're a very small office. We have 25 users on the system. We're an engineering consulting company, so all remote users are accessing our network
It is being used quite heavily, and I don't see any need to increase its usage at all at this point.
How are customer service and technical support?
I didn't have any direct interaction with Sophos. Their online documentation is very good. It is much better than Cisco.
Which solution did I use previously and why did I switch?
It was a replacement for Cisco ASA Firewall. Our Cisco licensing had expired, and it was very expensive. Sophos XG is a lower-cost solution for the same thing. It was also easier to configure.
How was the initial setup?
It was very simple. It took a couple of hours.
What about the implementation team?
We had a partner, and they did the initial setup and walked us through it. Our experience was very good.
Its maintenance is very simple. You need less than one administrator for its maintenance.
What was our ROI?
I expect to see ROI in a year or two.
What's my experience with pricing, setup cost, and licensing?
Its licensing cost is around 700 bucks a year or something like that. It is 100 bucks a month at the most. It seems to be standard licensing with no additional costs.
What other advice do I have?
I would advise others to go through the Sophos demos. They are very good, and they walk you through configuration and use cases. Their online documentation is very helpful in not only configuring it but also selecting a proper model to deploy.
I would rate Sophos XG an eight out of ten for ease of use and cost.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Sophos XG
March 2025

Learn what your peers think about Sophos XG. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.
Information security specialist at a non-tech company with 201-500 employees
Enables us to trace any user and pinpoint any vulnerability or malicious software
Pros and Cons
- "We are able to trace any user and pinpoint any vulnerability or any malicious software. We are able to synchronize between the local and active directories so we can catch users easily through their login names and IDs."
- "There needs to be a way that we can distinguish between educational institutions on Youtube and other Youtube videos. You can do this on Fortinet. Basically, they can block all other Youtube videos besides those that are from educational institutions. With Sophos, you either allow for all Youtube videos or none at all. They need to allow for more specification on different websites."
What is our primary use case?
We use the solution for application control and web filtering. We also use it as a VPN point, and we use it on other occasions for tracing and reporting about usage and high application rates.
How has it helped my organization?
We are able to trace any user and pinpoint any vulnerability or any malicious software. We are able to synchronize between the local and active directories so we can catch users easily through their login names and IDs.
What is most valuable?
The reporting on the solution is excellent.
What needs improvement?
There needs to be a way that we can distinguish between educational institutions on Youtube and other Youtube videos. You can do this on Fortinet. Basically, they can block all other Youtube videos besides those that are from educational institutions. With Sophos, you either allow for all Youtube videos or none at all. They need to allow for more specification on different websites.
They only have one single location for training videos. They must offer them elsewhere as well. When the site goes down, everything stops, and you can't access the videos when you need them, so they need to diversify that. It's limiting.
For how long have I used the solution?
I've been using the solution for two years.
What do I think about the stability of the solution?
The stability of the solution is excellent.
What do I think about the scalability of the solution?
The scalability is good. We could only handle around 5,000 users but even when we reached 3,000 users, Sophos only consumed around 24% and 40% of Prime usage.
How are customer service and technical support?
The solution's technical support is not the best. When I take a step to open a case with Sophos support I can't understand them at all; I can't understand their accent. I always appreciate if they can communicate with me through e-mail instead, which makes it much easier.
Many cases take a long time to be resolved. Some cases they seem to ignore or don't reply to for a long time so I have to remind them that the case is still open before they will respond.
How was the initial setup?
The initial setup was straightforward. The implementation took about a day. There were only two people needed for deployment.
What about the implementation team?
We had a consultant assist with the setup. They were very good.
What other advice do I have?
We use the on-premises deployment model.
I would rate the solution nine out of ten. It's a very good firewall. It helps a lot with protection, and every organization needs a firewall to ensure they are protected.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
System Specialist at Databros
Provides comprehensive protection against a wide range of cyber threats
Pros and Cons
- "One feature of Sophos XG that I found incredibly beneficial for threat prevention is its endpoint protection."
- "There could be some room for improvement in its pricing since my clients usually feel like the product is on the expensive side."
What is our primary use case?
Sophos XG has greatly strengthened our network security and threat management. Its integrated EDR capabilities and seamless integration with firewalls, along with additional services like their NOC services, provide a comprehensive solution. With all these features working together, it is a complete package that ensures robust security for our clients.
What is most valuable?
One feature of Sophos XG that I found incredibly beneficial for threat prevention is its endpoint protection. It monitors all activities on our devices and effectively blocks any harmful files from infecting our machines. It has been a game-changer in preventing troubles for our customers.
What needs improvement?
While Sophos XG is a great product overall, there could be some room for improvement in its pricing since my clients usually feel like the product is on the expensive side.
For how long have I used the solution?
I have been working with Sophos XG for five years.
What do I think about the stability of the solution?
Overall, the solution is stable, and we rarely encounter glitches. Any issues that arise are usually related to Microsoft updates rather than the Sophos software itself.
What do I think about the scalability of the solution?
I would rate the scalability of the solution as an eight out of ten. The clients I work with who use Sophos are typically small enterprises.
Which solution did I use previously and why did I switch?
I have worked with other firewalls like Cisco and Fortinet over my 20 years of experience. Comparing Sophos to other solutions, I have seen significant improvements over the years. While it may not have been the easiest or best software three years ago, it is continually getting better with updates. Overall, Sophos is moving in the right direction, becoming more competitive with its counterparts.
How was the initial setup?
Installing Sophos XG is straightforward and typically takes around one hour for configuration, excluding the physical setup. Usually, only one person is needed to complete the installation and configuration process. It is quite easy to maintain it.
What other advice do I have?
There was a time when our network faced a sophisticated malware attack that bypassed traditional security measures. However, with Sophos XG in place, it quickly detected and mitigated the threat before it could cause any damage. The seamless integration of software and hardware ensured there were no vulnerabilities or gaps in our defense.
The interface of Sophos XG is user-friendly and suitable for new users. It is continually improving, with updates addressing any issues promptly.
Deploying Sophos XG has led to noticeable improvements in network performance.
Overall, I would rate Sophos XG as an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Information Technology Department at Sunflag Iron and Steel Co Ltd
It is an easily scalable solution that is easy to maintain
Pros and Cons
- "It is a very stable solution."
- "The time taken by Sophos XG's support team to respond to and resolve an issue is an area of concern where improvements are required."
What needs improvement?
The time taken by Sophos XG's support team to respond to and resolve an issue is an area of concern where improvements are required.
For how long have I used the solution?
I have been using Sophos XG for four years. I use Sophos XG 210.
My company is a customer of the product.
What do I think about the stability of the solution?
It is a very stable solution.
What do I think about the scalability of the solution?
The scalability of the product is okay. The users of the product in my company can use the product with all the rules and policies I have applied to the tool that made the implementation process easy.
It is easy to add more users or devices to the product.
Our company has around 300 devices on which the product is used. Our company has 50 to 60 end users of the product.
How are customer service and support?
The solution's technical support is good but needs to improve in certain areas. I rate the support an eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Our company uses different products from Fortinet in some different locations.
Sophos XG is good for the modules it offers and if there are a large number of users. From a price perspective, Sophos XG is also good if the number of users is less.
How was the initial setup?
The product's deployment process was easy.
I was the only person involved in the deployment of the product in my company.
The product can be deployed in three to four hours.
What other advice do I have?
Sophos XG enhanced our company's network security and threat management since the speed and the connectivity of the VPN that it offers make it very easy to manage and don't get disconnected. When we were having CyberOne in our company, we faced some VPN connectivity issues. The VPN connectivity issue in our company was resolved with Sophos XG. With Sophos XG's username and password, users generally don't face issues related to VPN disconnection.
A scenario where Sophos XG was good for your organization stems from the fact that the performance offered by the tool is good.
The most effective feature of Sophos XG m that protects my company's network stems from the fact that it is able to protect the network by filtering out all the threats from the internet. We never faced any problems in our company's network. My company has hardly faced any problems with our computers since it hasn't been infected with any viruses for four or five years.
Sophos XG's interface facilitated our company's security management tasks since it works in an okay manner in our organization. The interface offered by the product is easy to manage since my company has three lines connected to our environment, and whenever we get a new line during which there are some disturbances, the interface allows us to manage such areas easily.
It is very easy to maintain the product.
Speaking about the cost-savings or efficiency gains from the implementation of Sophos XG, it is an okay product from a price perspective that provides the functions of a firewall.
I rate the overall tool a ten out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Operations Manager at VL Toolbox Express Computer Solutions
Stable, with easy integration and good VPN logging, monitoring and notifications
Pros and Cons
- "The VPN is easy and has good logging, monitoring and notifications."
- "When it comes to improvements that the vendor can make, we see that the cloud integration for managing all the firewalls is essentially a replacement of the on-prem version we had and is not sufficiently mature."
What is our primary use case?
We use the latest version.
What is most valuable?
We are very familiar with the solution. It's pretty straightforward, our personnel is properly trained and we use it efficiently. The solution integrates very easily with other brands. I've done VPN tunnels with other brands, and that was fine as well. The solution is quite stable and we don't have any issues with it. The VPN is easy and has good logging, monitoring and notifications.
When compared with Sophos XG, Fortinet lacks the notifications and reporting features.
What needs improvement?
When it comes to improvements that the vendor can make, we see that the cloud integration for managing all the firewalls is essentially a replacement of the on-prem version we had. It's not mature yet, being still in its infancy stage. That would require some improvement. As I have many firewalls, having the ability to delegate access to use, such as exists with Microsoft CSP or other services, would be a nice feature to see.
Also, as a tech person, I know that executives do not wish to receive complicated reports, so a simplified executive report for executives would be a nice improvement. This would save us from having to explain issues which are beyond the scope of their knowledge.
For how long have I used the solution?
Sophos XG is basically a mix of UTM9, Check Point and several other technologies. It is essentially a merging of technologies. We've been using it since version UTM9, at which point we switched to Sophos XG..
What do I think about the stability of the solution?
The solution is quite stable.
What do I think about the scalability of the solution?
The solution is scalable, but an organization should assess in advance its size based needs. Say, for example, a company utilizes the XG 125 version, but grows rapidly. At this point it may need to switch to the 210 version. Yet, switching from one version to another would not really present an issue. One can restore the backup configuration version on the new hardware and be up and running.
How are customer service and support?
Technical support is pretty good, although I did have some issues with its availability during the COVID-19 pandemic, even though this seems to have been a challenge faced by all major support companies. There were delay issues owing to their teleworking, but the support they offer is quite supportive and they have all the necessary documentation. The truth is that I have a need for many cases, although the ones I require have to do with things that are out of my control, such as licensing or the occasion of a new app that failed to show up in the console. I have many sub-sites and I did face a serious issue. Technical support was pretty helpful even though I had to redesign the typology of one of my sites. They actually tried assisting me with the original design and I found them to be quite helpful and to possess a good base of knowledge on the site.
What other advice do I have?
It is important for a person to properly learn the features of any product so that he can optimize its utilization. The setup of the solution is pretty straightforward. What is truly important for a person with only a basic network background is to undergo proper training, so that he may learn about all the features and how to configure them.
For any product a person uses, it is a good idea to do a test run. Sophos allows for its product to be evaluated without any financial commitment. It offers a free virtual machine for home use testing of the features.
At present, Fortinet seems to have a slightly higher rating than Sophos XG, so if it were also to turn out to be more cost effective this would affect my rating of it. The reason is that this factor does have an impact on the decisions reached by CEOs when it comes to cost-benefit analysis.
This said, I rate Sophos XG as a nine out of ten, because we are very happy with it and don't really have any issues. We have actually been replacing Cisco normal routers, not sets, with Sophos and we're very happy with them.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company has a business relationship with this vendor other than being a customer: VL Toolbox Express Computer Solutions
CEO at a tech services company with 1-10 employees
Migration from pfSense or Astaro is easy
Pros and Cons
- "The two most valuable feature of Sophos XG is, one the option to filter according to different applications and two, the integration with the Active Directory."
- "Integration with Active Directory is not reliable."
- "Over the last six months, we have noticed that the hardware is slow, especially the VPN connections."
What is our primary use case?
We are using Sophos XG, but not the latest version. The solution works as the main gateway. We are a small company of 250 employees so we also use the solution as a router.
The hardware and VPN connections are slow so we are planning on upgrading the solution. Next month we will be replacing the Sophos XG we have as it is reaching the end of life next year. We will be purchasing the XG 3000 to gain more options in the VPN tunnels.
What is most valuable?
The two most valuable feature of Sophos XG is, one the option to filter according to different applications and two, the integration with the Active Directory.
What needs improvement?
Over the last six months, we have noticed that the hardware is slow, especially the VPN connections.
Sophos would benefit if they could improve the integration with Active Directory. It does not function consistently and we have to reconfigure it to make it function again.
Integration with IPA, which is like Active Directory for Linux servers, would be a nice feature to include.
For how long have I used the solution?
I have been using Sophos XG for three years.
What do I think about the stability of the solution?
This solution is very stable. We have not had any problems in the three years we have been using Sophos XG. We did have one infection that gained access to one server in the DMZ but it was because the rules were not well configured and not because of the product.
What do I think about the scalability of the solution?
We haven't had to scale the solution.
How are customer service and support?
Support from Sophos XG has been fine for what we have required.
Which solution did I use previously and why did I switch?
We had been using Astaro. We selected Sophos XG because we knew it would be easy to set up and configure as the two solutions are similar.
How was the initial setup?
Previously we were working with Astaro, so the setup and configuration of Sophos XG was easy. The implementation took less than a month.
What about the implementation team?
The company that sold the firewall solution provided support hours while we were migrating the rules of our old firewall. They provided us with advice on some of the rules, especially on the routing to connect to a branch office.
What's my experience with pricing, setup cost, and licensing?
We purchase an annual standard license.
What other advice do I have?
I recommend Sophos XG if you are coming from pfSense or Astaro as the migration will be really easy. The learning path will also be easy. If you are coming from Barracuda or Cisco it will be more difficult especially the web interface of the firewall is not intuitive.
I would rate Sophos XG an 8 out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Security Manager at a recruiting/HR firm with 201-500 employees
Easy to use, scalable, and provides good security
Pros and Cons
- "The solution is stable. I've had very few problems with it."
- "I do prefer when updates come out a bit quicker."
What is our primary use case?
We primarily use the solution for a firewall. We use it as a security device.
What is most valuable?
The product is very easy to use. We enjoy the ability for it to fit into our high-level security framework.
It gives us some separation from being on Microsoft tasks. We've got multiple levels of security. We're government contractors. It's great that it's been a separate product that gives us the ability to do the security to a high level without having to resort to needing a big team.
The solution is stable. I've had very few problems with it.
We have found the solution to be scalable.
What needs improvement?
We're always looking for the best products and the best pricing. Pricing is always a concern for us.
When they do updates, they could handle them a little bit better. We've only had one problem, however, I do prefer when updates come out a bit quicker. We do the patching and updates and different things, however, in terms of the patch and timing and the criticality of it, it could always be better.
For how long have I used the solution?
We've been using the solution for five or more years at this point. We've used it for a while.
What do I think about the stability of the solution?
The product is reliable and stable. There are no bugs or glitches. It doesn't crash or freeze.
What do I think about the scalability of the solution?
The product has proven to be scalable. If a company needs to expand it, it can do so.
We have 430 end-users on the product.
How are customer service and technical support?
We're mostly happy with the technical support. It's better than Microsoft. Any issues we have may simply come down to the SLA.
How was the initial setup?
The initial setup is pretty straightforward, and, over the last six years, it's gotten simpler, especially when it comes to cloud products. A company shouldn't have any issues with the process.
The deployment was very quick. It does not take long.
My team is quite small internally. I have five to seven IT staff. I have many service providers that I outsource a lot of the day-to-day management of the infrastructure to.
What about the implementation team?
Sophos assisted us with training at the outset, which we really appreciated.
What's my experience with pricing, setup cost, and licensing?
We pay annually for the licensing for the overall on-prem solution, however, we also have some Sophos access points at permanent IT sites and different things. I have different Sophos products I may pay a monthly fee for.
What other advice do I have?
We're just customers and end-users.
While this deployment is on-premises, for the cloud, we use Sophos Central.
I'd rate the solution at an eight out of ten. We're pretty pleased with its protection capabilities.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide
Download our free Sophos XG Report and get advice and tips from experienced pros
sharing their opinions.
Updated: March 2025
Product Categories
FirewallsPopular Comparisons
Fortinet FortiGate
Netgate pfSense
OPNsense
Cisco Secure Firewall
Palo Alto Networks NG Firewalls
Check Point NGFW
Azure Firewall
WatchGuard Firebox
SonicWall TZ
Juniper SRX Series Firewall
Fortinet FortiGate-VM
SonicWall NSa
Sophos XGS
Untangle NG Firewall
KerioControl
Buyer's Guide
Download our free Sophos XG Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Sophos XG 210 vs Fortigate FG 100E
- What Is The Biggest Difference Between Sophos UTM and Sophos XG?
- What is the biggest difference between Sophos XG and FortiGate?
- Which firewall is better and why: Sophos XG 210 or Fortinet FortiGate 100E?
- Which solution do you prefer: Fortinet FortiGate or Sophos XG?
- What are the main differences in features between Sophos XG and FortiGate 80F?
- Which solution do you prefer: Fortinet FortiGate or Sophos XG?
- How does Meraki MX compare with Sophos XG?
- Which firewall to choose for an SMB to prevent malware damage: Cisco Firepower or Sophos XG?
- Looking for a technical comparison between Sophos XG550 and Fortinet FortiGate 600E
Well done! Happy to see it was easy.
Next step is Synchronize Security with Sophos Endpoint (formely Sophos Central), to block "lateral movement"!
https://www.sophos.com/en-us/l...
https://techvids.sophos.com/wa...
Regards,