Sophos XG Reviews

We manage all the network services, like DHCP, of each branch office.

It has helped us because we have identified some of the loopholes in our assets that we did not know existed.

I like using the combination of XG firewalls and the XDR product with the end user. I also like the integration of all the solutions and the visual of all our clients and the traffic routing in to the network from inside the console. The synchronization and the integration with all the products in the central office, such as Office 365 or AWS, make it a valuable solution.

We can configure rules with the user, traffic, etc., making it a very versatile solution for our network.

Better instructions should be provided as part of the technical support so that we can understand the functionalities. This will help us to troubleshoot faster.

We've been using Sophos XG for three years.

It is stable.

Sophos XG is a scalable solution. We have about 1,000 users.

Technical support is good, in general.

We used Fortinet, and we changed the solution because there were additional costs for reporting, licensing, and centralization. If we compare Fortinet to Sophos XG, the XG firewall costs less and performs better. That's one of the reasons that we moved to XG.

The other and the most important reason is the integration with our security solution, Sophos XDR.

The initial setup was very easy. It's much easier than that for other products. 

Deployment and maintenance can be done by one or two people. I am a specialist, and an engineer and I worked on the deployment and maintenance. 

The provider of the solution implemented it, and it took about a day.

We have seen an improvement in security not only in terms of technology but also in terms of internal practices in our company.

We predicted that it would take three years to obtain an ROI.

We bought the three-year license, and there are no additional costs.

We evaluated Check Point, Barracuda, and Palo Alto.

It's a good product, and you should go ahead with it.

I would rate Sophos XG at nine on a scale from one to ten.

We are using Sophos XG for remote two-factor authentication. We manage the web and application access, as well as the traffic. We also used it for remote, site-to-site VPNs.

The most valuable feature is the remote VPN.

The multifactor authentication is helpful because whenever the user wants to connect to the firewall, they have to use the authenticator before they can access it.

The LAN traffic management features such as implicit denial are very good.

Technical support can be slow to respond, which is something that should be improved.

In the future, I would like to see the addition of artificial intelligence for identifying and controlling traffic.

We have been using Sophos XG for the past year.

This is a reliable solution.

This product is scalable. We have approximately 400 users, spread across different departments. As our production increases and we onboard more users, we will extend the use of Sophos XG.

The technical support team is good but sometimes, there is a large delay in answering the phones.

The initial setup is straightforward.

We had assistance from the vendor during the onboarding process when the system was being set up. They spotted a lot of things during the implementation, which helped.

We get a return on this investment because the inbuilt two-factor authentication means that we don't need to purchase a third-party tool for this security feature.

The price is good and licensing fees are billed on a yearly basis.

We evaluated Cisco Firepower but we found that Sophos XG was more efficient in terms of cost. As such, we implemented XG.

This is a product that I can recommend for organizations with a medium-level or large-level infrastructure.

I would rate this solution a nine out of ten.

I like the web filter, application filter, and VBA. There are so many good features. The most powerful thing is clearly the software. I can easily do whatever I want.

Their updates can be faster and more regular. Right now, it's updated monthly. When I need to update the firmware, I want it done within weeks, not months. There are also some changes in version 18, like rules, that aren't needed.

Sophos XG is a very powerful and stable solution. It's more stable than Cyberoam.

Sophos XG is scalable.

Technical support is good and easy to deal with. If I have a problem, I open the ticket, and I call, and the problem's solved automatically by them.

We used Cyberoam ten years ago and then transferred to Sophos. We switched because it was the latest technology.

The initial setup was very easy because you can follow the manuals, follow your past experiences, and so on. We also need about three to six people a day to maintain this solution.

At first, I thought the price was very high. But when I read about the machine's features, we decided to go with it. Now I think the price is reasonable.

On a scale from one to ten, I would give Sophos XG a nine.

This product serves as our current firewall solution, which is a network protection gateway.

This is a very simple solution.

It integrates well with Sophos Endpoint Protection, and we use the two of them to form a holistic security perimeter control. 

Software updates always come with issues. For example, I just upgraded to the next version, 80.5, and it came with VPN issues. It started dropping my VPN users. So, I had to roll back to before the software update. I think that the main area for improvement is the quality assurance of the updates.

The management console is a little bit rigid.

Scalability can be improved.

I think that it performs a little bit slow when it comes to connectivity, and having the speed increased would be better.

We have been using Sophos XG for the past four years.

This is a very stable platform. In the four years that we have had it, it's never gone down.

It is not a very scalable product. I would rate the scalability a seven out of ten because where you order it, it comes with prefixed ports. You will only have perhaps two for the WAN, and then maybe four LAN ports, and one console. In this regard, it's not scalable. 

When you buy it, you can't change the port configuration. In order to get more ports, you may have to upgrade to a bigger firewall.

We have about 130 accounts for approximately 80 employees.

Technical support for Sophos is very good and they have a big presence in South Africa. It uses something called Sophos Central, where support can fix the problem before you, as the user, actually finds it.

It is a very simple and very quick initial setup and configuration. Because it is a next-generation firewall, it does most of the rule development in the background. You just need to set up the basics and start it up.

For what you are buying, it's good value for the money.

Sophos is very good when it comes to pricing. A firewall has a lot of things to look for when you're buying it, including throughput and its features. When we purchased this product, Sophos was the best on the market.

In addition to Sophos, we looked at FortiGate, SonicWall, and Cisco. We were looking for a next-generation firewall, and Cisco was out of range because it was too expensive. We settled on Sophos because we already had the endpoint solution in our environment, and the price was very good as well.

Sophos XG is a firewall that I recommend because it's a very simple firewall. It's not complicated, and a LAN expert can just start using it and learn very quickly. Definitely, its usability is very good, and it's a very robust firewall.

I would rate this solution a seven out of ten.

It is very user friendly and easy to manage from the administrative point of view. It is good, reliable, and easy to implement.

It is a very basic and entry-level firewall. It doesn't give very granular control over the traffic. It should have more granular control over the traffic. This feature should be there similar to Palo Alto and Cisco. It should have such advanced features.

I have been using Sophos XG for the last two years. We are using the latest version.

Its stability and reliability are fine.

If you want to have multiple firewall rules, it has this type of scalability. When I compare it with some other products, such as Palo Alto, I can't find similar scalability in Sophos XG. In Palo Alto, we can have rules based on applications or app IDs, and we can create multiple rules for a single ID. We can create a single user or single IP, but such options are not there in Sophos XG. Granular level scalability should be there in Sophos, and they should do better.

I appreciate their support. Their support is good.

I also use Palo Alto. Palo Alto provides application IDs, which is a very powerful feature. Sophos XG is a very normal next-generation firewall with URL filtering, application filtering, and all such features. It is not something extraordinary. It is a very normal next-generation firewall. 

The initial setup is straightforward. It is a single day task to do the initial configuration and move the traffic over there. The firewall hardening, of course, will take some time depending upon the traffic, but the initial setup is a single day task.

It is a normal firewall. All the basic features are there. However, it is not as advanced as some of the other solutions, such as Palo Alto. As we have more security threats, we need more granular control, but these features are not available in Sophos XG.

I would rate Sophos XG a five out of ten.

I use the solution as my endpoint firewall and at the same time, I use it for load balancing and spillover.

What I like the most is the reporting. 

The integration with the Sophos firewall is brilliant. I don't need to be physically present in the office. I can monitor everything from Sophos Central. That is a great feature and it's one thing that I really appreciate about the solution.

I like the fact that it can self remove malware and do updates on the cloud via Sophos Central.

The interface is good.

Although I enjoy the reporting elements of the solution, it can still be improved. I still can't drill down. There is some information that I would really, really like to see, but I still can't access it.

On reports, they sometimes give a summary, but it lists different users as unknown. There are times that I really want to know which user or which IP is causing a problem. 

There is something that have observed and I don't know what exactly the problem is. Right now, from my ISP I'm supposed to have unlimited bandwidth, but I observed behind the firewall my bandwidth seems low. I'm not exhausting what I have from my ISP. I've checked the TOS and there's no limit. When I spoke with one of the resellers they said that they too had experienced it before and that probably I should restart the device.

That they observed that the clients that restarted had their internet service improve. I don't think that is a good solution. I don't want to have to restart my device to have the internet service improved.

I've checked the setup. I even checked with the reseller, who told me everything is okay. I've gone for XG training. Even after the XG training, I've gone back to look at my setup. I can't see anywhere the bandwidth is being shared. I'm not sure if it's the device itself, but I've checked everything.

The scalability is okay. We have about 200-250 users.

Technical support can be improved upon. There are times that I've had some issues that I've tried escalating in technical support and it takes a while before we really get it resolved. 

Once I was getting a particular malware from an unknown source on one of my servers which was behind the firewall. I asked their support why. Later they advised that I should install Intercept X for servers on that particular device. I was confused about how it was behind a firewall; the firewall should be able to detect which system is getting infected. The system doesn't really go to the internet and nobody browses on it. The only thing I could imagine that could cause it was a Windows update. If it was from an update they least it should have been able to say, "Okay, it was from this particular update that this malware was filtered in."

Out of ten, I would give their service a five.

The solution we were using previously was Cyberoam.

The Cyberoam device was about five years old and had started malfunctioning. It wasn't giving us the output it had previously provided. At that time, Sophos had already bought Cyberoam. We had the option to either upgrade the OS to a Sophos OS or to a Sophos device.

We decided to go for a Sophos device since the Cyberoam device was already problematic.

The initial setup is straightforward.

I used a reseller to assist with implementation.

We pay on a yearly basis. 

We have Sophos XG, but we also have Intercept X for our endpoint and recently we just deployed Intercept X for the servers. I've not done a calculation of the costs of all three to know what my yearly maintenance costs would be.

Once you have basic networking skills and firewall management it's easy to set up. With Sophos Central, I think it's a good solution for any IT department.

I would rate the solution eight out of ten.

As it is now, the solution is good, but I believe that there's still room for more improvement. I still believe the reporting could be improved. Sophos, from my experience, seems to affect my bandwidth. I didn't set any limit, so I don't know where that is coming from, but it's something that we've noticed with the XG.

Sophos XG can be deployed on-premise and on the cloud.

We use Sophos XG as a network firewall for many use cases, such as offices, residential, and data centers. 

Sophos XG could improve the connectivity with Microsoft 365 or Azure Active Directory(AD). It doesn't work directly as other solutions do, such as Fortinet FortiGate. The client needs a separate AD server which is a problem.

There is no endpoint software for Linux systems, only the server version runs on Linux.

I have been using Sophos XG for approximately fours years.

The stability of Sophos XG is very good. However, there have been some issues with other weaker models because they are limited in hardware in resources.

We had an issue, but after speaking to the technical support, I understood it was a problem with Sophos, not a firewall problem, but with the endpoint that was related to the encryption of the disc. The problem is if you have a computer controlled by Azure at the same time as Sophos, then there may be some incompatibility problem between them because both of them are trying to control the computer and the encryption of the hard drive.

I have used other firewall solutions, such as Fortinet Foregate and Check Point.

The initial setup of Sophos XG is simple, but Cisco Meraki is easier. 

Since I have used Sophos XG long time it is easier than Fortinet FortiGate or Check Point.

Sophos XG is not an expensive solution. If you are willing to pay more, then there is the Check Point firewall which is the best out of all the vendors.

I would advise other Sophos XG is a great solution because it is synchronized security between the endpoint and firewall which is unique. I'm not sure if Fortinet FortiGate has this technology, but it is a good technology in Sophos XG. Sophos was perhaps the first to use this kind of technology. What it does is if your computer gets infected, then the endpoint tells the firewall that, it is infected and the firewall doesn't allow the use of the network at all. It'll lock it down on this computer.

I rate Sophos XG a nine out of ten.

Firewall is not our expertise, but we do sell it as per the requirement of the customer or if they ask for it. 

Most of the firewalls are on-prem. What we deliver is the hardware. It is appliance-based.

Sophos firewalls are scalable. They are pretty strong in security. So, when they provide any kind of firewall, they provide all the features such as anti-spam, antivirus, etc.

Its price should be improved. Its features are pretty okay, but the price is the area where we have to fight more. They should do something about the price structure.

It has been a couple of years.

It is stable. Its performance is very good. They have now stopped calling it a firewall. They're calling it a Unified Threat Management (UTM) solution.

It is scalable in the sense that if they are using a small model or a small box of firewall and there is an increase in their network and the number of users, they can move that small box to a bigger model. So, if they are using a firewall and they want to scale it up, they can go to the next model.

Sophos has more than 1,000 customers.

Our clients have a good system of support over here. They have full support. They get support from the distributors, from the partners, and then directly from Sophos.

We are a partner of Sophos and Fortinet. We work with Sophos much more than we work with Fortinet.

If it is a small model and a small network, it takes about two days. You need at least two people for its deployment and maintenance.

Its price should be better. Initially, the clients have to pay for the appliance. Then, they have to pay for the software that is installed on the appliance. Depending on whether they have a one-year, two-year, or three-year license, they just have to renew the license of the software after it expires. They don't have to renew the appliance license. So, they have to pay for the appliance only once, and after that, they just renew the software license. That's all.

I would definitely recommend Sophos to others. I would rate it a nine out of 10.