Sophos XG Reviews

We are a solution provider and Sophos XG is one of the security products that we implement for our customers. We always provide them with the latest version.

The number of ports, especially on the entry-level appliances, should be increased.

The price of adding ports should be reduced to make it more competitive.

The vendor needs to create materials to show the differences between Sophos products and those from other vendors.

Network management needs to be included in the package.

As it is now, it only supports ten multiple users, which is something that should be increased.

I have been working with Sophos XG for approximately two years.

This solution is stable.

This is a scalable product and we have approximately 150 users.

We get our support from the local distributor.

Prior to Sophos XG, we used products from Fortinet and Forcepoint. 

The Forcepoint product is doing well. We have a different perimeter firewall for our data center that uses it because we use different vendors for different sites.

This is an on-premises appliance and the installation is straightforward. It can be deployed in less than an hour. However, according to the number of users and the number of ports that will be connected, the design may vary. This makes it difficult to estimate the time required to do a full implementation of the product.

We have four people in charge of maintenance, although they do not work exclusively with Sophos. We have another appliance from another vendor. The entire team, including their manager, is about 10 people.

The price is in the mid-range and it is very good for small to medium-sized businesses. One license opens everything.

Overall, this is a good product and I would recommend it for small to mid-sized customers.

I would rate this solution an eight out of ten.

We manage all the network services, like DHCP, of each branch office.

It has helped us because we have identified some of the loopholes in our assets that we did not know existed.

I like using the combination of XG firewalls and the XDR product with the end user. I also like the integration of all the solutions and the visual of all our clients and the traffic routing in to the network from inside the console. The synchronization and the integration with all the products in the central office, such as Office 365 or AWS, make it a valuable solution.

We can configure rules with the user, traffic, etc., making it a very versatile solution for our network.

Better instructions should be provided as part of the technical support so that we can understand the functionalities. This will help us to troubleshoot faster.

We've been using Sophos XG for three years.

It is stable.

Sophos XG is a scalable solution. We have about 1,000 users.

Technical support is good, in general.

We used Fortinet, and we changed the solution because there were additional costs for reporting, licensing, and centralization. If we compare Fortinet to Sophos XG, the XG firewall costs less and performs better. That's one of the reasons that we moved to XG.

The other and the most important reason is the integration with our security solution, Sophos XDR.

The initial setup was very easy. It's much easier than that for other products. 

Deployment and maintenance can be done by one or two people. I am a specialist, and an engineer and I worked on the deployment and maintenance. 

The provider of the solution implemented it, and it took about a day.

We have seen an improvement in security not only in terms of technology but also in terms of internal practices in our company.

We predicted that it would take three years to obtain an ROI.

We bought the three-year license, and there are no additional costs.

We evaluated Check Point, Barracuda, and Palo Alto.

It's a good product, and you should go ahead with it.

I would rate Sophos XG at nine on a scale from one to ten.

We are using Sophos XG for remote two-factor authentication. We manage the web and application access, as well as the traffic. We also used it for remote, site-to-site VPNs.

The most valuable feature is the remote VPN.

The multifactor authentication is helpful because whenever the user wants to connect to the firewall, they have to use the authenticator before they can access it.

The LAN traffic management features such as implicit denial are very good.

Technical support can be slow to respond, which is something that should be improved.

In the future, I would like to see the addition of artificial intelligence for identifying and controlling traffic.

We have been using Sophos XG for the past year.

This is a reliable solution.

This product is scalable. We have approximately 400 users, spread across different departments. As our production increases and we onboard more users, we will extend the use of Sophos XG.

The technical support team is good but sometimes, there is a large delay in answering the phones.

The initial setup is straightforward.

We had assistance from the vendor during the onboarding process when the system was being set up. They spotted a lot of things during the implementation, which helped.

We get a return on this investment because the inbuilt two-factor authentication means that we don't need to purchase a third-party tool for this security feature.

The price is good and licensing fees are billed on a yearly basis.

We evaluated Cisco Firepower but we found that Sophos XG was more efficient in terms of cost. As such, we implemented XG.

This is a product that I can recommend for organizations with a medium-level or large-level infrastructure.

I would rate this solution a nine out of ten.

I like the web filter, application filter, and VBA. There are so many good features. The most powerful thing is clearly the software. I can easily do whatever I want.

Their updates can be faster and more regular. Right now, it's updated monthly. When I need to update the firmware, I want it done within weeks, not months. There are also some changes in version 18, like rules, that aren't needed.

Sophos XG is a very powerful and stable solution. It's more stable than Cyberoam.

Sophos XG is scalable.

Technical support is good and easy to deal with. If I have a problem, I open the ticket, and I call, and the problem's solved automatically by them.

We used Cyberoam ten years ago and then transferred to Sophos. We switched because it was the latest technology.

The initial setup was very easy because you can follow the manuals, follow your past experiences, and so on. We also need about three to six people a day to maintain this solution.

At first, I thought the price was very high. But when I read about the machine's features, we decided to go with it. Now I think the price is reasonable.

On a scale from one to ten, I would give Sophos XG a nine.

This product serves as our current firewall solution, which is a network protection gateway.

This is a very simple solution.

It integrates well with Sophos Endpoint Protection, and we use the two of them to form a holistic security perimeter control. 

Software updates always come with issues. For example, I just upgraded to the next version, 80.5, and it came with VPN issues. It started dropping my VPN users. So, I had to roll back to before the software update. I think that the main area for improvement is the quality assurance of the updates.

The management console is a little bit rigid.

Scalability can be improved.

I think that it performs a little bit slow when it comes to connectivity, and having the speed increased would be better.

We have been using Sophos XG for the past four years.

This is a very stable platform. In the four years that we have had it, it's never gone down.

It is not a very scalable product. I would rate the scalability a seven out of ten because where you order it, it comes with prefixed ports. You will only have perhaps two for the WAN, and then maybe four LAN ports, and one console. In this regard, it's not scalable. 

When you buy it, you can't change the port configuration. In order to get more ports, you may have to upgrade to a bigger firewall.

We have about 130 accounts for approximately 80 employees.

Technical support for Sophos is very good and they have a big presence in South Africa. It uses something called Sophos Central, where support can fix the problem before you, as the user, actually finds it.

It is a very simple and very quick initial setup and configuration. Because it is a next-generation firewall, it does most of the rule development in the background. You just need to set up the basics and start it up.

For what you are buying, it's good value for the money.

Sophos is very good when it comes to pricing. A firewall has a lot of things to look for when you're buying it, including throughput and its features. When we purchased this product, Sophos was the best on the market.

In addition to Sophos, we looked at FortiGate, SonicWall, and Cisco. We were looking for a next-generation firewall, and Cisco was out of range because it was too expensive. We settled on Sophos because we already had the endpoint solution in our environment, and the price was very good as well.

Sophos XG is a firewall that I recommend because it's a very simple firewall. It's not complicated, and a LAN expert can just start using it and learn very quickly. Definitely, its usability is very good, and it's a very robust firewall.

I would rate this solution a seven out of ten.

It is very user friendly and easy to manage from the administrative point of view. It is good, reliable, and easy to implement.

It is a very basic and entry-level firewall. It doesn't give very granular control over the traffic. It should have more granular control over the traffic. This feature should be there similar to Palo Alto and Cisco. It should have such advanced features.

I have been using Sophos XG for the last two years. We are using the latest version.

Its stability and reliability are fine.

If you want to have multiple firewall rules, it has this type of scalability. When I compare it with some other products, such as Palo Alto, I can't find similar scalability in Sophos XG. In Palo Alto, we can have rules based on applications or app IDs, and we can create multiple rules for a single ID. We can create a single user or single IP, but such options are not there in Sophos XG. Granular level scalability should be there in Sophos, and they should do better.

I appreciate their support. Their support is good.

I also use Palo Alto. Palo Alto provides application IDs, which is a very powerful feature. Sophos XG is a very normal next-generation firewall with URL filtering, application filtering, and all such features. It is not something extraordinary. It is a very normal next-generation firewall. 

The initial setup is straightforward. It is a single day task to do the initial configuration and move the traffic over there. The firewall hardening, of course, will take some time depending upon the traffic, but the initial setup is a single day task.

It is a normal firewall. All the basic features are there. However, it is not as advanced as some of the other solutions, such as Palo Alto. As we have more security threats, we need more granular control, but these features are not available in Sophos XG.

I would rate Sophos XG a five out of ten.

I use the solution as my endpoint firewall and at the same time, I use it for load balancing and spillover.

What I like the most is the reporting. 

The integration with the Sophos firewall is brilliant. I don't need to be physically present in the office. I can monitor everything from Sophos Central. That is a great feature and it's one thing that I really appreciate about the solution.

I like the fact that it can self remove malware and do updates on the cloud via Sophos Central.

The interface is good.

Although I enjoy the reporting elements of the solution, it can still be improved. I still can't drill down. There is some information that I would really, really like to see, but I still can't access it.

On reports, they sometimes give a summary, but it lists different users as unknown. There are times that I really want to know which user or which IP is causing a problem. 

There is something that have observed and I don't know what exactly the problem is. Right now, from my ISP I'm supposed to have unlimited bandwidth, but I observed behind the firewall my bandwidth seems low. I'm not exhausting what I have from my ISP. I've checked the TOS and there's no limit. When I spoke with one of the resellers they said that they too had experienced it before and that probably I should restart the device.

That they observed that the clients that restarted had their internet service improve. I don't think that is a good solution. I don't want to have to restart my device to have the internet service improved.

I've checked the setup. I even checked with the reseller, who told me everything is okay. I've gone for XG training. Even after the XG training, I've gone back to look at my setup. I can't see anywhere the bandwidth is being shared. I'm not sure if it's the device itself, but I've checked everything.

The scalability is okay. We have about 200-250 users.

Technical support can be improved upon. There are times that I've had some issues that I've tried escalating in technical support and it takes a while before we really get it resolved. 

Once I was getting a particular malware from an unknown source on one of my servers which was behind the firewall. I asked their support why. Later they advised that I should install Intercept X for servers on that particular device. I was confused about how it was behind a firewall; the firewall should be able to detect which system is getting infected. The system doesn't really go to the internet and nobody browses on it. The only thing I could imagine that could cause it was a Windows update. If it was from an update they least it should have been able to say, "Okay, it was from this particular update that this malware was filtered in."

Out of ten, I would give their service a five.

The solution we were using previously was Cyberoam.

The Cyberoam device was about five years old and had started malfunctioning. It wasn't giving us the output it had previously provided. At that time, Sophos had already bought Cyberoam. We had the option to either upgrade the OS to a Sophos OS or to a Sophos device.

We decided to go for a Sophos device since the Cyberoam device was already problematic.

The initial setup is straightforward.

I used a reseller to assist with implementation.

We pay on a yearly basis. 

We have Sophos XG, but we also have Intercept X for our endpoint and recently we just deployed Intercept X for the servers. I've not done a calculation of the costs of all three to know what my yearly maintenance costs would be.

Once you have basic networking skills and firewall management it's easy to set up. With Sophos Central, I think it's a good solution for any IT department.

I would rate the solution eight out of ten.

As it is now, the solution is good, but I believe that there's still room for more improvement. I still believe the reporting could be improved. Sophos, from my experience, seems to affect my bandwidth. I didn't set any limit, so I don't know where that is coming from, but it's something that we've noticed with the XG.

Sophos XG can be deployed on-premise and on the cloud.

We use Sophos XG as a network firewall for many use cases, such as offices, residential, and data centers. 

Sophos XG could improve the connectivity with Microsoft 365 or Azure Active Directory(AD). It doesn't work directly as other solutions do, such as Fortinet FortiGate. The client needs a separate AD server which is a problem.

There is no endpoint software for Linux systems, only the server version runs on Linux.

I have been using Sophos XG for approximately fours years.

The stability of Sophos XG is very good. However, there have been some issues with other weaker models because they are limited in hardware in resources.

We had an issue, but after speaking to the technical support, I understood it was a problem with Sophos, not a firewall problem, but with the endpoint that was related to the encryption of the disc. The problem is if you have a computer controlled by Azure at the same time as Sophos, then there may be some incompatibility problem between them because both of them are trying to control the computer and the encryption of the hard drive.

I have used other firewall solutions, such as Fortinet Foregate and Check Point.

The initial setup of Sophos XG is simple, but Cisco Meraki is easier. 

Since I have used Sophos XG long time it is easier than Fortinet FortiGate or Check Point.

Sophos XG is not an expensive solution. If you are willing to pay more, then there is the Check Point firewall which is the best out of all the vendors.

I would advise other Sophos XG is a great solution because it is synchronized security between the endpoint and firewall which is unique. I'm not sure if Fortinet FortiGate has this technology, but it is a good technology in Sophos XG. Sophos was perhaps the first to use this kind of technology. What it does is if your computer gets infected, then the endpoint tells the firewall that, it is infected and the firewall doesn't allow the use of the network at all. It'll lock it down on this computer.

I rate Sophos XG a nine out of ten.