Sophos XG Reviews

We primarily use Sophos XG as edge routers and edge firewalls, also known as border firewalls. We configure rules where specific users are allowed internet access and use rules for policy routing. We also control traffic for specific services, such as directing emails to one service provider while normal internet usage goes to another.

Sophos XG has helped us reduce virus and malware attacks. This allows our IT team to spend less time on troubleshooting and more on productive work. The ability to control what comes into and goes out of the network improves overall efficiency.

Sophos XG's most effective features for threat detection and management are its UTM components, which are useful for malware prevention and intrusion detection.

The firewall could be made more robust, particularly by simplifying two-factor authentication. It should also improve SD WAN capabilities. Additionally, there are issues with site-to-site VPNs dropping connections, which can be frustrating.

We have been using the solution since 2018.

Stability is generally okay. Customers have used the equipment all the way to end of life without major issues.

Scalability is not very flexible. You can't upgrade memory or storage on a specific model, which limits scalability.

The quality of support varies. The team handling application control is very good, but we have had bad experiences with the VPN support team. It all depends on the specific team you are dealing with.

Neutral

The setup is user-friendly and quite straightforward, especially for basic configurations.

Sophos XG reduces virus and malware attacks, addressing network efficiency and cost savings indirectly by minimizing the time spent on troubleshooting.

Pricing is reasonable. You get a perpetual license. That said, you must pay for support and updates. The cost depends on the package you are in, such as full threat management or basic.

We have also worked with Fortinet Firewalls and Palo Alto. Price-wise, Sophos XG is reasonable when comparing similar models.

When recommending Sophos, we consider the customer's specific requirements and infrastructure compatibility. Sophos is user-friendly and suitable for environments without highly technical staff because it is easy to manage.

I'd rate the solution eight out of ten.

We use the product for traffic and security control. 

We currently have multiple clients, and many users are working remotely. We need antivirus protection to guard against malware introduced from public networks. One of the most beneficial features of Sophos XG is its integration with Sophos Central. If any file is detected as malicious on any endpoint or firewall, Sophos Central immediately identifies the threat and publishes the information across all endpoints and firewalls. If a single system gets infected, the threat is communicated and addressed across the entire network, including all sites and remote users.

One drawback I've noticed with Sophos XG is that sometimes, the platform can become unresponsive. I've observed that it occasionally hangs, causing traffic to get stuck. During these times, users cannot access the internet or any services routed through the Sophos Firewall. This issue happens randomly and isn't something we've encountered with other firewalls like FortiGate, which we used in the past.

Dealing with licensing has been a big challenge for us. Despite our efforts to resolve issues through our sales contact, we've faced limitations. After confirming our purchase orders, we had to escalate the issue. We were ready to extend our licenses for two or three months.

I have been working with the product for a year. 

We haven't seen any major issues with customer support from Sophos. We have faced some problems, but we understand that the support team can sometimes be unresponsive.

Positive

When comparing FortiGate to Sophos XG, I would say that if I'm working on large-scale asset monitoring and security purposes, especially if I have a data center that requires firewall security, then FortiGate would be my choice. It's faster and more responsive than Sophos XG support. 

The tool's deployment takes two to three hours to complete. It doesn't require any maintenance. You would need one engineer to handle one application. 

I can say there has been some return on investment. It's good, but I would still say it's higher by about 10-15 percent compared to other market products with similar configurations.

The tool's pricing and licensing are very complex. As a developing company, we need approvals from management to make a purchase, which can take time. We asked Sophos XG to renew our current firewall license for one or two months while we plan to accommodate our increasing IT assets.

I rate the overall product an eight out of ten. 

We are using the Sophos XG in a different manner than the typical use case. We have the physical box, and we are using Sophos XG on the cloud.

We have two different types. We have two different Sophos XG we're running. We're running one on the Microsoft Azure cloud which mostly all security on the cloud goes through the Sophos XG. The second Sophos XG is running on our own physical local data center.

We are doing something similar to an IPsec between Azure and the local data center. So we are doing an IPsec between the two. We connected all our resources and we mostly run the applications on Microsoft Azure. Were now are doing IPsec between the two data centers.

Most of the features Sophos XG has are valuable. However, if I have two different  ISP, I'm able to create an automatic switch between the two ISPs. I can do the same thing for the cloud as well. If I have two subnets coming from the cloud, I'm able to create a type of switch between both of them where if there is traffic on one and has the traffic drop, I'm able to switch to the other ISP without any problems. It's a normal feature and I get to enjoy the ability to switch between services with no issues.

Security is one of the major reasons we are deploying Sophos XG in our process.

We recently did an upgrade on the Sophos XG firmware and we were surprised that after the upgrade,  the automatic switch actually we were using did not work anymore.

We try to understand exactly why it wasn't working with the new 18.5 firmware, but we could not figure it out. I realized that I was stuck with the main ISP. If there's an outage, it was not reliable on the network any longer.

We had to reverse, back to the old firmware even though we were still trying to fix the new version. It is a very efficient feature for our operation. If it was not there, it could make the workings of our operation inefficient. It is one of the best features of Sophos XG. It makes operations very efficient. You don't have to worry about anything at all. We are using the entire Sophos package, such as Sophos endpoint, Sophos XGR, Sophos ZGR.

The documentation can improve with Sophos XG. This will allow our network engineer to work better with the solution. Additionally, they can improve the ability to filter down devices. Recently we were faced with a challenge where we needed to restrict mobile phone users on the network but we realized that we couldn't do this with the solution. 

Recently I was looking at the Cisco Meraki solution, to see what it can do in terms of capacity. There's one feature that stood out to me, and that feature has the ability to implement some policies. Organizations need to have security policies in place. I would like the ability to create policies.

I have been using Sophos XG for approximately two and a half years.

We have approximately 60 people that are working on Sophos XG. However, the number is higher because Microsoft Azure routes every customer through the firewall. We have multiple layers and the traffic passes through Cloudflare and then gets directed to the Sophos XG on Microsoft Azure. The Sophos XG on Azure does all the filtering and routing to the private IP, allowing us not to use the public IP.

The DMs are private, and approximately 14,000 customers  pass through the Sophos XG and Microsoft Azure

The support from Sophos XG is very good. We can easily relate to the support.

I would rate the support from Sophos XG a two out of five. You cannot have good support without good documentation.

If you look at the software environment now, anywhere you go, you see the documentation for everything that has been done. Sophos XG has documentation, however, you should not need to have a certification to be able to understand it.

I have used Sophos Cyberoam previously.

If we had better documentation we would be able to implement Sophos XG better for the organization's exact specifications. When you have already come up with your networking strategy, presented it to the company, then you find out the new framework doesn't conform with the organizational strategy. You have to start going back and receiving approval for a new strategy. However, you are not even sure what the strategy is going to be with the new framework, because everything has changed. Most of the automatic resources stop working.

There is a high chance I do not even know why it is not working or what the major issue is. We have realized the package wasn't switching and we did a lot of troubleshooting for almost a week to understand why. We switch over to our old firewall, then we finally understood that it was something that has to do with the new 18.5 firmware in Sophos XG. Immediately we switch back to the old firmware, this fixed out problems we were having at that point.

I would rate the implementation of Sophos XG a two out of five.

The initial deployment was done approximately three years ago and it was done by a third party because of some complex considerations, such as the VOIP Gateway.

However, since the initial implementation, we have been managing it by our own in-house network engineers and every modification to the network has been done in-house.

We have three network engineers, that work on the solution and the network. They can manage all the features and securities. The amount of people needed to maintain the solution depends on the organization's architecture. 

In information security, the only way you rate ROI is by the level of information you're securing. I will ask myself how much is the information I'm securing is worth? The worth of what I'm securing will determine the amount of cost that I'm spending on the information secured. If I were to judge it that way, the ROI is high. 

I would rate the ROI of Sophos XG a five out of five.

We pay for two licenses for the use of Sophos XG annually and it is a flat fee. We do not have everyone going through both of the Sophos XG firewalls a the same time and the Sophos XG on Microsoft Azure is only accessible from the VPN.

Sophos XG has changed its pricing model for extreme protection.

I rate the price of Sophos XG a two out of five.

When we were evaluating other solutions we looked at Barracuda and it had an old GUI. This was an issue when we were making decisions between Barracuda and Sophos XG.

The solution has served its purpose in my organization.

I rate Sophos XG a nine out of ten.

I primarily use the solution for managing my firewall. I'm managing my internet and my laptops in my company. I'm a personal domain controller. I'm tasked with blocking some websites with it and I'm managing my updates through it. I'm basically controlling the flow of the internet through it.

I block a lot of sites. I'm controlling the flow of the internet directed to Office 365 so that people can use it easily and fluently. They can upload and send emails easily without hassle and without accessing the internet. I'm also controlling Teams, Zoom, and other stuff for chatting online. Without this solution, I would have no control.

Content blocking for websites is the most valuable aspect of the solution. A lot of employees always want to use Facebook and other non-work-related sites. I'm always blocking that.

The initial setup is easy.

The stability is good.

Scaling is not an issue. 

The reporting needs to be much better. Sometimes I have a lot of trouble understanding what they mean.

Sometimes it misses websites. For example, websites the users shouldn't be able to enter, or sometimes these websites are not shown in this log viewer. It's just occasional misses here and there. 

Technical support could be more responsive and quicker in getting to a solution. 

I've been using the solution for at least three years now.

I have found the stability to be very good. There have been no hiccups, no restarts, nothing like that. It doesn't hang and there are barely any bugs. 

It's my understanding that they have a solution called RED, and I can upgrade it with another one to make a VPN between them. I haven't tried it yet. I'm looking at it as I have another office. I want to research scaling and have the offices together. From what I have seen, it will be easy.

Right now, we have about 50 users and 10 VPNs. That includes everyone from financial and procurement managers to the CEO, chairman, and HR department, and other operations staff.

We don't have any plans to increase users right now as we haven't increased in population, in employees number. That said, I use it a lot every day. I have to manage my firewalls through it.

In my experience, technical support takes a while to get things done. In the past, I stuck with them for a while. It took about three weeks to serve us up a solution. I don't remember what the problem was as it was a long time ago. It might have been something about the subscription or something like that. What I do remember is it took a very long time. 

I had a previous firewall, and I just swapped it out. I didn't have to change anything about my network. We previously used a firewall called MikroTik.

With MikroTik, its GUI was very bad. It's very old. Everything was manual. There were no tutorials and it was open-source. You had to search for yourself and do everything yourself. There was no support even from the company.

It was really easy for me, to be honest. The initial setup is very straightforward and simple. It's not overly complex. I had a firewall before that, so I knew what to expect. The implementation was done by a company that I bought this from. They installed it for me. It took about an hour and a half, or something like that. 

I can't recall how many staff covered deployment. The deployment happened three years ago now. 

I didn't need the assistance of an integrator or reseller. 

The solution has saved me a lot of time and enhanced my workflow for my company. It enhanced employees' work time and enhanced the internet connectivity for emails. On top of that, there was no downtime with the internet. That was the basic ROI we've seen.

The subscription for this product is yearly. The last time I bought it two years ago it was about $2,000. There's just a subscription fee. There aren't any other costs. 

I also looked at Fortinet, however, from my research, I was told that Sophos had better reporting. With Fortinet, you have to buy a server to handle reporting. With Sophos, this is unnecessary. 

I'm a customer and an end-user.

I'd rate the solution at an eight out of ten. 

Our primary use case of this solution is for protection and to have better governance for our LAN usage. I've got a lot of people working from outside on the corporate infra and all policy based decisions happen there. The solution is basically a firewall that protects us from various internet threats, but other than that provides controlled and properly managed access using various rules of VPN and other fingerprints of people logging in. I'm the CTO of the company and we are customers of Sophos.  

The interface is great and easy to understand. Any firewall engineer who has medium to moderate experience on bylaws, can easily understand the UI. The language presented on various features and the in-built help, is very intuitive. If you have a problem you can figure it out there and then. As a result, there is less probability that we'll call tech support.

The solution really needs some additional features like network access control. If they could incorporate some user profiling and present the analytics of the login user usage patterns, or a typical proper management dashboard to take a decision on the firewall rules, that would be useful. Basically, MI's and the dashboard could be more user friendly. The information is there but the dashboards are not in a graphical format. In short, I'd like to see network access control, user profiling and analytics dashboards. It would make the solution a more competitive product on the market. 

I've been using this solution for over four years. 

This is a stable solution. I haven't had any firewall crashes or any non-performing rules for over two years. We are a hospital so all the lights of all the devices should be on 24/7, 365 days a year.

We manage and control around 250-300 internal users. There would probably be another 75-100 logging in externally.

This is definitely a scalable solution. The way we've configured it, if a device goes down, it can be shut off and removed from the network for repairs or updates and our second firewall automatically takes the load.

We only used technical support during our initial deployment. After that, we didn't need support because the product was working perfectly well. We trained ourselves on the newer software and we are capable of managing and maintaining our own firewalls. In addition, Sophos provides online documentation which is very user friendly. If you follow the steps you get the result. 

I previously used Cisco's firewall ASA and it was extensively implemented in my earlier role. The main reason to migrate to Sophos was due to their aggressiveness in terms of pricing but also the fact that they had features that Cisco did not have.

The initial setup was very straightforward. Deployment took somewhere between six and eight hours. 

There's no annual licensing fee. When we purchased the product, it was with a five year agreement bundled in with the product price and the recent rollout is not yet five years old. When we renew, we'll renegotiate. I can't differentiate between the product costs and the licensing costs at this point. We're very lucky that we get one of the best deals in the country in terms of pricing. The Sophos-backed pre-sales and implementation team were very cooperative and collaborative which really helped us make the decision to choose Sophos.

I would definitely recommend this solution but it's only suitable if it fits the needs of the company so I would suggest carrying out some research. Why does the company need a firewall? What rules do they want to deploy on the firewall? Based on the answers to those questions the company can make a call. 

I would rate this solution a nine out of 10. 

This product is our firewall that protects our connections from the internet. It controls access for our employees when they want to access streaming media websites such as YouTube.

It controls the connection to our resources that originate from outside of our infrastructure.

We use it to monitor users and their activity including which websites they visit and what portals they use.

This product is compatible with my business and our market.

This Sophos product has a lot of features included.

This product does load-balancing between our connections. This is helpful because our infrastructure in Egypt is not stable and it requires several connections to achieve the required performance.

Sophos Control Center is a good feature. We can monitor everything from the control panel.

It can be used to create a VPN connection between users and our server. 

The performance and speed of the appliance are good. I have also tried the software deployment, without the appliance, and it was also good.

The VPN features can be improved. Due to covid-19, we have a lot of employees that work from home and we need better VPN capabilities.

We would like to be able to override policies set by the country. For example, VPN is banned in Egypt. If we could bypass this then it would be helpful because it would allow us to distribute our connections, or services, to other sites. 

After upgrading from version 17 to 18, not everything is in the same place in the interface. For example, the firewall rules are in a different place. Consequently, my IT team department cannot understand the portal and find it not user-friendly. They were used to the previous version.

Better training should be available because there is nothing on the Sophos website to assist with setting up VPN connections or VPN SSL certificates. For instance, there is nothing to explain how to configure the DDNS.

We have been using Sophos XG for between six and seven years, since 2015.

This product is usually stable. In the past few days, I have found problems where some services are not stable. This is something that I have used the portal to submit a ticket for.

We have 90 people working on the network concurrently. Combined, they have between 300 and 350 open sessions.

When the size of our staff increased, we purchase another appliance to expand our infrastructure. Beyond that, I haven't been able to test scalability.

In addition to the recent ticket I created for technical support, I keep in touch with them. The support is okay.

Previously, we used the Microsoft TMG firewall, and I have also used Cisco ASA.

I already had some experience with Sophos and firewalls. The first time I attended a Sophos event, I made a deal with Sophos and they helped me learn how to transition from TMG.

The user interface with Sophos is easier to use. For example, Sophos makes it is easier to create firewall rules for a VPN connection to the outside. With the other vendors such as Cisco, the process is more complex. 

Fortinet is also a top firewall provider but I recommend Sophos because it is more stable. I have limited experience with FortiGate.

The initial setup was easy. It was not complex for our IT department but you need some technical knowledge to do things such as creating a VPN connection between two endpoints, either site-to-site or site-to-client. You should also be familiar with SSL certificates.

The setup took between two and three hours, and after that, we had to prepare our network connections. It took two days in total.

No maintenance is required for the appliance.

We used a system integrator to assist us with the transition from TMG to Sophos.

We pay licensing fees of approximately $2,000. We have a contract for three years.

The vendor is very professional when it comes to firewall products. Aside from the issues with the VPN, It has all of the features that we need.

My advice for anybody considering this product is that the result depends on your country. In my country, there are a lot of problems with ransomware and viruses. Sophos has already helped to mitigate and stop issues such as these on our network. It is the best firewall on the market.

I would rate this solution a ten out of ten.

I am an integrator of this solution, and I have installed it in small- and medium-sized businesses and schools.

My company now spends less time tracking issues because of the security provided by Sophos XG in conjunction with Sophos Endpoint protection.

The security of the solution, thanks to the built-in unified threat management, is one of its most valuable features. Plus, one single pane of glass is all you need to manage the whole solution, and web management can be done from anywhere. If I get a call and I'm at home, I can open the solution in a web browser and address the situation.

I have been using this solution since 2013.

The stability of this solution is excellent. 

The solution is available in different sizes. As long as you purchase a version that is larger than you currently need, there is room to grow. If you purchase one for your current needs, then the scalability is not good and you're going to have to repurchase if you want to scale up. On a scale of one to ten, I would give this solution a five or six for scalability. 

I would rate the technical support as a ten out of ten. I'm a Sophos partner, and their partner support is excellent. 

Positive

I previously used Cisco Meraki, but Sophos XG has built-in web filtering and is a better overall security solution. Due to these features, I have tried to migrate as many of my schools to Sophos XG as possible.

On a scale of one to five, with five being complex, I would rate the initial setup as a four. If you don't understand the terminology and how Sophos designates the way they do things, then it is a little confusing.

Depending on the location, most deployments take a day. We leave the current firewall in place while we configure the new one, then we swing the cable over and fire up the new firewall. That way if we have to take it back offline, we can keep the client productive until we are done configuring the new firewall.

For deployment you really only need one person, and maintenance can easily be handled by one person, too.

The pricing depends on the size. Each Sophos XG solution is custom fit to the size of the client's network. For example, for the XG 135, you're looking at a yearly subscription. You can get a one-year subscription for a few hundred dollars, or a three-year subscription for $1,500-$1,600, so it's not bad. There are no costs in addition to the standard licensing fees. I would rate the pricing as a three point eight on a scale of one to five.

I've had schools running different firewalls with subscriptions and different web filters with subscriptions, and I've found that it is less expensive for smaller schools to run Sophos XG with its unified threat management instead of multiple appliances.

I have evaluated some other options. It really boils down to price, and I haven't had a chance to explore Palo Alto much. I've played with PortaNet a little bit, but I think that Sophos XG has better features for the price point.

For the standard end user, self-based training is necessary. When you get into the Sophos XG firewall and try to start creating NAT rules, it can be a little cumbersome for a novice. It's pretty easy once you know how to do it, but it will be hard for anybody who doesn't have experience.

My advice to someone purchasing this solution would be to look closely at the licensing package to make sure they get what they need.

For small businesses and small schools, I would rate this solution as an eight out of ten.

I use Sophos XG as a content filtering, web filtering, and application filtering utility, as well as to integrate with the endpoint antivirus software. 

I have Sophos Endpoint Antivirus installed on the user machines as well, i.e. the Central Cloud Management version. That's our main use. 

Sophos XG has cybersecurity. It integrates with the antivirus software.

I have a serious problem because our offices are scattered around the world in very remote areas. We cannot deploy proper branch office guides, active directory sites, and software services. 

It is impossible to apply any sort of group policy on the user machines, which makes it very hard to control issues like USB ports, access to cameras, or access to any preferences on the user machines. 

With the integration between Sophos UTM and the installed endpoint antivirus, you can now manage all those features from your cloud subscription. You can allow and block whatever you want from the cloud. 

You can allow whatever USB ports you want for specific devices with specific IDs, serial numbers or modems. The machine gets updated online or updated from the antivirus settings, i.e. the UTM unit itself.

The UTM unit itself has a cache update on it. Once the clients behind the UTM get updated, they get access or they get denied access to the hardware resources they are applying for. This is a major benefit for us.

The application filters available with Sophos XG are brilliant. The sandboxing and the way the firewall or the UTM integrates with the installed endpoint antivirus clients on the user machines is brilliant. You get the chance to isolate network threats before they become active or become distributed on your network. 

With the cloud version of Sophos XG, you get the proper visibility of your network and the user machines. With the cloud versions of the antivirus, i.e. the cloud central management of the antivirus, you get high visibility.

With the application between the installed Sophos UTM, you get a high level of visibility of what's happening on your network or on your client machines. You get protected against threats. You get proper visibility. That solves a major issue.

There was a big issue with the Cyberoam and with the SG units as well, i.e. the previous Sophos UTM model. With Sophos XG, you get the chance to block what sites operate on SSL or that operate with HTTPS, without the need of extracting and distributing a certificate. 

On older Cyberoam and Sophos SG old versions, if you wanted to block something like YouTube or Facebook or any other websites that operate with HTTPS, you had to extract the certificate. Then you had to export that certificate. Then you had to re-import that certificate in all the user browsers. 

The only problem was if you needed to use an active directory where those certificates would be automatically thrown into the user browsers once they logged in to the domain. 

For a scenario like mine where you don't have a group policy, it is a disaster and ends up with you setting the rules to block certain websites with HTTPS on the firewall, even while they are not being blocked so that the user will still have access to them. This problem is now 100% sorted out with Sophos XG.

Now you can actually block whatever you want, whether it's using HTTPS or HTTP keys from the firewall without the need for extracting certificates. That's a major improvement. That problem with the HTTPS settings was a huge issue. 

I know other people must be enjoying that it's sorted out now. It was a serious and major issue for Sophos. The only issue that Sophos XG now needs to improve is the product's reporting capabilities.

Sophos XG is stable enough for our requirements.

We have about 450 Sophos XG users currently using this edition and 300 for the antivirus platform installed on the machines, plus in-service, around 310. We also have around 15 additional units deployed around the world.

I'll give Sophos XG technical support an eight out of ten for their service.

I used Cyberoam previously, although I always used it as a UTM only. What made me move to Sophos is that they were acquired, i.e. they acquired Cyberoam to start with the development. At that time the software had many features that were not available with FortiGate, in terms of content filtering, and it was an appliance when Websense was the software to be installed on a server. 

There was a problem with our operating system with some of the updates, i.e. with the operating system or the hardware. I moved from Websense to Cyberoam because it wasn't applying properly.

The initial setup is definitely something different than the old Cyberoam and it's a bit complex. If you've been dealing with UTMs and you understand the concept, it is still complex but then I find it enjoyable.

Sophos XG is not hard to configure. Too much detail is always good. 

I required three or four hours for the initial setup. One day for the testing, fine-tuning, optimizing, and categorizing. Three days for the first unit with the initial setup and the customization including testing. Finally, three days for testing all the rules, the QA, and then putting everything live. 

I used to work for an integrator myself years ago, as well as my team. We are all trained. We are all professional in what we are doing. No external help was used.

Our ROI is 100%. I've got the ransomware attacks being blocked. I've got the users' consumed bandwidth by using proxy bypasses and all sorts of applications being blocked now. 

It's saving on the companies and the employees working hours and time. It's saving on minimizing virus infections and applications that the users like to use on their machines in order to bypass blocking USB ports or cameras. 

It is saving the company money by saving bandwidth and saving employees time by not allowing them to access time-wasting websites.

We have the annual license for Sophos XG. It all depends on what you would like to have in the package that you are purchasing.

I evaluated FortiGate but wasn't happy with it. I evaluated another group called WatchGuard. WatchGuard has good features in it, but it's for a smaller business scale than the Sophos clients.

I evaluated Cisco ASA or PIX but now, I use Sophos XG as the firewall. I have confidence in their unit. Before Cyberoam and Sophos, I used FortiGate and Websense for our UTM requirements.

I recommend that everyone should have a proper understanding of new network requirements and then enjoy it. Sophos XG is definitely a good product.

On a scale of 1 to 10, I would give Sophos XG an eight.