Sophos XG Reviews

We primarily use Sophos XG as edge routers and edge firewalls, also known as border firewalls. We configure rules where specific users are allowed internet access and use rules for policy routing. We also control traffic for specific services, such as directing emails to one service provider while normal internet usage goes to another.

Sophos XG has helped us reduce virus and malware attacks. This allows our IT team to spend less time on troubleshooting and more on productive work. The ability to control what comes into and goes out of the network improves overall efficiency.

Sophos XG's most effective features for threat detection and management are its UTM components, which are useful for malware prevention and intrusion detection.

The firewall could be made more robust, particularly by simplifying two-factor authentication. It should also improve SD WAN capabilities. Additionally, there are issues with site-to-site VPNs dropping connections, which can be frustrating.

We have been using the solution since 2018.

Stability is generally okay. Customers have used the equipment all the way to end of life without major issues.

Scalability is not very flexible. You can't upgrade memory or storage on a specific model, which limits scalability.

The quality of support varies. The team handling application control is very good, but we have had bad experiences with the VPN support team. It all depends on the specific team you are dealing with.

Neutral

The setup is user-friendly and quite straightforward, especially for basic configurations.

Sophos XG reduces virus and malware attacks, addressing network efficiency and cost savings indirectly by minimizing the time spent on troubleshooting.

Pricing is reasonable. You get a perpetual license. That said, you must pay for support and updates. The cost depends on the package you are in, such as full threat management or basic.

We have also worked with Fortinet Firewalls and Palo Alto. Price-wise, Sophos XG is reasonable when comparing similar models.

When recommending Sophos, we consider the customer's specific requirements and infrastructure compatibility. Sophos is user-friendly and suitable for environments without highly technical staff because it is easy to manage.

I'd rate the solution eight out of ten.

We use the product for traffic and security control. 

We currently have multiple clients, and many users are working remotely. We need antivirus protection to guard against malware introduced from public networks. One of the most beneficial features of Sophos XG is its integration with Sophos Central. If any file is detected as malicious on any endpoint or firewall, Sophos Central immediately identifies the threat and publishes the information across all endpoints and firewalls. If a single system gets infected, the threat is communicated and addressed across the entire network, including all sites and remote users.

One drawback I've noticed with Sophos XG is that sometimes, the platform can become unresponsive. I've observed that it occasionally hangs, causing traffic to get stuck. During these times, users cannot access the internet or any services routed through the Sophos Firewall. This issue happens randomly and isn't something we've encountered with other firewalls like FortiGate, which we used in the past.

Dealing with licensing has been a big challenge for us. Despite our efforts to resolve issues through our sales contact, we've faced limitations. After confirming our purchase orders, we had to escalate the issue. We were ready to extend our licenses for two or three months.

I have been working with the product for a year. 

We haven't seen any major issues with customer support from Sophos. We have faced some problems, but we understand that the support team can sometimes be unresponsive.

Positive

When comparing FortiGate to Sophos XG, I would say that if I'm working on large-scale asset monitoring and security purposes, especially if I have a data center that requires firewall security, then FortiGate would be my choice. It's faster and more responsive than Sophos XG support. 

The tool's deployment takes two to three hours to complete. It doesn't require any maintenance. You would need one engineer to handle one application. 

I can say there has been some return on investment. It's good, but I would still say it's higher by about 10-15 percent compared to other market products with similar configurations.

The tool's pricing and licensing are very complex. As a developing company, we need approvals from management to make a purchase, which can take time. We asked Sophos XG to renew our current firewall license for one or two months while we plan to accommodate our increasing IT assets.

I rate the overall product an eight out of ten. 

I primarily use the solution for managing my firewall. I'm managing my internet and my laptops in my company. I'm a personal domain controller. I'm tasked with blocking some websites with it and I'm managing my updates through it. I'm basically controlling the flow of the internet through it.

I block a lot of sites. I'm controlling the flow of the internet directed to Office 365 so that people can use it easily and fluently. They can upload and send emails easily without hassle and without accessing the internet. I'm also controlling Teams, Zoom, and other stuff for chatting online. Without this solution, I would have no control.

Content blocking for websites is the most valuable aspect of the solution. A lot of employees always want to use Facebook and other non-work-related sites. I'm always blocking that.

The initial setup is easy.

The stability is good.

Scaling is not an issue. 

The reporting needs to be much better. Sometimes I have a lot of trouble understanding what they mean.

Sometimes it misses websites. For example, websites the users shouldn't be able to enter, or sometimes these websites are not shown in this log viewer. It's just occasional misses here and there. 

Technical support could be more responsive and quicker in getting to a solution. 

I've been using the solution for at least three years now.

I have found the stability to be very good. There have been no hiccups, no restarts, nothing like that. It doesn't hang and there are barely any bugs. 

It's my understanding that they have a solution called RED, and I can upgrade it with another one to make a VPN between them. I haven't tried it yet. I'm looking at it as I have another office. I want to research scaling and have the offices together. From what I have seen, it will be easy.

Right now, we have about 50 users and 10 VPNs. That includes everyone from financial and procurement managers to the CEO, chairman, and HR department, and other operations staff.

We don't have any plans to increase users right now as we haven't increased in population, in employees number. That said, I use it a lot every day. I have to manage my firewalls through it.

In my experience, technical support takes a while to get things done. In the past, I stuck with them for a while. It took about three weeks to serve us up a solution. I don't remember what the problem was as it was a long time ago. It might have been something about the subscription or something like that. What I do remember is it took a very long time. 

I had a previous firewall, and I just swapped it out. I didn't have to change anything about my network. We previously used a firewall called MikroTik.

With MikroTik, its GUI was very bad. It's very old. Everything was manual. There were no tutorials and it was open-source. You had to search for yourself and do everything yourself. There was no support even from the company.

It was really easy for me, to be honest. The initial setup is very straightforward and simple. It's not overly complex. I had a firewall before that, so I knew what to expect. The implementation was done by a company that I bought this from. They installed it for me. It took about an hour and a half, or something like that. 

I can't recall how many staff covered deployment. The deployment happened three years ago now. 

I didn't need the assistance of an integrator or reseller. 

The solution has saved me a lot of time and enhanced my workflow for my company. It enhanced employees' work time and enhanced the internet connectivity for emails. On top of that, there was no downtime with the internet. That was the basic ROI we've seen.

The subscription for this product is yearly. The last time I bought it two years ago it was about $2,000. There's just a subscription fee. There aren't any other costs. 

I also looked at Fortinet, however, from my research, I was told that Sophos had better reporting. With Fortinet, you have to buy a server to handle reporting. With Sophos, this is unnecessary. 

I'm a customer and an end-user.

I'd rate the solution at an eight out of ten. 

Our primary use case of this solution is for protection and to have better governance for our LAN usage. I've got a lot of people working from outside on the corporate infra and all policy based decisions happen there. The solution is basically a firewall that protects us from various internet threats, but other than that provides controlled and properly managed access using various rules of VPN and other fingerprints of people logging in. I'm the CTO of the company and we are customers of Sophos.  

The interface is great and easy to understand. Any firewall engineer who has medium to moderate experience on bylaws, can easily understand the UI. The language presented on various features and the in-built help, is very intuitive. If you have a problem you can figure it out there and then. As a result, there is less probability that we'll call tech support.

The solution really needs some additional features like network access control. If they could incorporate some user profiling and present the analytics of the login user usage patterns, or a typical proper management dashboard to take a decision on the firewall rules, that would be useful. Basically, MI's and the dashboard could be more user friendly. The information is there but the dashboards are not in a graphical format. In short, I'd like to see network access control, user profiling and analytics dashboards. It would make the solution a more competitive product on the market. 

I've been using this solution for over four years. 

This is a stable solution. I haven't had any firewall crashes or any non-performing rules for over two years. We are a hospital so all the lights of all the devices should be on 24/7, 365 days a year.

We manage and control around 250-300 internal users. There would probably be another 75-100 logging in externally.

This is definitely a scalable solution. The way we've configured it, if a device goes down, it can be shut off and removed from the network for repairs or updates and our second firewall automatically takes the load.

We only used technical support during our initial deployment. After that, we didn't need support because the product was working perfectly well. We trained ourselves on the newer software and we are capable of managing and maintaining our own firewalls. In addition, Sophos provides online documentation which is very user friendly. If you follow the steps you get the result. 

I previously used Cisco's firewall ASA and it was extensively implemented in my earlier role. The main reason to migrate to Sophos was due to their aggressiveness in terms of pricing but also the fact that they had features that Cisco did not have.

The initial setup was very straightforward. Deployment took somewhere between six and eight hours. 

There's no annual licensing fee. When we purchased the product, it was with a five year agreement bundled in with the product price and the recent rollout is not yet five years old. When we renew, we'll renegotiate. I can't differentiate between the product costs and the licensing costs at this point. We're very lucky that we get one of the best deals in the country in terms of pricing. The Sophos-backed pre-sales and implementation team were very cooperative and collaborative which really helped us make the decision to choose Sophos.

I would definitely recommend this solution but it's only suitable if it fits the needs of the company so I would suggest carrying out some research. Why does the company need a firewall? What rules do they want to deploy on the firewall? Based on the answers to those questions the company can make a call. 

I would rate this solution a nine out of 10. 

This product is our firewall that protects our connections from the internet. It controls access for our employees when they want to access streaming media websites such as YouTube.

It controls the connection to our resources that originate from outside of our infrastructure.

We use it to monitor users and their activity including which websites they visit and what portals they use.

This product is compatible with my business and our market.

This Sophos product has a lot of features included.

This product does load-balancing between our connections. This is helpful because our infrastructure in Egypt is not stable and it requires several connections to achieve the required performance.

Sophos Control Center is a good feature. We can monitor everything from the control panel.

It can be used to create a VPN connection between users and our server. 

The performance and speed of the appliance are good. I have also tried the software deployment, without the appliance, and it was also good.

The VPN features can be improved. Due to covid-19, we have a lot of employees that work from home and we need better VPN capabilities.

We would like to be able to override policies set by the country. For example, VPN is banned in Egypt. If we could bypass this then it would be helpful because it would allow us to distribute our connections, or services, to other sites. 

After upgrading from version 17 to 18, not everything is in the same place in the interface. For example, the firewall rules are in a different place. Consequently, my IT team department cannot understand the portal and find it not user-friendly. They were used to the previous version.

Better training should be available because there is nothing on the Sophos website to assist with setting up VPN connections or VPN SSL certificates. For instance, there is nothing to explain how to configure the DDNS.

We have been using Sophos XG for between six and seven years, since 2015.

This product is usually stable. In the past few days, I have found problems where some services are not stable. This is something that I have used the portal to submit a ticket for.

We have 90 people working on the network concurrently. Combined, they have between 300 and 350 open sessions.

When the size of our staff increased, we purchase another appliance to expand our infrastructure. Beyond that, I haven't been able to test scalability.

In addition to the recent ticket I created for technical support, I keep in touch with them. The support is okay.

Previously, we used the Microsoft TMG firewall, and I have also used Cisco ASA.

I already had some experience with Sophos and firewalls. The first time I attended a Sophos event, I made a deal with Sophos and they helped me learn how to transition from TMG.

The user interface with Sophos is easier to use. For example, Sophos makes it is easier to create firewall rules for a VPN connection to the outside. With the other vendors such as Cisco, the process is more complex. 

Fortinet is also a top firewall provider but I recommend Sophos because it is more stable. I have limited experience with FortiGate.

The initial setup was easy. It was not complex for our IT department but you need some technical knowledge to do things such as creating a VPN connection between two endpoints, either site-to-site or site-to-client. You should also be familiar with SSL certificates.

The setup took between two and three hours, and after that, we had to prepare our network connections. It took two days in total.

No maintenance is required for the appliance.

We used a system integrator to assist us with the transition from TMG to Sophos.

We pay licensing fees of approximately $2,000. We have a contract for three years.

The vendor is very professional when it comes to firewall products. Aside from the issues with the VPN, It has all of the features that we need.

My advice for anybody considering this product is that the result depends on your country. In my country, there are a lot of problems with ransomware and viruses. Sophos has already helped to mitigate and stop issues such as these on our network. It is the best firewall on the market.

I would rate this solution a ten out of ten.

I am an integrator of this solution, and I have installed it in small- and medium-sized businesses and schools.

My company now spends less time tracking issues because of the security provided by Sophos XG in conjunction with Sophos Endpoint protection.

The security of the solution, thanks to the built-in unified threat management, is one of its most valuable features. Plus, one single pane of glass is all you need to manage the whole solution, and web management can be done from anywhere. If I get a call and I'm at home, I can open the solution in a web browser and address the situation.

I have been using this solution since 2013.

The stability of this solution is excellent. 

The solution is available in different sizes. As long as you purchase a version that is larger than you currently need, there is room to grow. If you purchase one for your current needs, then the scalability is not good and you're going to have to repurchase if you want to scale up. On a scale of one to ten, I would give this solution a five or six for scalability. 

I would rate the technical support as a ten out of ten. I'm a Sophos partner, and their partner support is excellent. 

Positive

I previously used Cisco Meraki, but Sophos XG has built-in web filtering and is a better overall security solution. Due to these features, I have tried to migrate as many of my schools to Sophos XG as possible.

On a scale of one to five, with five being complex, I would rate the initial setup as a four. If you don't understand the terminology and how Sophos designates the way they do things, then it is a little confusing.

Depending on the location, most deployments take a day. We leave the current firewall in place while we configure the new one, then we swing the cable over and fire up the new firewall. That way if we have to take it back offline, we can keep the client productive until we are done configuring the new firewall.

For deployment you really only need one person, and maintenance can easily be handled by one person, too.

The pricing depends on the size. Each Sophos XG solution is custom fit to the size of the client's network. For example, for the XG 135, you're looking at a yearly subscription. You can get a one-year subscription for a few hundred dollars, or a three-year subscription for $1,500-$1,600, so it's not bad. There are no costs in addition to the standard licensing fees. I would rate the pricing as a three point eight on a scale of one to five.

I've had schools running different firewalls with subscriptions and different web filters with subscriptions, and I've found that it is less expensive for smaller schools to run Sophos XG with its unified threat management instead of multiple appliances.

I have evaluated some other options. It really boils down to price, and I haven't had a chance to explore Palo Alto much. I've played with PortaNet a little bit, but I think that Sophos XG has better features for the price point.

For the standard end user, self-based training is necessary. When you get into the Sophos XG firewall and try to start creating NAT rules, it can be a little cumbersome for a novice. It's pretty easy once you know how to do it, but it will be hard for anybody who doesn't have experience.

My advice to someone purchasing this solution would be to look closely at the licensing package to make sure they get what they need.

For small businesses and small schools, I would rate this solution as an eight out of ten.

I use Sophos XG as a content filtering, web filtering, and application filtering utility, as well as to integrate with the endpoint antivirus software. 

I have Sophos Endpoint Antivirus installed on the user machines as well, i.e. the Central Cloud Management version. That's our main use. 

Sophos XG has cybersecurity. It integrates with the antivirus software.

I have a serious problem because our offices are scattered around the world in very remote areas. We cannot deploy proper branch office guides, active directory sites, and software services. 

It is impossible to apply any sort of group policy on the user machines, which makes it very hard to control issues like USB ports, access to cameras, or access to any preferences on the user machines. 

With the integration between Sophos UTM and the installed endpoint antivirus, you can now manage all those features from your cloud subscription. You can allow and block whatever you want from the cloud. 

You can allow whatever USB ports you want for specific devices with specific IDs, serial numbers or modems. The machine gets updated online or updated from the antivirus settings, i.e. the UTM unit itself.

The UTM unit itself has a cache update on it. Once the clients behind the UTM get updated, they get access or they get denied access to the hardware resources they are applying for. This is a major benefit for us.

The application filters available with Sophos XG are brilliant. The sandboxing and the way the firewall or the UTM integrates with the installed endpoint antivirus clients on the user machines is brilliant. You get the chance to isolate network threats before they become active or become distributed on your network. 

With the cloud version of Sophos XG, you get the proper visibility of your network and the user machines. With the cloud versions of the antivirus, i.e. the cloud central management of the antivirus, you get high visibility.

With the application between the installed Sophos UTM, you get a high level of visibility of what's happening on your network or on your client machines. You get protected against threats. You get proper visibility. That solves a major issue.

There was a big issue with the Cyberoam and with the SG units as well, i.e. the previous Sophos UTM model. With Sophos XG, you get the chance to block what sites operate on SSL or that operate with HTTPS, without the need of extracting and distributing a certificate. 

On older Cyberoam and Sophos SG old versions, if you wanted to block something like YouTube or Facebook or any other websites that operate with HTTPS, you had to extract the certificate. Then you had to export that certificate. Then you had to re-import that certificate in all the user browsers. 

The only problem was if you needed to use an active directory where those certificates would be automatically thrown into the user browsers once they logged in to the domain. 

For a scenario like mine where you don't have a group policy, it is a disaster and ends up with you setting the rules to block certain websites with HTTPS on the firewall, even while they are not being blocked so that the user will still have access to them. This problem is now 100% sorted out with Sophos XG.

Now you can actually block whatever you want, whether it's using HTTPS or HTTP keys from the firewall without the need for extracting certificates. That's a major improvement. That problem with the HTTPS settings was a huge issue. 

I know other people must be enjoying that it's sorted out now. It was a serious and major issue for Sophos. The only issue that Sophos XG now needs to improve is the product's reporting capabilities.

Sophos XG is stable enough for our requirements.

We have about 450 Sophos XG users currently using this edition and 300 for the antivirus platform installed on the machines, plus in-service, around 310. We also have around 15 additional units deployed around the world.

I'll give Sophos XG technical support an eight out of ten for their service.

I used Cyberoam previously, although I always used it as a UTM only. What made me move to Sophos is that they were acquired, i.e. they acquired Cyberoam to start with the development. At that time the software had many features that were not available with FortiGate, in terms of content filtering, and it was an appliance when Websense was the software to be installed on a server. 

There was a problem with our operating system with some of the updates, i.e. with the operating system or the hardware. I moved from Websense to Cyberoam because it wasn't applying properly.

The initial setup is definitely something different than the old Cyberoam and it's a bit complex. If you've been dealing with UTMs and you understand the concept, it is still complex but then I find it enjoyable.

Sophos XG is not hard to configure. Too much detail is always good. 

I required three or four hours for the initial setup. One day for the testing, fine-tuning, optimizing, and categorizing. Three days for the first unit with the initial setup and the customization including testing. Finally, three days for testing all the rules, the QA, and then putting everything live. 

I used to work for an integrator myself years ago, as well as my team. We are all trained. We are all professional in what we are doing. No external help was used.

Our ROI is 100%. I've got the ransomware attacks being blocked. I've got the users' consumed bandwidth by using proxy bypasses and all sorts of applications being blocked now. 

It's saving on the companies and the employees working hours and time. It's saving on minimizing virus infections and applications that the users like to use on their machines in order to bypass blocking USB ports or cameras. 

It is saving the company money by saving bandwidth and saving employees time by not allowing them to access time-wasting websites.

We have the annual license for Sophos XG. It all depends on what you would like to have in the package that you are purchasing.

I evaluated FortiGate but wasn't happy with it. I evaluated another group called WatchGuard. WatchGuard has good features in it, but it's for a smaller business scale than the Sophos clients.

I evaluated Cisco ASA or PIX but now, I use Sophos XG as the firewall. I have confidence in their unit. Before Cyberoam and Sophos, I used FortiGate and Websense for our UTM requirements.

I recommend that everyone should have a proper understanding of new network requirements and then enjoy it. Sophos XG is definitely a good product.

On a scale of 1 to 10, I would give Sophos XG an eight.

I'm using the solution mainly for its firewall application and to prevent intrusion in the system. The XG platform is very powerful from the perspective of identification and to prevent potential attacks on the system due to its the capacity to predict and to anticipate the potential damage on the system.

It's integrated inside the system, meaning that it can control all the endpoints in the system and talk with them and identify any potential situation. It can also isolate one area inside the system without compromising the entire system. This allows you to isolate the initial problem without involving the entire infrastructure. 

You have real-time control of all your infrastructure. It is integrated with the hardware and offers good performance alongside the hardware and by the firmware, and these work together to control the entire infrastructure.

The real-time control on offer is excellent.

We really appreciate that you can segment and quarantine certain sections of your system without having to shut down the entire operation.

The product has artificial intelligence that has the capability to quickly identify which could be the potential risk mainly for intrusions like ransomware or a new kind of typology of attacks that are in place right now. 

The idea is to mainly prevent the condition and not to manage the situation, as, if that happens, in many ways, it's already too late. It's to identify the condition that can help the company to prevent or mainly to reduce the risk of an intrusion. In that sense, its performance is excellent. 

The product is doing it job without affecting the system with a heavy load. The activity on offer is very light in terms of resources that are required by the system. It does not require a lot of resources in terms of memory, et cetera. There is no performance impact on the system. The customer doesn't detect its presence on the system when it's working, and yet they still get all of the great benefits of protection.

The solution has been quite stable. 

It's a product that is in continuous improvement and is following what the customer is asking. They are taking inputs and designing new releases specifically according to the client and their needs.

It's one of the best products on the market as it really understands where the market is moving and iterates based on the future. It's constantly improving. It does a great job at keeping confidentiality while guaranteeing security.

The solution doesn't just offer theoretical security, it really does offer very good, real-time security and delivers on its promise to the client.

There is no specific features request right now really. I see that all the features that Sophos is implementing and is proposing on the market follow exactly what the market is asking. It's difficult to identify something that is missing compared with what the market can ask as one of the most important things that Sophos does is have the capability to anticipate in a certain way what the market expects. As a leader on the market, they tend to have the solution just before the market is asking them for it. 

The solution could offer a bit more integration with other systems, with other platforms - just to be able to extend the capability and to interface with other kinds of platforms or systems that I can find on the market as it gives the possibility to improve the level of integration.

The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's very reliable.

The solution is quite scalable. You have to consider that all Sophos products are scalable. This is one of the main characteristics of the system. It means that you can start with a base solution that is very simple and improve this step by step without losing what you have done in the past. It's scalable in the sense that you have a different layout that you can cover, however, you don't have to dismiss what you have done in the past. You have just to integrate. In this way, if you consider the cost of implementation for the company, it has the possibility to optimize the cost because the company has the possibility to appreciate the system initially, and then improve the system step by step without losing what has been done in the past.

This means the company has the possibility to distribute the cost if you're in a certain period of growth. Normally some companies start to say, "I want to guarantee to control to the outside with a certificate and give the possibility to access my data in a controlled way. After that, I want to extend the security on the email that is managed by the company. I want to encrypt the data on the server and so on." All these features can be approached in a step-by-step manner instead of all at once, and you can implement them on the system in different ways and at different times.

We normally have about 50 users and around five technicians.

I also currently use Cisco products alongside Sophos.

However, we did not previously use a solution that was different from Sophos.

The initial setup is not so complicated. The system is not complicated to understand and also in can be installed without a very high level of expertise. Of course, if you have this kind of expertise, you can obtain from the system the maximum performance that the system can do, however, it means that you are not obliged to be a guru to be able to use these kinds of products. You can use these kinds of products just as an IT manager inside the company without having or needing special knowledge. 

Otherwise, you can leave to Sophos with the capability of doing something like a close box. You are sure that Sophos is able to guarantee the level of security that you are expecting. You can have it be automatic, or you can choose to go more manual in its operations. For example, if you were a professional photographer, you'd probably like a manual experience, as it would allow you more leeway with your craft, and if you were an amateur, you 'ld likely prefer an automatic camera that handles the heavy lifting for you. Sophos, in that sense, is the same. If you want, you can configure single parameters, or you can leave it to Sophos to give you something out-of-the-box.

In any case, if you stay on the automatic configuration, you are guaranteed that the system can provide the correct level of service that you want. It means that it's not required to have an expert. That said, you need of course to have a minimum level of knowledge, as it's clear that you need to know what you are managing. Starting from that, you can obtain what you need without moving into an advanced configuration.

Typically, a configuration takes about half a day or so, if you go that route. It doesn't take long, as those who would handle it would know what they are doing.

We handled the implementation ourselves, in-house. We did not need the assistance of an implementor or consultant. I have enough knowledge on the solution to manage it myself.

I'm mainly a user. Sometimes I handle installations.

I'm using the latest version of the solution. I don't have the version number on-hand.

We do plan on continuing to use the solution. I've been quite please with it overall.

I would recommend the solution to others. It's worked quite well so far and really leads the market.

I would rate the solution at a ten out of ten.