Sophos XG Reviews

The majority of our customers use Sophos XG as a traditional firewall. Some use it for endpoint protection, which is similar to anti-virus.

We also have customers that have SD-WAN as part of their use case. For the most part, it is a firewall, it depends on what the customer environment looks like that would determine how you're going to configure the appliance to work for the customer.

Technology can deliver what you want based on your environment, what you do may differ from what others do.

We have customers from insurance, some oil, and gas, as well as some from the banking sector. Based on the technicality and the peculiarities of the environment, we must explain the technology, of how Fortinet delivers its own firewall, and also others such as Check Point, and Palo Alto deliver their own firewall.

With the explanation given the customer can choose the solution, they want in their environment.

Sophos XG is easy to use.

The only area that requires improvement is scalability.

I understand why scalability is difficult in all firewalls. I understand why it is difficult in our firewalls. If you want to scale, you can scale vertically or horizontally. That is the world of scalability. However, you cannot do so for the firewall. It's a forklift, you have to buy a new appliance.

We have been deploying Sophos XG for our customers for many years.

The stability is based on the environment.

Every firewall solution has a different level of scalability. The majority of firewalls are based on the user. Scalability, in Sophos XG, requires a forklift.

The scalability could be improved.

We have between 12 and 16 customers.

I have never contacted technical support.

We have deployed more Sophos this year than in any previous year.

I have six engineers dedicated to deploying and maintaining the solution.

It is a price-based solution, not based on technology.

Licensing fees are paid on a yearly basis.

I would recommend this solution to others who are interested in using it.

I would rate Sophos XG an eight out of ten.

I mainly use Sophos XG for network firewall protection and VPN access. It helps secure our internet connection and allows us to manage our network traffic efficiently. Additionally, we use it for monitoring our local network.

Sophos XG has significantly improved our remote workforce security. It effectively safeguards our information systems and data, while also enabling us to restrict access to unauthorized websites. This has been particularly valuable for ensuring productivity and security across all our branches nationwide.

The most valuable features of Sophos XG for our use cases are its firewall capabilities, its ability to connect to wide area and local networks, and its VPN functionality. It effectively protects our information systems while simplifying VPN setup across branches, eliminating the need for additional VPN services from our internet service provider.

One area where Sophos XG could improve is in its patch management system. I encountered an issue where installing a new patch resulted in being locked out of the firewall, which was quite inconvenient. This suggests a vulnerability that needs addressing to ensure administrators can update patches without losing access. Such incidents shouldn't require a complete reconfiguration, so there is definitely room for improvement in this aspect.

One piece of advice I would offer is for Sophos XG to consistently incorporate the latest technologies to stay competitive with other vendors. Ensuring that new features are regularly updated and integrated into future products will enhance the platform's effectiveness and appeal to users.

I have been working with Sophos XG for seven years.

I would rate the stability of the solution as a ten out of ten.

I would rate the scalability of the solution as an eight out of ten. It is highly scalable and capable of covering a growing number of end users. Whether managing a small or large user base, its scalability makes it adaptable to varying network sizes and user demands. In my organization, we have approximately two thousand users across various branches using Sophos XG daily.

I would rate the initial setup of Sophos XG as a solid ten out of ten in terms of ease. With a clear understanding of the process and step-by-step guidance, setting it up was straightforward and hassle-free.

It took me around 30 minutes to deploy Sophos XG. The deployment process involved configuring the LAN, WAN, and VPN settings at each branch. Once connected to the switch and router, it was ready to use, making it a straightforward and quick setup process. 

Maintaining Sophos XG typically requires only one or two people, depending on the size and complexity of the network deployment.

The most effective feature of Sophos XG for threat prevention is its regular patch management system. By consistently updating software and firmware with new patches, it helps prevent attacks by addressing vulnerabilities and staying ahead of emerging threats.

The web filtering capability of Sophos XG has benefited our organization by effectively blocking users from accessing specific websites during office hours and even restricting access to certain sites altogether. This feature has been instrumental in enforcing our web usage policies and ensuring a secure browsing environment.

The performance of Sophos XG's firewall has met our expectations perfectly.

We have integrated Sophos XG with other security equipment such as routers and switches. While we primarily use it as a standalone product, in some branches, we have connected it with other security solutions for enhanced protection.

I would recommend implementing Sophos XG for its effectiveness as a firewall. Before installing it, consider factors like your current network equipment, intended use, user compliance with security controls, and whether your technical staff may need training if they're unfamiliar with Sophos firewall.

Overall, I would rate Sophos XG as a ten out of ten.

We use Sophos XG for ensuring security, implementing web filtering, enforcing policies, and blocking traffic as needed.

I appreciate its interface, but I find that the available ports are insufficient. I've encountered limitations, often finding that three to four ports are not adequate for our needs.

It stands out with its side-to-side VPN and SSL VPN capabilities.

The most significant aspect is the protection it offers.

I encountered an issue while implementing web filtering for users. Specifically, when attempting to access reports detailing which sites users are visiting, the diagnostic report fails to display the complete URLs of the websites visited. This becomes particularly problematic when users utilize proxy software to bypass the firewall, as it renders tracking their website visits nearly impossible. Training presents a major challenge as there are numerous features available, such as IPS and IDS, which many network administrators are unfamiliar with and tend to leave disabled. Users are unable to enable these features themselves due to their lack of understanding of their functionalities and configuration processes. The training manual provided to users lacks proper guidance on configuration procedures. The content outlined in the user manual differs significantly from the live configuration process.

I have been working with it for approximately six years.

There are several glitches in the new firewall. One particular issue arises when applying filtering settings. The firewall fails to unblock sites without requiring a restart to save and execute the changes properly.

We have a multitude of distinct sites, amounting to a total of six to seven thousand users in total.

Our experience with Fortinet was better compared to Sophos. Also, configuring Fortinet is much easier than configuring Sophos.

Installation is not straightforward; it's a bit complex. For instance, when setting up two ISP connections and terminating them on two firewalls, the process involves configuring LAN and WAN interfaces separately, along with DNS and routing configurations in different tabs. Many users may find these functions unfamiliar. It would be more convenient if all functions related to traffic routing were consolidated into a single tab for easier management. Maintenance is also challenging.

The price of Sophos in PTR is significantly higher compared to Fortinet.

Overall, I would rate it three out of ten.

Sophos XG is of firewall security device for our data center or branch data center.

The security measures implemented in this system are robust, particularly at the network level. It includes effective web filtering capabilities to enhance security and protect against potential threats.

Everything is consolidated into a single box, offering comprehensive functionality, including Wi-Fi access and other features.

SD-WAN would benefit from further improvement, particularly in terms of incorporating optimization techniques that are not typically found in traditional firewalls. Nowadays, WAN optimization features are being integrated into many firewalls, and implementing similar capabilities in SD-WAN would enhance its performance and functionality.

The user interface of Sophos is very simple and good compared to Azure.

I have been working with Sophos XG for more than five years.

The stability of Sophos XG has been exceptional, and we have not encountered any issues. 

I would rate the stability of Sophos XG a ten out of ten.

Sophos XG is very scalable. I would rate the scalability of Sophos XG a nine out of ten.

Our network scalability is not extensive, but it does offer certain features such as the ability to create and utilize devices in an Active-Active configuration. Additionally, using devices with an active password is also supported, providing users with various facilities and features.

We have 1,500 users in our organization daily.

The technical support is good.

I would rate the technical support a nine out of ten.

The initial setup is straightforward. It was easy.

The total deployment time was ten days.

We had comprehensive documentation containing all the necessary details, including firewall configurations, host information, and corresponding IP addresses.

It was very easy to install it without any downtime.

We had a total of two people to deploy it.

Sophos XG is expenses. I would rate the pricing a ten out of ten as high.

After evaluating SonicWall and considering recommendations from colleagues, friends, and industry professionals, we found that Sophos received positive feedback. Additionally, our own hands-on experience and thorough examination confirmed that Sophos was a suitable choice. Therefore, based on these factors, we made the decision to proceed with Sophos for our requirements.

If Sophos XG meets your business requirements and fulfills your account needs, it is highly recommended to choose Sophos XG as your preferred solution.

I would rate Sophos XG an eight out of ten.

The product demonstrates excellent stability, accompanied by a user-friendly interface and reliable support services, including the availability of premium support options. However, there are certain features such as WAN optimization, load balancing, advanced techniques, and advanced web filtering that are currently not available. These features have become increasingly crucial in today's environment and are in high demand.

We're using Sophos XG within one business unit for security. We use it for the firewall and mapping some services.

Sophos XG's price is right, and it's easy to manage. It's a good fit for our current needs at the moment. 

Sophos XG's user interface has some room for improvement. 

We started using Sophos XG in June of this year, so it has only been a few months. 

I think Sophos XG is stable.

Sophos XG is scalable. We have about 600 users here in Mexico, and everyone is behind this solution. I think it's possible we might increase usage, and we've discussed this with our corporate office in Germany. We could decide to go with another product, but we might expand Sophos if it performs well.

Support is one area where I have some issues. Sophos support isn't that good. 

In some companies where I've worked, I used Fortinet and ASA with FirePOWER from Cisco. In some places, I used Meraki with the MX and the Advance Security licensing. I have some issues with other technologies. Last year, they had Sophos UTM on the devices, but there was an opportunity was to switch our clients to Sophos XG and try out the solution.

Setting up Sophos XG is too easy. It took about two hours. The only part of the solution that I deployed was the firewalls. It's something I do all the time in my business unit, so it was quick. We have two people responsible for deployment and maintenance, including me. 

I had some support from a partner.

A Sophos XG license costs approximately $45,000 

I rate Sophos XG nine out of 10. Our experience so far has been good, but maybe we'll come across another solution that's at the same or a higher level.

We are an IT solution company and we provide network security. This solution is used for securing your network.

The solution has very good security features, is easy to use for administrators and users, and has informative reports.

I would like to see in future releases a tool to scan for malicious packets and give the location of where they are coming from. Nowadays all over the world is suffering from ransomware threats. If they could map where those packets are coming from and make the packet monitoring more efficient it will be helpful to prevent more of these kinds of threats.

I have been using the solution for approximately five years.

The solution has been highly stable.

We have used SonicWall and Fortinet in the past.

The installation is very easy for anyone. The configuration is straightforward, all the information is available through a quick Google search.

The price can be a bit steep but for the number of features, it is worth it. Additionally, the enterprise version of this solution is priced well for all the features that you receive.

If you are thinking about implementing Fortinet, SonicWall, or any other product you will pay extra for additional security features and might need to purchase additional licenses. If they just spend a little more on this solution they will get the extra features for the same amount.

This solution has security features that in other solution you have to purchase them as add-ons, such as malware and email filters. Comparing this solution overall to competitors it is by far the best.

I rate Sophos XG an eight out of ten.

Our primary use case for this solution is to act as the main broadband device in our data center. The XG 210 model is being used for a hospitality solution.

The main improvement for us is with our email. The email options and email security features are good. 

We have found that the simplicity of the XG 210 is its most valuable feature. There are a lot of options available for the default firewall rules, such as email and web, that are used to secure the network.

I like all of the options, but the most important thing is that it is easy to understand how to configure everything, compared to other firewalls.

We are having a lot of issues with conflicts and user sessions, and Sophos has suggested that we change the device to the XG 400.

Aside from these issues with scalability, the email security features are good, but there are not many options. We would like to know why an email is being blocked, and how we can allow delivery. It does not keep emails in the queue for delivery. It can only log whether it is delivered or not delivered. If I need more details then I have to log in using SSH to get that information.

When an email comes in from the outside it is detected. When we check the log it only tells us that it is not delivered. We would like to create an exception, but there are not many options available for this. For example, a domain space is not allowed. Only the user name can be used to do that. We need a domain-based exception for email.

Next, the XG 210 is easy to configure, but when we are looking for more details then we can only get this information through SSH. It is quite difficult. If we can get all of those details then it would help us to understand, so this needs to be improved.

There are a lot of options and it gets confusing sometimes. If they can give limited options, with more information, then it would be good for the large sites.

The product is stable, but by stable, I mean that we still have issues. The issues are more technical, which is why they suggest that we change the device to fix the problems.

Our main data center has more than seventy servers that host a web server and internal applications. This is where we use the XG 400.

We have installed the XG 210 model at a smaller data center. We have between three and four hundred users at the most. However, because we have more than three hundred sessions, the vendor has suggested that we change to the XG 400. We do not yet know if this will fix our problem.

At our remote sites, we use the XG 135 model, and we do not have many issues.

I am not sure why Sophos suggested using the XG 210 model after doing a site check, but we are facing issues and they suggested that we replace the model.

When I call, I have to wait for at least one to two hours to reach them. Sometimes they will pick up the call immediately, but most of the time they will not. I usually have to wait one hour before they pick up the phone.

When a ticket is created we have to wait three days before getting a reply from them. When they create a ticket for a critical issue, the response is delayed. This is a new device, and we expect support from Sophos. At least the partner should support the product, but the partners are always looking for money. Even if they deploy the device, for example, the XG 450, then they only offer support for one day. After that, there is no support.

We have been using the Sophos XG 135 model at our remote sites and it works.

This year we deployed the XG 210 model at our data center, but prior to this we used Barracuda. We switched because Barracuda is too expensive. The options are very limited because you have to pay for each additional option. Each one represents a different service, like ADP (Active DDoS Prevention) or firewall. In contrast, Sophos is only a single payment, so we switched even though we lost some options that we liked.

The initial setup is very easy.

Our deployment took only two to three days. The problem is that we had a lot of issues, especially with the email. The SMTP did not work, so I could not continue with the deployment. It took between fifteen and twenty days to resolve this. I do not know what they did to fix it, but we were delayed between twenty-five days and a month.

We had contacted the Sophos partner for help, but they were not able to fix our issue. After the problem was resolved I re-initiated the deployment. Only one staff member is required to maintain the solution.

Even when you purchase the product from Sophos, they ask for a separate contract for support which is on an hourly basis.

For licensing the XG 210, we paid approximately $3000 for three years. There are no additional fees on top of this.

Other than the Barracuda and the Sophos models, I did not evaluate other solutions.

Because of the problems that we are having, I cannot recommend this solution to anyone at this time.

I would rate this solution five out of ten.

The product has improved our network security posture. We got some phishing and malware attacks. We found out that someone was attacking our network. Since we installed the solution, we are not facing any attacks.

IPS works smoothly. The policies and rules work fine. The network performance and reporting tools of Sophos XG are good.

We are facing a little bit of an issue with the product's web filtering capabilities. It must be improved. SD-WAN can be improved.

I have been using the solution for almost two years.

I rate the tool’s stability a seven or eight out of ten.

I rate the tool’s scalability a seven or eight out of ten. Almost 5000 people are using the solution in our organization. We have installed the firewall. It is always running.

The support takes a lot of time to resolve issues.

Neutral

I rate the ease of setup a seven out of ten. The deployment took a few weeks.

The deployment was done in-house. We needed two to three people for the deployment.

I rate the pricing a seven or eight out of ten.

I will recommend the product to others. The solution is not extremely good, but it is good. Overall, I rate the product a seven or eight out of ten.