Sophos XG Reviews

We mostly deploy Sophos XG to our customers because we are an IT system integrator. Our primary use case involves working with small to medium businesses to control internet usage, perform web filtering, application control, and manage bandwidth.

Sophos XG is popular among small to medium businesses, allowing them to control internet usage, perform web filtering, application control, and manage bandwidth. Additionally, AI assists in configuration, offering clues when users are stuck, which enhances user convenience and efficiency.

There is interest in seeing more features related to AI and customization in future releases.

I have been working with Sophos XG for at least five to six years.

The installation process is straightforward and easy due to the training we receive. In new site setups, it's quick, but migrating from one vendor to another requires more planning and can take a couple of days.

I would rate the stability of Sophos XG as nine out of ten.

I would rate the scalability of Sophos XG as nine out of ten.

Customer service and support for Sophos XG is excellent, and I would rate it as a ten.

Positive

I worked with other vendors like Cisco, Palo Alto, and Microsoft long ago.

The initial setup varies by scenario: it's quick for new sites, but it takes longer for vendor migrations due to the need for seamless planning.

I have a dedicated team of five engineers who handle installations.

There are cost savings compared to competitors, providing more financial benefits.

Sophos XG offers good pricing compared to competitors. While there are extra expenses for additional features, overall licensing costs are well-regarded.

I would rate Sophos XG as a nine out of ten. The cost savings make it suitable for small to medium businesses with 50 to 300 users. Overall, I am very satisfied with the product.

On-premises

Our main use case at the moment for Sophos XG is to create a site-to-site VPN with one of our clients. We cannot use AWS VPN, so we use Sophos XG.

We only used the VPN functionality. We did not explore other aspects of the product beyond the VPN capabilities.

The IPsec VPN is the only feature we utilized in Sophos XG. We did not explore the web and application filtering capabilities, and these features have not helped our organization in managing bandwidth or access to malicious sites.

The user-friendly interface of Sophos XG is acceptable but too complicated. There are many options and configurations, but it is very complicated to navigate through all those options if you are not familiar with the product.

Sophos XG can be improved by making the UI more user-friendly. They should add packet capture functionality in the UI instead of requiring users to access the server directly for this purpose, as it is a very useful tool that everyone needs. Additionally, it can be confusing when working in the AWS Marketplace, as users might mistakenly purchase the old version of Sophos XG.

I have been using Sophos XG for three or four months. It is new, and we may discontinue using this product because it has not met our requirements.

Considering the deployment flexibility of the Sophos XG firewall, hybrid deployments have not supported our organization's diverse technological infrastructure.

It is a bit early to tell, but Sophos XG is adequate for my company's growing needs at present.

I have not tried their customer service and technical support.

Positive

I have considered other solutions before Sophos XG, including pfSense, AWS firewall, and Kato firewall.

I was previously using AWS firewall and Kato firewall before switching to Sophos XG.

My experience with deploying Sophos XG was easy.

My experience with pricing, setup costs, and licensing was through AWS.

I do not use the security heartbeat functionality.

I have not tried the synchronized security feature of the Sophos XG firewall.

I am not particularly interested in being a reference to the vendor. We do not use Sophos extensively, so I may not provide substantial insights.

What led me to consider changing was that we thought the VPN configuration was not working because of the product we used to work with, so we tried other alternatives.

On a scale of 1-10, I would rate Sophos XG a seven or eight, though this rating is limited by our minimal usage of the product.

Public Cloud

Amazon Web Services (AWS)

I was a distributor for Sophos XG products and worked with customers seeking network security solutions. In my current company, we previously used Sophos XG products extensively before switching to other options.

Sophos XG offers a robust solution with quota management features that are per IP and per user, which I find to be very effective. The ability to manage everything in one box is a significant advantage, eliminating the need to purchase separate products for email security and other features. The user interface is user-friendly, offering dashboards with widgets that provide speed and status, making configuration easy. Traffic management is facilitated through various configurations and user self-portals. Additionally, Sophos XG makes administrative tasks seamless by allowing easy navigation and configuration.

The technical support could be improved, particularly in terms of response speed, as there were delays when working with their Indian support team.

Traffic management is facilitated through various configurations.

Sophos XG is primarily suitable for SMB and mid-level enterprise categories, but not typically chosen by high-end enterprises in Sri Lanka.

The technical support could be improved, particularly regarding response speed when working with the Indian team.

Neutral

Previously, we used Sophos UTM before transitioning to Sophos XG.

The implementation of Sophos XG is straightforward and easy.

I worked as a distributor and the setup was handled internally or with assistance from vendors.

During my research, I explored products like Fortinet FortiGate and Netgate pfSense.

I rate Sophos XG eight out of ten. While the implementation was straightforward and easy, the technical support could use improvement. I recommend looking into improving the features and security validations to cater to the needs of bigger companies.

Other

My company has normal web-based policies to restrict websites and allow certain legitimate websites. My company also has site-to-site VPNs and SSL VPNs, along with firewalls.

The most valuable feature of Sophos XG for our company's cybersecurity defense strategy stems from a mixture of all of the product's capabilities, which includes areas like web protection and VPN that are important when it comes to cybersecurity.

I would like the product to improve so that it can provide advanced SD-WAN, which can allow users to deal with infinite connections along with seamless bandwidth utilization.

In the product, the area revolving around SD-WAN has certain shortcomings where improvements are required.

It would be great if I could monitor a particular traffic from a network with Sophos XG.

I have been using Sophos XG for around a year and a half. I am a customer of the tool.

It is a stable solution. Stability-wise, I rate the solution an eight to nine out of ten.

Scalability-wise, I rate the solution a seven to eight out of ten.

There are around 200 users of the product in my company.

The solution's technical support is good. I rate the technical support an eight out of ten.

Positive

I have experience with Fortinet.

Sophos and Fortinet provide good features. Interface-wise and usage-wise, Fortinet is good. Fortinet provides a simple interface, while it is an area that is a bit complex in Sophos. Feature-wise, Sophos and Fortinet are similar.

I rate the product's initial setup phase at six or seven on a scale of one to ten, where one is difficult, and ten is easy.

The solution is deployed on the cloud and on-premises.

The solution can be deployed in a day.

The product is expensive. I rate the product price a six on a scale of one to ten, where one is low price and ten is high price.

Sophos XG has the ability to provide good reports.

I rate the tool an eight to nine out of ten.

Hybrid Cloud

Actually, we are using Tekton for creating CI/CD pipelines for building and deploying applications to different environments.

It helped a lot in terms of automation. We sometimes use Tekton for purposes like sending emails, running batch jobs, and similar tasks.

The valuable features include cloud-native integration, which makes it highly available and efficient in modern containerized environments. Another feature is the modular pipeline that allows reusing CI/CD manifests for different purposes. This modularity helps in reducing redundancy and maintaining a streamlined process.

One area of improvement is the lack of cross-cluster capability, meaning you need different sets of tasks and pipelines for each Kubernetes cluster. Tekton also has an unstable API with frequent changes, making it challenging to maintain consistency across versions. Additionally, there's a need for a better dashboard and built-in authentication mechanisms.

It's about one and a half years we have been working with Tekton.

Tekton is quite stable when used in a well-established Kubernetes cluster. The stability largely depends on the stability of the Kubernetes environment itself, which is designed for high availability.

Tekton's scalability is one of its most advanced features. Since it uses the underlying Kubernetes infrastructure, it can scale easily if the Kubernetes cluster is sufficiently large. I would rate it eight out of ten for scalability.

We primarily used community resources like Stack Overflow for addressing our issues and did not directly contact Tekton's customer service.

Positive

In my previous company, we used GitLab and Jenkins for creating CICD pipelines. Currently, Tekton is the primary tool we are using, with Jenkins as a backup solution if Tekton encounters any issues.

The initial setup was manageable but required extensive reading and understanding of documentation. If the Kubernetes cluster is already in place, the setup can be completed in less than ten minutes.

The deployment of Tekton was done in-house with a team of six to seven people handling deployment, creating CI/CD pipelines, and maintaining the solution.

Tekton is an open-source tool, meaning there are no setup costs associated with it. I would rate the cost at one, indicating it is free to use.

In my previous company, we used GitLab and Jenkins for similar purposes.

My advice is to avoid using Tekton if possible due to its complex setup and lack of user-friendly features like a comprehensive dashboard and built-in authentication mechanisms.

I'd rate the solution eight out of ten.

On-premises

The tool's most valuable feature is threat protection and DLP features. So far, basic DLP features like content protection and blocking. Furthermore, for remote users, features such as back filtering and application control are available, allowing for command and control from our side. It is very easy to understand policy applications. 

It has multi-console features, where you can designate administrators or super admins. There's also a read-only feature available. Visibility features are included in XDR. This provides information on user impact, potential threats on specific machines, source and destination IPs, setup firewall details, and unique identifiers for each machine. Another notable feature is network isolation, ensuring that data remains secure by isolating affected machines from others.

Sophos XG offers visibility into network information, sources, destinations, and threats. Depending on the policies applied, users may monitor specific issues without blocking them. However, policies that block threats should be applied.

One feature I would like to add is remote wipeout capability. This would be useful in cases where a user leaves the organization and fails to return their laptop. Remote wipeout would allow for the deletion of data from the device with a single command. Regarding technical support from Sophos XG, it's generally satisfactory. However, the response time could be improved. It takes around one hour to receive assistance, but reducing this to 30-45 minutes would benefit us.

The tool has only a base DLP feature. It needs to have a full DLP feature with additional licensing. 

I have been working with the product for ten years. 

I rate the tool's stability an eight point five out of ten. 

I rate the solution's scalability a seven point five out of ten. 

The tool's installment is easy. 

The tool's pricing is cheaper compared to other alternative products. 

Sophos XG has a lab center where they analyze signatures and automatically update them on the product. This eliminates the need for manual updates on individual machines or centers. Additionally, it has features like MDR and management response features. So, Sophos XG seems to have a roadmap in place.

I would recommend the product based on the situation. Cortex, a next-generation antivirus for larger enterprises, would likely provide sufficient coverage. It's also known for its scalability and visibility features, including root cause analysis and terminology features.

I rate the overall solution an eight out of ten. 

We encounter difficulties while navigating through certain features and functionalities of the product. The GUI could be much more transparent.

We have been using Sophos XG for two years. At present, we use the latest version.

I rate the product’s stability an eight out of ten.

We have around 15 to 20 customers using Sophos XG. It is suitable for larger companies. We have around 200 technical engineers in our organization managing it. I rate the scalability a nine out of ten.

The technical support team is friendly and supportive in terms of technical assistance.

Positive

We are working with CheckPoint, SonicWall, and FortiGate.

The deployment method involves navigating through several pages, such as selecting the country and configuring LAN and WAN ports, before reaching the manual configuration stage. Instead, simplifying the process by allowing users to log in directly to the dashboard and initiate configuration without additional prompts could be helpful. The implementation time depends on specific firewall requirements.

The product is more expensive than SonicWall. Our customers compare devices for office compatibility, such as Sophos XG 4100 and SonicWall NSA 2300, and question license cost disparities.

I rate the pricing a six out of ten.

The product’s new variant allows for faster processing of data packets from LAN to WAN, surpassing the capabilities of an 8G firewall. It provides threat prevention features, including WAF, IPS, and AV. We have configured SSL VPN capabilities for different branches, which have been working efficiently. For our minimalistic usage, it has been performing well in transferring data from on-premise devices. It helps us generate detailed reports on the dashboard. The product’s integration with Sophos Central enhances security architecture by enabling centralized management under a single dashboard.

We recommend Sophos XG as a priority as it is much more reliable and has efficient technical assistance. It is much easier for configuration, web filtering, or web extension than one of its competitors.

I rate it a seven out of ten.

I use Sophos XG for network security and VPN policies. It is crucial for safeguarding data, enforcing user access controls, and ensuring secure communication. The firewall features, like application control and intrusion prevention, provide a strong defense against cyber threats. With centralized management, setting up and monitoring policies becomes easy, and the VPN capabilities ensure secure remote access for our team.

What I like about Sophos XG is its versatility in tailoring security features to our specific needs. In our environment where certain services are only needed part-time, the flexibility to deploy services selectively is valuable. The comprehensive protection, from firewall to market inspection and routing, ensures a robust defense. I particularly like the visibility it provides into network traffic, allowing us to identify and address issues efficiently.

While Sophos XG has been reliable for remote troubleshooting sessions, it would be beneficial if the platform provided more flexible support for a variety of devices. The user interface is intuitive for those familiar with it, but improving accessibility and user guidance could be beneficial for newcomers. Additionally, although the features are comprehensive, fair pricing and more flexibility with device compatibility could make it even more appealing in the market.

I have been working with Sophos XG for two years.

It is quite stable.

I would give it a ten out of ten for scalability. We have approximately 100 users.

Tech support for Sophos XG is great. They are professional, respond quickly, and help resolve issues effectively.

Previously, I have used Fortinet and SonicWall.

The initial setup of Sophos XG is not complex, especially with familiarity and experience. As you work with it over time, it becomes more straightforward, and mastery comes with continuous use. Deployment depends on specific organizational needs, but in general, it involves configuring the connection between the internet and the local network, setting up VLANs, and defining firewall rules. For me, as a consultant, the process varies based on different client scenarios. Sophos XG simplifies the deployment process, and once configured, it efficiently manages network access for different user categories.

I have done both in-house deployments and collaborated with integrators based on the client's preference. As a consultant, I assess the needs, design the setup, and can either guide the in-house team through the deployment or handle it myself. The process involves configuring the live site for optimal security, and in some cases, I work remotely on existing setups. Sophos XG's flexibility makes it feasible for both in-house and external experts to manage the deployment effectively.

The payment structure can depend on the reseller or partner. Typically, it involves getting the device first, and then the licensing is managed, often in US dollars, through the partner or reseller. The process ensures proper handling and support through authorized channels.

I would recommend Sophos XG for anyone looking to build robust IT systems. It is ideal if you have a clear vision of your IT infrastructure and want a solution that can seamlessly integrate and enhance security. The flexibility to tailor it to specific needs makes Sophos XG a valuable choice for building a reliable and secure network. Overall, I would rate it as a ten out of ten.

On-premises