Sophos XG Reviews

The primary use case of this solution is to protect the perimeter, the edge of the network, as well as providing anti-virus protection. There are also RED devices that can be deployed and connect to Sophos and they go back to VPN connectivity. We've mainly worked with schools which is different to working with companies because they have particular guidelines to follow. I'm an engineer/revenue development manager and we partner with Sophos. 

In terms of hardware, I think Sophos is definitely the easiest to work with. It's very intuitive and easy to learn how to use. The reporting feature is great and they have great customer support. 

In terms of improvement, I think the UI could be faster. Sometimes the system freezes and there's a lag. It seems there were some issues with the firmware but it's not a big problem. The user interface could also be improved. It would be great if they could include a little bit more bandwidth management. If they would integrate FatPipe into their product, it would be closer to what Fortinet does.

I've been using this solution for 12 years. 

This is a very stable solution.

Sophos has different size appliances, so they're scalable regardless of whether you have 10,000 workstation nodes to any device down to the 1/10, which will provide up to 100 nodes. It's very scalable. I have implemented this mainly in K through 12 educational institutions and some other types of accounting businesses as well as in a wide variety of organizations and companies. In terms of physical maintenance it's a matter of once every six months blowing out the fans. The rest is done for you with Up2Date, which carries out all the firmware upgrades, and rolls it back if there's a problem. Once in a while, an update will get stuck and you'll have to manually push the update. 

Dealing with Sophos technical support is a very easy process, from the regional business directors all the way up to the president. They have very good people and their customer support is amazing. That's one of the big things I love about Sophos. Their customer support and the group of people that run that company are amazing people, great people. I've never seen the support on any other platform that I've seen with Sophos.

The initial setup was very straightforward. They give you an 800 number to call. The licensing portal has improved greatly over the years. So Sophos now has a new license platform which makes things a lot easier than previously and you can now buy individual licensing. 

I haven't evaluated other options but I know that Fortinet does much more in terms of protection and uses AI. They do a lot more now they have another platform that sits in the cloud and provides clients with AI, whereas Sophos only recently implemented AI. Fortinet has a much better reporting function, but Sophos has stepped up and is now providing the customer with the information they need to feel secure in the product. 

My advice would be to download the VMware and get to know the interface because running one of these devices is probably not as difficult as you'd think. If you have an onsite level one user, YouTube has online training and Sophos support will help you through it. It's a very easy device for a level one engineer to manage. My advice is to download the free VMware for 30 days and then either buy the platform or install the VMware product.

I rate this solution a 10 out of 10. 

On-premises

The primary use case for Sophos XG is basic firewalling and configuration. We use it primarily for installation purposes.

Time-saving and cost-saving benefits are realized, with stability contributing to these advantages. It provides approximately 10% to 15% savings in time and costs.

The most valuable features of Sophos XG include having rules and policies as a firewall. It is easy to configure.

The areas needing improvement are support and configuration. The delays in technical support can be handled better. Sometimes, configuration gives some issues.

I have been using Sophos XG for almost one year.

No hardware or software solution is 100% stable. I would rate it at about 99% accuracy.

Sophos XG has excellent scalability features. It is already available on cloud as well as on-premises, and you can scale up to multiple firewalls with centralized management. No limitations have been faced regarding scalability.

Customer service and support can be improved as there are delays. I would rate the support at eight out of ten.

Positive

Sophos XG is easy to install, generally requiring one person and takes about two to three hours depending on the rules and policies.

One person is usually sufficient for installation unless multiple dynamics are involved.

The return on investment is judged to be around three point five out of five in terms of stability, time saving, and cost saving.

The solution is considered cheap in terms of pricing.

For small and midsize enterprises, Sophos XG is a good choice without any major issues.

I'd rate the solution eight out of ten.

Actually, we are using Tekton for creating CI/CD pipelines for building and deploying applications to different environments.

It helped a lot in terms of automation. We sometimes use Tekton for purposes like sending emails, running batch jobs, and similar tasks.

The valuable features include cloud-native integration, which makes it highly available and efficient in modern containerized environments. Another feature is the modular pipeline that allows reusing CI/CD manifests for different purposes. This modularity helps in reducing redundancy and maintaining a streamlined process.

One area of improvement is the lack of cross-cluster capability, meaning you need different sets of tasks and pipelines for each Kubernetes cluster. Tekton also has an unstable API with frequent changes, making it challenging to maintain consistency across versions. Additionally, there's a need for a better dashboard and built-in authentication mechanisms.

It's about one and a half years we have been working with Tekton.

Tekton is quite stable when used in a well-established Kubernetes cluster. The stability largely depends on the stability of the Kubernetes environment itself, which is designed for high availability.

Tekton's scalability is one of its most advanced features. Since it uses the underlying Kubernetes infrastructure, it can scale easily if the Kubernetes cluster is sufficiently large. I would rate it eight out of ten for scalability.

We primarily used community resources like Stack Overflow for addressing our issues and did not directly contact Tekton's customer service.

Positive

In my previous company, we used GitLab and Jenkins for creating CICD pipelines. Currently, Tekton is the primary tool we are using, with Jenkins as a backup solution if Tekton encounters any issues.

The initial setup was manageable but required extensive reading and understanding of documentation. If the Kubernetes cluster is already in place, the setup can be completed in less than ten minutes.

The deployment of Tekton was done in-house with a team of six to seven people handling deployment, creating CI/CD pipelines, and maintaining the solution.

Tekton is an open-source tool, meaning there are no setup costs associated with it. I would rate the cost at one, indicating it is free to use.

In my previous company, we used GitLab and Jenkins for similar purposes.

My advice is to avoid using Tekton if possible due to its complex setup and lack of user-friendly features like a comprehensive dashboard and built-in authentication mechanisms.

I'd rate the solution eight out of ten.

On-premises

Mainly as a firewall, and in some cases, as a firewall with camera surveillance integration. But primarily, it is used for firewall functionality.

I find the firewall functionality and unified threat management to be the most useful features.

The VPN has been a persistent problem for us. It's not straightforward to configure. We often encounter issues with setting up the VPN. Sometimes it works, sometimes it doesn't, and we haven't been able to determine the cause.

So the VPN configuration could be less cryptic. It should be easier and more straightforward to configure. A simplified installation process and clearer instructions would be helpful. The current VPN configuration is a bit convoluted.

In additional features, it would be beneficial if Sophos XG could have an enhanced feature for aggregating bandwidth. Currently, it supports load balancing to some extent, but it would be even better if it could aggregate the bandwidth. For example, if I have multiple links, say two or three, it would be great if the solution could aggregate the bandwidth from those links. 

Ever since Sophos acquired Cyberoam. I used to use Cyberoam, and then Sophos took over Cyberoam. So I would say it's been about five to seven years since that transition happened. 

I have various versions because I'm a network service provider. I offer the high-end enterprise edition as well as the mid-range and basic versions. There are several different models available.

I would rate the stability a ten out of ten. It is very stable. 

When deploying on-premises, if you need to scale, you have to purchase additional hardware. So, on-premises scalability would be around six out of ten. You have to size the solution for future needs.

The cloud version is much more scalable. However, when it comes to on-premises deployments, scaling can be challenging. If you need to upgrade to a higher level, you have to acquire another hardware box. So, it's not as straightforward as cloud scalability, but it's still possible, though not as easy. 

There are about 200 users. They are small and medium businesses. 

I would rate the initial setup an eight out of ten, where one is difficult, and ten is easy. It required some experience in designing networks. It's not a simple "click-click-click" process; it requires the expertise of a network professional. So, if you're not experienced, it can be challenging.

It can be difficult for inexperienced users, but with the right knowledge and experience, it is manageable.

The deployment process involved acquiring the device, planning the network design, configuring it according to the desired network setup, and then connecting the necessary cables. It's a relatively straightforward process.

It only took an hour to deploy the solution.

It is fairly priced. I would rate it an eight out of ten. Mostly, I only purchase the standard license because I don't usually require the other features. It would cost approximately $2,000 on an annual basis.

Overall, my experience has been positive. I haven't encountered any major issues with it. It's easy to use and not cryptic. It's also quite stable, and I rarely experience any hangs or similar problems.

I would rate this product an eight out of ten because there is still room for improvement in VPN. 

On-premises

We are a solution provider and this is one of the security solutions that we implement for our clients. The primary use for Sophos XG is to secure the internet for an organization. It does a bit of antivirus scanning, application filtering, web filtering, and normal firewalling. Security, obviously.

Some of our clients also have Sophos UAP and access points are also included in Sophos, which is the same with FortiGate.

Sophos XG is easy to manage. You've got the cloud logging and you can manage all of your Sophos firewalls from one cloud, the Sophos Central Portal.

The most valuable feature is endpoint security. If you want to install antivirus and firewalling on endpoints, then Sophos is the best option.

What I don't like about Sophos is that applying policies can sometimes take longer, and there can even be a bit of a network interruption. With FortiGate, it's just one click and then you go, but with Sophos, sometimes the wheel keeps spinning for several seconds.

The SD-WAN capability is not as good as it is in FortiGate, and is something that should be improved.

I have been working with Sophos XG for approximately two and a half years.

Stability-wise, it's almost as good as FortiGate.

I've been selling FortiGate for 10 years and Sophos for two and a half years. I think that Sophos is just about on par with FortiGate. We just had a small thing with a client, but I don't know if that's really going to be reason enough. In terms of stability, I think they are quite good. The issue we had was the locks, and it was causing slowness or interruptions, but that was really not an issue. It's a small thing.

Sophos XG is very scalable. You can go from small to large-sized use cases.

I think that the technical support is very good, and similar to FortiGate,

I actually dealt directly with a Sophos engineer and I must admit, they've been very fortunate that the guy can help even on the weekends and so forth. I'm very impressed with that.

I primarily work with FortiGate, but I am currently dabbling in OPNSense to see if I can learn it. I've also installed Cisco in the past, as well as Sophos.

Although about 80% of our clients ask for FortiGate, some of our clients ask for Sophos instead. For example, there are some banks and commercial institutions that ask for Sophos.

Sophos is better than FortiGate with respect to endpoint protection.

The initial setup is as easy as it is with FortiGate. These products are definitely easier to install than a solution like OPNsense because it is just a hardware appliance.

The price of this solution is mid-range. Obviously, it will never beat OPNsense because that product is available free of charge. Sophos XG is not expensive for a firewall, especially when you compare it with Check Point. Check Point is a really expensive product.

Sophos XG is a bit more expensive than companies like BitDefender and Kaspersky, but their endpoint software is very good.

The suitability of this product depends on the use case. If somebody wants to have full endpoint protection then Sophos is the best choice. If they just want a normal UTM without endpoint software, then FortiGate is slightly better, but only slightly because of the SD-WAN capabilities. 

I would rate this solution an eight out of ten.

On-premises

We sell Sophos XG devices.

Sophos XG includes all basic features and has a secured proxy mechanism. Network security proxy authentication is available through a web-based proxy. The older proxy mechanism is not there. Pricing is very competitive, much cheaper compared to other brands like Palo Alto, Check Point, and Fortinet. Additionally, the performance of the hardware has been increased, although it is not negligible compared to other brands.

The direct proxy or proxy mechanism is missing. Legacy applications should have this option, but Sophos XG has removed it. This feature was available in UTM nine but not in XG.

I have been using Sophos XG for one or two years.

Deploying Sophos XG was not difficult. It took a couple of weeks to fully deploy the solution, and the process was quite fast and not complicated.

I have premium support from Sophos, and the support is good. They respond well and have a good support team.

Neutral

Pricing of Sophos XG is very good compared to other brands. The pricing is very cheap. For example, if Palo Alto is priced at 200, then Sophos is priced at 75, which is a significant difference.

On a scale of one to ten, I would rate the overall solution between seven and eight.

I mainly use Sophos XG for network firewall protection and VPN access. It helps secure our internet connection and allows us to manage our network traffic efficiently. Additionally, we use it for monitoring our local network.

Sophos XG has significantly improved our remote workforce security. It effectively safeguards our information systems and data, while also enabling us to restrict access to unauthorized websites. This has been particularly valuable for ensuring productivity and security across all our branches nationwide.

The most valuable features of Sophos XG for our use cases are its firewall capabilities, its ability to connect to wide area and local networks, and its VPN functionality. It effectively protects our information systems while simplifying VPN setup across branches, eliminating the need for additional VPN services from our internet service provider.

One area where Sophos XG could improve is in its patch management system. I encountered an issue where installing a new patch resulted in being locked out of the firewall, which was quite inconvenient. This suggests a vulnerability that needs addressing to ensure administrators can update patches without losing access. Such incidents shouldn't require a complete reconfiguration, so there is definitely room for improvement in this aspect.

One piece of advice I would offer is for Sophos XG to consistently incorporate the latest technologies to stay competitive with other vendors. Ensuring that new features are regularly updated and integrated into future products will enhance the platform's effectiveness and appeal to users.

I have been working with Sophos XG for seven years.

I would rate the stability of the solution as a ten out of ten.

I would rate the scalability of the solution as an eight out of ten. It is highly scalable and capable of covering a growing number of end users. Whether managing a small or large user base, its scalability makes it adaptable to varying network sizes and user demands. In my organization, we have approximately two thousand users across various branches using Sophos XG daily.

I would rate the initial setup of Sophos XG as a solid ten out of ten in terms of ease. With a clear understanding of the process and step-by-step guidance, setting it up was straightforward and hassle-free.

It took me around 30 minutes to deploy Sophos XG. The deployment process involved configuring the LAN, WAN, and VPN settings at each branch. Once connected to the switch and router, it was ready to use, making it a straightforward and quick setup process. 

Maintaining Sophos XG typically requires only one or two people, depending on the size and complexity of the network deployment.

The most effective feature of Sophos XG for threat prevention is its regular patch management system. By consistently updating software and firmware with new patches, it helps prevent attacks by addressing vulnerabilities and staying ahead of emerging threats.

The web filtering capability of Sophos XG has benefited our organization by effectively blocking users from accessing specific websites during office hours and even restricting access to certain sites altogether. This feature has been instrumental in enforcing our web usage policies and ensuring a secure browsing environment.

The performance of Sophos XG's firewall has met our expectations perfectly.

We have integrated Sophos XG with other security equipment such as routers and switches. While we primarily use it as a standalone product, in some branches, we have connected it with other security solutions for enhanced protection.

I would recommend implementing Sophos XG for its effectiveness as a firewall. Before installing it, consider factors like your current network equipment, intended use, user compliance with security controls, and whether your technical staff may need training if they're unfamiliar with Sophos firewall.

Overall, I would rate Sophos XG as a ten out of ten.

On-premises

My company has normal web-based policies to restrict websites and allow certain legitimate websites. My company also has site-to-site VPNs and SSL VPNs, along with firewalls.

The most valuable feature of Sophos XG for our company's cybersecurity defense strategy stems from a mixture of all of the product's capabilities, which includes areas like web protection and VPN that are important when it comes to cybersecurity.

I would like the product to improve so that it can provide advanced SD-WAN, which can allow users to deal with infinite connections along with seamless bandwidth utilization.

In the product, the area revolving around SD-WAN has certain shortcomings where improvements are required.

It would be great if I could monitor a particular traffic from a network with Sophos XG.

I have been using Sophos XG for around a year and a half. I am a customer of the tool.

It is a stable solution. Stability-wise, I rate the solution an eight to nine out of ten.

Scalability-wise, I rate the solution a seven to eight out of ten.

There are around 200 users of the product in my company.

The solution's technical support is good. I rate the technical support an eight out of ten.

Positive

I have experience with Fortinet.

Sophos and Fortinet provide good features. Interface-wise and usage-wise, Fortinet is good. Fortinet provides a simple interface, while it is an area that is a bit complex in Sophos. Feature-wise, Sophos and Fortinet are similar.

I rate the product's initial setup phase at six or seven on a scale of one to ten, where one is difficult, and ten is easy.

The solution is deployed on the cloud and on-premises.

The solution can be deployed in a day.

The product is expensive. I rate the product price a six on a scale of one to ten, where one is low price and ten is high price.

Sophos XG has the ability to provide good reports.

I rate the tool an eight to nine out of ten.

Hybrid Cloud