Sophos XG Reviews

I use Sophos XG for network security and VPN policies. It is crucial for safeguarding data, enforcing user access controls, and ensuring secure communication. The firewall features, like application control and intrusion prevention, provide a strong defense against cyber threats. With centralized management, setting up and monitoring policies becomes easy, and the VPN capabilities ensure secure remote access for our team.

What I like about Sophos XG is its versatility in tailoring security features to our specific needs. In our environment where certain services are only needed part-time, the flexibility to deploy services selectively is valuable. The comprehensive protection, from firewall to market inspection and routing, ensures a robust defense. I particularly like the visibility it provides into network traffic, allowing us to identify and address issues efficiently.

While Sophos XG has been reliable for remote troubleshooting sessions, it would be beneficial if the platform provided more flexible support for a variety of devices. The user interface is intuitive for those familiar with it, but improving accessibility and user guidance could be beneficial for newcomers. Additionally, although the features are comprehensive, fair pricing and more flexibility with device compatibility could make it even more appealing in the market.

I have been working with Sophos XG for two years.

It is quite stable.

I would give it a ten out of ten for scalability. We have approximately 100 users.

Tech support for Sophos XG is great. They are professional, respond quickly, and help resolve issues effectively.

Previously, I have used Fortinet and SonicWall.

The initial setup of Sophos XG is not complex, especially with familiarity and experience. As you work with it over time, it becomes more straightforward, and mastery comes with continuous use. Deployment depends on specific organizational needs, but in general, it involves configuring the connection between the internet and the local network, setting up VLANs, and defining firewall rules. For me, as a consultant, the process varies based on different client scenarios. Sophos XG simplifies the deployment process, and once configured, it efficiently manages network access for different user categories.

I have done both in-house deployments and collaborated with integrators based on the client's preference. As a consultant, I assess the needs, design the setup, and can either guide the in-house team through the deployment or handle it myself. The process involves configuring the live site for optimal security, and in some cases, I work remotely on existing setups. Sophos XG's flexibility makes it feasible for both in-house and external experts to manage the deployment effectively.

The payment structure can depend on the reseller or partner. Typically, it involves getting the device first, and then the licensing is managed, often in US dollars, through the partner or reseller. The process ensures proper handling and support through authorized channels.

I would recommend Sophos XG for anyone looking to build robust IT systems. It is ideal if you have a clear vision of your IT infrastructure and want a solution that can seamlessly integrate and enhance security. The flexibility to tailor it to specific needs makes Sophos XG a valuable choice for building a reliable and secure network. Overall, I would rate it as a ten out of ten.

It has been a while since I have worked with the product in our company, and so I can't remember its most effective features.

The support service offered by Sophos is an area of concern where certain improvements are required. My company did not get enough support when, in our enterprise, we faced some issues with the product and needed support. For support, one has to go with the online community, and even then, it cannot be guaranteed that one will get the right support.

The support team's response time should be minimized. The support should be more available. I think that one has to wait for four or five days to get support. Business cannot stop just because of issues with support. The tool's renewal service was really good and straightforward.

Some of the working features of the product, like sandboxing functionalities, are complex for me to handle, especially since one has to buy them separately. You have to buy sandboxing features separately, but I believe that it needs to be given to a user along with the product. In my company, we couldn't find the detection features of the product. Though I did a remote code execution, and it stopped abruptly, it never showed where it actually stopped. In the area of reporting, there needs to be a lot of improvement in the tool.

Partner engagement is an area in which I feel there should be some improvements. Getting support or being able to deal with certain stuff when it comes to Sophos because of the OEM should be made possible. When an OEM is with you, you'll feel more comfortable doing business. My company started doing Fortinet a few days ago, but before that, we had Sophos. My company is moving away from Sophos because it is no longer needed. When it comes to the price or during some disconnection, my company doesn't get any support from Sophos.

I have been using Sophos XG since 2021.

I rate the technical support a six out of ten.

Neutral

Our company uses Microsoft Defender, Kaspersky, and Trend Micro.

As my company has partnerships with Microsoft and Sophos, the best part we get is in the areas of support services and distributors as we are involved in the reselling business. My company also has to operate with some local resellers, so we get support from them at a good price from them, and even during deployment, we get some support from them. I worked with Microsoft in 2019 and stopped working with it in 2020 during COVID-19. I got familiar with many tools during COVID-19, so I can get the business prices of the solutions. If I keep Microsoft Defender aside, then my company does business with Trend Micro as well. Trend Micro provides whatever help my company needs, and the tool's team greatly engages with us and supports us. With Sophos, my company doesn't get any support. I think Sophos does not do direct business anymore. Sophos doesn't have any OEM office. If there is no OEM office for a product, the company can face a lot of trouble.

I did business with Sophos in 2021. I think that last year, we got a Sophos Firewall deployed in our organization. The product's initial setup phase was straightforward.

The solution can be deployed in two days.

Nowadays, my company recommends Palo Alto and Fortinet. With Fortinet, my company is comfortable because it looks after our needs, and it is really helpful.

The user interface of the product is good, especially since its customers are satisfied.

Sophos XG supports our customers' remote workflows well. As a customer-centric tool, they use it as part of their company.

The product can be recommended to SMBs. My company's people requested Sophos products for 450 people or endpoints, but we didn't get any response from Sophos. My company emailed an agent from Sophos, but we didn't get any response for 44 servers and 400 endpoints we wanted. I work at a hospital, so we didn't get any price quotation associated with the product.

The features of the product are good. It is not like Sophos told me something and its products were working in a different manner.

I rate the solution a ten out of ten.

The solution is very easy to use. It's easy to navigate. 

I like that I can create new rules and policies quite easily.

The solution works quite well overall.

The solution is easy to set up and configure.

Technical support has been very good.

The solution is scalable.

The product so far has been quite stable.

We are in the movie industry. We're a movie distribution company. Currently, we are affected badly by corona, since March of 2020. We are working from home, however, this solution is for on-premises tasks.

The pricing can be high unless you choose a longer contract.

We've been using the solution for about two years. 

We have no complaints in regards to the stability. It doesn't crash or freeze. There are no bugs or glitches. It's good. We find it to be reliable in terms of performance.

The scalability potential is very good. If a company needs to expand it, it can do so with ease.

We have 100 users on the solution.

We have 24/7 help if we need it. The technical support on offer is quite helpful. The offices are also in Mumbai, and that makes it very easy to connect with them and get help when we need it.

Previous to Sophos, we worked with Cyberoam. We switched due to the fact that Sophos took over Cyberoam and the Cyberoam model we had was outdated. Therefore, we were upgraded in Sophos.

The initial setup is quite easy. it's not overly complex. The configuration process is also very simple.

We have a team within our organization that can handle any maintenance that is required.

The pricing is not an issue. We pay almost it's $40,000 per year. Longer contracts offer better pricing. I'm taking a renewal with a four-year core contract.

I'd recommend the solution to other users and companies. Sophos has been great so far.

I'd rate the solution at an eight out of ten. It loses some marks due to the fact that I have had some technical issues with it. I also don't use it that much and wouldn't consider myself a Sophos expert. I need to spend more time with it.

We are primarily using Sophos XG for the identity base, policies, load balancing, and SD-WAN. Right now we have separate, different branches, therefore, we need to integrate it with SD-WAN. Of course, with SD-WAN, we need to do the load balancing, the VPN failovers, and also watch the connectivity. We are more particular on the link, and also the implementation of user policies.

The Multi-Link, or the Multi-Wan, SD-WAN, is extremely valuable to our organization.

The Anti-Spam and the Gateway Anti-Virus capabilities have been very useful.

The solution offers a very good Network Ring, QRS, and landing management. 

We've found that the reporting is very good overall.

They really work scalability into the solution at the outset.

The SD-WAN could be improved. It is not yet full-blown; it's only basic, really. They need to move on with the algorithm on how the SD-WAN works, and how it works in comparison to other brands of SD-WAN. Sophos should study those algorithms on how they do the SD-WAN to learn a few things that may help them build out their own solution.

I've been using the solution and various other Sophos solutions for a while.

If you do the right planning, most of the time Sophos is good for five years. It depends on the recommendations as well. Sometimes the Sophos team or supplier will show you the number of users or number of networks and they'll illustrate to you a plan most suited to what you have and what you might have. They assess everything and give you a five-year plan. That way, if you need to expand, they've already taken that into consideration at the outset and there's room to scale.

We have about 100 users.

Due to the pandemic, we don't really have any plans to expand. We may be downsizing a bit. We'll see.

We've been satisfied with Sophos' technical support. They are very helpful and responsive. Their staff is quite knowledgeable.

I've worked with Sophos previously and we had a different setup. In terms of implementation, sometimes there are complex setups and sometimes the setup s are more basic. Right now, we have a complex setup. We need to ensure interconnectivity between our branches. We'll have different networks, different sites, and a lot of complexity. 

It doesn't really take too long to deploy, however. The support from the supplier is good. They're always available to assist. They are well-trained and they are already familiar with the setups and configuration so they're doing a pretty good job in terms of helping us.

The supplier, the reseller, the partner of Sophos, is doing the change for the end-users. Most of the basic configuration has already been already done by us, however, for more complex areas, we could ask them, and they could come to us to configure it for us.

The pricing is based on the acquisition cost.

We have evaluated a few different solutions. We've looked at Palo Alto and FortiGate products. In terms of our end-point security, we've also looked at Trend Micro and a few others.

We are just a customer and an end-user.

We are using the latest version of the solution.

ON a scale from one to ten, I would rate this solution at an eight.

This solution does everything and anything a firewall can do.

I am tempted to say that all of the features are valuable. 

When you choose a firewall you have to make a strategic decision, much more than a tactical one. We decided that everything we use within it, goes through and it's got protection.

The dashboard is intuitive and user-friendly.

Training on the devices is an area that needs improvement. Their training mechanisms are not perfect, and this is where you lose a good appreciation of the product.

The documentation for implementation is not good. For example, when you look up the details on a firewall rule to validate it, the details are not there.

If you click on the help file, they say a zone is an area where you can define specific logical network areas. This is where they stop, with nothing more. If you want to go further into the concept of it, which you know there is, you have nothing. Then you have to revert to the internet and go onto newsgroups to try to see if anybody has had your type of experience. Then you find someone, they explain it to you then say, "Oh, it only makes sense". So, then when you want to implement this, it's much easier at that time. So, that's the best-case scenario that I can explain.

There is an area that is very specific to our setup, where working tools you cannot easily establish a VPN between two internal networks.

When you want to establish a VPN with different wizards, they assume that you're always going through your internet link. 

If you want to create, with the zero-trust concept, which is where you don't trust anybody or any device, you want to make sure that everything on your network is segmented and everything is relative, depending on its flexibility, behind its firewall or a firewall segment. At some points, you might want to establish VPNs between certain network segments. 

Since you cannot establish VPN tunnels from the Sophos interfaces, plus if you are doing something that's going through the internet, then you lose flexibility. 

Currently, let's say we have a factory V-LAN and you don't want anybody within the factory V-LAN to be able to connect to another unless it is to a specific V-LAN, and you want to use VPN technology, you can't do it because you can't establish the connection again between two internal interfaces.

I have been working with Sophos XG for six years.

It's a stable product.

In regards to scalability, it's difficult to ascertain at this time because we haven't scaled it necessarily. 

The use cases that we have are very particular, and we're not in a mode of having scaled it yet. We have approximately 100 users in our organization who are using  Sophos XG.

Their support, we have a mixed review of it. It's good, but where it's bad, is because they're an international company that relies on many different continents to be able to get the support at different levels.

When we get into the people that are from India, that's where the support becomes not as efficient as we would want it to be. They have different rules of operating under and they don't show themselves to be flexible. Whereas where I am, currently I'm in Canada. When I speak to the support people within Canada, they're much more flexible when it comes to trying to follow us up on what we're trying to do and get the thing working. They're more flexible.

It was a combination of 75 percent straightforward and 25 percent complicated.

It's approximately $6,000 for each device. We have three devices and it was somewhere around $18,000.

I would recommend Sophos XG to others who are interested in using it.

I would rate this solution an eight out of ten.

We encounter difficulties while navigating through certain features and functionalities of the product. The GUI could be much more transparent.

We have been using Sophos XG for two years. At present, we use the latest version.

I rate the product’s stability an eight out of ten.

We have around 15 to 20 customers using Sophos XG. It is suitable for larger companies. We have around 200 technical engineers in our organization managing it. I rate the scalability a nine out of ten.

The technical support team is friendly and supportive in terms of technical assistance.

Positive

We are working with CheckPoint, SonicWall, and FortiGate.

The deployment method involves navigating through several pages, such as selecting the country and configuring LAN and WAN ports, before reaching the manual configuration stage. Instead, simplifying the process by allowing users to log in directly to the dashboard and initiate configuration without additional prompts could be helpful. The implementation time depends on specific firewall requirements.

The product is more expensive than SonicWall. Our customers compare devices for office compatibility, such as Sophos XG 4100 and SonicWall NSA 2300, and question license cost disparities.

I rate the pricing a six out of ten.

The product’s new variant allows for faster processing of data packets from LAN to WAN, surpassing the capabilities of an 8G firewall. It provides threat prevention features, including WAF, IPS, and AV. We have configured SSL VPN capabilities for different branches, which have been working efficiently. For our minimalistic usage, it has been performing well in transferring data from on-premise devices. It helps us generate detailed reports on the dashboard. The product’s integration with Sophos Central enhances security architecture by enabling centralized management under a single dashboard.

We recommend Sophos XG as a priority as it is much more reliable and has efficient technical assistance. It is much easier for configuration, web filtering, or web extension than one of its competitors.

I rate it a seven out of ten.

Sophos XG primarily serves as a means to regulate user traffic, enabling control over internet usage and website accessibility. It also facilitates the connection of branches and conducts malware scans on network traffic. These are the main purposes typically associated with servers. In terms of features, Sophos XG excels in catering to customers seeking a comprehensive network security solution. It incorporates various functionalities that would otherwise require the purchase of multiple solutions from other cybersecurity vendors. This unified threat management platform encompasses a firewall, IPS, web proxy, mail gateway, web application firewall, sandbox, and DLP module. From the customer's perspective, Sophos XG offers an all-in-one solution for network security needs. However, it is primarily designed for small and medium businesses rather than enterprises.

One of the standout features of Sophos XG is its proprietary VPN technology known as RID (Remote Internet Device). This unique technology provides efficient branch connectivity without the need to invest in additional firewalls for each branch. By utilizing an affordable device called RED, users can effectively control and establish connections in a cost-effective manner. Additionally, the solution is feature-rich.

Sophos XG boasts an extensive and finely-tuned proxy that offers impressive capabilities. Its comprehensive database of malicious websites is remarkably vast.

The support from the vendor needs to be improved.

I have been using Sophos XG for approximately six years.

I rate the stability of Sophos XG a six out of ten.

The scalability of the solution is limited to three nodes and may not be sufficient for extensive scaling. It is well-suited for small to medium-sized organizations. However, when it comes to large enterprises, particularly those with a distributed structure, Sophos can effectively cater to their needs. Distributed enterprises, characterized by numerous branches and a small employee count per branch, can benefit from Sophos XG capabilities. However, for larger enterprise customers with high network loads, Sophos XG may not meet the necessary requirements in terms of handling the network's capacity.

Most of our customers are small to medium-sized.

I rate the scalability of Sophos XG a five out of ten.

The support could improve. This is due to recent acquisitions. The time it takes to resolve an issue takes too long.

The response time from Sophos is deemed unacceptable by users. When opening a support case with any vendor, an automated email is typically received. However, in the case of Sophos, this automated email, lacking a personal touch, can take up to a week to arrive. Such delays are considered highly unsatisfactory. Consequently, the quality of their support has significantly deteriorated. As a result, users are reluctant to open support cases and would rather reinstall an appliance themselves than go through the support process.

I rate the support from Sophos XG a one out of ten.

Negative

The initial setup process of Sophos XG may pose some challenges. However, once configured, Sophos XG proves to be remarkably user-friendly. The activation of the appliance may require a reliable internet connection and can be a bit cumbersome. Nevertheless, once activated, the overall experience becomes significantly smoother.

The process of installation can take one to seven days. However, the time depends on many factors, such as customer size, and overall environment.

I rate the initial setup of Sophos XG a seven out of ten.

The price of the solution is reasonable when compared to the market.

You have to buy the appliance and pay for the license that matches your needs.

I rate the price of Sophos XG a seven out of ten. 

The solution had stability issues in the past but they have been resolved.

Before making a purchase, it is advisable to emphasize the importance of account managers and support from the vendor. In the past, the common practice was to involve the vendor's on-site personnel, such as the country manager in Saudi Arabia, when opening a support case. By opening the support case and sharing the support ID with the country manager, they could facilitate faster escalation and assistance behind the scenes. Essentially, contacting the sales representatives can help expedite the support process.

I rate Sophos XG a nine out of ten.

We primarily use the solution as a comprehensive security device.

The VPN capabilities are quite good.

The solution is very good at web and application filtering.

It's quite a comprehensive security solution.

The performance the solution offers is excellent. Compared to the older solution, and especially on the cloud, it can reach very good performance. It depends on the licenses, of course. 

The graphical user interface is excellent. 

The intrusion protection module is very useful.

You can easily connect the solution to cloud management.

The stability has been excellent.

Technical support could be improved. They aren't as responsive as they could be.

It would be ideal if we could have a more populated and detailed knowledge base. Generally, the new features must be tested before applying them to the production side. I would like to see more case studies, more application notes, and so on.

We would like to see an improvement in mail management. When passing from FG Series to XG Series, some mail features have been lost. We would like to regain them.

We've used the solution for many years - before it was even Sophos. Sophos, some years ago, was Astaro AG. Sophos acquired Astaro AG. We have at least ten years of experience with the solution.

We've found the stability to be very good. It doesn't crash or freeze. There are no glitches. The performance and reliability are excellent. 

Occasionally, we do have to do a debug, however, that's typical of all firewall solutions.

The scalability of the solution is very good overall. If a company needs to expand it, it can do so.

We have about 200 people using the solution.

The reaction times of technical support are slow. They should be more responsive. We're not completely satisfied with the way they handle it.

In the past, I've had some experience with SonicWall, Fortinet, and with a Linux solution. However, compared to other solutions, we prefer Sophos.

It's better to be certified to install in a good manner. You need to understand what you are doing. Sophos offers the chance to certify at different levels. There are commercial levels and technical levels.

The time it takes to deploy depends on the complexity of the setup and environment. It can take a few hours or a few days. It can even take a week if the architecture is very advanced.

Generally, you need to be an engineer to handle maintenance. We have three people at our office that can handle implementation and setup as well as maintenance.

You need a license to use the solution. We offer the license as a box license, or we can offer a license like an MSP, as a service provider. We often acquire the licenses and we give them to our customers as an MSP.

We are an authorized partner for Sophos.

We're using the latest version of the solution.

I'd recommend the solution, especially over, for example, Cisco. 

I'd rate the solution ten out often. It's really worked well for us.