Sophos XG Reviews

I'm using the solution mainly for its firewall application and to prevent intrusion in the system. The XG platform is very powerful from the perspective of identification and to prevent potential attacks on the system due to its the capacity to predict and to anticipate the potential damage on the system.

It's integrated inside the system, meaning that it can control all the endpoints in the system and talk with them and identify any potential situation. It can also isolate one area inside the system without compromising the entire system. This allows you to isolate the initial problem without involving the entire infrastructure. 

You have real-time control of all your infrastructure. It is integrated with the hardware and offers good performance alongside the hardware and by the firmware, and these work together to control the entire infrastructure.

The real-time control on offer is excellent.

We really appreciate that you can segment and quarantine certain sections of your system without having to shut down the entire operation.

The product has artificial intelligence that has the capability to quickly identify which could be the potential risk mainly for intrusions like ransomware or a new kind of typology of attacks that are in place right now. 

The idea is to mainly prevent the condition and not to manage the situation, as, if that happens, in many ways, it's already too late. It's to identify the condition that can help the company to prevent or mainly to reduce the risk of an intrusion. In that sense, its performance is excellent. 

The product is doing it job without affecting the system with a heavy load. The activity on offer is very light in terms of resources that are required by the system. It does not require a lot of resources in terms of memory, et cetera. There is no performance impact on the system. The customer doesn't detect its presence on the system when it's working, and yet they still get all of the great benefits of protection.

The solution has been quite stable. 

It's a product that is in continuous improvement and is following what the customer is asking. They are taking inputs and designing new releases specifically according to the client and their needs.

It's one of the best products on the market as it really understands where the market is moving and iterates based on the future. It's constantly improving. It does a great job at keeping confidentiality while guaranteeing security.

The solution doesn't just offer theoretical security, it really does offer very good, real-time security and delivers on its promise to the client.

There is no specific features request right now really. I see that all the features that Sophos is implementing and is proposing on the market follow exactly what the market is asking. It's difficult to identify something that is missing compared with what the market can ask as one of the most important things that Sophos does is have the capability to anticipate in a certain way what the market expects. As a leader on the market, they tend to have the solution just before the market is asking them for it. 

The solution could offer a bit more integration with other systems, with other platforms - just to be able to extend the capability and to interface with other kinds of platforms or systems that I can find on the market as it gives the possibility to improve the level of integration.

The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's very reliable.

The solution is quite scalable. You have to consider that all Sophos products are scalable. This is one of the main characteristics of the system. It means that you can start with a base solution that is very simple and improve this step by step without losing what you have done in the past. It's scalable in the sense that you have a different layout that you can cover, however, you don't have to dismiss what you have done in the past. You have just to integrate. In this way, if you consider the cost of implementation for the company, it has the possibility to optimize the cost because the company has the possibility to appreciate the system initially, and then improve the system step by step without losing what has been done in the past.

This means the company has the possibility to distribute the cost if you're in a certain period of growth. Normally some companies start to say, "I want to guarantee to control to the outside with a certificate and give the possibility to access my data in a controlled way. After that, I want to extend the security on the email that is managed by the company. I want to encrypt the data on the server and so on." All these features can be approached in a step-by-step manner instead of all at once, and you can implement them on the system in different ways and at different times.

We normally have about 50 users and around five technicians.

I also currently use Cisco products alongside Sophos.

However, we did not previously use a solution that was different from Sophos.

The initial setup is not so complicated. The system is not complicated to understand and also in can be installed without a very high level of expertise. Of course, if you have this kind of expertise, you can obtain from the system the maximum performance that the system can do, however, it means that you are not obliged to be a guru to be able to use these kinds of products. You can use these kinds of products just as an IT manager inside the company without having or needing special knowledge. 

Otherwise, you can leave to Sophos with the capability of doing something like a close box. You are sure that Sophos is able to guarantee the level of security that you are expecting. You can have it be automatic, or you can choose to go more manual in its operations. For example, if you were a professional photographer, you'd probably like a manual experience, as it would allow you more leeway with your craft, and if you were an amateur, you 'ld likely prefer an automatic camera that handles the heavy lifting for you. Sophos, in that sense, is the same. If you want, you can configure single parameters, or you can leave it to Sophos to give you something out-of-the-box.

In any case, if you stay on the automatic configuration, you are guaranteed that the system can provide the correct level of service that you want. It means that it's not required to have an expert. That said, you need of course to have a minimum level of knowledge, as it's clear that you need to know what you are managing. Starting from that, you can obtain what you need without moving into an advanced configuration.

Typically, a configuration takes about half a day or so, if you go that route. It doesn't take long, as those who would handle it would know what they are doing.

We handled the implementation ourselves, in-house. We did not need the assistance of an implementor or consultant. I have enough knowledge on the solution to manage it myself.

I'm mainly a user. Sometimes I handle installations.

I'm using the latest version of the solution. I don't have the version number on-hand.

We do plan on continuing to use the solution. I've been quite please with it overall.

I would recommend the solution to others. It's worked quite well so far and really leads the market.

I would rate the solution at a ten out of ten.

I use Sophos XG as a content filtering, web filtering, and application filtering utility, as well as to integrate with the endpoint antivirus software. 

I have Sophos Endpoint Antivirus installed on the user machines as well, i.e. the Central Cloud Management version. That's our main use. 

Sophos XG has cybersecurity. It integrates with the antivirus software.

I have a serious problem because our offices are scattered around the world in very remote areas. We cannot deploy proper branch office guides, active directory sites, and software services. 

It is impossible to apply any sort of group policy on the user machines, which makes it very hard to control issues like USB ports, access to cameras, or access to any preferences on the user machines. 

With the integration between Sophos UTM and the installed endpoint antivirus, you can now manage all those features from your cloud subscription. You can allow and block whatever you want from the cloud. 

You can allow whatever USB ports you want for specific devices with specific IDs, serial numbers or modems. The machine gets updated online or updated from the antivirus settings, i.e. the UTM unit itself.

The UTM unit itself has a cache update on it. Once the clients behind the UTM get updated, they get access or they get denied access to the hardware resources they are applying for. This is a major benefit for us.

The application filters available with Sophos XG are brilliant. The sandboxing and the way the firewall or the UTM integrates with the installed endpoint antivirus clients on the user machines is brilliant. You get the chance to isolate network threats before they become active or become distributed on your network. 

With the cloud version of Sophos XG, you get the proper visibility of your network and the user machines. With the cloud versions of the antivirus, i.e. the cloud central management of the antivirus, you get high visibility.

With the application between the installed Sophos UTM, you get a high level of visibility of what's happening on your network or on your client machines. You get protected against threats. You get proper visibility. That solves a major issue.

There was a big issue with the Cyberoam and with the SG units as well, i.e. the previous Sophos UTM model. With Sophos XG, you get the chance to block what sites operate on SSL or that operate with HTTPS, without the need of extracting and distributing a certificate. 

On older Cyberoam and Sophos SG old versions, if you wanted to block something like YouTube or Facebook or any other websites that operate with HTTPS, you had to extract the certificate. Then you had to export that certificate. Then you had to re-import that certificate in all the user browsers. 

The only problem was if you needed to use an active directory where those certificates would be automatically thrown into the user browsers once they logged in to the domain. 

For a scenario like mine where you don't have a group policy, it is a disaster and ends up with you setting the rules to block certain websites with HTTPS on the firewall, even while they are not being blocked so that the user will still have access to them. This problem is now 100% sorted out with Sophos XG.

Now you can actually block whatever you want, whether it's using HTTPS or HTTP keys from the firewall without the need for extracting certificates. That's a major improvement. That problem with the HTTPS settings was a huge issue. 

I know other people must be enjoying that it's sorted out now. It was a serious and major issue for Sophos. The only issue that Sophos XG now needs to improve is the product's reporting capabilities.

Sophos XG is stable enough for our requirements.

We have about 450 Sophos XG users currently using this edition and 300 for the antivirus platform installed on the machines, plus in-service, around 310. We also have around 15 additional units deployed around the world.

I'll give Sophos XG technical support an eight out of ten for their service.

I used Cyberoam previously, although I always used it as a UTM only. What made me move to Sophos is that they were acquired, i.e. they acquired Cyberoam to start with the development. At that time the software had many features that were not available with FortiGate, in terms of content filtering, and it was an appliance when Websense was the software to be installed on a server. 

There was a problem with our operating system with some of the updates, i.e. with the operating system or the hardware. I moved from Websense to Cyberoam because it wasn't applying properly.

The initial setup is definitely something different than the old Cyberoam and it's a bit complex. If you've been dealing with UTMs and you understand the concept, it is still complex but then I find it enjoyable.

Sophos XG is not hard to configure. Too much detail is always good. 

I required three or four hours for the initial setup. One day for the testing, fine-tuning, optimizing, and categorizing. Three days for the first unit with the initial setup and the customization including testing. Finally, three days for testing all the rules, the QA, and then putting everything live. 

I used to work for an integrator myself years ago, as well as my team. We are all trained. We are all professional in what we are doing. No external help was used.

Our ROI is 100%. I've got the ransomware attacks being blocked. I've got the users' consumed bandwidth by using proxy bypasses and all sorts of applications being blocked now. 

It's saving on the companies and the employees working hours and time. It's saving on minimizing virus infections and applications that the users like to use on their machines in order to bypass blocking USB ports or cameras. 

It is saving the company money by saving bandwidth and saving employees time by not allowing them to access time-wasting websites.

We have the annual license for Sophos XG. It all depends on what you would like to have in the package that you are purchasing.

I evaluated FortiGate but wasn't happy with it. I evaluated another group called WatchGuard. WatchGuard has good features in it, but it's for a smaller business scale than the Sophos clients.

I evaluated Cisco ASA or PIX but now, I use Sophos XG as the firewall. I have confidence in their unit. Before Cyberoam and Sophos, I used FortiGate and Websense for our UTM requirements.

I recommend that everyone should have a proper understanding of new network requirements and then enjoy it. Sophos XG is definitely a good product.

On a scale of 1 to 10, I would give Sophos XG an eight.

The tool's most valuable feature is threat protection and DLP features. So far, basic DLP features like content protection and blocking. Furthermore, for remote users, features such as back filtering and application control are available, allowing for command and control from our side. It is very easy to understand policy applications. 

It has multi-console features, where you can designate administrators or super admins. There's also a read-only feature available. Visibility features are included in XDR. This provides information on user impact, potential threats on specific machines, source and destination IPs, setup firewall details, and unique identifiers for each machine. Another notable feature is network isolation, ensuring that data remains secure by isolating affected machines from others.

Sophos XG offers visibility into network information, sources, destinations, and threats. Depending on the policies applied, users may monitor specific issues without blocking them. However, policies that block threats should be applied.

One feature I would like to add is remote wipeout capability. This would be useful in cases where a user leaves the organization and fails to return their laptop. Remote wipeout would allow for the deletion of data from the device with a single command. Regarding technical support from Sophos XG, it's generally satisfactory. However, the response time could be improved. It takes around one hour to receive assistance, but reducing this to 30-45 minutes would benefit us.

The tool has only a base DLP feature. It needs to have a full DLP feature with additional licensing. 

I have been working with the product for ten years. 

I rate the tool's stability an eight point five out of ten. 

I rate the solution's scalability a seven point five out of ten. 

The tool's installment is easy. 

The tool's pricing is cheaper compared to other alternative products. 

Sophos XG has a lab center where they analyze signatures and automatically update them on the product. This eliminates the need for manual updates on individual machines or centers. Additionally, it has features like MDR and management response features. So, Sophos XG seems to have a roadmap in place.

I would recommend the product based on the situation. Cortex, a next-generation antivirus for larger enterprises, would likely provide sufficient coverage. It's also known for its scalability and visibility features, including root cause analysis and terminology features.

I rate the overall solution an eight out of ten. 

I mainly use Sophos XG for network firewall protection and VPN access. It helps secure our internet connection and allows us to manage our network traffic efficiently. Additionally, we use it for monitoring our local network.

Sophos XG has significantly improved our remote workforce security. It effectively safeguards our information systems and data, while also enabling us to restrict access to unauthorized websites. This has been particularly valuable for ensuring productivity and security across all our branches nationwide.

The most valuable features of Sophos XG for our use cases are its firewall capabilities, its ability to connect to wide area and local networks, and its VPN functionality. It effectively protects our information systems while simplifying VPN setup across branches, eliminating the need for additional VPN services from our internet service provider.

One area where Sophos XG could improve is in its patch management system. I encountered an issue where installing a new patch resulted in being locked out of the firewall, which was quite inconvenient. This suggests a vulnerability that needs addressing to ensure administrators can update patches without losing access. Such incidents shouldn't require a complete reconfiguration, so there is definitely room for improvement in this aspect.

One piece of advice I would offer is for Sophos XG to consistently incorporate the latest technologies to stay competitive with other vendors. Ensuring that new features are regularly updated and integrated into future products will enhance the platform's effectiveness and appeal to users.

I have been working with Sophos XG for seven years.

I would rate the stability of the solution as a ten out of ten.

I would rate the scalability of the solution as an eight out of ten. It is highly scalable and capable of covering a growing number of end users. Whether managing a small or large user base, its scalability makes it adaptable to varying network sizes and user demands. In my organization, we have approximately two thousand users across various branches using Sophos XG daily.

I would rate the initial setup of Sophos XG as a solid ten out of ten in terms of ease. With a clear understanding of the process and step-by-step guidance, setting it up was straightforward and hassle-free.

It took me around 30 minutes to deploy Sophos XG. The deployment process involved configuring the LAN, WAN, and VPN settings at each branch. Once connected to the switch and router, it was ready to use, making it a straightforward and quick setup process. 

Maintaining Sophos XG typically requires only one or two people, depending on the size and complexity of the network deployment.

The most effective feature of Sophos XG for threat prevention is its regular patch management system. By consistently updating software and firmware with new patches, it helps prevent attacks by addressing vulnerabilities and staying ahead of emerging threats.

The web filtering capability of Sophos XG has benefited our organization by effectively blocking users from accessing specific websites during office hours and even restricting access to certain sites altogether. This feature has been instrumental in enforcing our web usage policies and ensuring a secure browsing environment.

The performance of Sophos XG's firewall has met our expectations perfectly.

We have integrated Sophos XG with other security equipment such as routers and switches. While we primarily use it as a standalone product, in some branches, we have connected it with other security solutions for enhanced protection.

I would recommend implementing Sophos XG for its effectiveness as a firewall. Before installing it, consider factors like your current network equipment, intended use, user compliance with security controls, and whether your technical staff may need training if they're unfamiliar with Sophos firewall.

Overall, I would rate Sophos XG as a ten out of ten.

Sophos XG has greatly strengthened our network security and threat management. Its integrated EDR capabilities and seamless integration with firewalls, along with additional services like their NOC services, provide a comprehensive solution. With all these features working together, it is a complete package that ensures robust security for our clients.

One feature of Sophos XG that I found incredibly beneficial for threat prevention is its endpoint protection. It monitors all activities on our devices and effectively blocks any harmful files from infecting our machines. It has been a game-changer in preventing troubles for our customers.

While Sophos XG is a great product overall, there could be some room for improvement in its pricing since my clients usually feel like the product is on the expensive side.

I have been working with Sophos XG for five years.

Overall, the solution is stable, and we rarely encounter glitches. Any issues that arise are usually related to Microsoft updates rather than the Sophos software itself.

I would rate the scalability of the solution as an eight out of ten. The clients I work with who use Sophos are typically small enterprises.

I have worked with other firewalls like Cisco and Fortinet over my 20 years of experience. Comparing Sophos to other solutions, I have seen significant improvements over the years. While it may not have been the easiest or best software three years ago, it is continually getting better with updates. Overall, Sophos is moving in the right direction, becoming more competitive with its counterparts.

Installing Sophos XG is straightforward and typically takes around one hour for configuration, excluding the physical setup. Usually, only one person is needed to complete the installation and configuration process. It is quite easy to maintain it.

There was a time when our network faced a sophisticated malware attack that bypassed traditional security measures. However, with Sophos XG in place, it quickly detected and mitigated the threat before it could cause any damage. The seamless integration of software and hardware ensured there were no vulnerabilities or gaps in our defense.

The interface of Sophos XG is user-friendly and suitable for new users. It is continually improving, with updates addressing any issues promptly. 

Deploying Sophos XG has led to noticeable improvements in network performance. 

Overall, I would rate Sophos XG as an eight out of ten.

We are developing a software. We use the solution to protect our environment. Our main concern is to block users’ uploading.

Sophos XG is a fantastic solution. We achieved our security target after installing the solution. Our main concern was to block uploading. We were able to achieve that using the custom rules.

The product has all the latest features. It has malware protection, ransomware protection, and zero-day protection. It helps block everything.

The vendor doesn’t publish the price on the website. We must contact the agents to know the price. It is a lengthy process. It would be easier if the price details were provided on the website.

I have been using the solution for the last three years.

The tool’s stability is good. I rate the tool’s stability a ten out of ten.

We have 10 to 15 users in our organization. The tool’s scalability is high. I rate the scalability a ten out of ten.

The technical support is great.

Positive

The initial setup was difficult. We must learn everything before implementation. In the beginning, everything seems difficult. For someone who has worked on other firewalls before, Sophos XG is not that complicated to implement.

I prefer the on-cloud versions because we have control systems on the cloud. It will be much easier to handle things. If we have it on-premises, we must maintain and look after the equipment. The cloud version is much more secure and easier to maintain.

The pricing is very high. The product could be a little cheaper. It will help Sophos to compete with other brands in the market. I rate the pricing a ten out of ten.

We also use Sophos Intercept X. It is a fantastic tool. It protects PCs from malware attacks. Overall, I rate the solution a ten out of ten.

The most valuable features of Sophos XG are the ease of management and good out-of-the-box reporting.

Sophos XG requires a bit more restarting than Cisco. The main difficulty is to keep up with the current threats. The solution should have the ability to be up to date with the most recent threats.

I have been using Sophos XG for five years.

I rate the solution an eight out of ten for stability.

Sophos XG is not a scalable solution. Depending on what you want to do, you choose the right model. You cannot buy one model and upgrade it to provide higher capacity. This is true for all firewalls, where you price it up according to current plus a percentage for future capacity. Most of our clients for Sophos XG are small to medium-sized companies.

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution’s initial setup a nine out of ten.

In most small to medium-sized companies, the solution's deployment takes about a day. However, planning and setting up the architecture might take longer than that. Especially in live environments, you do everything in advance and don't leave a lot to chance.

Sophos XG is a reasonably priced solution.

The solution has the ability to customize user-defined entries for more control over what you can actually set. With Sophos XG, you can use your own definitions or point to another service that uses slightly customized definitions.

Users have a tendency to go for the cloud version of Sophos XG. Over the past year, prices have unfortunately gone up with anything related to the cloud, and it's probably increasing overhead costs. The problem with the cloud is that it can be costly if you don't properly control it. You also risk ending up with nothing if you can no longer afford to pay the monthly cost.

I would recommend Sophos XG to clients who want it or specifically request it. I don't have anything against using the solution.

Overall, I rate the solution a nine out of ten.

We use Sophos XG with medical institutions and corporate banks that we work with. There are approximately 20 employees working with this product in our company.

Being centralized, Sophos provides us threat protection there. Even with standalone, we are able to provide the Sophos firewall. Having an internal dashboard and a single dashboard with some endpoints is also valuable. By using Sophos endpoint and the firewall, synchronized security is easy.

I would like to see improvement with service and support. LAN inbound and outbound traffic requires more control and an additional stop. 

We have been using Sophos XG for almost 10 years. We are partners with Sophos.

Stability and performance is good.

The solution is easy to scale.

There is no maintenance required with Sophos XG because it is a cloud product.

Previously I was using Cyberoam and Fortinet. We switched because there was a lot of hardware, and the performance was not satisfactory. We were experiencing space concerns with the hardware, the dual processor, and even the single processor. This also meant that synchronized security was not there as well.

The initial set up of the solution was simple. It took about 20 minutes.

We implemented the software on our own.

The price is cheaper compared to others.

I would recommend Sophos XG because it is easy to deploy at customer locations and it is priced well. I would rate this product a 10 out of 10.