Sophos XG Reviews

We use Sophos XG firewall primarily for threat management, including firewall and endpoint equipment protection. We are in the process of upgrading to Sophos XG 33 firewall.

Sophos has greatly improved our network's security posture. In terms of network security and user activity reporting, it has helped us to manage and analyze the activities of the users. From the reporting, we can now see areas where we need improvements, such as blocking certain sites from users.

The most valuable features are its protection capabilities like threat prevention, malware security, web protection, and web security. The security features are very good.

There should be a workaround in case of equipment breakdown, like a stopgap measure while the equipment is being returned or replaced. An improvement in the product's pricing would also be beneficial so that more people can afford it.

We have been using Sophos XG since 2018.

Sophos' technical support is very prompt and efficient. For instance, when our equipment failed to reboot, their team was quick to diagnose and resolve the problem by exchanging the equipment within two weeks.

Positive

We used another firewall before Sophos.

Having a Unified Threat Management system like Sophos XG has helped us spend less on network security, thus providing a good return on investment by managing our income effectively.

The price is reasonable, but if reduced, it could become accessible to more people. Currently, it costs about four million shillings in Kenya.

Before using Sophos, we used another firewall.

Regular prompts from Sophos to the users for instant reporting of any challenges would be very beneficial. Including more YouTube videos, webinars, and other educational content would also help users understand and utilize the product more effectively.

I'd rate the solution nine out of ten.

We primarily use the solution for gateway purposes, in order to provide us with gateway security.

The product is good in terms of routing multiple ISP Internet and also it's good in internet traffic control.

The updates are helpful and add to the solution in a positive way.

The initial setup is simple.

The solution is stable.

For the most part, you can easily scale the solution.

I'm not seeing any such things that require any improvement. It's good. From time to time, some updates will come through. It's meeting our requirements right now.

The pricing has gotten much higher. 

We've been using the solution for three years. It's been a while now. 

The stability and performance are excellent. There are no bugs or glitches. It doesn't crash or freeze. It's very reliable. 

We have 50 users spread across three devices. 

The solution, in terms of scalability, has its limitations, of course. Scalability in the sense of if I want to add more ISPs all depends upon my port availability. Transitions and migrations are fine and doable. I don't find any challenges there.  

Technical support from Sophos has been brilliant. We deal with them on any L3 issues and they are always helpful. 

The initial setup is very straightforward and simple. it's not overly complex or difficult. 

The deployment was quick and took maybe one day.

In terms of maintenance requirements, We have an L1 technical person who will take care of all the routine maintenance of the firewall, and we also have L2 support with the vendor. We have an L3 support from the Sophos team itself. 

We did the implementation with the assistance of a vendor. We did not completely handle it ourselves. 

While, at first, the pricing was very good, it's since crept up. Now, upon renewal, it's pretty high. They've increased the costs. 

Currently, we have three devices that are similar. Only the capacity varies.

I'm a customer and an end-user. I don't have a business relationship with Sophos. 

I'd recommend the solution to other users and organizations. I'd rate it at a ten out of ten. it's the best. 

I am using it for unified management.

I like the firewall, inbound, and outbound modules the most. The VPN feature also works well. It is very easy to configure rules in Sophos XG.

We have got local service here in Zimbabwe from Sophos, which is something that I like a lot. We have got good local support, and they come on-site when we have any challenges.

Sophos provides a lot of good training all around Zimbabwe. They are quite dominant here, similar to other solutions like Fortinet or WatchGuard.

When you are using it as a controller for the wireless access points, it doesn't perform well.

It is not suitable for the public cloud. It is more suitable for enterprise data. It is not really the equipment for cloud data centers. I am looking for a data center firewall.

I have been using Sophos XG for more than five years. I started with Cyberoam, which was bought by Sophos.

It is stable. I have managed to secure my network. It has been good so far.

It is not so scalable. If you want to upgrade, you have to buy another appliance. I don't see so much scalability. You can only change a port from 1 gigabit to 10 gigabits. There are other solutions like Fortinet that are more scalable.

Their support is good. We get local support from them.

The initial setup is straightforward. The deployment took two days.

The pricing is flexible. Sophos looks at a country's economy and offers flexible pricing. This is how they have managed to penetrate the market.

I would definitely recommend it. It has good support and training.

I would rate Sophos XG a seven out of ten.

I use the solution as my endpoint firewall and at the same time, I use it for load balancing and spillover.

What I like the most is the reporting. 

The integration with the Sophos firewall is brilliant. I don't need to be physically present in the office. I can monitor everything from Sophos Central. That is a great feature and it's one thing that I really appreciate about the solution.

I like the fact that it can self remove malware and do updates on the cloud via Sophos Central.

The interface is good.

Although I enjoy the reporting elements of the solution, it can still be improved. I still can't drill down. There is some information that I would really, really like to see, but I still can't access it.

On reports, they sometimes give a summary, but it lists different users as unknown. There are times that I really want to know which user or which IP is causing a problem. 

There is something that have observed and I don't know what exactly the problem is. Right now, from my ISP I'm supposed to have unlimited bandwidth, but I observed behind the firewall my bandwidth seems low. I'm not exhausting what I have from my ISP. I've checked the TOS and there's no limit. When I spoke with one of the resellers they said that they too had experienced it before and that probably I should restart the device.

That they observed that the clients that restarted had their internet service improve. I don't think that is a good solution. I don't want to have to restart my device to have the internet service improved.

I've checked the setup. I even checked with the reseller, who told me everything is okay. I've gone for XG training. Even after the XG training, I've gone back to look at my setup. I can't see anywhere the bandwidth is being shared. I'm not sure if it's the device itself, but I've checked everything.

The scalability is okay. We have about 200-250 users.

Technical support can be improved upon. There are times that I've had some issues that I've tried escalating in technical support and it takes a while before we really get it resolved. 

Once I was getting a particular malware from an unknown source on one of my servers which was behind the firewall. I asked their support why. Later they advised that I should install Intercept X for servers on that particular device. I was confused about how it was behind a firewall; the firewall should be able to detect which system is getting infected. The system doesn't really go to the internet and nobody browses on it. The only thing I could imagine that could cause it was a Windows update. If it was from an update they least it should have been able to say, "Okay, it was from this particular update that this malware was filtered in."

Out of ten, I would give their service a five.

The solution we were using previously was Cyberoam.

The Cyberoam device was about five years old and had started malfunctioning. It wasn't giving us the output it had previously provided. At that time, Sophos had already bought Cyberoam. We had the option to either upgrade the OS to a Sophos OS or to a Sophos device.

We decided to go for a Sophos device since the Cyberoam device was already problematic.

The initial setup is straightforward.

I used a reseller to assist with implementation.

We pay on a yearly basis. 

We have Sophos XG, but we also have Intercept X for our endpoint and recently we just deployed Intercept X for the servers. I've not done a calculation of the costs of all three to know what my yearly maintenance costs would be.

Once you have basic networking skills and firewall management it's easy to set up. With Sophos Central, I think it's a good solution for any IT department.

I would rate the solution eight out of ten.

As it is now, the solution is good, but I believe that there's still room for more improvement. I still believe the reporting could be improved. Sophos, from my experience, seems to affect my bandwidth. I didn't set any limit, so I don't know where that is coming from, but it's something that we've noticed with the XG.

I use the solution in my internal network for my home office, for which I have applied a router in my home. I have deployed a couple of switches in my home network, but I need to secure my network from attacks.

Adaptive security is the most usable and most efficient feature in Sophos XG. The performance and scalability of the tool are advantageous areas.

With the firewall part in Sophos XG, it is not very flexible if you want to block access to a particular site during your internal usage. The tool is not able to block access to a particular website instantly or easily since it takes a considerable amount of time to configure a few things. If you specify that a user should not be able to go to www.google.com, it should be denied for sure.

The support engineers of the product are not very tech-savvy, making it an area where improvements are required.

I have been using Sophos XG for four years. I am a customer of the product.

At times, there are some issues that I have faced with the stability of the product. Not many firmware updates pushed into the tool are bug-free, and because of this, I face issues.

I rate the tool's stability a seven out of ten.

It is a scalable solution.

Based on my experience with the product's support team, I feel that Sophos provides good technical support to its users.

I rate the technical support a six out of ten.

Neutral

The product's initial setup phase was easy, especially compared to Cisco.

The solution is deployed on the cloud. I have also worked with the on-premises model.

The solution can be deployed in only a couple of hours.

The product has improved the security posture. Sophos XG provides features that are almost the same as those Cisco Firepower devices provide. I would say that a couple of features in Sophos XG are the same as the ones provided by other Cisco devices, which are top-notch.

The management tools or log-related solutions that are presented with Sophos are okay but not top-notch when it comes to Cisco. I rate the reporting and visibility tools in Sophos XG a six out of ten compared to Cisco.

Sophos xG's integration capabilities do not apply to a limited number of security tools. Cisco provides integration capabilities with many products, while Sophos XG offers integration with a limited number of products. Cisco provides integration capability with almost any tool that is present in the world. Cisco works day and night to ensure that it provides good integration capabilities with the solutions.

I recommend the tool to those who plan to use it, especially if you own a very small office where you don't need a product with too many functionalities.

I rate the tool a seven out of ten.

We use Sophos XG for ensuring security, implementing web filtering, enforcing policies, and blocking traffic as needed.

I appreciate its interface, but I find that the available ports are insufficient. I've encountered limitations, often finding that three to four ports are not adequate for our needs.

It stands out with its side-to-side VPN and SSL VPN capabilities.

The most significant aspect is the protection it offers.

I encountered an issue while implementing web filtering for users. Specifically, when attempting to access reports detailing which sites users are visiting, the diagnostic report fails to display the complete URLs of the websites visited. This becomes particularly problematic when users utilize proxy software to bypass the firewall, as it renders tracking their website visits nearly impossible. Training presents a major challenge as there are numerous features available, such as IPS and IDS, which many network administrators are unfamiliar with and tend to leave disabled. Users are unable to enable these features themselves due to their lack of understanding of their functionalities and configuration processes. The training manual provided to users lacks proper guidance on configuration procedures. The content outlined in the user manual differs significantly from the live configuration process.

I have been working with it for approximately six years.

There are several glitches in the new firewall. One particular issue arises when applying filtering settings. The firewall fails to unblock sites without requiring a restart to save and execute the changes properly.

We have a multitude of distinct sites, amounting to a total of six to seven thousand users in total.

Our experience with Fortinet was better compared to Sophos. Also, configuring Fortinet is much easier than configuring Sophos.

Installation is not straightforward; it's a bit complex. For instance, when setting up two ISP connections and terminating them on two firewalls, the process involves configuring LAN and WAN interfaces separately, along with DNS and routing configurations in different tabs. Many users may find these functions unfamiliar. It would be more convenient if all functions related to traffic routing were consolidated into a single tab for easier management. Maintenance is also challenging.

The price of Sophos in PTR is significantly higher compared to Fortinet.

Overall, I would rate it three out of ten.

The solution has a variety of very good, very useful features. We take advantage of a lot of them.

The initial setup isn't overly difficult.

The stability is good.

We found the initial setup to be straightforward.

Technical support is helpful.

The pricing is reasonable.

The VPN device could be improved upon.

The firewalls could be strengthened.

The solution could be more scalable.

I've been working with the solution for four or five years or so at this point. It's been a while. 

The solution is very stable. We haven't dealt with bugs or glitches and it doesn't crash or freeze. It's pretty reliable.

I wouldn't describe the solution as overly scalable. It's limited.

We have 100 to 150 users on the product currently.

Technical support has been oaky. When we have needed them, they have been helpful and responsive. We're satisfied with the level of support we receive.

The initial setup was okay. It wasn't too complicated or difficult. It was pretty straightforward overall.

We have ten to 20 people on staff that can handle deployment and maintenance. We look at the solution monthly to see if there's anything we have to do.

We find the pricing to be reasonable. It's not too expensive.

We purchase a new license every three years.

I can't speak to the exact pricing of the product, however.

We're satisfied with this solution currently. We aren't evaluating any others or looking for a replacement. 

We're a customer and an end-user. We don't have a business relationship with Sophos.

I'd rate the solution at a nine out of ten.

I prefer the advanced Sophos models. they are reliable and work well for us.

Most of our clients are primarily using the solution for the network protection it offers them.

The most valuable aspects of the solution are the web-filtering and the application control.

The solution is stable.

We've had good experiences with technical support.

The product is scalable.

The solution could be improved if it offered more documentation or at least provided more information about the products themselves. If there was a virtual assistant of some kind that would help clients familiarize themselves with everything, that would be very helpful.

It would be helpful to get some insights into new features so that we are able to relay information to clients effectively.

I've been using the solution technically since 2019, however, I haven't really been able to focus on it too much. Right now, I am refreshing my knowledge on Sophos XG.

The solution is very stable. There aren't bugs or glitches. It doesn't crash or freeze. It's very reliable overall.

We have clients from various sized companies, and the solution works well with all of them.

There seems to be pretty good scalability potential, at least up to a point.

We've been in touch with technical support and found them to be very accommodating. We are very satisfied with eh level of support they provide to us.

While I may have other colleagues on different solutions, my main focus is Sophos at the moment.

When we're talking about the initial setup for the Sophos XG it can either be simple or complex. It will depend mostly on the infrastructure of the client.

Deployment times also vary, according to the complexity.

Typically, the client handles the maintenance process themselves.

We handle the implementation process for our clients.

We have a platinum partnership with Sophos at this time.

I'm more on the technical side. I don't really have any insights into licensing and pricing as it's not an aspect of the solution I directly deal with on a regular basis.

I'd advise those considering any solution to really take the time to study the product and understand different aspects of it. Every solution is different, and therefore it's important to be able to navigate them. Doing some extra research at the outset will ensure you don't purchase the wrong firewall, which can be a waste of time and money.

I would rate the solution at a nine out of ten. We're quite happy with the product so far.

We're using the latest version of the solution at this time.

We're integrators and resellers.