Sophos XG Reviews

We're using Sophos XG within one business unit for security. We use it for the firewall and mapping some services.

Sophos XG's price is right, and it's easy to manage. It's a good fit for our current needs at the moment. 

Sophos XG's user interface has some room for improvement. 

We started using Sophos XG in June of this year, so it has only been a few months. 

I think Sophos XG is stable.

Sophos XG is scalable. We have about 600 users here in Mexico, and everyone is behind this solution. I think it's possible we might increase usage, and we've discussed this with our corporate office in Germany. We could decide to go with another product, but we might expand Sophos if it performs well.

Support is one area where I have some issues. Sophos support isn't that good. 

In some companies where I've worked, I used Fortinet and ASA with FirePOWER from Cisco. In some places, I used Meraki with the MX and the Advance Security licensing. I have some issues with other technologies. Last year, they had Sophos UTM on the devices, but there was an opportunity was to switch our clients to Sophos XG and try out the solution.

Setting up Sophos XG is too easy. It took about two hours. The only part of the solution that I deployed was the firewalls. It's something I do all the time in my business unit, so it was quick. We have two people responsible for deployment and maintenance, including me. 

I had some support from a partner.

A Sophos XG license costs approximately $45,000 

I rate Sophos XG nine out of 10. Our experience so far has been good, but maybe we'll come across another solution that's at the same or a higher level.

I primarily use the solution for managing my firewall. I'm managing my internet and my laptops in my company. I'm a personal domain controller. I'm tasked with blocking some websites with it and I'm managing my updates through it. I'm basically controlling the flow of the internet through it.

I block a lot of sites. I'm controlling the flow of the internet directed to Office 365 so that people can use it easily and fluently. They can upload and send emails easily without hassle and without accessing the internet. I'm also controlling Teams, Zoom, and other stuff for chatting online. Without this solution, I would have no control.

Content blocking for websites is the most valuable aspect of the solution. A lot of employees always want to use Facebook and other non-work-related sites. I'm always blocking that.

The initial setup is easy.

The stability is good.

Scaling is not an issue. 

The reporting needs to be much better. Sometimes I have a lot of trouble understanding what they mean.

Sometimes it misses websites. For example, websites the users shouldn't be able to enter, or sometimes these websites are not shown in this log viewer. It's just occasional misses here and there. 

Technical support could be more responsive and quicker in getting to a solution. 

I've been using the solution for at least three years now.

I have found the stability to be very good. There have been no hiccups, no restarts, nothing like that. It doesn't hang and there are barely any bugs. 

It's my understanding that they have a solution called RED, and I can upgrade it with another one to make a VPN between them. I haven't tried it yet. I'm looking at it as I have another office. I want to research scaling and have the offices together. From what I have seen, it will be easy.

Right now, we have about 50 users and 10 VPNs. That includes everyone from financial and procurement managers to the CEO, chairman, and HR department, and other operations staff.

We don't have any plans to increase users right now as we haven't increased in population, in employees number. That said, I use it a lot every day. I have to manage my firewalls through it.

In my experience, technical support takes a while to get things done. In the past, I stuck with them for a while. It took about three weeks to serve us up a solution. I don't remember what the problem was as it was a long time ago. It might have been something about the subscription or something like that. What I do remember is it took a very long time. 

I had a previous firewall, and I just swapped it out. I didn't have to change anything about my network. We previously used a firewall called MikroTik.

With MikroTik, its GUI was very bad. It's very old. Everything was manual. There were no tutorials and it was open-source. You had to search for yourself and do everything yourself. There was no support even from the company.

It was really easy for me, to be honest. The initial setup is very straightforward and simple. It's not overly complex. I had a firewall before that, so I knew what to expect. The implementation was done by a company that I bought this from. They installed it for me. It took about an hour and a half, or something like that. 

I can't recall how many staff covered deployment. The deployment happened three years ago now. 

I didn't need the assistance of an integrator or reseller. 

The solution has saved me a lot of time and enhanced my workflow for my company. It enhanced employees' work time and enhanced the internet connectivity for emails. On top of that, there was no downtime with the internet. That was the basic ROI we've seen.

The subscription for this product is yearly. The last time I bought it two years ago it was about $2,000. There's just a subscription fee. There aren't any other costs. 

I also looked at Fortinet, however, from my research, I was told that Sophos had better reporting. With Fortinet, you have to buy a server to handle reporting. With Sophos, this is unnecessary. 

I'm a customer and an end-user.

I'd rate the solution at an eight out of ten. 

We use Sophos XG with medical institutions and corporate banks that we work with. There are approximately 20 employees working with this product in our company.

Being centralized, Sophos provides us threat protection there. Even with standalone, we are able to provide the Sophos firewall. Having an internal dashboard and a single dashboard with some endpoints is also valuable. By using Sophos endpoint and the firewall, synchronized security is easy.

I would like to see improvement with service and support. LAN inbound and outbound traffic requires more control and an additional stop. 

We have been using Sophos XG for almost 10 years. We are partners with Sophos.

Stability and performance is good.

The solution is easy to scale.

There is no maintenance required with Sophos XG because it is a cloud product.

Previously I was using Cyberoam and Fortinet. We switched because there was a lot of hardware, and the performance was not satisfactory. We were experiencing space concerns with the hardware, the dual processor, and even the single processor. This also meant that synchronized security was not there as well.

The initial set up of the solution was simple. It took about 20 minutes.

We implemented the software on our own.

The price is cheaper compared to others.

I would recommend Sophos XG because it is easy to deploy at customer locations and it is priced well. I would rate this product a 10 out of 10.

We primarily use the solution as our firewall.

I'm able to have very granular control over my organization's input and output data that goes in and out of our networks.

The firewall portion of the solution is the best part The rest is really just fluff. 

The initial setup is straightforward.

We have found the stability to be quite good.

User management is the area that, by far, needs the most work. The way that they try to transparently utilize user groups from the active directory to the Sophos firewall is outdated.

I'd like to see them do a little bit better of a job with the content filtering. It has content filtering, however, it rarely works. Sometimes it just fails altogether. I'd like to see a better job done. 

I'd like to see better reporting. While the logs are great, the reports are not.

I've been using the solution for six years at this point. 

The stability is great. There are no bugs or glitches and it doesn't crash or freeze. It's a reliable firewall. 

The product is super scalable. If I had a giant organization, I'd have no problem putting the Sophos firewall in.

Right now, we have 155 on the solution. That's everyone from support to upper-level management. 

We use it every day.

We just recently upgraded. I have no reason or need to upgrade for years to come and therefore don't plan on scaling anytime soon.

Technical support is fairly good. It's a pain to get ahold of them, however, once you get them, they're very thorough.

The only thing that s not so great is that sometimes they try to force me down to my reseller, whoever their partner is. I always have to make up a lie and say I already tried and only then will they help me. Besides that, it's not bad.

I previously used Cyberoam. We really switched as Cyberoam was bought out by Sophos.

The implementation process was pretty straightforward. Learning the ins and outs was a little complex. How, in terms of just getting it set up, I was able to get it set up in a couple of days.

Overall, the deployment took about three days. My strategy was, basically, going from my old Cyberoam to my new Sophos. I just copied each rule individually and tested them. Then I ran them in sync with each other for a couple of weeks. When I realized there were no problems, I pulled the Cyberoam out.

We have three people on staff that can handle deployment and maintenance responsibilities. I've got a system admin, myself, and a help desk/content specialist.

I did not use an integrator, reseller, or consultant for deployment. I handled the process myself. 

From an ROI standpoint, the product I had before, even though they were basically the same thing, I found I was spending a lot of man-hours with it and calling support a lot and actually having to pay for support on the previous model. 

With this firewall, I rarely have to call support. When I do, it's free of charge. The ROI is 100% there. It might be a little more expensive up front, however, the quality is there for a medium-sized business.

The licensing is based on a multi-year contract. It's a bit higher, in terms of price than other options. The billing process is pretty simple and straightforward. they don't have a complex licensing setup. 

I evaluated all the big players out there before choosing Sophos. I likely evaluated seven different options.

I'm a customer and an end-user.

I'd advise those considering this product to stick with it and stay away from the fluff. For example, the Sophos Anti-Virus is not worth it. 

The firewall is fantastic. Definitely take their firewall courses, as there are going to be a lot of tasks that you feel should be easy and they're not. There's going to be a lot of troubleshooting. I've been working on it for five years and I still catch myself sometimes trying to figure out why a certain rule doesn't work doing this or that. Definitely take the training. I would highly recommend staying away from the other products.

I'd give the product an eight out of ten for a score. It does everything I need it to do. The user interface is very modern. It works. I was able to figure out some very advanced things. Even though it has a modern interface, I like the fact that I can always go into the console and it's a Linux box behind the scene - which is very nice for when you're trying to do very advanced tasks. For the most part, it was plug-and-play. The setup was really easy. The support is fantastic.

I am a system integrator. We integrate SG, XG, and XGS.

We are also deploying it on Azure on-premises for our clients.

Sophos XG is a firewall. It can protect your internal users if it is on-premises. It can publish applications such as websites, it can also protect your internal networks like IPS, and IDS. It provides you with VPN Access, and it gives you reports on the consumption of the internet.

If you have deployed the endpoint between the antivirus in Sophos, it can also communicate with your endpoint and protect your users if infected.

It's a complete firewall solution that has everything.

It is very useful.

It competes with the majority of the market's products, including Palo Alto and Fortinet.

We always strive for more features.

We could see the bandwidth use right away with the prior version, which was the SG version. The current bandwidth consumption is no longer shown in the XG and XGS.

They are nearly a complete solution. However, they are missing this feature with the ability to view the current bandwidth usage. We have requested this, but have not had a reply yet. It was in SG before but it was removed in XG.

We have been working with Sophos XG for six years. 

We started with SG, then XG, and now XGS nine years ago.

It can be deployed both on the cloud and on-premises. 

Sophos XG is very stable. We haven't had a single issue with stability in the nine years we have been using Sophos.

All electric appliances rely on a stable electric current, which requires the use of a UPS, and a backup power supply. The main issue is the stability of the power.

All Sophos appliances are SSD-based, which means the hard drive in the appliance is solid-state.

we have deployed more than 50, 60 for our customers in Kuwait and we haven't had an issue or, any RMA.

When purchasing a firewall, as a customer, you must first plan, consult with your partner(s), and decide on the sizing. If you buy an XGS 230, for example, it can support up to 200 users and 50 VPNs. If you buy the wrong product, you won't be able to scale it up.

You should always size upfront. If you have a hundred users, you buy an appliance that can support 150. The license is the license.

It's all about the hardware. If you purchase small hardware and you know that after one year you're going to have more employees then it is wrong.

It's not a server, where you can just add more drives, It only has expansion units for the network. If you need to add fiber, for example, you can. There are expansion units, but you can't expand the architecture of the firewall.

We have more than 50 customers.

We haven't required any technical support. I have however heard from my peers that they have not had any issues with the customer support.

They have offices in India, Dubai, and even in the United Kingdom. As we are certified Gold partners in Kuwait, we haven't had any issues with the Sophos team. They are quite responsive when you have a tender to submit. I have no complaints at all.

in the past, we also integrated Palo Alto.

The initial setup is easy and straightforward. As certified partners, this is something that we do every week. If the customers provide you with the network details, you can have it up and running in 30 minutes with no issues.

It's a problem if you don't know your firewall, or how to deploy it, or know how to put the proper rule in place. It is very important that in any firewall if the customer doesn't know what rule should be in place, it is possible they will create the wrong rule and expose the network.

You have to have a certified person to maintain the solution. How many you will need depends on the number of customers. If you have a lot of customers, you will need two technical people. It also depends on the size of your business. One is fine but as you grow with more customers, you will need at least two to deploy and maintain the solution.

I don't have any issues with the price. The price varies depending on the market. The price of Sophos in Europe differs from that in our region, GCG, and from that in the United States. You will notice that each region has a different pricing structure. 

Customers will always try to minimize the cost. When compared to other products, Sophos licensing is very affordable.

They have already released the XGS. If you are referring to the previous version, XG. It is still in production and available for purchase. They have already released the XGS, which is the next generation of the XG. It has a more advanced architecture. Now that we have passed XG, there's XGS on the market.

Remember to size your customers. You'll need to know how many web applications you will be publishing, how many end customers the company has, and how many of them will need to connect to the VPN. It's a formula that, based on the data, that will determine which appliance you require. You can start with a little one, but it's best to understand the requirements first.

We are very happy with Sophos products.

I would rate Sophos XG a ten out of ten.

I enjoy synchronized security, where you have to synchronize both the firewall and the endpoint. When I deploy a firewall, I integrate it with the endpoint so that they can send the security heartbeat from the endpoint to the firewall. In the Sophos firewall, there's deep inspection, which works quite well. Sophos has the web application firewall inbuilt. This is unlike other firewalls, where you have to integrate with another standalone web application firewall. Being inbuilt in Sophos, you just have to configure an application so that it's more of a policy, and you're good to go. It's pretty simple in terms of the user. 

We've deployed quite a number for our users and our customers, and the feedback is quite positive in terms of management and also administration.

The technical support is pretty good. 

The initial setup is easy.

There's quite a number of items on offer. When you look at Gartner, it's doing well. The uptake in the market has been wonderful and currently, it's competing with other top firewalls such as Check Point, Fortinet, and Palo Alto.

XG is at its end of life. People are moving to XGS. With those changes on the horizon, a client might end up in, maybe 10 years, having four or five appliances, which they might not use. I don't know what Sophos is doing to maybe change this. Right now, we've moved from XG to XGS.

Another feature, which might be good and which other vendors are maybe exploring is the NAC. Sophos doesn't have a NAC solution. 

Maybe they can improve on their WAF. Currently, they have the inbuilt. 

They could work on their SD-WAN solution. I have seen it. It's not that competitive compared to other vendors. We've had some device issues.

I've been dealing with the solution for the last four years.

In terms of when it's in the network, it's stable compared to other firewalls, where I have had some issues. I had a case with another firewall, which the client changed to Sophos and it was not that stable as the client had to go and actually restart the firewall. The challenge comes in terms of stability when, let's say, the engineer doing the scoping does the round-sizing for the firewall. This causes the IPS to become overloaded or overworked, so it disconnects the traffic at the port level. In terms of stability, I might say sometimes we might experience challenges maybe when the sizing is not done correctly. That's why we might experience that disconnect at the interface level where the internet gets disconnected, however, that's the case of sizing, not the product itself. In terms of stability, it's stable in the network.

In terms of Sophos' support, they have been wonderful. I had a device issue and I found the return policy to be quite simple. 

Their technical support is pretty straightforward. When you raise a ticket, the feedback is immediate, and you are assigned a support person. It's been a wonderful experience.

Even to the end-user, it's a pretty straightforward system that they have. A user would just log into support.id, then key in their credentials and raise a support ticket. It's pretty simple.

I'm also familiar with Check Point, FortiGate, and Palo Alto. We also used to use Sonic Wall, however, we've moved to Sophos.

The initial setup is pretty straightforward. It's not overly complex.

I've compared Check Point, CloudGen Network Security, and Sophos XG previously for clients. Not being biased to any vendor, normally, in this region, what normally happens is the budget. You might recommend Check Point to a customer, however, Check Point is a bit expensive, so you might end up losing the deal. What you would recommend, is Check Point as the Quantum, as the firewall. Sophos is doing quite well in terms of the endpoint for the workstations and the servers, the physical and the virtual. Likely it would be a good idea to recommend Sophos Security. That said, if the client has the budget, you'd recommend Check Point as a firewall. It's always good to do a bit of comparison and advise the client as to what is best for them.

We've actually deployed and supported quite a number of the products, from XG105 to XG3430.

Sophos is on-prem mostly, however, now there's another product for Sophos, for the endpoints, which is cloud-based.

I'd rate the solution at a ten out of ten. It's one of the best products. We have deployed quite a number of them - almost 20 - and I've not seen any of my clients complain.

We use Sophos Firewall for our environment.

The Sophos Firewall, from our interaction and the way we are using it, is a very effective network security solution that basically protects our infrastructure, identifies any infections or any network security threats that actually may happen within our environment. We also are able to manage our users in terms of bandwidth usage and the allocation of bandwidth, whereby we give our users restricted access for use during working hours and they are supposed to utilize the bandwidth and make sure that we optimize and prioritize the applications able to get the necessary bandwidth. We do use it to manage our bandwidth. We do use it as well to make sure that our environment is secure against any possible threats.

In terms of the Sophos XG Firewall, what really excites us is basically the issue of intrusion detection and the intrusion prevention features. Those are both very, very good. 

The issue of sandboxing as well is something that is very useful. It's able to protect our environment quite well. 

Email protection is something that we are basically using all the time and it protects our environment which has more than 2000 users. 

All of the protection features are great in terms of securing our environment.

Sophos is way ahead of a number of other products in terms of the enhancements and upgrades they offer.

Sophos offers a great centralized dashboard that makes it easy to see what's happening on your network. 

The initial setup is very straightforward and the solution is extremely user-friendly.

The documentation is very, very good.

In terms of the product, from the way that we have been utilizing it, we have noticed that the vendor has been able to continuously upgrade and upgrade and update the product with new features. You'd find that all the time a new release has come out, and we're actually happy with that. We don't find it inconvenient that we are constantly upgrading. 

I can't think of any downsides in terms of the features on offer.

I'd like the dashboard to be improved. It could be a bit more customizable. 

I have about five years of experience with the product.

We are very satisfied with the functionality. We are very satisfied with the way that it is securing our environment. The stability has been excellent.

We have 2,000 users on the solution currently.

The solution is very scalable. We basically started with about 900 users. We went up to about 1,300. As we went up, as our users increased, we also scaled it up in terms of protection. Sophos was able to scale up easily and protect all our end users as well as our environment. It's been great overall.

We do plan to increase usage. Our employee base is about 10,000. We have 2,000 networked employees and we are planning to add another 1,000 users by the end of the year.

The technical support has been great. All of our technical staff have been certified as Sophos administrators. They were able to offer us the training to make sure that all of the support staff are familiar with the functionality of the product. Then, in terms of technical support that we may need, when we call the Sophos team, they are usually very available and they are even able to support us remotely if there is a need to do that. We are extremely satisfied overall.

I also often work with Cisco's ASA Firewall as well as Nagios. We bought Sophos to complement the ASA firewall.

The initial setup was very, very straightforward. You find that we did not even require a lot of external help from the vendor. It's so straightforward. The documentation is quite comprehensive and it takes the user through a step-by-step process, It's very user-friendly.

For the firewall as well as deployment of the end-user, the email protection as well as the sandbox, and the like, it took us approximately three days to finalize everything for our entire environment. We had over a hundred network sites, which are dotted through the city of Harare, therefore, we knew that we had to make sure that deployment was done fully throughout the entire environment.

There was very minimal, minimal assistance from the vendor. The vendor, here and there, would assist if we requested their help. However, you'd find that in most of the installations we did in-house, we didn't need the vendor to do anything. We knew that the installation process was very user-friendly.

The cost of procuring this product is very reasonable and it's very affordable for most organizations.

We're a customer and an end-user.

We use the latest version of the product.

I'd advise those considering the solution that Sophos' security solution is highly synchronized, very secure, and provides comprehensive security. I'd like them to know that it has enhanced and very detailed and sophisticated functionality, which is really easy to use, easy to deploy, and very user-friendly. It is a product that I would highly recommend for any organization that needs to comprehensively secure its infrastructure.

I'd rate the solution at a nine out of ten.

We use it for firewalling. Lately, we are also using it for remote access or VPN access for the users to the firewall and then onto the local network for people working from home. We've seen a huge jump in work from home. Everybody is working from home, so we need a secure connection to the office.

I am not using its latest version. I normally wait for a couple of months before upgrading the unit to make sure there are no bugs or issues. I check on the forums to see what other people are saying and whether there are any issues. 

There are many features. VPN, firewalling, and intrusion detection are the main features that are most useful for us at this time.

Their support is fairly good, and they come back to me. I've had an issue once or twice where I couldn't understand what the support person was saying because those calls were probably routed to India. They were a bit difficult to understand, but it is generally not an issue.

I have been using this solution for seven years.

It is stable. We've been dealing with it for such a long time. We know exactly how to set it up. Sometimes, clients have got funny ideas, and I just say to them, "You tell me what you need, and I'll do the config and set it up." I've got two clients who have got technical skills. One of them is fairly proficient on Sophos, so he does the work as well, but for most of our other clients, we set it up, and there are no issues. It just works.

It is scalable provided you purchase the correct product. We do a bit of homework. We don't just sell you the first device on the list because that's not always suitable. We do a scope of the client's business. They may be a startup with just five users, but they might have a plan to have 100 or 200 users. We need to just size according to what they anticipate to be. It is no good if we sell them an entry-level device now, and two months later, it is too small. We purchase according to a client's requirements.

We've got clients with four users, and the number can go up to hundreds. I'm currently busy setting one up for 150 users, and obviously, there is much more work involved in doing the remote VPN setups.

I use the local support in South Africa. If they can't help me, then I log a case with their international support. They're fairly good, and they come back to me. 

I've had an issue once or twice where I couldn't understand what the support person was saying because those calls were probably routed to India. They were a bit difficult to understand. They spoke so fast, and I could not hear what they were saying, but it is generally not an issue. It is not a showstopper, and we manage to work. If I don't understand, I say to them, "Can we rather chat by email?", which makes it a lot easier.

There some other firewalls that my company is using, but they're way below in terms of specs and what they can do. Sophos XG is a layer 7 firewall, and most of the others are only layer 2 firewalls. Sophos is far superior. 

I do not have any knowledge about Cisco, Juniper, or other firewalls. I don't really use them. I use some open-source firewalls, but they're also a lot lighter. I've got one or two very small clients or non-profits where we run an open-source firewall, but the feature set is way limited compared to Sophos.

Sophos XG comes in at a fair price as compared to some of the other products out there. Its learning curve wasn't that steep. It makes sense, and it is a sensible product. It is not like some of the other products.

It is simple for me. I've done so many setups. I can probably do these things in my sleep. In fact, I have got one in front of me now that I need to configure and install. I'm fairly proficient in the use of these devices. I'm happy with it.

The deployment duration depends on the setup. Some simple setups can be up and running within two hours. Complex ones most probably will take four to six hours. It also depends on the client's needs. Some of them have simple requirements, and they just want firewalling and one or two remote-access VPNs. Others have got a complex setup where we need to set up cameras and VoIP telephone systems. It all depends on a client's requirements.

It doesn't require any maintenance because the definitions are auto-updated. I've got a dashboard where I can manage all of the firewall devices from one dashboard. If I want to upgrade the software on 20 of them, I'll log onto the dashboard and upgrade the software just by selecting it and saying upgrade the software, and it is done. It requires very minimal handling on a day-to-day basis. Antivirus definitions, scanning definitions, and all those things are auto-updated anyway.

It comes at a fair price as compared to some of the other products out there. Its price is in the middle. It is not the cheapest, and it is also not as expensive as Juniper, Check Point, and definitely Cisco. Nowadays, everybody is very cost-sensitive, and people don't want to spend unnecessary money, but even before that, it was a fairly priced product.

You've got your choice of what license you want. There are basically two types of licenses, and it depends on what you need to do, and everything is included in that license. There is no cost for VPN and DMZ. You purchase the license, and you know upfront what you're getting or what you're not getting, and that's it. It is one license fee and done and dusted.

I would definitely recommend this solution to others. I recommend it to all my clients. I'm using it at home as well, and it works great. I'm fairly proficient in it, so I'm very confident. I can recommend it to anybody and everybody. It is a great product, and I've got no issue with it.

I would rate Sophos XG a ten out of ten. It is a rock-solid product that works. We've so many deployments of this solution. I'm just happy with it.