Sophos XG Reviews

I am a system integrator. We integrate SG, XG, and XGS.

We are also deploying it on Azure on-premises for our clients.

Sophos XG is a firewall. It can protect your internal users if it is on-premises. It can publish applications such as websites, it can also protect your internal networks like IPS, and IDS. It provides you with VPN Access, and it gives you reports on the consumption of the internet.

If you have deployed the endpoint between the antivirus in Sophos, it can also communicate with your endpoint and protect your users if infected.

It's a complete firewall solution that has everything.

It is very useful.

It competes with the majority of the market's products, including Palo Alto and Fortinet.

We always strive for more features.

We could see the bandwidth use right away with the prior version, which was the SG version. The current bandwidth consumption is no longer shown in the XG and XGS.

They are nearly a complete solution. However, they are missing this feature with the ability to view the current bandwidth usage. We have requested this, but have not had a reply yet. It was in SG before but it was removed in XG.

We have been working with Sophos XG for six years. 

We started with SG, then XG, and now XGS nine years ago.

It can be deployed both on the cloud and on-premises. 

Sophos XG is very stable. We haven't had a single issue with stability in the nine years we have been using Sophos.

All electric appliances rely on a stable electric current, which requires the use of a UPS, and a backup power supply. The main issue is the stability of the power.

All Sophos appliances are SSD-based, which means the hard drive in the appliance is solid-state.

we have deployed more than 50, 60 for our customers in Kuwait and we haven't had an issue or, any RMA.

When purchasing a firewall, as a customer, you must first plan, consult with your partner(s), and decide on the sizing. If you buy an XGS 230, for example, it can support up to 200 users and 50 VPNs. If you buy the wrong product, you won't be able to scale it up.

You should always size upfront. If you have a hundred users, you buy an appliance that can support 150. The license is the license.

It's all about the hardware. If you purchase small hardware and you know that after one year you're going to have more employees then it is wrong.

It's not a server, where you can just add more drives, It only has expansion units for the network. If you need to add fiber, for example, you can. There are expansion units, but you can't expand the architecture of the firewall.

We have more than 50 customers.

We haven't required any technical support. I have however heard from my peers that they have not had any issues with the customer support.

They have offices in India, Dubai, and even in the United Kingdom. As we are certified Gold partners in Kuwait, we haven't had any issues with the Sophos team. They are quite responsive when you have a tender to submit. I have no complaints at all.

in the past, we also integrated Palo Alto.

The initial setup is easy and straightforward. As certified partners, this is something that we do every week. If the customers provide you with the network details, you can have it up and running in 30 minutes with no issues.

It's a problem if you don't know your firewall, or how to deploy it, or know how to put the proper rule in place. It is very important that in any firewall if the customer doesn't know what rule should be in place, it is possible they will create the wrong rule and expose the network.

You have to have a certified person to maintain the solution. How many you will need depends on the number of customers. If you have a lot of customers, you will need two technical people. It also depends on the size of your business. One is fine but as you grow with more customers, you will need at least two to deploy and maintain the solution.

I don't have any issues with the price. The price varies depending on the market. The price of Sophos in Europe differs from that in our region, GCG, and from that in the United States. You will notice that each region has a different pricing structure. 

Customers will always try to minimize the cost. When compared to other products, Sophos licensing is very affordable.

They have already released the XGS. If you are referring to the previous version, XG. It is still in production and available for purchase. They have already released the XGS, which is the next generation of the XG. It has a more advanced architecture. Now that we have passed XG, there's XGS on the market.

Remember to size your customers. You'll need to know how many web applications you will be publishing, how many end customers the company has, and how many of them will need to connect to the VPN. It's a formula that, based on the data, that will determine which appliance you require. You can start with a little one, but it's best to understand the requirements first.

We are very happy with Sophos products.

I would rate Sophos XG a ten out of ten.

I primarily use the solution as a firewall. It's running on our data centers and all of our offices.

It has a simple GUI, which is good. 

The initial setup is pretty simple.

Unfortunately, there are quite a few negatives with them.

Their tech support is not great. 

The features on offer are lacking.

Basically what they don't have is proper bandwidth management for multiple WAN ports and multiple WAN ports to multiple VPN WANs. Meaning, if I have it on both sides on both the main side and on the secondary side, two internet connections, I can't bond the two of them together into a single VPN and have bandwidth managed between the two of them.

If I want to go ahead and make a VPN, right now, I have two internet connections on each side. I have to make a failover a group of four VPNs for it to go ahead and failover between them.

You're getting into a lot of rules. It's a lot of extra rules, et cetera, that has to be done. They don't have simple pointing systems where you could go ahead and make rules saying, "Hey, here's the route". They're not fully route-based VPN rules yet. You literally have to take down all the routes all over the place in order to make updates. It's tedious. 

Basically, we had the problem where we moved certain ranges from one data center to another data center. It took us about an hour of downtime to do that. We had to go ahead and we had to reset VLANs and we had re-setup all the VPNs in all the different places we reconnected. We don't have two sites, we have 25 sites. It was a lot of work.

I've used the solution for about three years at this point. 

It has its bugs and we can't get answers due to the fact that technical support is outsourced. There are some bugs that we keep running into that tech support can't figure out what to do. The bigger problem is the log systems aren't big enough for them to actually capture all the logs that happen.

Technical support is an issue. About six months after we bought it to a year after we bought it, they outsourced all their tech support to India. Literally beforehand, they were an American-based tech support company and they actually had full product knowledge. The Indian-based tech support doesn't have the product knowledge and there was a language barrier. They could speak English, however, they didn't understand us very well.

We were told that they stopped doing outsource and they are rehiring their own internal staff again for tech support. We're hoping that we're going to be able to get better tech support again.

The initial setup is pretty straightforward and simple. It's not overly difficult. I don't consider it to be complex. 

We bought it as is. We bought it with four years of support. However, I can't speak to how much it costs. 

I'd advise users considering the solution that, if you have quite a bit of sites, it's going to get a lot of work to do, to fix things up. It makes more sense if you have minimal sites. 

I'd rate the solution at a six out of ten.

The solution is very easy to use. It's easy to navigate. 

I like that I can create new rules and policies quite easily.

The solution works quite well overall.

The solution is easy to set up and configure.

Technical support has been very good.

The solution is scalable.

The product so far has been quite stable.

We are in the movie industry. We're a movie distribution company. Currently, we are affected badly by corona, since March of 2020. We are working from home, however, this solution is for on-premises tasks.

The pricing can be high unless you choose a longer contract.

We've been using the solution for about two years. 

We have no complaints in regards to the stability. It doesn't crash or freeze. There are no bugs or glitches. It's good. We find it to be reliable in terms of performance.

The scalability potential is very good. If a company needs to expand it, it can do so with ease.

We have 100 users on the solution.

We have 24/7 help if we need it. The technical support on offer is quite helpful. The offices are also in Mumbai, and that makes it very easy to connect with them and get help when we need it.

Previous to Sophos, we worked with Cyberoam. We switched due to the fact that Sophos took over Cyberoam and the Cyberoam model we had was outdated. Therefore, we were upgraded in Sophos.

The initial setup is quite easy. it's not overly complex. The configuration process is also very simple.

We have a team within our organization that can handle any maintenance that is required.

The pricing is not an issue. We pay almost it's $40,000 per year. Longer contracts offer better pricing. I'm taking a renewal with a four-year core contract.

I'd recommend the solution to other users and companies. Sophos has been great so far.

I'd rate the solution at an eight out of ten. It loses some marks due to the fact that I have had some technical issues with it. I also don't use it that much and wouldn't consider myself a Sophos expert. I need to spend more time with it.

Most of our clients are primarily using the solution for the network protection it offers them.

The most valuable aspects of the solution are the web-filtering and the application control.

The solution is stable.

We've had good experiences with technical support.

The product is scalable.

The solution could be improved if it offered more documentation or at least provided more information about the products themselves. If there was a virtual assistant of some kind that would help clients familiarize themselves with everything, that would be very helpful.

It would be helpful to get some insights into new features so that we are able to relay information to clients effectively.

I've been using the solution technically since 2019, however, I haven't really been able to focus on it too much. Right now, I am refreshing my knowledge on Sophos XG.

The solution is very stable. There aren't bugs or glitches. It doesn't crash or freeze. It's very reliable overall.

We have clients from various sized companies, and the solution works well with all of them.

There seems to be pretty good scalability potential, at least up to a point.

We've been in touch with technical support and found them to be very accommodating. We are very satisfied with eh level of support they provide to us.

While I may have other colleagues on different solutions, my main focus is Sophos at the moment.

When we're talking about the initial setup for the Sophos XG it can either be simple or complex. It will depend mostly on the infrastructure of the client.

Deployment times also vary, according to the complexity.

Typically, the client handles the maintenance process themselves.

We handle the implementation process for our clients.

We have a platinum partnership with Sophos at this time.

I'm more on the technical side. I don't really have any insights into licensing and pricing as it's not an aspect of the solution I directly deal with on a regular basis.

I'd advise those considering any solution to really take the time to study the product and understand different aspects of it. Every solution is different, and therefore it's important to be able to navigate them. Doing some extra research at the outset will ensure you don't purchase the wrong firewall, which can be a waste of time and money.

I would rate the solution at a nine out of ten. We're quite happy with the product so far.

We're using the latest version of the solution at this time.

We're integrators and resellers.

It's being used as a UTM, no firewalling. So it acts as a bridge. It doesn't provide the IP services, it doesn't provide DNS, it doesn't provide DHCP services, and it doesn't operate as a router or a point of mapping. It's only being used for filtering: Web and application filtering, as well as antivirus. I usually disable the anti-spam on all those units, because I have a gateway anti-spam server in place.

The web and application filters, as well as the quality of service. It has a very friendly interface like the Cyberoam iNG units, it has customizable policies, it has proper templates that you can even modify, and you can customize the rules, down to each single user.

It gives flexibility in the rules and the filters that you apply, based on, for example, the level of usage and the managerial level, etc. It's highly customizable.

The dashboard is customizable as well. It gives you the feature of including what you need to see as soon as you open the dashboard and to remove the non-necessary stuff, which varies from one organization to the next and from one IT manager to the next. And it has a wide variety of reports as well, template and customizable reports.

The major problem that I am facing, and I know that others are facing as well, is with the HTTPS classic, in general, or any classic that works on Secure Socket Layers. Let's say I set up a rule to block users from accessing YouTube or Facebook. The rule will only block the HTTP traffic, which is non-secure traffic. But most websites right now, most of the reputable web services providers, for extra security for their own web servers and for the user's security, provide a connection over Secure Socket Layer.

The problem comes when you are trying to block, or allow, similar traffic that uses HTTPS. You have to create a certificate and import it into the users' web browsers, whatever they are using. Now, this is not a problem when you're dealing with users stationed and fixed in a specific site or location. They are using desktops, they will never take the desktops and go home with them, nor will they ever take the desktops and travel to another country, or another site with it. The problem occurs when you're dealing with roaming users who use laptops and have to move between different sites that have different types of policies applied to them. You have to import all sorts of certificates from each site into their browser. Doing so will most probably conflict with something else that is totally irrelevant and cause a problem.

A way around this is if you are using authentication with Active Directory. But most of the time, especially if you're operating in a remote site with a very slow internet connection, if it's available in the first place, authentication with Active Directory is impossible. 

So it needs an easier way to apply HTTPS filters, without importing certificates into users' browsers and without the need for using an Active Directory. There must be a way around it. There are workarounds. But with applied workarounds, it will work out once, it won't work out properly 10 other times. That is my only request.

Also, since Sophos took over Cyberoam, the online technical library and support library have become super messy. To get a piece of information is becoming a nightmare. They need to reorganize the online technical support and technical library. The easiest way to overcome this is to look at how the Cyberoam online technical library was structured and to build the Sophos technical library the same way. It is messy, totally unorganized, time-wasting. Instead of getting what you want in five minutes it takes half an hour.

Stability is good. I was so happy with the Cyberoam iNG unit, and I think the Sophos XG series is exactly the same as the Cyberoam iNG unit. It's a very good unit for a smaller or medium business. It's very stable and it takes overload easily, so it can add to the throughput. It has versatility, it will support extra users, it will support extra bandwidth, to a limit, and it keeps on working as a monster. I have barely replaced any of those units through the years.

Scalability is brilliant.

I usually deal with one of the major partners in Egypt. The name is Gateworx. I've been dealing with those guys since my previous company, back to 2002. Even when we're buying devices that will be used in other countries outside of Egypt, we get them from them.

They provide outstanding technical support and they provide outstanding pre-sales services. If I require a device to be delivered to a country outside of Egypt, they contact the partner directly and they set up everything, and I get the hardware delivered. They are outstanding.

This is one of the major reasons we didn't look at another UTM or firewall through the years. These guys were a proper representative of Sophos and Cyberoam.

I've used heaps of them through the years. I've used Fortigate, which is now Fortinet. I've used Websense, they issued something like that years ago. ISS issued something like that years ago.

Sophos UTM, along with Cyberoam UTM, since they are both the same - it's only a different interface and a different hardware look - they provide the best value for the money. You get the best features for the best cost. They are the best, to a certain limit for a certain usage. I never use any of those units as a firewall. What I usually do is, I have an edge firewall responsible for routing, switching, and firewalling. And then I deploy the UTM behind it, only for filtering.

The most important criteria when selecting a vendor include getting the best features that you can get for an equivalent cost, so you're paying for what you're getting. You don't want to be paying for the name or the brand or the reputation of it. Also important are pre-sales services and "1000-percent" technical support services, in the environment and the remote areas we operate in, the warranty services as well.

The setup is straightforward. But what could be a straightforward setup for me might be complex for others. It depends on your level of experience, the training that you got, and the engagements.

They have a setup wizard, and I have had heaps of technicians, over the years to set it up, even initially.

I was looking at either Cyberoam iNG or Sophos XG.

My advice would vary based on your requirements. If you have a dedicated edge firewall, like Cisco ASA, you should get Cyberoam iNG and Sophos XG. They will do the job brilliantly. They will take the load, they will do a fantastic job.

If you are looking at units that will do both jobs - being an edge firewall and a UTM at the same time - with routing features, if you are going with Cyberoam and Sophos XG, I'd always recommend that you buy a higher model than what will meet exactly their requirements. So let's say that I'm looking at features that could be fulfilled with an XG 125 or 115, but I want to use the same unit as a firewall. I'd step up and buy an XG 135. You will always need those extra machine resources when you're providing routing, switching, and firewalling as well. Both of those products provide the best support ever, for the money being paid.

I rate it at eight out of 10. It's not higher because of the HTTPS issue that I told you about. That's my major issue. That's a super-disastrous issue that, unfortunately, cannot be solved easily.

And, sometimes we'll get a specific detailed report, stressing a certain aspect and it's not straightforward. I'll be able to do it, but then I'll have to combine or merge more than one, two, or three reports to get the results that I want. So more specific reports would be good. But then, again, there is a work-around by customizing the reports you want and then getting several reports and comparing them together. It's workable. My only issue is trying to save time, administration time is an issue for us.

But other than that, I'm happy. The product is brilliant, support is brilliant.

Sophos XG primarily serves as a means to regulate user traffic, enabling control over internet usage and website accessibility. It also facilitates the connection of branches and conducts malware scans on network traffic. These are the main purposes typically associated with servers. In terms of features, Sophos XG excels in catering to customers seeking a comprehensive network security solution. It incorporates various functionalities that would otherwise require the purchase of multiple solutions from other cybersecurity vendors. This unified threat management platform encompasses a firewall, IPS, web proxy, mail gateway, web application firewall, sandbox, and DLP module. From the customer's perspective, Sophos XG offers an all-in-one solution for network security needs. However, it is primarily designed for small and medium businesses rather than enterprises.

One of the standout features of Sophos XG is its proprietary VPN technology known as RID (Remote Internet Device). This unique technology provides efficient branch connectivity without the need to invest in additional firewalls for each branch. By utilizing an affordable device called RED, users can effectively control and establish connections in a cost-effective manner. Additionally, the solution is feature-rich.

Sophos XG boasts an extensive and finely-tuned proxy that offers impressive capabilities. Its comprehensive database of malicious websites is remarkably vast.

The support from the vendor needs to be improved.

I have been using Sophos XG for approximately six years.

I rate the stability of Sophos XG a six out of ten.

The scalability of the solution is limited to three nodes and may not be sufficient for extensive scaling. It is well-suited for small to medium-sized organizations. However, when it comes to large enterprises, particularly those with a distributed structure, Sophos can effectively cater to their needs. Distributed enterprises, characterized by numerous branches and a small employee count per branch, can benefit from Sophos XG capabilities. However, for larger enterprise customers with high network loads, Sophos XG may not meet the necessary requirements in terms of handling the network's capacity.

Most of our customers are small to medium-sized.

I rate the scalability of Sophos XG a five out of ten.

The support could improve. This is due to recent acquisitions. The time it takes to resolve an issue takes too long.

The response time from Sophos is deemed unacceptable by users. When opening a support case with any vendor, an automated email is typically received. However, in the case of Sophos, this automated email, lacking a personal touch, can take up to a week to arrive. Such delays are considered highly unsatisfactory. Consequently, the quality of their support has significantly deteriorated. As a result, users are reluctant to open support cases and would rather reinstall an appliance themselves than go through the support process.

I rate the support from Sophos XG a one out of ten.

Negative

The initial setup process of Sophos XG may pose some challenges. However, once configured, Sophos XG proves to be remarkably user-friendly. The activation of the appliance may require a reliable internet connection and can be a bit cumbersome. Nevertheless, once activated, the overall experience becomes significantly smoother.

The process of installation can take one to seven days. However, the time depends on many factors, such as customer size, and overall environment.

I rate the initial setup of Sophos XG a seven out of ten.

The price of the solution is reasonable when compared to the market.

You have to buy the appliance and pay for the license that matches your needs.

I rate the price of Sophos XG a seven out of ten. 

The solution had stability issues in the past but they have been resolved.

Before making a purchase, it is advisable to emphasize the importance of account managers and support from the vendor. In the past, the common practice was to involve the vendor's on-site personnel, such as the country manager in Saudi Arabia, when opening a support case. By opening the support case and sharing the support ID with the country manager, they could facilitate faster escalation and assistance behind the scenes. Essentially, contacting the sales representatives can help expedite the support process.

I rate Sophos XG a nine out of ten.

We use Sophos XG for the firewall.

I like the tunneling part which we are using for the VOIP. We have various other sites where we connect via tunneling. The tunneling part is very fast and easy to implement.

The deployment is very easy for my network team, and it is very easy to implement policies. The support that Sophos provides for the upgrade of new features and their interaction with the customer is very good.

Customer engagement is what I like about the product. We are very well informed about what is going on and new best practices. If anything new has gone wrong or anything in the world of cybersecurity we should know about, they will let us know.

Any firewall is dependent on how you use it. It's also on the user, how you configure it, what you allow, and what you don't allow, and so on. The ease of defining policies and the customer connect is what I appreciate about Sophos.

It would be better if they made their own hardware like Palo Alto and Fortinet. They use their own ASICs and claim it is more secure. 

The SD-WAN can be improved. The traffic optimization somehow needs to be improved, or there is a scope for improvement in Sophos XG.

It would be better if they moved towards the cloud side of things. Now a lot of things are moving on to the cloud.

I have been using Sophos XG for a couple of years.

Sophos XG is a stable product.

Sophos XG is scalable.

The Sophos forum and Sophos direct support are excellent. 

On a scale from one to ten, I would give Sophos support a ten.

We had Cyberoam, which Sophos took over.

The initial setup is straightforward and took us about a week to deploy.

An internal team made up of two people implemented Sophos XG.

We generally buy it for a three-year license.

I would recommend Sophos XG to potential users.

On a scale from one to ten, I would give Sophos XG an eight.

I like their firewall and the intrusion detection feature. This is also a scalable solution.

Their reporting needs to be improved.

The initial setup is not straightforward.

Technical support could be improved as well.

Integration to the cloud is also a challenge. It's not straightforward, especially while I move my mail from on-premises to cloud 365. I had to go to the cloud to research certain routes with it.

I've been using it for five years.

It is scalable. We have over 500 users.

My experience with technical support has been poor because I have not had any support. When I have had issues, I have gone to their help files but have not had any technical support.

The initial setup is not straightforward. You have to do a lot of reading to do something new. So, you have to really understand it or have prior knowledge to be able to find your own way out to whatever you want to do.

We currently have two people who manage this solution.

The cost could be lower especially if you want to add other features. For example, if I want to activate the advanced threats feature in Sophos Central, there will be an additional cost. There are features that I wish I could have, but because of the cost, I currently don't have them.

I think technical competence is much needed, so if you are not familiar with Sophos firewalls, you would need to be trained. You need to have knowledge to be able to work with this solution. It's not straightforward like other firewalls. It's not easy; you may understand the concept, but you need to have technical knowledge regarding the interface and the movement.

So, I would rate Sophos XG at seven on a scale from one to ten.