Sophos XG Reviews

We use Sophos XG for network security as a firewall for our company.

I have found configuring the ports to be easier in Sophos XG compared to the other devices.

Sophos XG could improve the policies, they are a bit confusing when creating them. There are many options that make it confusing and it could be simplified.

I have been using Sophos XG for approximately two years.

The Stability and performance are quite good. We haven't seen any problems.

The solution is scalable.

I would rate the scalability of Sophos XG an eight out of ten.

We have approximately 10 people using this solution in my organization.

My customers are using this solution on a daily basis.

I have contacted support once or twice to receive some clarification. I had a good experience.

I have used other solutions preciously and FortiGate's user interface is much easier to use when compared to Palo Alto and Sophos. Additionally, in Palo Alto, assigning the ports are more user-friendly.

The installation is straightforward.

I did the implementation of Sophos XG myself and it took approximately 20 minutes.

There is no maintenance is required for this solution.

Our networking team is approximately 10 people that use the solution.

The Palo Alto solution is expensive and the FortiGate is less expensive than Palo Alto. The Sophos XG would be priced in the middle of the two.

There are some fees but you can purchase a bundle package.

My advice to those wanting to use this solution is if you don't have experience, don't use it.

I would recommend this solution to others.

I rate Sophos XG a seven out of ten.

Sophos is a comprehensive solution which allows me to configure all the attendant products, such as Sophos' firewall, Endpoint and Encryption features. 

A nice feature of Sophos is that it offers in sync and heartbeat security. When my clients have a perimeter involving Sophos firewall and endpoints with Sophos Endpoint, they can communicate with each other. 

Heartbeat security is a great feature. 

In light of all the firmware upgrades, maintenance, feature and general releases of firmware, I really appreciate the support offered by Sophos. It is really good. 

However, the response time could stand improvement, as I do not benefit from immediate support. There is a delay involved. This can be problematic when I need urgent support, such as when my device is in a production environment. 

The support is really good. With all the firmware upgrades, maintenance, feature and general firmware releases which occur nowadays, I really appreciate Sophos support. It is really good. 

This said, it could be faster, as it is not immediate. This can be problematic when I require urgent support, such as when my device is in a production environment. 

When it comes to the firewall, everything hinges on the configuration. Every firewall is good, but one can see the importance of the configuration in the firewalls of Sophos and SonicWall. This is the most important thing, since users occcasionally disable the app control, IPS or anti-spyware features. They do this out of a lack of familiarity with the security, something which allows attacks to occur. Therefore, the configuration is key. I configure every firewall I employ, be it Sophos, SonicWall or Fortinet. 

I have not encountered any issues when it comes to the configuration. 

I was a gold partner with Sophos XG. As such, I make suggestions about the appropriate model in line with my customer's requirements. Essentially, over the last two years of the COVID-19 crises, most users required an SSL VPN license, something for which SonicWall charges but which Sophos offers for free. 

SSL VPN involves two factor authentication. This is free of charge. Both email and key OTP are options. While SonicWall also offers SSL VPN capabilities, it is problematic. When I needed a license, I purchased an additional perpetual SSL VPN license. 

SonicWall makes available all the different models, such as TZ and NSA. I am familiar with all the models. Sophos only has an entry-level model, which is actually 87, 107 and 116. 

Fortinet offers the Forti ATF model. 

I recommend the solution to other clients, but make certain to first understand their individual needs. I would be doing them a disservice were it otherwise.

I really like Sophos.

In the past, when Sophos employed XG firewall, I was forced to deal with a slow GUI. This is because its back-end kernel is Linux. Now that XGS is provided, many changes can be seen in the hardware appliance. The hardware has been upgraded. The XGS firewall is faster than the XG series, so the problem has been resolved. 

While I rate Fortinet as a nine out of ten, I give Sophos XG a rating of eight. 

I've tried out Sophos XG a little. It has a good interface that's very user-friendly, but I haven't used all of its functions because I'm only configuring and running the system.

I've been working with Sophos XG for six months. I am not an end-user. I only provide the solution and implementation.

I think Sophos XG is very stable because the users who have installed it never mention any issues. It's very stable and scalable. 

Sophos XG is a scalable solution. Our clients who use Sophos are not big companies. 

I haven't dealt with Sophos support because I'm just doing the basic implementation for the Sophos. But I Sophos support is very experienced and helpful. Sophos has a team for administration and implementation—a good team to improve the application. 

It depends on the implementation and the deployment of systems. In my small company, I have four people on my technical team. Two of them specialize in firewall and security. They're working on Fortinet. They deal with antivirus and security implementation as well as Veeam Backup. The other two handle the administration implementation, including Active Directory and other administration solutions.

I would prefer if Sophos XG were cheaper. A lower price would benefit me as a system provider for the end customer. The cost of the license and renewal for all the software and devices is somewhat high. 

I rate Sophos XG nine out of 10. I am a Fortinet partner. If a user asks me which solution to buy, I'll tell them Fortinet. But if the customer needs Sophos, I will implement it for him. However, if I had a Sophos partnership, I would recommend it every time.

There are about 100 people using Sophos at our office. We have two ISPs, so we have to have access to our internet providers. We also need security to deploy our network. Also, our home and external users need to be able to log in. So we use Sophos XG to build our deployment. Sophos is more than just a firewall. It analyzes security effects, so it's a firewall for the future. It's more than just a hardware firewall. There are also some paid options, so we do not have to have the main server inside our office here. We use Office 365. And although we use five servers at our location, not everything is in the cloud yet. 

We haven't used it for very long, so I have not analyzed the main features deeply. So far, I'm happy that they have recently added a firewall role, so I feel a little more comfortable with the security. The threat management is good. Also, the graphics and the throughput of our internet access are better than before, so it's the Sophos anti-threat device that we have. 

For the moment, managing the Sophos interface is a little bit challenging. We have an external partner that helps me to comprehend. But it's new. It has to keep up with the market, and I understand that. But that's my personal problem at the moment. High-availability clusters have not been implemented, so we have only one firewall and one device. So should this device go down, there's no more internet access. But so far, we haven't had any problems. 

I've only been using Sophos XG for three months.

Sophos is stable.

Sophos XG is scalable.

I used Sophos tech support for the previous solution because Sophos sold that as well. Now, we only work with the external partners. So for the moment, I haven't had to send questions directly to Sophos. But my past experience with Sophos support was good. It was very professional and easy. We stay with Sophos software because of the technical support.

We had Cyberoam. That brand that doesn't exist anymore, so we had to change.

I contacted the external partner, and the setup was easy. It took about two or three days. Some little pictures were difficult for us to find, but that's normal. We could not make a one-to-one copy of the older one, so we had to search for some little personal configurations here. Now that everything is configured right, we are happy to have it. 

Because Sophos is sold by the brand that we had before that and Cyberoam does not exist anymore, it costs less because we stayed within the older firewalls. The price was also very good. It was not expensive before because of their value at the time. I think it's not cheap but not very expensive, either. It's in the middle. 

Based on what I know from using it so far, I would recommend Sophos. I rate it eight out of 10.

We use Sophos Firewall for our environment.

The Sophos Firewall, from our interaction and the way we are using it, is a very effective network security solution that basically protects our infrastructure, identifies any infections or any network security threats that actually may happen within our environment. We also are able to manage our users in terms of bandwidth usage and the allocation of bandwidth, whereby we give our users restricted access for use during working hours and they are supposed to utilize the bandwidth and make sure that we optimize and prioritize the applications able to get the necessary bandwidth. We do use it to manage our bandwidth. We do use it as well to make sure that our environment is secure against any possible threats.

In terms of the Sophos XG Firewall, what really excites us is basically the issue of intrusion detection and the intrusion prevention features. Those are both very, very good. 

The issue of sandboxing as well is something that is very useful. It's able to protect our environment quite well. 

Email protection is something that we are basically using all the time and it protects our environment which has more than 2000 users. 

All of the protection features are great in terms of securing our environment.

Sophos is way ahead of a number of other products in terms of the enhancements and upgrades they offer.

Sophos offers a great centralized dashboard that makes it easy to see what's happening on your network. 

The initial setup is very straightforward and the solution is extremely user-friendly.

The documentation is very, very good.

In terms of the product, from the way that we have been utilizing it, we have noticed that the vendor has been able to continuously upgrade and upgrade and update the product with new features. You'd find that all the time a new release has come out, and we're actually happy with that. We don't find it inconvenient that we are constantly upgrading. 

I can't think of any downsides in terms of the features on offer.

I'd like the dashboard to be improved. It could be a bit more customizable. 

I have about five years of experience with the product.

We are very satisfied with the functionality. We are very satisfied with the way that it is securing our environment. The stability has been excellent.

We have 2,000 users on the solution currently.

The solution is very scalable. We basically started with about 900 users. We went up to about 1,300. As we went up, as our users increased, we also scaled it up in terms of protection. Sophos was able to scale up easily and protect all our end users as well as our environment. It's been great overall.

We do plan to increase usage. Our employee base is about 10,000. We have 2,000 networked employees and we are planning to add another 1,000 users by the end of the year.

The technical support has been great. All of our technical staff have been certified as Sophos administrators. They were able to offer us the training to make sure that all of the support staff are familiar with the functionality of the product. Then, in terms of technical support that we may need, when we call the Sophos team, they are usually very available and they are even able to support us remotely if there is a need to do that. We are extremely satisfied overall.

I also often work with Cisco's ASA Firewall as well as Nagios. We bought Sophos to complement the ASA firewall.

The initial setup was very, very straightforward. You find that we did not even require a lot of external help from the vendor. It's so straightforward. The documentation is quite comprehensive and it takes the user through a step-by-step process, It's very user-friendly.

For the firewall as well as deployment of the end-user, the email protection as well as the sandbox, and the like, it took us approximately three days to finalize everything for our entire environment. We had over a hundred network sites, which are dotted through the city of Harare, therefore, we knew that we had to make sure that deployment was done fully throughout the entire environment.

There was very minimal, minimal assistance from the vendor. The vendor, here and there, would assist if we requested their help. However, you'd find that in most of the installations we did in-house, we didn't need the vendor to do anything. We knew that the installation process was very user-friendly.

The cost of procuring this product is very reasonable and it's very affordable for most organizations.

We're a customer and an end-user.

We use the latest version of the product.

I'd advise those considering the solution that Sophos' security solution is highly synchronized, very secure, and provides comprehensive security. I'd like them to know that it has enhanced and very detailed and sophisticated functionality, which is really easy to use, easy to deploy, and very user-friendly. It is a product that I would highly recommend for any organization that needs to comprehensively secure its infrastructure.

I'd rate the solution at a nine out of ten.

We use it for firewalling. Lately, we are also using it for remote access or VPN access for the users to the firewall and then onto the local network for people working from home. We've seen a huge jump in work from home. Everybody is working from home, so we need a secure connection to the office.

I am not using its latest version. I normally wait for a couple of months before upgrading the unit to make sure there are no bugs or issues. I check on the forums to see what other people are saying and whether there are any issues. 

There are many features. VPN, firewalling, and intrusion detection are the main features that are most useful for us at this time.

Their support is fairly good, and they come back to me. I've had an issue once or twice where I couldn't understand what the support person was saying because those calls were probably routed to India. They were a bit difficult to understand, but it is generally not an issue.

I have been using this solution for seven years.

It is stable. We've been dealing with it for such a long time. We know exactly how to set it up. Sometimes, clients have got funny ideas, and I just say to them, "You tell me what you need, and I'll do the config and set it up." I've got two clients who have got technical skills. One of them is fairly proficient on Sophos, so he does the work as well, but for most of our other clients, we set it up, and there are no issues. It just works.

It is scalable provided you purchase the correct product. We do a bit of homework. We don't just sell you the first device on the list because that's not always suitable. We do a scope of the client's business. They may be a startup with just five users, but they might have a plan to have 100 or 200 users. We need to just size according to what they anticipate to be. It is no good if we sell them an entry-level device now, and two months later, it is too small. We purchase according to a client's requirements.

We've got clients with four users, and the number can go up to hundreds. I'm currently busy setting one up for 150 users, and obviously, there is much more work involved in doing the remote VPN setups.

I use the local support in South Africa. If they can't help me, then I log a case with their international support. They're fairly good, and they come back to me. 

I've had an issue once or twice where I couldn't understand what the support person was saying because those calls were probably routed to India. They were a bit difficult to understand. They spoke so fast, and I could not hear what they were saying, but it is generally not an issue. It is not a showstopper, and we manage to work. If I don't understand, I say to them, "Can we rather chat by email?", which makes it a lot easier.

There some other firewalls that my company is using, but they're way below in terms of specs and what they can do. Sophos XG is a layer 7 firewall, and most of the others are only layer 2 firewalls. Sophos is far superior. 

I do not have any knowledge about Cisco, Juniper, or other firewalls. I don't really use them. I use some open-source firewalls, but they're also a lot lighter. I've got one or two very small clients or non-profits where we run an open-source firewall, but the feature set is way limited compared to Sophos.

Sophos XG comes in at a fair price as compared to some of the other products out there. Its learning curve wasn't that steep. It makes sense, and it is a sensible product. It is not like some of the other products.

It is simple for me. I've done so many setups. I can probably do these things in my sleep. In fact, I have got one in front of me now that I need to configure and install. I'm fairly proficient in the use of these devices. I'm happy with it.

The deployment duration depends on the setup. Some simple setups can be up and running within two hours. Complex ones most probably will take four to six hours. It also depends on the client's needs. Some of them have simple requirements, and they just want firewalling and one or two remote-access VPNs. Others have got a complex setup where we need to set up cameras and VoIP telephone systems. It all depends on a client's requirements.

It doesn't require any maintenance because the definitions are auto-updated. I've got a dashboard where I can manage all of the firewall devices from one dashboard. If I want to upgrade the software on 20 of them, I'll log onto the dashboard and upgrade the software just by selecting it and saying upgrade the software, and it is done. It requires very minimal handling on a day-to-day basis. Antivirus definitions, scanning definitions, and all those things are auto-updated anyway.

It comes at a fair price as compared to some of the other products out there. Its price is in the middle. It is not the cheapest, and it is also not as expensive as Juniper, Check Point, and definitely Cisco. Nowadays, everybody is very cost-sensitive, and people don't want to spend unnecessary money, but even before that, it was a fairly priced product.

You've got your choice of what license you want. There are basically two types of licenses, and it depends on what you need to do, and everything is included in that license. There is no cost for VPN and DMZ. You purchase the license, and you know upfront what you're getting or what you're not getting, and that's it. It is one license fee and done and dusted.

I would definitely recommend this solution to others. I recommend it to all my clients. I'm using it at home as well, and it works great. I'm fairly proficient in it, so I'm very confident. I can recommend it to anybody and everybody. It is a great product, and I've got no issue with it.

I would rate Sophos XG a ten out of ten. It is a rock-solid product that works. We've so many deployments of this solution. I'm just happy with it. 

I'm using the solution mainly for its firewall application and to prevent intrusion in the system. The XG platform is very powerful from the perspective of identification and to prevent potential attacks on the system due to its the capacity to predict and to anticipate the potential damage on the system.

It's integrated inside the system, meaning that it can control all the endpoints in the system and talk with them and identify any potential situation. It can also isolate one area inside the system without compromising the entire system. This allows you to isolate the initial problem without involving the entire infrastructure. 

You have real-time control of all your infrastructure. It is integrated with the hardware and offers good performance alongside the hardware and by the firmware, and these work together to control the entire infrastructure.

The real-time control on offer is excellent.

We really appreciate that you can segment and quarantine certain sections of your system without having to shut down the entire operation.

The product has artificial intelligence that has the capability to quickly identify which could be the potential risk mainly for intrusions like ransomware or a new kind of typology of attacks that are in place right now. 

The idea is to mainly prevent the condition and not to manage the situation, as, if that happens, in many ways, it's already too late. It's to identify the condition that can help the company to prevent or mainly to reduce the risk of an intrusion. In that sense, its performance is excellent. 

The product is doing it job without affecting the system with a heavy load. The activity on offer is very light in terms of resources that are required by the system. It does not require a lot of resources in terms of memory, et cetera. There is no performance impact on the system. The customer doesn't detect its presence on the system when it's working, and yet they still get all of the great benefits of protection.

The solution has been quite stable. 

It's a product that is in continuous improvement and is following what the customer is asking. They are taking inputs and designing new releases specifically according to the client and their needs.

It's one of the best products on the market as it really understands where the market is moving and iterates based on the future. It's constantly improving. It does a great job at keeping confidentiality while guaranteeing security.

The solution doesn't just offer theoretical security, it really does offer very good, real-time security and delivers on its promise to the client.

There is no specific features request right now really. I see that all the features that Sophos is implementing and is proposing on the market follow exactly what the market is asking. It's difficult to identify something that is missing compared with what the market can ask as one of the most important things that Sophos does is have the capability to anticipate in a certain way what the market expects. As a leader on the market, they tend to have the solution just before the market is asking them for it. 

The solution could offer a bit more integration with other systems, with other platforms - just to be able to extend the capability and to interface with other kinds of platforms or systems that I can find on the market as it gives the possibility to improve the level of integration.

The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's very reliable.

The solution is quite scalable. You have to consider that all Sophos products are scalable. This is one of the main characteristics of the system. It means that you can start with a base solution that is very simple and improve this step by step without losing what you have done in the past. It's scalable in the sense that you have a different layout that you can cover, however, you don't have to dismiss what you have done in the past. You have just to integrate. In this way, if you consider the cost of implementation for the company, it has the possibility to optimize the cost because the company has the possibility to appreciate the system initially, and then improve the system step by step without losing what has been done in the past.

This means the company has the possibility to distribute the cost if you're in a certain period of growth. Normally some companies start to say, "I want to guarantee to control to the outside with a certificate and give the possibility to access my data in a controlled way. After that, I want to extend the security on the email that is managed by the company. I want to encrypt the data on the server and so on." All these features can be approached in a step-by-step manner instead of all at once, and you can implement them on the system in different ways and at different times.

We normally have about 50 users and around five technicians.

I also currently use Cisco products alongside Sophos.

However, we did not previously use a solution that was different from Sophos.

The initial setup is not so complicated. The system is not complicated to understand and also in can be installed without a very high level of expertise. Of course, if you have this kind of expertise, you can obtain from the system the maximum performance that the system can do, however, it means that you are not obliged to be a guru to be able to use these kinds of products. You can use these kinds of products just as an IT manager inside the company without having or needing special knowledge. 

Otherwise, you can leave to Sophos with the capability of doing something like a close box. You are sure that Sophos is able to guarantee the level of security that you are expecting. You can have it be automatic, or you can choose to go more manual in its operations. For example, if you were a professional photographer, you'd probably like a manual experience, as it would allow you more leeway with your craft, and if you were an amateur, you 'ld likely prefer an automatic camera that handles the heavy lifting for you. Sophos, in that sense, is the same. If you want, you can configure single parameters, or you can leave it to Sophos to give you something out-of-the-box.

In any case, if you stay on the automatic configuration, you are guaranteed that the system can provide the correct level of service that you want. It means that it's not required to have an expert. That said, you need of course to have a minimum level of knowledge, as it's clear that you need to know what you are managing. Starting from that, you can obtain what you need without moving into an advanced configuration.

Typically, a configuration takes about half a day or so, if you go that route. It doesn't take long, as those who would handle it would know what they are doing.

We handled the implementation ourselves, in-house. We did not need the assistance of an implementor or consultant. I have enough knowledge on the solution to manage it myself.

I'm mainly a user. Sometimes I handle installations.

I'm using the latest version of the solution. I don't have the version number on-hand.

We do plan on continuing to use the solution. I've been quite please with it overall.

I would recommend the solution to others. It's worked quite well so far and really leads the market.

I would rate the solution at a ten out of ten.

We are a solution provider and this is one of the security solutions that we implement for our clients. The primary use for Sophos XG is to secure the internet for an organization. It does a bit of antivirus scanning, application filtering, web filtering, and normal firewalling. Security, obviously.

Some of our clients also have Sophos UAP and access points are also included in Sophos, which is the same with FortiGate.

Sophos XG is easy to manage. You've got the cloud logging and you can manage all of your Sophos firewalls from one cloud, the Sophos Central Portal.

The most valuable feature is endpoint security. If you want to install antivirus and firewalling on endpoints, then Sophos is the best option.

What I don't like about Sophos is that applying policies can sometimes take longer, and there can even be a bit of a network interruption. With FortiGate, it's just one click and then you go, but with Sophos, sometimes the wheel keeps spinning for several seconds.

The SD-WAN capability is not as good as it is in FortiGate, and is something that should be improved.

I have been working with Sophos XG for approximately two and a half years.

Stability-wise, it's almost as good as FortiGate.

I've been selling FortiGate for 10 years and Sophos for two and a half years. I think that Sophos is just about on par with FortiGate. We just had a small thing with a client, but I don't know if that's really going to be reason enough. In terms of stability, I think they are quite good. The issue we had was the locks, and it was causing slowness or interruptions, but that was really not an issue. It's a small thing.

Sophos XG is very scalable. You can go from small to large-sized use cases.

I think that the technical support is very good, and similar to FortiGate,

I actually dealt directly with a Sophos engineer and I must admit, they've been very fortunate that the guy can help even on the weekends and so forth. I'm very impressed with that.

I primarily work with FortiGate, but I am currently dabbling in OPNSense to see if I can learn it. I've also installed Cisco in the past, as well as Sophos.

Although about 80% of our clients ask for FortiGate, some of our clients ask for Sophos instead. For example, there are some banks and commercial institutions that ask for Sophos.

Sophos is better than FortiGate with respect to endpoint protection.

The initial setup is as easy as it is with FortiGate. These products are definitely easier to install than a solution like OPNsense because it is just a hardware appliance.

The price of this solution is mid-range. Obviously, it will never beat OPNsense because that product is available free of charge. Sophos XG is not expensive for a firewall, especially when you compare it with Check Point. Check Point is a really expensive product.

Sophos XG is a bit more expensive than companies like BitDefender and Kaspersky, but their endpoint software is very good.

The suitability of this product depends on the use case. If somebody wants to have full endpoint protection then Sophos is the best choice. If they just want a normal UTM without endpoint software, then FortiGate is slightly better, but only slightly because of the SD-WAN capabilities. 

I would rate this solution an eight out of ten.