Sophos XGS Reviews

In some instances, we are using it in a virtual appliance in a VMware environment.

I will not rely on Sophos to build my infrastructure. For that, I will go to Fortinet or Palo Alto. However, from an end-user management perspective and the granular control and the reporting stuff, I still prefer Sophos. 

We are using Sophos as our internet gateway for specific sites that don't have to do with the backend tunneling and the infrastructure and all that stuff.

I have found some difficulties in other products, like in Fortinet, where there is no end-user visibility in a presentable form that non-technical people can interpret. I'm talking more specifically about non-technical management. You have to present something. Apart from that, the end-user integration is fine if you are using it for NCL and or as an internet gateway. Sophos allows for more visibility.

However, as far as infrastructure is concerned, if I have to apply this as a device in my data center or at any critical point, this device fails to perform. The hardware is not up to par. Even if I answered from proxy to transparent, transparent proxy to the full proxy mode, there are some hardware difficulties.

The centralized security is very good. 

The heartbeat system, the reporting management, and the electoral control that is achieved when the Sophos XGS is integrated with the Sophos endpoint is great.

It's close to the top of the line, alongside Trend Micro in terms of security reporting.

It is easy to set up.

I have observed that there are some reliability issues with these products in regard to the hardware performance and RMS.

I've witnessed many devices go down - even three on the same day. I've never seen that, for example, with Fortinet.

The stability could be a bit better.

I would like to have a proper SD-WAN orchestration solution. They are working on it. However, it still needs some improvement. Apart from that, it would be better if they provide the email gateway and the WAF not as a feature in the existing XG but as a dedicated appliance. Barracuda and Fortinet, for example, are providing dedicated services for the WAF and email gateway. Compared to that, Sophos is not up to the same level.

I've used the solution for around five years.

While their endpoint is a stable solution, their firewall needs to be improved in regard to integration with other products. I have specifically witnessed a case where we tried to integrate Sophos XG with the DLP product by Force Point. That wasn't supported right away. FortiGate was supporting that particular model.

I would like to have scalable products, however, normally what I have witnessed is that every new product that they push out or any additional feature that they push out in a new VMware version or specifically for the firewall may have some stability issues. So scalability at the cost of stability is not an option for me.

We have about 250 to 300 users. We have multiple branches that use this product. Usually, it's the development team, and hardware and software users. 

We may expand usage. It will depend on the additional sites we may operationalize soon.

I've had some direct escalation experiences with the country manager and their technical lead. I tend to get a good response.

While in general technical support can be better sometimes, as far as their resolutions are concerned, the team is providing us with technical assistance, and their approach to resolutions can be a bit tricky. Normally they try to avoid dealing with the solution so you have to dig it out and you have to work on it yourself, or you have to push them that there must be a solution.

Neutral

I have some expertise in Sophos and Fortinet; I'm not so sure about Cisco. We are also using Palo Alto.

We had some granular control in Sophos that was a bit advantageous to us. That's why switched. Also, the reporting, AD integration and the Sophos endpoint integration were key drivers in making the change.

The solution is simple to set up. It's not overly complex. It only takes a couple of minutes. 

YOu only need one person to handle maintenance. 

I handled the initial setup myself. 

We pay for the solution on a yearly basis, and it is fine. The renewal costs are typically reasonable. If you compare the general cost to Fortinet or Palo Alto, it's lower and more affordable. YOu can also pay for extra support.

We are a Sophos end-user.

For small enterprises or even for some enterprises that do not require large infrastructure, I would recommend Sophos right away. In Pakistan, we have to present something to the management and most of the time the management of the company is non-technical. So the presentability factor and the users' granular control and integration factor, make it attractive. This product can be used as an internet gateway. I have already recommended it to multiple users not for the infrastructure but for the internet gateway or as a proxy service.

I'd rate the solution a seven out of ten. Some features still need improvement or to be built out, like  proper orchestrations or dedicated services.

We use Sophos XGS for web security and web policies, it's our primary solution. authentication VPN site to site, SSL VPNs installations. Sophos Firewall designed its extreme protection IT Rules and policies security level Authentication is good sometimes it's tricky and very helpful. Sophos Firewall delivers advanced threat protection to instantly identify bots and other advanced threats while defending your network from today's sophisticated attacks. current live user activities diagnostics to generate logs and objectionable site restrictions, daily reports are a great solution for the work environment.

With the increase in cybersecurity threats, this solution has helped us at an organizational level. We have always been hit by someone at the end of our desk or hidden somewhere ex:- spoofing attacks, a man in the middle attacks, and ransomware new era of cybersecurity pain full concept, Mail spoof attacks, all these have to improve DMZ and secure the firewall policies and server-client Antivirus solutions. Daily monitoring manually or trusted third-party vendors monitoring tools. finally, we are worried about how strong we are at the cybersecurity level.

This is a great solution for security, authentication, hashing, and encryption level. Sophos is good at ACL rules, Port forwarding, SDWAN route policies, IT Rules and policies as well as Natting rules. It's a reliable product to secure web securities. whenever we want we switch to the ports securely Heartbeat monitoring live user activities is great to execute on a production level. Bandwidth control sometimes referred to as traffic shaping is one of the best firewall features. Link aggregation and SD-WAN (Software-defined Wide Area Network) are great features for businesses that need multiple links to the internet. thank you

There are occasional issues when we update an operating firmware there's some lag time. Updating requires us to reboot the firewall, in this scenario 24/7 organization will be the most effective. In addition, I'd like to see more focus on customer support calls we were waiting for hours to connect with them. In some cases, Sophos's team is extraordinarily helpful to solve any issues in the firewall. Sophos needs to focus on customer support through a chatbot or call management quickly so we can find some help on the client side. Thank you

I've been using this solution for five years. 

The solution is stable despite having to restart when we update. 

The solution is very scalable and we're able to handle all the pressure in our organization. We have over 100 VPNs and it all works well, Authentications, port forwarding, and all kind of security levels are much appreciated. 

Customer support needs to be improved. They're very helpful once you get them on the line but sometimes take up to an hour before we can speak to someone who can fix a problem. when a problem occurs at the production level we freeze and everything goes blank so a faster customer support call is much more appreciated.

Positive

The initial setup is complex. Sophos has some features like rules and policies, NATing, and PATing so deployment might take more time than if we were using an alternate solution. Deployment can take up to two weeks because every policy and VPN requires checking and that takes time. I've been working for the past 10+ years experience in network engineering and firewall configuration so we deployed in-house but we contacted Sophos for assistance when we needed it.

The Sophos or any kind of firewall is worthy to buy when we have dedicated servers and switches to implementation.

There are some very good features in this firewall and also some areas that need improving. I rate this product seven out of 10. 

Sophos XGS is a unified threat management solution that combines features such as routing, access management, firewall, threat management, and URL filtering for sandboxing. It serves as a security appliance with multiple capabilities.

The valuable features of Sophos XGS include network protection, web protection, application control, intrusion detection, and iCentral orchestration. These features are beneficial for the product's security posture.

The solution could improve by using fewer hardware resources compared to other products like Palo Alto, which has better performance. 

Additionally, better integration of AI and machine learning for predictive analysis of potential threats could be beneficial. 

The technical support also needs improvement, including a better ticketing system and faster response times.

I have been using Sophos XGS firewall for more than 15 years, with approximately twelve years of precise usage.

I would rate the stability of Sophos XGS as a six out of ten. There have been observations of downtimes compared to other devices, and it doesn't perform as well as competitors like Palo Alto or Check Point.

Sophos XGS has scalability issues as it doesn't have features like cascading. Instead, it requires new devices to scale, unlike Palo Alto which allows adding devices to a pool.

The technical support is quite poor and needs significant improvements in response time and quality, especially for medium and small enterprises. It seems other brands face similar issues, but the costs rise for premium support, which is challenging for smaller entities.

Neutral

The initial setup of Sophos XGS is simple compared to other firewalls.

The pricing for Sophos products is considered high. The pricing model needs to be more flexible, catering differently to sectors like education, which might not require as high a price point.

I can recommend Sophos XGS for small to medium companies and the education sector. It is less ideal for enterprises with very high-security needs. Organizations with sensitive data should consider alternatives like Palo Alto or Fortinet.

I'd rate the solution eight out of ten.

We give both endpoint and firewall together.

We have a set of customers who understand Sophos very well. Once they achieve all the security functions and parameters they want, they are more secure. Many customers who previously used different endpoint and firewall solutions now benefit from synchronized functionality with the complete Sophos suite. So, they become more secure, which is more important.

The security heartbeat feature and MDR are the best for customer security.

The functionality of SD-WAN compared to other boxes is lacking. Certain aspects need improvement, particularly enhancing capabilities like SD-WAN. We should also focus on enhancing XDR and NDR functionality in the firewall boxes and provide more threat protection alerts to users.

I've been working with Sophos for more than 15 years.

The technical team never disappoints us in providing solutions. They give us timely and nice follow-up.

Positive

Many of them were using a different endpoint security and a different firewall. But now, with Sophos, they have better security.

The pricing is competitive, and it's a win-win situation for both partners and customers.

In the financial market and banks, other security appliances are more popular than Sophos.

We highly recommend Sophos XGS.

I'd rate the solution eight out of ten.

Primarily, I use XGS for security and authentication.

Sophos XGS' most valuable features are protection and intrusion prevention detection.

Sophos XGS's response to zero-day attacks could be improved. In the next release, Sophos XGS should include signature filtering, hybrid cloud support, and the ability to scale without replacing the hardware.

I've been using Sophos XGS for four to five years.

Sophos XGS is a stable product.

Sophos XGS can scale up and down to 1,200 users, but if you want more users, you have to change the appliances too.

Sophos' technical support is good.

Positive

Sophos XGS is easy to set up if you have knowledge of the system.

Sophos XGS costs around $6,000 for a basic license.

I would give Sophos XGS a rating of seven out of ten.

We use the solution as an antivirus gateway and internet gateway.

All the features are effective in enhancing our network security. I am satisfied with the product. The threat intelligence capabilities of the tool are good. It has contributed to reducing our overall security costs by approximately 90%.

I do not get notifications regarding ISP downtime. It would be better if I could get notifications related to the critical errors occurring in Sophos. The product is difficult to use. The administrators must be notified of the errors occurring in the firewall through emails or messages. It will help organizations take proactive measures instead of taking action after the incident happens.

I have been using the solution for one and a half years.

The customer support is weak. The support team is not responsive. The support people do not follow up or call us back.

Negative

The implementation is not difficult. The service providers help install and implement the firewall in our network.

I will recommend the product to others. However, I would not recommend it to organizations that do not have technical people who deal with networks. Overall, I rate the product a seven out of ten.

Users have distributed networks. They use it as an SD-WAN to connect the branch’s site or multiple locations. We are using RED channels or devices for branch-to-branch connectivity.

You don't need an additional subscription for IPS or an antivirus. It has an engine of antivirus applications for IPS. You have an email gateway for people who are still using on-prem exchange. Comparatively, other firewalls might need multiple subscriptions separately for each feature.

Sophos might discontinue the UTM features, as they've been promoting the newer XGS Series appliances. While the XGS offers great features like detailed logging and audit reports, it currently lacks essential functions in the UTM. For example, the XGS doesn't provide basic audit tracking for configuration changes, which is crucial for understanding who made modifications, what was changed, and when. Sophos claims they'll add this functionality later. Its absence significantly hinders the usability of the new firewall.

Additionally, while XGS offers decent day-to-day management, there's room for improvement. Many users transitioning from UTM find the XGS interface less intuitive, causing a learning curve.

I have been using Sophos XGS as a reseller for a long time. We are working with the latest version of the solution.

The newer version is stable. Earlier versions, like V8, were quite unstable.

I rate the solution’s stability an eight-point five out of ten.

The solution’s scalability is good. We cater the solution to small, medium, and enterprises.

I rate the solution’s scalability an eight out of ten.

Support is mostly good, but sometimes it takes too long to escalate the solution.

Neutral

The initial setup is very easy. It depends based on the scale of the deployment. There are different use cases according to the customers. Based on the requirements, the deployment can take between one day to a month. We have a small customer with a few hundred users. We can configure that within two to three days and finish the deployment quickly. It requires meticulous planning, and doing it then takes time based on the size of the customer , especially if it's a big customer. A small deployment is very easy. Larger deployments take time based on the customer requirements and different timescopes of the customer and downtime.

Sophos is comparatively cheaper than other products. The total cost of ownership is better in Sophos.

I rate the product’s pricing a five out of ten, where one is cheap and ten is expensive.

Overall, I rate the solution an eight-point five out of ten.

We use it to secure the enterprise endpoint devices, whether they are servers, laptops, or mobile phones.

Security synchronization is one of the best features because it integrates the firewall with the endpoint devices.

It would be nice to have features like the network access control (NAC) that Cisco has for Identity Services Engine.

In the next release, I would also like to see an increase in the performance of the processing units.

I've been using Sophos XGS for about four years now.

The technical support is good. They have a support portal where you can log in a case and have direct support from one of the experts.

They are responsive and follow up closely, so I would give them a ten out of ten.

Positive

The initial setup is very user-friendly because they have graphical user interface options and command line interface options. I would give the initial setup a rating of five out of five.

It has three modes of deployment. You can have it deployed as physical hardware, as a virtual machine, or as software in the cloud.

We implemented it through an in-house team.

The pricing for Sophos is much better compared to that of Fortinet and Check Point. On a scale from one to five with one being expensive and five being competitive, I would rate Sophos' pricing at four.

The pricing can be for the hardware appliance and the license, or it can be subscription-based. It can be around 3000 USD up to 25,000 USD per year depending on the model or series of the hardware you choose to buy.

Sophos XGS is suitable for enterprise customers and SMBs.

Overall, I would rate Sophos XGS at eight out of ten.