Sophos XGS Reviews

I am a cyber professional. I support customers with this solution. Sophos XGS is primarily a firewall. The product allows my customers to manage their internet access for their employees while protecting their environment from things like malware.

The solution requires one administrator as it does not require much maintenance. It depends on the usage and the environment. For example, in some account configurations, the environment has only four or five rules, other times there are over 100 rules. More rules will require more maintenance. 

The most valuable feature of Sophos XGS is the application control. I also enjoy the dashboard and reporting that it provides to my customers. 

Sophos helps my customers manage applications from accessing the internet, not only websites. We can ensure there is limited access to applications like Facebook. For example, Facebook is not accessible, but Facebook Messenger for chatting is. This prevents posting and sharing. We make restrictions without prevention.

Sophos XGS would benefit from further development in the SD-WAN area. It would be great if they could give technical people access to all the WAN links that we are connecting to, including inside the SD-WAN. 

They should make available or round robin inside the SD-WAN. This would allow us to move to another link if one goes down.

I have been using Sophos XGS for six years.

There have been issues with the stability of this product. Sometimes it requires restarting. We have looked into the client environment and this is not causing the instability. The problem is common.

Sophos XGS is not scalable. It is a hardware appliance and we should migrate the settings if we need to. In order for it to scale, you require additional hardware.

Sophos' technical support is responsive. There are times we need to push them to accelerate the process because there is a delay in replying. Sometimes, the first stage of first-line support does not have enough knowledge.

Overall, I would rate their technical support a three out of five.

Neutral

The initial setup of Sophos XGS is straightforward. I would rate it five out of five for ease of setup.

The cost of Sophos XGS is based on per unit, per appliance, and capacity. The capacity depends on the environment. Based on the size, we choose the model. The model selected dictates the pricing.

When comparing the pricing of Sophos to the competition, I give them a five out of five. It is competitively priced.

I have worked with Fortinet and WatchGuard. Other solutions have better performance and security value than Sophos XGS. 

Sophos has most of the features. If they don't have the features one year, they are added the next. At one point they did not have SGON, but now they do. It is not performing like Fortinet or Watch Guard, they need to do some enhancements. 

Sophos has the upper hand on reporting on the firewall itself. For small to medium-sized businesses Sophos is better than the competition.

If the organization is small or medium-sized I would recommend this solution. I would give it a nine out of 10 in this case. If the company is enterprise level, I would rate the solution a five out of 10.

Overall, I rate the Sophos XGS a seven out of 10.

We are using it as a firewall to protect and control Internet access, as well as control other access like SAP. Some of our employees connect from remote locations, and our server is on-premises. We use this firewall for access control and also for VPN connections.

It's easy to use, and the service is good. If anything goes wrong, their support system is very reliable.

The renewal process for this box is too frequent. We purchased it five years ago, and it's expiring in 2025. So, I feel they expire it too quickly.

In future releases, this solution could have more graphical elements on the dashboard to make it easier to understand. While there are graphics and a good dashboard, there's always room for improvement.

We have been using Sophos XGS for ten years. At that time, it was new. So somebody recommended us to take this. Our service provider recommended it, and that's why we have taken it.

It is a stable solution.

It is a scalable solution. We have around 300 end users in our organization. 

The customer service and support has been excellent. 

Positive

We have worked with Cisco and Fortinet Firewalls. It's hard to compare.

Installation and understanding are a bit challenging with Cisco, whereas Sophos is easier to install and use.

We have a FortiGate firewall at another location. We recently purchased it.

The initial setup is very, very easy.

The deployment process took me more than two to three hours, including all the checks. I had a backup of the earlier Sophos firewall, so I just restored it and verified everything.

One person for support and checking, so two in total are enough for deployment and maintenance of the solution.

I would definitely advise to use Sophos. Overall, I would rate the solution a nine out of ten. 

We primarily use the solution as a firewall.

Sophos XGS is okay. It’s excellent for firewall purposes.

For me, the platform is stable. It's very stable. It works when it's configured. Also, when you're checking, the logs, the graph, and the graphs are easy to read.

I can also use it for other purposes. For example, it's got a DSCP from there. It can be a distribution. I can have other functions work there, so I can do a lot more than just the firewall components.

It gets easier and easier to set up.

It works. However, Sophos configurations are a bit complex. It's not very user-friendly. I don't find it user-friendly when it comes to setting up the firewalls.

The user interface for the technical admin can be better. It should be set forward to configure a firewall. if a firewall has complexities. I don't know why they did that. However, you should be able to quickly set up a rule to minimize the mistakes that a security administrator or a firewall administrator can make and configure. If not, that becomes an issue. One mistake on a firewall could result in a bridge.

It should be more straightforward. If you compare it with GFI Carrier Control Firewall, which is very straightforward, you can see why it’s helpful when it's easier.

I’ve used the solution for about three years now.

The solution is stable. There are no bugs or glitches. It doesn’t crash or freeze. It’s reliable and the performance is good.

The solution is scalable. However, it depends on the model of the physical appliance. There are virtual and physical appliances, so it depends on which one you use. Obviously, there could be a limitation on the number of interfaces you need to use since you may want to have additional services plugged in. Then, the number of ports available may only be two, and yet you actually need to have 10. Maybe you need to buy a module that plugs in; however, there could be a challenge there.

In our organization, we have three to four security administrators.

I've never spoken to technical support directly the way I've been talking to the Fortinet team. I was working with a local partner to get it set up.

In our case, since we were doing it for the first time, we took about a week to complete everything. We were doing a lot of other things and learning as we went. If I had to redo it now, it wouldn't take me a week as I know exactly what I need to do after learning over a period of time. Also, I have backups that allow me to back up and restore, so I just restore the configuration. It’s much more manageable. The first time there’s a learning curve.

We work with a partner and distributor. We are working with the sales party since it was the first time we used them. They offer us professional services.

I found the solution to be expensive. I pay close to $10,000 per year, which I find to be expensive compared to the other similar solution or equivalent solutions.

It's just that one cost, and it's an annual license. As long as my appliance is working okay, I don't need to replace it. However, it's just that. Of course, within that, there are also support services. You might have technical support costs depending on which one of the tiers you pick.

I'm a customer of Sophos.

We’re using the most up-to-date version of the solution. It’s around version 18.

A new user needs to get trained on the appliance to understand how to implement rules and fully appreciate how to work with it. It's not that straightforward. You need to understand what the different areas are. It's complex in the way the rules are set up. My colleagues in the industry have similar comments about Sophos. It’s more complicated than it looks.

I’d rate the solution a seven out of ten, mainly due to the complexity. If I make a mistake, then that firewall is of no use. It needs to be easier to set up so that it provides me or guarantees me that what I want to set up is what I've set up to secure my environment.

We primarily use the solution as a firewall. 

We have multiple clients. The use case is based on their requirements, for example, as a site-to-site VPN or maybe as an FSL VPN for end users to promote the network access of company systems. Apart from that, it is used for web filtering and URL blocking. Apart from that, it's on a regular day-to-day basis used as a firewall.

It covers most areas that are needed.

The initial setup is straightforward.

The solution is scalable. 

It's stable. 

We've had issues with support. If they improved on the support part, that would be great.

They should customers who are facing issues with their product reviews; they found bots in it. If they can do their proper research and use the user analysis and testing, that would greatly help the clients.

The software release has been giving us problems.

Other firewalls provide better reporting. We need admin and activity logs to be populated for the firewall. 

For the Sophos XGS, I've been working with it for the last four years. Overall, for firewalls in general, I've been working with solutions for more than ten years.

The solution is stable. We haven't really had any issues until a bug hits the firewall. 

We are the service provider to the client, so we have a total of 28 people, excluding the team lead and the presale technical support or maybe a presale technical person. They are working directly on Sophos XGS. e tend to deal with enterprise-level customers. We don't have small-scale organizations under our portfolio. This solution is best suited for mid-range companies and larger. 

The solution is pretty scalable. I'd rate it a three out of five in terms of ease of scalability.

Support has been very poor.

Neutral

We have three major products, which we offer to clients. They are Palo Alto, Cisco ACI, and Sophos XGS.

There are many major differences between Sophos and Palo Alto. This product is not comparable to Palo Alto right now. Maybe the basic models of the Palo Alto can be compared with the Sophos XGS firewall, however, not the higher-end ones. Palo Alto is much more advanced. 

The solution is straightforward to set up. It is not overly complex.

How long it takes to deploy depends on how the implementation is requested. It won't take more than one hour if it is a basic implementation like setting up the firewall with ISP connections and all those things. However, if it is a complete setup with implementations, other tests, and all those things, it takes around six to seven hours.

After the installation, we do the software updates periodically along with the model which the client has purchased Apart from that, we also do the maintenance of the various policies and other configurations. We do make changes to the firewalls based on changing industry standards, et cetera.

I'd rate the ease of implementation a four out of five. 

If the customer requests assistance with the initial setup, however, we will provide an engineer to them. They'll come to the implementation site and assist.

I don't take care of the licensing part. There is a separate team.

We are a Sophos Gold partner. 

We have multiple firewalls on multiple OS versions. Basically, we do have two major pieces of software installed in the firewall, which are 1854 MR4 and the latest release, 1801.

There are multiple criteria when making a decision about whether to go with Sophos or maybe another firewall. It depends on the client's requirements as well as their budget. 

I'd rate the solution five out of ten.

In some instances, we are using it in a virtual appliance in a VMware environment.

I will not rely on Sophos to build my infrastructure. For that, I will go to Fortinet or Palo Alto. However, from an end-user management perspective and the granular control and the reporting stuff, I still prefer Sophos. 

We are using Sophos as our internet gateway for specific sites that don't have to do with the backend tunneling and the infrastructure and all that stuff.

I have found some difficulties in other products, like in Fortinet, where there is no end-user visibility in a presentable form that non-technical people can interpret. I'm talking more specifically about non-technical management. You have to present something. Apart from that, the end-user integration is fine if you are using it for NCL and or as an internet gateway. Sophos allows for more visibility.

However, as far as infrastructure is concerned, if I have to apply this as a device in my data center or at any critical point, this device fails to perform. The hardware is not up to par. Even if I answered from proxy to transparent, transparent proxy to the full proxy mode, there are some hardware difficulties.

The centralized security is very good. 

The heartbeat system, the reporting management, and the electoral control that is achieved when the Sophos XGS is integrated with the Sophos endpoint is great.

It's close to the top of the line, alongside Trend Micro in terms of security reporting.

It is easy to set up.

I have observed that there are some reliability issues with these products in regard to the hardware performance and RMS.

I've witnessed many devices go down - even three on the same day. I've never seen that, for example, with Fortinet.

The stability could be a bit better.

I would like to have a proper SD-WAN orchestration solution. They are working on it. However, it still needs some improvement. Apart from that, it would be better if they provide the email gateway and the WAF not as a feature in the existing XG but as a dedicated appliance. Barracuda and Fortinet, for example, are providing dedicated services for the WAF and email gateway. Compared to that, Sophos is not up to the same level.

I've used the solution for around five years.

While their endpoint is a stable solution, their firewall needs to be improved in regard to integration with other products. I have specifically witnessed a case where we tried to integrate Sophos XG with the DLP product by Force Point. That wasn't supported right away. FortiGate was supporting that particular model.

I would like to have scalable products, however, normally what I have witnessed is that every new product that they push out or any additional feature that they push out in a new VMware version or specifically for the firewall may have some stability issues. So scalability at the cost of stability is not an option for me.

We have about 250 to 300 users. We have multiple branches that use this product. Usually, it's the development team, and hardware and software users. 

We may expand usage. It will depend on the additional sites we may operationalize soon.

I've had some direct escalation experiences with the country manager and their technical lead. I tend to get a good response.

While in general technical support can be better sometimes, as far as their resolutions are concerned, the team is providing us with technical assistance, and their approach to resolutions can be a bit tricky. Normally they try to avoid dealing with the solution so you have to dig it out and you have to work on it yourself, or you have to push them that there must be a solution.

Neutral

I have some expertise in Sophos and Fortinet; I'm not so sure about Cisco. We are also using Palo Alto.

We had some granular control in Sophos that was a bit advantageous to us. That's why switched. Also, the reporting, AD integration and the Sophos endpoint integration were key drivers in making the change.

The solution is simple to set up. It's not overly complex. It only takes a couple of minutes. 

YOu only need one person to handle maintenance. 

I handled the initial setup myself. 

We pay for the solution on a yearly basis, and it is fine. The renewal costs are typically reasonable. If you compare the general cost to Fortinet or Palo Alto, it's lower and more affordable. YOu can also pay for extra support.

We are a Sophos end-user.

For small enterprises or even for some enterprises that do not require large infrastructure, I would recommend Sophos right away. In Pakistan, we have to present something to the management and most of the time the management of the company is non-technical. So the presentability factor and the users' granular control and integration factor, make it attractive. This product can be used as an internet gateway. I have already recommended it to multiple users not for the infrastructure but for the internet gateway or as a proxy service.

I'd rate the solution a seven out of ten. Some features still need improvement or to be built out, like  proper orchestrations or dedicated services.

We use Sophos XGS for web security and web policies, it's our primary solution. authentication VPN site to site, SSL VPNs installations. Sophos Firewall designed its extreme protection IT Rules and policies security level Authentication is good sometimes it's tricky and very helpful. Sophos Firewall delivers advanced threat protection to instantly identify bots and other advanced threats while defending your network from today's sophisticated attacks. current live user activities diagnostics to generate logs and objectionable site restrictions, daily reports are a great solution for the work environment.

With the increase in cybersecurity threats, this solution has helped us at an organizational level. We have always been hit by someone at the end of our desk or hidden somewhere ex:- spoofing attacks, a man in the middle attacks, and ransomware new era of cybersecurity pain full concept, Mail spoof attacks, all these have to improve DMZ and secure the firewall policies and server-client Antivirus solutions. Daily monitoring manually or trusted third-party vendors monitoring tools. finally, we are worried about how strong we are at the cybersecurity level.

This is a great solution for security, authentication, hashing, and encryption level. Sophos is good at ACL rules, Port forwarding, SDWAN route policies, IT Rules and policies as well as Natting rules. It's a reliable product to secure web securities. whenever we want we switch to the ports securely Heartbeat monitoring live user activities is great to execute on a production level. Bandwidth control sometimes referred to as traffic shaping is one of the best firewall features. Link aggregation and SD-WAN (Software-defined Wide Area Network) are great features for businesses that need multiple links to the internet. thank you

There are occasional issues when we update an operating firmware there's some lag time. Updating requires us to reboot the firewall, in this scenario 24/7 organization will be the most effective. In addition, I'd like to see more focus on customer support calls we were waiting for hours to connect with them. In some cases, Sophos's team is extraordinarily helpful to solve any issues in the firewall. Sophos needs to focus on customer support through a chatbot or call management quickly so we can find some help on the client side. Thank you

I've been using this solution for five years. 

The solution is stable despite having to restart when we update. 

The solution is very scalable and we're able to handle all the pressure in our organization. We have over 100 VPNs and it all works well, Authentications, port forwarding, and all kind of security levels are much appreciated. 

Customer support needs to be improved. They're very helpful once you get them on the line but sometimes take up to an hour before we can speak to someone who can fix a problem. when a problem occurs at the production level we freeze and everything goes blank so a faster customer support call is much more appreciated.

Positive

The initial setup is complex. Sophos has some features like rules and policies, NATing, and PATing so deployment might take more time than if we were using an alternate solution. Deployment can take up to two weeks because every policy and VPN requires checking and that takes time. I've been working for the past 10+ years experience in network engineering and firewall configuration so we deployed in-house but we contacted Sophos for assistance when we needed it.

The Sophos or any kind of firewall is worthy to buy when we have dedicated servers and switches to implementation.

There are some very good features in this firewall and also some areas that need improving. I rate this product seven out of 10. 

Sophos XGS is a unified threat management solution that combines features such as routing, access management, firewall, threat management, and URL filtering for sandboxing. It serves as a security appliance with multiple capabilities.

The valuable features of Sophos XGS include network protection, web protection, application control, intrusion detection, and iCentral orchestration. These features are beneficial for the product's security posture.

The solution could improve by using fewer hardware resources compared to other products like Palo Alto, which has better performance. 

Additionally, better integration of AI and machine learning for predictive analysis of potential threats could be beneficial. 

The technical support also needs improvement, including a better ticketing system and faster response times.

I have been using Sophos XGS firewall for more than 15 years, with approximately twelve years of precise usage.

I would rate the stability of Sophos XGS as a six out of ten. There have been observations of downtimes compared to other devices, and it doesn't perform as well as competitors like Palo Alto or Check Point.

Sophos XGS has scalability issues as it doesn't have features like cascading. Instead, it requires new devices to scale, unlike Palo Alto which allows adding devices to a pool.

The technical support is quite poor and needs significant improvements in response time and quality, especially for medium and small enterprises. It seems other brands face similar issues, but the costs rise for premium support, which is challenging for smaller entities.

Neutral

The initial setup of Sophos XGS is simple compared to other firewalls.

The pricing for Sophos products is considered high. The pricing model needs to be more flexible, catering differently to sectors like education, which might not require as high a price point.

I can recommend Sophos XGS for small to medium companies and the education sector. It is less ideal for enterprises with very high-security needs. Organizations with sensitive data should consider alternatives like Palo Alto or Fortinet.

I'd rate the solution eight out of ten.

We give both endpoint and firewall together.

We have a set of customers who understand Sophos very well. Once they achieve all the security functions and parameters they want, they are more secure. Many customers who previously used different endpoint and firewall solutions now benefit from synchronized functionality with the complete Sophos suite. So, they become more secure, which is more important.

The security heartbeat feature and MDR are the best for customer security.

The functionality of SD-WAN compared to other boxes is lacking. Certain aspects need improvement, particularly enhancing capabilities like SD-WAN. We should also focus on enhancing XDR and NDR functionality in the firewall boxes and provide more threat protection alerts to users.

I've been working with Sophos for more than 15 years.

The technical team never disappoints us in providing solutions. They give us timely and nice follow-up.

Positive

Many of them were using a different endpoint security and a different firewall. But now, with Sophos, they have better security.

The pricing is competitive, and it's a win-win situation for both partners and customers.

In the financial market and banks, other security appliances are more popular than Sophos.

We highly recommend Sophos XGS.

I'd rate the solution eight out of ten.