What needs improvement with Sophos XGS?

Some features need remuneration and there are performance improvements required.

A feature that could be improved in Sophos XGS is the ability to perform internal vulnerability checks. This would provide more comprehensive security by checking both external and internal vulnerabilities on the same appliance.

A lot of training is required. When I train our engineers, they aren’t able to get sufficient training from Sophos-hosted sessions. We only find textbooks and some videos on Sophos portal. More live sessions or time-bound training would help us understand how to pitch the firewall or use specific features, like advanced photo settings or integration with SD-WAN. We need to know which feature is suited to different environments. Right now, that knowledge gap makes us more dependent on OEM support, which could be reduced by up to 40% if more training was available. For me, reporting is a major area for improvement. Detailed reports help pinpoint issues like usage bottlenecks or abnormal activities, allowing us to fine-tune the firewall. IPS in XGS is great because it provides timely attack reports we can present to management. Integration with Active Directory could also be better. Sophos Central integration is good, but the firewall’s performance is slow when accessed through Sophos Central. Our clients also experience slow access when using their credentials. That’s a bottleneck I’d like to see resolved.

One area for improvement would be including automatically generated certificates for HTTPS, which was available in earlier versions but might not be in the latest.

Sophos XGS should improve its customer service and educate its implementation partner. It should also work on building relationships with customers directly because there is no Sophos office or person to handle the Pakistan region. If Sophos opens its local office, its business will increase. Sophos XGS should train the technical staff about new challenges in security.

Sophos XGS changes every two years, so we must update our knowledge. We can only test it with real requirements or problems to find scalability and reliability. We can't find these in normal testing. We can see reviews based on Gartner reports, but sometimes, we really feel problems. It can create many issues, even compatibility problems with fiber modules. Only system integrators or installers find these problems.

Deployment could be easier.

I do not get notifications regarding ISP downtime. It would be better if I could get notifications related to the critical errors occurring in Sophos. The product is difficult to use. The administrators must be notified of the errors occurring in the firewall through emails or messages. It will help organizations take proactive measures instead of taking action after the incident happens.

Sophos XGS firewalls are the latest generation of next-generation firewalls from Sophos, designed to replace the XG series.


Possible improvements:

• SD-WAN functionality: Sophos XGS firewalls support SD-WAN features such as dynamic path selection, application prioritization, and WAN link balancinghttps://www.peerspot.com However, they could benefit from further improvement, particularly in terms of incorporating optimization techniques that are not typically found in traditional firewalls, such as WAN acceleration, caching, compression, and deduplicationhttps://news.sophos.com/en-us/2023/02/16/firewall-performance-for-the-campus-edge-with-the-new-xgs-7500-and-xgs-8500/. These techniques could enhance the performance and efficiency of SD-WAN connections, especially for bandwidth-intensive and latency-sensitive applications.

• Cloud integration: Sophos XGS firewalls can be deployed in hybrid cloud environments, and they support cloud-based management and reporting through the Sophos Central platformhttps://www.corporatearmor.com However, they could improve their integration with cloud services and platforms, such as AWS, Azure, Google Cloud, and Office 365. For example, they could offer more granular and consistent visibility and control over cloud applications and data, as well as more seamless and secure connectivity between on-premises and cloud networks.

• User interface and experience: Sophos XGS firewalls have a user-friendly and intuitive web-based interface, which allows for easy configuration and monitoring of the firewall settings and policies. However, they could improve their user interface and experience, by offering more customization and personalization options, such as dashboards, widgets, themes, and notifications. They could also provide more guidance and assistance to users, such as tutorials, tips, and feedback, to help them optimize their firewall performance and security.

The solution is expensive.

The speed of report generation could be improved.

Sophos might discontinue the UTM features, as they've been promoting the newer XGS Series appliances. While the XGS offers great features like detailed logging and audit reports, it currently lacks essential functions in the UTM. For example, the XGS doesn't provide basic audit tracking for configuration changes, which is crucial for understanding who made modifications, what was changed, and when. Sophos claims they'll add this functionality later. Its absence significantly hinders the usability of the new firewall. Additionally, while XGS offers decent day-to-day management, there's room for improvement. Many users transitioning from UTM find the XGS interface less intuitive, causing a learning curve.

The renewal process for this box is too frequent. We purchased it five years ago, and it's expiring in 2025. So, I feel they expire it too quickly. In future releases, this solution could have more graphical elements on the dashboard to make it easier to understand. While there are graphics and a good dashboard, there's always room for improvement.

The solution's pricing and stability could be better.

Some firewall names like Palo Alto and FortiGate are very famous for security. People find them very secure. While Sophos is fairly secure, they aren't known for their security, and it's not an obvious selling point. Unfortunately, on Gartner, Magic Quadrant, and Forrester, Sophos doesn't have a good presence. They need to get better at marketing their abilities and expanding what they can do. I would like to see them in third-party evaluation reports like Gartner, Magic Quadrant, or Forrester to make it easier for us to show our customers that Sophos is a leader in the market. It will be easier for us to sell them. Our market depends on what products are currently in Gartner and Forrester, and these platforms.

The solution could have a bit more functionality. We'd like to have a log viewer. We'd like to have visibility to see what traffic has crossed the firewall. They need more local support and different language options available for when they need help.

We've had issues with support. If they improved on the support part, that would be great. They should customers who are facing issues with their product reviews; they found bots in it. If they can do their proper research and use the user analysis and testing, that would greatly help the clients. The software release has been giving us problems. Other firewalls provide better reporting. We need admin and activity logs to be populated for the firewall.

Having previously worked with the Astaro Security Gateway platform (now called Sophos UTM), I can attest that the configuration and dashboard for this older platform was easier to manage than that of both Sophos XG and XGS. If it were up to me, I would prefer to go back to the older SG dashboard. I am hoping that in future, the dashboard for Sophos XGS will be simpler and easier.

The reporting could always be improved upon. They need intelligent reporting, not just your simple, standard reports.

The price of Sophos XGS could improve, it is high.

The solution could improve inspection processes and troubleshooting for VPNs because this area is very weak. Improvement in VNET protection is also needed.

There are issues with some designs being able to work on high availability. We design our architecture in three tiers on the network. There is the core tier, the distribution tier, and the access tier. We haven't succeeded in our attempts to configure this and haven't been able to find documentation on how to go about it. Sophos has a single sign-on, but it requires configuration to communicate with the firewall and that is lacking. The configuration on Sophos is well described, but the configuration on the Windows system is not well described in relation to the Sophos knowledge base. It took a lot of my own research to figure out what was wrong. I'm a cyber security guy so it's very difficult for me to implement the solution.

Sophos XGS could be improved by adding a built-in hyper-converged solution.

There are some bugs relating to the product that allow VPN users to bypass the firewall.

I recommend Sophos increase the user capacity of the firewall by 1.5 times. For example, say the firewall can accommodate 1,000 users now, then it should handle a load of 1,500 users.

I think the earlier SG version was easier to configure and manage. The XG is a little different and somewhat more complicated. I'd like it to be easier to manage and configure.

Sophos XGS needs improvement with the threshold values. Other solutions have the capacity to handle more users. I would like to see virtualization security included in the next release.

Reporting could be improved. The structure could be better because most of the reports aren't detailed.

In the new release 19, there should be the implementation of a cloud service that you can use to set up the IPSec tunnels, and the SD-WAN from the WAN dashboard, and then you can push that configuration out to every firewall that you have.

Authentication with Azure AD needs improvement. It would be better if it could work directly without using local AD server. For comparison Fortinet FortiGate allows to use SAML authentication with Azure AD and does not require any local server. It is currently unknown to me, if or when it will be implemented on Sophos. Local DHCP service also needs improvement. Windows DHCP service offers more functionality and is more flexible and easier to use. SFOS v18.5.3 added DHCP option functionality in the GUI - which previously worked only from CLI.

Sophos XGS could improve by having better integration with Active Directory.