We just raised a $30M Series A: Read our story
Bernard Otieno
Technical Engineer at Harnssen Group Limited
Reseller
Top 20
Easy to set up with good technical support and good stability

Pros and Cons

  • "We've deployed quite a number for our users and our customers, and the feedback is quite positive in terms of management and also administration."
  • "XG is at its end of life. People are moving to XGS."

What is most valuable?

I enjoy synchronized security, where you have to synchronize both the firewall and the endpoint. When I deploy a firewall, I integrate it with the endpoint so that they can send the security heartbeat from the endpoint to the firewall. In the Sophos firewall, there's deep inspection, which works quite well. Sophos has the web application firewall inbuilt. This is unlike other firewalls, where you have to integrate with another standalone web application firewall. Being inbuilt in Sophos, you just have to configure an application so that it's more of a policy, and you're good to go. It's pretty simple in terms of the user. 

We've deployed quite a number for our users and our customers, and the feedback is quite positive in terms of management and also administration.

The technical support is pretty good. 

The initial setup is easy.

There's quite a number of items on offer. When you look at Gartner, it's doing well. The uptake in the market has been wonderful and currently, it's competing with other top firewalls such as Check Point, Fortinet, and Palo Alto.

What needs improvement?

XG is at its end of life. People are moving to XGS. With those changes on the horizon, a client might end up in, maybe 10 years, having four or five appliances, which they might not use. I don't know what Sophos is doing to maybe change this. Right now, we've moved from XG to XGS.

Another feature, which might be good and which other vendors are maybe exploring is the NAC. Sophos doesn't have a NAC solution. 

Maybe they can improve on their WAF. Currently, they have the inbuilt. 

They could work on their SD-WAN solution. I have seen it. It's not that competitive compared to other vendors. We've had some device issues.

For how long have I used the solution?

I've been dealing with the solution for the last four years.

What do I think about the stability of the solution?

In terms of when it's in the network, it's stable compared to other firewalls, where I have had some issues. I had a case with another firewall, which the client changed to Sophos and it was not that stable as the client had to go and actually restart the firewall. The challenge comes in terms of stability when, let's say, the engineer doing the scoping does the round-sizing for the firewall. This causes the IPS to become overloaded or overworked, so it disconnects the traffic at the port level. In terms of stability, I might say sometimes we might experience challenges maybe when the sizing is not done correctly. That's why we might experience that disconnect at the interface level where the internet gets disconnected, however, that's the case of sizing, not the product itself. In terms of stability, it's stable in the network.

How are customer service and support?

In terms of Sophos' support, they have been wonderful. I had a device issue and I found the return policy to be quite simple. 

Their technical support is pretty straightforward. When you raise a ticket, the feedback is immediate, and you are assigned a support person. It's been a wonderful experience.

Even to the end-user, it's a pretty straightforward system that they have. A user would just log into support.id, then key in their credentials and raise a support ticket. It's pretty simple.

Which solution did I use previously and why did I switch?

I'm also familiar with Check Point, FortiGate, and Palo Alto. We also used to use Sonic Wall, however, we've moved to Sophos.

How was the initial setup?

The initial setup is pretty straightforward. It's not overly complex.

Which other solutions did I evaluate?

I've compared Check Point, CloudGen Network Security, and Sophos XG previously for clients. Not being biased to any vendor, normally, in this region, what normally happens is the budget. You might recommend Check Point to a customer, however, Check Point is a bit expensive, so you might end up losing the deal. What you would recommend, is Check Point as the Quantum, as the firewall. Sophos is doing quite well in terms of the endpoint for the workstations and the servers, the physical and the virtual. Likely it would be a good idea to recommend Sophos Security. That said, if the client has the budget, you'd recommend Check Point as a firewall. It's always good to do a bit of comparison and advise the client as to what is best for them.

What other advice do I have?

We've actually deployed and supported quite a number of the products, from XG105 to XG3430.

Sophos is on-prem mostly, however, now there's another product for Sophos, for the endpoints, which is cloud-based.

I'd rate the solution at a ten out of ten. It's one of the best products. We have deployed quite a number of them - almost 20 - and I've not seen any of my clients complain.

Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
Flag as inappropriate
ML
Chef IT at a healthcare company with 51-200 employees
Real User
Top 20
Stable, with an intuitive and user-friendly dashboard

Pros and Cons

  • "This solution does everything and anything a firewall can do."
  • "There is an area that is very specific to our setup, where working tools you cannot easily establish a VPN between two internal networks."

What is our primary use case?

This solution does everything and anything a firewall can do.

What is most valuable?

I am tempted to say that all of the features are valuable. 

When you choose a firewall you have to make a strategic decision, much more than a tactical one. We decided that everything we use within it, goes through and it's got protection.

The dashboard is intuitive and user-friendly.

What needs improvement?

Training on the devices is an area that needs improvement. Their training mechanisms are not perfect, and this is where you lose a good appreciation of the product.

The documentation for implementation is not good. For example, when you look up the details on a firewall rule to validate it, the details are not there.

If you click on the help file, they say a zone is an area where you can define specific logical network areas. This is where they stop, with nothing more. If you want to go further into the concept of it, which you know there is, you have nothing. Then you have to revert to the internet and go onto newsgroups to try to see if anybody has had your type of experience. Then you find someone, they explain it to you then say, "Oh, it only makes sense". So, then when you want to implement this, it's much easier at that time. So, that's the best-case scenario that I can explain.

There is an area that is very specific to our setup, where working tools you cannot easily establish a VPN between two internal networks.

When you want to establish a VPN with different wizards, they assume that you're always going through your internet link. 

If you want to create, with the zero-trust concept, which is where you don't trust anybody or any device, you want to make sure that everything on your network is segmented and everything is relative, depending on its flexibility, behind its firewall or a firewall segment. At some points, you might want to establish VPNs between certain network segments. 

Since you cannot establish VPN tunnels from the Sophos interfaces, plus if you are doing something that's going through the internet, then you lose flexibility. 

Currently, let's say we have a factory V-LAN and you don't want anybody within the factory V-LAN to be able to connect to another unless it is to a specific V-LAN, and you want to use VPN technology, you can't do it because you can't establish the connection again between two internal interfaces.

For how long have I used the solution?

I have been working with Sophos XG for six years.

What do I think about the stability of the solution?

It's a stable product.

What do I think about the scalability of the solution?

In regards to scalability, it's difficult to ascertain at this time because we haven't scaled it necessarily. 

The use cases that we have are very particular, and we're not in a mode of having scaled it yet. We have approximately 100 users in our organization who are using  Sophos XG.

How are customer service and technical support?

Their support, we have a mixed review of it. It's good, but where it's bad, is because they're an international company that relies on many different continents to be able to get the support at different levels.

When we get into the people that are from India, that's where the support becomes not as efficient as we would want it to be. They have different rules of operating under and they don't show themselves to be flexible. Whereas where I am, currently I'm in Canada. When I speak to the support people within Canada, they're much more flexible when it comes to trying to follow us up on what we're trying to do and get the thing working. They're more flexible.

How was the initial setup?

It was a combination of 75 percent straightforward and 25 percent complicated.

What's my experience with pricing, setup cost, and licensing?

It's approximately $6,000 for each device. We have three devices and it was somewhere around $18,000.

What other advice do I have?

I would recommend Sophos XG to others who are interested in using it.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about Sophos XG. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
552,136 professionals have used our research since 2012.
Spiros Konstantinou
Operations Manager at VL Toolbox Express Computer Solutions
Real User
Stable, with easy integration and good VPN logging, monitoring and notifications

Pros and Cons

  • "The VPN is easy and has good logging, monitoring and notifications."
  • "When it comes to improvements that the vendor can make, we see that the cloud integration for managing all the firewalls is essentially a replacement of the on-prem version we had and is not sufficiently mature."

What is our primary use case?

We use the latest version.

What is most valuable?

We are very familiar with the solution. It's pretty straightforward, our personnel is properly trained and we use it efficiently. The solution integrates very easily with other brands.  I've done VPN tunnels with other brands, and that was fine as well. The solution is quite stable and we don't have any issues with it. The VPN is easy and has good logging, monitoring and notifications.

When compared with Sophos XG, Fortinet lacks the notifications and reporting features. 

What needs improvement?

When it comes to improvements that the vendor can make, we see that the cloud integration for managing all the firewalls is essentially a replacement of the on-prem version we had. It's not mature yet, being still in its infancy stage. That would require some improvement. As I have many firewalls, having the ability to delegate access to use, such as exists with Microsoft CSP or other services, would be a nice feature to see. 

Also, as a tech person, I know that executives do not wish to receive complicated reports, so a simplified executive report for executives would be a nice improvement. This would save us from having to explain issues which are beyond the scope of their knowledge. 

For how long have I used the solution?

Sophos XG is basically a mix of UTM9, Checkpoint and several other technologies. It is essentially a merging of technologies. We've been using it since version UTM9, at which point we switched to Sophos XG..

What do I think about the stability of the solution?

The solution is quite stable. 

What do I think about the scalability of the solution?

The solution is scalable, but an organization should assess in advance its size based needs. Say, for example, a company utilizes the XG 125 version, but grows rapidly. At this point it may need to switch to the 210 version. Yet, switching from one version to another would not really present an issue. One can restore the backup configuration version on the new hardware and be up and running. 

How are customer service and technical support?

Technical support is pretty good, although I did have some issues with its availability during the COVID-19 pandemic, even though this seems to have been a challenge faced by all major support companies. There were delay issues owing to their teleworking, but the support they offer is quite supportive and they have all the necessary documentation.  The truth is that I have a need for many cases, although the ones I require have to do with things that are out of my control, such as licensing or the occasion of a new app that failed to show up in the console. I have many sub-sites and I did face a serious issue. Technical support was pretty helpful even though I had to redesign the typology of one of my sites. They actually tried assisting me with the original design and I found them to be quite helpful and to possess a good base of knowledge on the site. 

What other advice do I have?

It is important for a person to properly learn the features of any product so that he can optimize its utilization. The setup of the solution is pretty straightforward. What is truly important for a person with only a basic network background is to undergo proper training, so that he may learn about all the features and how to configure them. 

For any product a person uses, it is a good idea to do a test run. Sophos allows for its product to be evaluated without any financial commitment. It offers a free virtual machine for home use testing of the features. 

At present, Fortinet seems to have a slightly higher rating than Sophos XG, so if it were also to turn out to be more cost effective this would affect my rating of it. The reason is that this factor does have an impact on the decisions reached by CEOs when it comes to cost-benefit analysis.

This said, I rate Sophos XG as a nine out of ten, because we are very happy with it and don't really have any issues. We have actually been replacing Cisco normal routers, not sets, with Sophos and we're very happy with them.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Unmesh Deshpande
CTO at Kingsway Hospitals
Real User
Top 5Leaderboard
A great UI with very intuitive features; comprehensive documentation ensuring issues are easily resolved

Pros and Cons

  • "Great interface and in-built help is very intuitive."
  • "Lacking network access control, user profiling and analytics dashboards."

What is our primary use case?

Our primary use case of this solution is for protection and to have better governance for our LAN usage. I've got a lot of people working from outside on the corporate infra and all policy based decisions happen there. The solution is basically a firewall that protects us from various internet threats, but other than that provides controlled and properly managed access using various rules of VPN and other fingerprints of people logging in. I'm the CTO of the company and we are customers of Sophos.  

What is most valuable?

The interface is great and easy to understand. Any firewall engineer who has medium to moderate experience on bylaws, can easily understand the UI. The language presented on various features and the in-built help, is very intuitive. If you have a problem you can figure it out there and then. As a result, there is less probability that we'll call tech support.

What needs improvement?

The solution really needs some additional features like network access control. If they could incorporate some user profiling and present the analytics of the login user usage patterns, or a typical proper management dashboard to take a decision on the firewall rules, that would be useful. Basically, MI's and the dashboard could be more user friendly. The information is there but the dashboards are not in a graphical format. In short, I'd like to see network access control, user profiling and analytics dashboards. It would make the solution a more competitive product on the market. 

For how long have I used the solution?

I've been using this solution for over four years. 

What do I think about the stability of the solution?

This is a stable solution. I haven't had any firewall crashes or any non-performing rules for over two years. We are a hospital so all the lights of all the devices should be on 24/7, 365 days a year.

We manage and control around 250-300 internal users. There would probably be another 75-100 logging in externally.

What do I think about the scalability of the solution?

This is definitely a scalable solution. The way we've configured it, if a device goes down, it can be shut off and removed from the network for repairs or updates and our second firewall automatically takes the load.

How are customer service and technical support?

We only used technical support during our initial deployment. After that, we didn't need support because the product was working perfectly well. We trained ourselves on the newer software and we are capable of managing and maintaining our own firewalls. In addition, Sophos provides online documentation which is very user friendly. If you follow the steps you get the result. 

Which solution did I use previously and why did I switch?

I previously used Cisco's firewall ASA and it was extensively implemented in my earlier role. The main reason to migrate to Sophos was due to their aggressiveness in terms of pricing but also the fact that they had features that Cisco did not have.

How was the initial setup?

The initial setup was very straightforward. Deployment took somewhere between six and eight hours. 

What's my experience with pricing, setup cost, and licensing?

There's no annual licensing fee. When we purchased the product, it was with a five year agreement bundled in with the product price and the recent rollout is not yet five years old. When we renew, we'll renegotiate. I can't differentiate between the product costs and the licensing costs at this point. We're very lucky that we get one of the best deals in the country in terms of pricing. The Sophos-backed pre-sales and implementation team were very cooperative and collaborative which really helped us make the decision to choose Sophos.

What other advice do I have?

I would definitely recommend this solution but it's only suitable if it fits the needs of the company so I would suggest carrying out some research. Why does the company need a firewall? What rules do they want to deploy on the firewall? Based on the answers to those questions the company can make a call. 

I would rate this solution a nine out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Jay Thompson
Chief Operational Officer at Merchant Light LLC
Reseller
Top 20
Easy to set up, keeps extensive logs, and scans all traffic for malware

Pros and Cons

  • "The most valuable feature is that it scans all of the data for any kind of malware."
  • "It would be helpful if they had a set of standard templates because it would assist in the beginning, when you are just getting started."

What is our primary use case?

We are going to be hosting our own website and we are using the Sophos XG because we want to make sure that it is well protected. We also want to make sure that the rest of our LAN is not compromised.

In addition to using this firewall ourselves, we resell the product to our customers. We have a well-trained team that can perform the implementation and deployment.

How has it helped my organization?

Our network is now much better protected than it was. If you don't have your network and your infrastructure secured, as a business, which is about more than just putting a firewall in place, then you're asking for trouble. There is a lot of hunting going on, and it's not just the large corporations. It's the small businesses, too.

What is most valuable?

The most valuable feature is that it scans all of the data for any kind of malware.

It logs everything that goes in or out, and the logs are helpful.

The simplicity of the setup is very good. I can add whatever ports I need and it's pretty easy to set up.

What needs improvement?

It would be helpful if they had a set of standard templates because it would assist in the beginning, when you are just getting started. They do have a template, but I mean specifically for different use cases. For example, an existing template for setting up a web page would suggest what kind of security we need to have in place. They do have help menus and videos, but additional templates would be useful.

For how long have I used the solution?

I have been using Sophos XG for about eight months.

What do I think about the stability of the solution?

The stability has been rock solid and it hasn't gone down once.

What do I think about the scalability of the solution?

For me, there is essentially no limit when it comes to scaling. I have never used all of the connections but the limitation is between 50,000 and 200,000. I would say that scalability is enormous. If we had a bigger network then I would probably get a bigger Sophos.

At this point, we're just starting and only have three or four people who are regularly using it.

How are customer service and technical support?

The technical support is awesome.

Which solution did I use previously and why did I switch?

We did have a Cisco router prior to using Sophos XG, but I don't know much about Cisco or how to get it operational. I also realized that it was getting old, so we switched to a high-end Sophos model. With malware in this day and age, where we have a 6000% increase in the number of malware attacks compared to two years ago, we wanted to be well protected.

How was the initial setup?

The initial setup is straightforward. If I can do it then anyone can do it. The deployment took a couple of hours. Because we are new to this type of solution, our strategy will be to begin by blacklisting everything and then whitelisting only the things that we need.

What about the implementation team?

Our in-house team handled the implementation and deployment. We have more than 200 people that are very well trained, so we can set up pretty much anything. 

What's my experience with pricing, setup cost, and licensing?

We paid for our licensing for three years, upfront, and there are no costs in addition to the standard fees.

Which other solutions did I evaluate?

I evaluated several options and sought out advice before selecting Sophos XG.

What other advice do I have?

I am happy with this solution, which is one of the reasons that we are selling it. I don't like to sell or recommend things that I have not used. I have tried a lot of the features but I would say that there is a lot more potential I haven't even tested at this point.

I would rate this solution a ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
HP
Senior Network Architect at Virtua Technologies
Real User
Top 5
Easy to set up, offers central management, the support is good, and it handles endpoint security

Pros and Cons

  • "If you want to install antivirus and firewalling on endpoints, then Sophos is the best option."
  • "The SD-WAN capability is not as good as it is in FortiGate, and is something that should be improved."

What is our primary use case?

We are a solution provider and this is one of the security solutions that we implement for our clients. The primary use for Sophos XG is to secure the internet for an organization. It does a bit of antivirus scanning, application filtering, web filtering, and normal firewalling. Security, obviously.

Some of our clients also have Sophos UAP and access points are also included in Sophos, which is the same with FortiGate.

What is most valuable?

Sophos XG is easy to manage. You've got the cloud logging and you can manage all of your Sophos firewalls from one cloud, the Sophos Central Portal.

The most valuable feature is endpoint security. If you want to install antivirus and firewalling on endpoints, then Sophos is the best option.

What needs improvement?

What I don't like about Sophos is that applying policies can sometimes take longer, and there can even be a bit of a network interruption. With FortiGate, it's just one click and then you go, but with Sophos, sometimes the wheel keeps spinning for several seconds.

The SD-WAN capability is not as good as it is in FortiGate, and is something that should be improved.

For how long have I used the solution?

I have been working with Sophos XG for approximately two and a half years.

What do I think about the stability of the solution?

Stability-wise, it's almost as good as FortiGate.

I've been selling FortiGate for 10 years and Sophos for two and a half years. I think that Sophos is just about on par with FortiGate. We just had a small thing with a client, but I don't know if that's really going to be reason enough. In terms of stability, I think they are quite good. The issue we had was the locks, and it was causing slowness or interruptions, but that was really not an issue. It's a small thing.

What do I think about the scalability of the solution?

Sophos XG is very scalable. You can go from small to large-sized use cases.

How are customer service and technical support?

I think that the technical support is very good, and similar to FortiGate,

I actually dealt directly with a Sophos engineer and I must admit, they've been very fortunate that the guy can help even on the weekends and so forth. I'm very impressed with that.

Which solution did I use previously and why did I switch?

I primarily work with FortiGate, but I am currently dabbling in OPNSense to see if I can learn it. I've also installed Cisco in the past, as well as Sophos.

Although about 80% of our clients ask for FortiGate, some of our clients ask for Sophos instead. For example, there are some banks and commercial institutions that ask for Sophos.

Sophos is better than FortiGate with respect to endpoint protection.

How was the initial setup?

The initial setup is as easy as it is with FortiGate. These products are definitely easier to install than a solution like OPNsense because it is just a hardware appliance.

What's my experience with pricing, setup cost, and licensing?

The price of this solution is mid-range. Obviously, it will never beat OPNsense because that product is available free of charge. Sophos XG is not expensive for a firewall, especially when you compare it with Check Point. Check Point is a really expensive product.

Sophos XG is a bit more expensive than companies like BitDefender and Kaspersky, but their endpoint software is very good.

What other advice do I have?

The suitability of this product depends on the use case. If somebody wants to have full endpoint protection then Sophos is the best choice. If they just want a normal UTM without endpoint software, then FortiGate is slightly better, but only slightly because of the SD-WAN capabilities. 

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
ChristopherMonsini
Revenue Development Manager at Integrity by CELT
Real User
Extremely intuitive, user friendly with a great reporting feature and excellent technical support

Pros and Cons

  • "Great reporting feature and great customer support."
  • "The user interface could be improved and more bandwidth management would be helpful."

What is our primary use case?

The primary use case of this solution is to protect the perimeter, the edge of the network, as well as providing anti-virus protection. There are also RED devices that can be deployed and connect to Sophos and they go back to VPN connectivity. We've mainly worked with schools which is different to working with companies because they have particular guidelines to follow. I'm an engineer/revenue development manager and we partner with Sophos. 

What is most valuable?

In terms of hardware, I think Sophos is definitely the easiest to work with. It's very intuitive and easy to learn how to use. The reporting feature is great and they have great customer support. 

What needs improvement?

In terms of improvement, I think the UI could be faster. Sometimes the system freezes and there's a lag. It seems there were some issues with the firmware but it's not a big problem. The user interface could also be improved. It would be great if they could include a little bit more bandwidth management. If they would integrate FatPipe into their product, it would be closer to what Fortinet does.

For how long have I used the solution?

I've been using this solution for 12 years. 

What do I think about the stability of the solution?

This is a very stable solution.

What do I think about the scalability of the solution?

Sophos has different size appliances, so they're scalable regardless of whether you have 10,000 workstation nodes to any device down to the 1/10, which will provide up to 100 nodes. It's very scalable. I have implemented this mainly in K through 12 educational institutions and some other types of accounting businesses as well as in a wide variety of organizations and companies. In terms of physical maintenance it's a matter of once every six months blowing out the fans. The rest is done for you with Up2Date, which carries out all the firmware upgrades, and rolls it back if there's a problem. Once in a while, an update will get stuck and you'll have to manually push the update. 

How are customer service and technical support?

Dealing with Sophos technical support is a very easy process, from the regional business directors all the way up to the president. They have very good people and their customer support is amazing. That's one of the big things I love about Sophos. Their customer support and the group of people that run that company are amazing people, great people. I've never seen the support on any other platform that I've seen with Sophos.

How was the initial setup?

The initial setup was very straightforward. They give you an 800 number to call. The licensing portal has improved greatly over the years. So Sophos now has a new license platform which makes things a lot easier than previously and you can now buy individual licensing. 

Which other solutions did I evaluate?

I haven't evaluated other options but I know that Fortinet does much more in terms of protection and uses AI. They do a lot more now they have another platform that sits in the cloud and provides clients with AI, whereas Sophos only recently implemented AI. Fortinet has a much better reporting function, but Sophos has stepped up and is now providing the customer with the information they need to feel secure in the product. 

What other advice do I have?

My advice would be to download the VMware and get to know the interface because running one of these devices is probably not as difficult as you'd think. If you have an onsite level one user, YouTube has online training and Sophos support will help you through it. It's a very easy device for a level one engineer to manage. My advice is to download the free VMware for 30 days and then either buy the platform or install the VMware product.

I rate this solution a 10 out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
MA
Technical Presales Consultant/ Engineer at a wholesaler/distributor with 10,001+ employees
Real User
Top 5Leaderboard
Good security, easy to use, and has a simple installation

Pros and Cons

  • "The solution is very easy to use and straightforward."
  • "The initial setup, specifically when activating the license, is a nightmare and is quite difficult."

What is our primary use case?

The solution is primarily used to secure networks, just like PSF, but much better. Sophos XG has a UTM, which is much more security inclusive than a firewall, as it takes a look at the threat management landscape from a unified point of view. They have a firewall and they have an IPS inside the same box. They have a sandbox, they have a web filter, they have a web application firewall, they have a mail gateway, and they have a DMP. These are all inside one box. It's excellent at protecting networks from security threats as well.

What is most valuable?

The solution offers everything in one product.

It's excellent at protecting networks from malicious threats.

The solution is very easy to use and straightforward. 

Once you get past the license activation, the installation is easy.

What needs improvement?

I would like to see the technical support improve. They have the worst technical support I have ever seen in my whole life.

The initial setup, specifically when activating the license, is a nightmare and is quite difficult. 

For how long have I used the solution?

I've been using the solution for five years now. It's been a while. 

What do I think about the scalability of the solution?

We're a distributor, however, the company is still quite new. At my last company, I had 150 clients on Sophos. 

How are customer service and technical support?

Technical support is just awful. They are not helpful or responsive. We are not satisfied with the level of support on offer. They need to improve this aspect. They simply do not reply.

They have very bad response times. It's very strange. Before, when I was dealing with Cyberoam, before Cyberoam was acquired by Sophos, it was good. Now, it's Sophos XG, and, while Cyberoam support was amazing, Sophos support has just gone down the drain. I don't know why.

How was the initial setup?

The initial setup is a nightmare. The installation, getting the box to get up and running, is a hectic process, due to the fact that the box basically would not activate any feature unless the license is activated. And the license is only activated with the cloud. When you are doing that, it's just a sort of a nightmare. Now they have a new feature in which you can just create a license and you can activate the license on the appliance. However, generally speaking, it's one of those appliances that, if it's not registered on the portal online, won't even start. It can be a nightmare sometimes. That said, after the license is activated, it's just plain simple and easy.

What about the implementation team?

I previously was an implementor and would set up the solution for clients.

What's my experience with pricing, setup cost, and licensing?

You need to pay for the license. You need to pay for the hardware as well. The cost depends on the model of the hardware and on which license. They have different editions, and licenses you're going to go with. They have different modules, and the cost depends on which modules you'd like to activate for security features. Not everyone will buy Sophos to utilize all the features. Usually, it's just the firewall, and IPS, sandbox, and the web filter that people are looking for. Not many people have Sophos or VM servers on-prem to protect them.

What other advice do I have?

We use both cloud and on-premises deployment models. 

Now, I am using the solution personally at home, however, before, where I was working, I used the solution for three years, specifically implementing Sophos XG for customers.

I'd rate the solution at an eight out of ten. 

I'd recommend the solution to other users and companies. For small and medium businesses, Sophos is a good security vendor.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Product Categories
Firewalls
Buyer's Guide
Download our free Sophos XG Report and get advice and tips from experienced pros sharing their opinions.