5 out of 5.0, Reviewed Dec 2, 2016
Tested UTM 9.4 as a VM firewall. Simple to use and manage. Like any new firewall, things are in different places but Sophos has a logical easy to follow layout.
It is easier to instal UTM 9 on a VM than on a physical machine via USB. CD/DVD is easier on physical hardware
The ease of VM installation and setup. Starts out anly allowing HTTP AND https traffic.
Logging was nothing special and did not allow rule creation from there.
I wish they provided more support on their forums.
Run dedicated hardware to improve performance.
3 out of 5.0, Reviewed Nov 29, 2016
Cloud solution and Mac support were important decision factors, however there have been some bumps in the road in terms of deployment, client performance, and the abillity to remotely configure clients from the management console.
Talk to other customers of Sophos Cloud AVS Endpoint Protection to gauge possible impementation and performance issues.
Centralized solution makes it easy to demonstrate compliance to customers and auditors, notifications of infection events are clear and easy to respond to.
1) We deploy software using JAMF Casper Suite. It was very difficult to configure a silent install package to deploy Sophos AVS successfully. Draconian post-install restarts did not give users an option to delay or save work, many users had their machines forcibly shut down by the installer. We ended up having users self-install the software which was an administrative headache. 2) If machines are not joined to a domain (Macs often are not), duplicate entries are created in the management console after install which had to be manually cleaned. 3) Changes to policies in the management console often don't take effect unless the policy is removed from a user and reapplied to force the change to the client. 4) Scanning within archives option is a perfomance nightmare, often crippling machines during scans. The vendor recommends turning this option off, with no indication that fixing this issue is on their product roadmap. 5) No option to suspend scans when laptops are running on battery power, which is a major inconvenience for users, as scans will often drain battery power very quickly. Either optimize the software for battery power, or provide an option to suspend scans when battery power is detected. This has been a known defect for years.
Respond to user feature requests more dilligently. The benefit of a cloud solution is that you can take advantage of vendor software updates more quickly and easily. However, some of the client performance issues we experienced have been identified in their user support forums years ago, and still have not been addressed, e.g. disallowing scans from occuring when user's machine is running on battery power, which has a tendency to kill battery life. Users end up disabling scans on their machines, which is a major compliance issue, but hard to argue against when the AVS saps their battery power in the middle of a client presentation or during a long airflight.
Unfortunately options are limited for enterprise-level cloud-based Mac AVS providers.
5 out of 5.0, Reviewed Nov 29, 2016
Implementation was relatively straightforward and the product works fairly seemlessly.
Sophos is seriously worth looking at. Consider the option of a cloud based approach.
It works with very little input from a maintenance level and users don't tend to notice it doing its job most of the time.
It seems that the Sophos offerings can be a little confusing in terms of choice, what is available with what licence etc. This could be simplified or at least explained better.
Implement a purely cloud based approach but also using Sophos. This is related to our current setup which make an on premises solution more awkward to manage.
5 out of 5.0, Reviewed Nov 29, 2016
Sophos aims to provide the solution that both work and are as simple to manage as they can be, given their complexity. This is key especially for an organization such as ours that cannot afford to provide specialists to work wholly on firewall and security solutions. Products must be less of a headache to manage. In addition, when something goes wrong, we expect to have first class support. Sophos usually provides this with (usually) quick turnaround of issues that have been reported to them. When renewing the solution, renewing with Sophos will be the preferred option.
Sophos UTM is a very good product and has to be part of any serious consideration for an organization looking at protecting its infrastructure and data.
It works better than practically any other product I've used.
Sometimes, it's not so obvious how to do what should be simple tasks.
I don't believe anything could have been done better, so there would be no requirement for anything to be done differently.
The only thing that would change is to implement more of the features of the UTM straight away, rather than a feature at a time. This was done to minimize the impact on users, but in the end, the impact has been minimal to none as each feature was enabled.
4 out of 5.0, Reviewed Nov 28, 2016
Nice support and after sales people. Had a renewal problem once with a reseller, contacted Sophos and they managed to reslove the problem and also made a good move extending our licence untill the problem get solved.
Try anti ransomware "InterceptX". No other product do it better AFAIK.
The Remote Ethernet Devie deployement through the UTM.
Pushing to the Cloud solutions.
The cloud only version of some new products via Sophos Centrat. Although I'm still investigating...
Now I would get the next-Gen firewall along with the endpoints to have a better integration using the security heartbeat feature.
5 out of 5.0, Reviewed Nov 28, 2016
We partnered with Astaro before Sophos acquired the company. We replaced our Sonicwall while still under contract based on how badly it was performing and because of the limited amount of customization in the Sonicwall OS. The ASG 320 immediately reduced the amount of spyware/malware infections to zero. IT support staff could focus away from reimaging and cleaning workstations. We gained important reporting features that helped us to determine which employees were being over and under utilized. Overall, the product has satisfied us and we are very happy with the UTM that replaced the ASG. Sophos is actively maintaining what Astaro built and is building more features on top of the solid firewall foundation.
Download a demo, try it out! Seriously, if you're considering other products then definitely download the demo and install it on some legacy hardware you have laying around. If you like the software demo, contact a Sophos partner and get a demo physical unit and point a test group of workstations to use it.
Our Sophos UTM is reliable and the maintenance on the unit is minimun.
The upgrade from ASG to UTM included no additional training. It tooks us a while to get used to the new interface.
Our conversion from Sonicwall to the ASG was done without any assistance from Astaro. I'm not sure if Sophos has dedicated account people who help with conversions, but it might be something they should consider.
Looking back, I wish we would have used the Sophos wireless endpoints instead. Reviews suggest that would require a lot less effort to install and maintain.
My only issue with Sophos support is that the few representatives that I've worked with were very difficult to understand. It was obvious they didn't speak English as a first language.
4 out of 5.0, Reviewed Nov 22, 2016
The product is very good, it keeps in mind the customer needs over the hyped new features, I could engange in any internal challenge or integration project with full confidence.
Don't only look in the features one to one to the competition, but look also at the extra features around the same functionality.
All the features included in the solution excel other solution, simplicity and power to deploy solutions are always present.
just the time to get to support, once you get to talk to a technician , they are helpful
Support could be a bit better, it seems they don't have enough people , so is hard to get a technicial soon enough, in particular during emergencies.
I will do a bigband migration instead of a phased one, we wait too long in older features from the old firewall solution.
4 out of 5.0, Reviewed Nov 21, 2016
The product is excellent and provides robusdt functions. Support is not as repsonsive as expected and is sometimes difficult to work with.
Be patient with reporting limitations, go one size up from plan to get performance promised.
Firmware updates and security ratings. I am confident in the level of protection provided at the edge by this UTM. Integrated wireless device management and ease of VPN deployment.
Reporting is still cumbersome and dashboards are not as good as other products (Cyberroam - oh, yeah Sophos bought them, just hasn't implemented the reporting yet SMH). Performance is below expected.
Complete integration with Cyberoam so that reporting functionality and security can both be industry leaders
Start with a bigger product. The throughput and data capacity numbers for the version we chose (110) seemed more than enough for our company. In practice, we noticed a bottleneck at the UTM. We upgraded to the 120 version - basically a softweare/feature set change - but still RAM is at 75% of capacity >75% of operation time.
4 out of 5.0, Reviewed Nov 21, 2016
Migrating to Sophos Endpoint in the Cloud was easy and Sophos support offered al ot of great support as we migrated from an on-premise solution.
Be aware that servers are licensed licensed differently with Cloud than on on-premise.
The cloud management side is very nice and allows for easy contorl.
Deployment to new stations can be cumbersome. There is no MSI so any automated installed must be scripted. The .exe installers are only valid for 60 days and must be updated or that scripted install will afil.
Allowed an easy way to split out licensing. We were an on premise solutioin for multiple organizations that ended up being split up on the licensing side.
Nothing comes to mind.
Support usually does a great job once they finally take up the task. There have been a few delays in getting responses and several instances where documentation was sent as the only response.
5 out of 5.0, Reviewed Nov 21, 2016
Sophos has saved us from many headaches which could have been caused by end-users downloading malicious email attachments and infected file downloads. We also like the notification system that lets us know when it's caught something and saved our users.
The product works well, but I really appreciate that when I attend conferences I often see Sophos representatives giving presentations on security best-practices. Having a rep from the company you use to protect your company advise a room full of people on various solutions on how to stay safe is very reassuring.