Overview
Sophos Cloud UTM9 is a AWS Security Competency approved NextGen Firewall solution that helps customers with their shared security responsibilities by offering multiple layers of protection in a single virtual appliance that scans, controls and reports on traffic entering and leaving a VPC.
Security features include a Web Application Firewall (WAF), a pre-tuned and automatically updated Intrusion Prevention System (IPS), an Outbound Web Proxy/ Layer 7 Application Engine to protect and control connections to the Public Internet, an Advanced Threat Protection engine to identify and block unknown and evasive threats, and VPN Gateway features to securely connect remote sites and users. The UTM9 NextGen Firewall solution also provides detailed logs and reports which can be viewed on system and/or exported to the AWS CloudWatch Logs service and any Syslog compatible device.
You can deploy Sophos UTM as a standalone solution on the EC2 Instance type of your choice, or use the Sophos provided CloudFormation template to deploy an Active/Passive High Availability pair of UTM's that spans across multiple Availability Zones and integrates with key AWS services such as Auto Scaling, CloudWatch, and S3 to comply with AWS Best Practice guidance on secure architecture.
Part of a complete cloud security portfolio. A selection of Sophos AWS Marketplace offerings is included below, while more can be found at www.sophos.com/cloud .
- Sophos UTM Auto Scaling: https://soph.so/utm-autoscaling-payg
- Sophos XG Firewall Standalone (Free Trial): https://soph.so/xg-firewall-payg
- Sophos Cloud Optix (CSPM with Free Tier): https://soph.so/cloud-optix
If you have any questions about Sophos solutions or if you need assistance with deployment or configuration, please contact the Sophos Public Cloud team at aws.marketplace@sophos.com .
Highlights
- Control infrastructure and security costs by combining multiple security tools into a single, easy to deploy and manage solution.
- Web App Firewall (WAF) protects your web apps against common threats like SQL injection and Cross-Site Scripting. Next-Gen Firewall protection and reporting with stateful traffic inspection, Layer-7 application control, secure proxies, and IPS.
- Sophos UTM9 may also be deployed as an Active/Active Auto Scaling solution which provides maximum uptime, elasticity and the Sophos Outbound Gateway (OGW) feature set. Please see the 'Sophos UTM9 Auto Scaling' listing for more details.
Details
Typical total price
$0.86/hour
Pricing
Free trial
Instance type | Product cost/hour | EC2 cost/hour | Total/hour |
|---|---|---|---|
t2.small | $0.10 | $0.023 | $0.123 |
m3.medium | $0.35 | $0.067 | $0.417 |
m3.large | $0.75 | $0.133 | $0.883 |
m3.xlarge | $1.10 | $0.266 | $1.366 |
m3.2xlarge | $1.45 | $0.532 | $1.982 |
m4.large Recommended | $0.76 | $0.10 | $0.86 |
m4.xlarge | $1.15 | $0.20 | $1.35 |
m4.2xlarge | $1.50 | $0.40 | $1.90 |
m5.large | $0.76 | $0.096 | $0.856 |
m5.xlarge | $1.15 | $0.192 | $1.342 |
Additional AWS infrastructure costs
Type | Cost |
|---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
Terminate the EC2 instance(s) or delete the CloudFormation stack at any time to stop incurring charges. You may email aws.marketplace@sophos.com for questions regarding Sophos UTM charges and refund requests.
Custom pricing options
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
You can manage your Sophos UTM on AWS from the Web Interface using HTTPS (TCP port 4444), the command shell using SSH (TCP port 22), and via the RESTful API.
Sophos UTM requires a valid email address for administration purposes. This email address is not used for any other purpose and remains local to the Sophos UTM AMI. Please refer to the Sophos Privacy Policy for more details. https://www.sophos.com/en-us/legal/sophos-group-privacy-policy.aspx
Sophos UTM on AWS Quick Start Guide https://www.sophos.com/en-us/medialibrary/PDFs/documentation/SophosUTMAWS.pdf
For additional information about deploying on AWS please see: https://www.sophos.com/en-us/support/documentation/sophos-utm.aspx
Resources
Support
Vendor support
For customers who participate in the AWS Product Support Connection, Sophos provides technical support via phone and web portal. Phone: +1-844-591-2756 Web portal:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
Really good product
I'm really not sure why this product is getting so much negative reviews. Here's my 2 cents:
1. This is probably the only device that can give you VPN + MFA (a Sophos mobile app soft token) right out of the box. Other big name network security devices usually require you to integrate with another service like Okta or add another server like a RADIUS server.
2. Has multiple Site to Site VPN and Remote Access VPN protocols builtin.
3. Can directly dump its log to CloudWatch logs, other network devices require you to add another syslog server to do the same thing
4. Has great IPS, IDS, Firewall functionalities, it is actually difficult to outgrow this device's capability.
5. Sophos charges $.1/hr for t2.small. You have to pay multiple of that price to get equivalent features from large vendors. And you would have to pay $$$$ to hire a competent network engineer to duplicate Sophos features on a vanilla linux box.
6. I've called Sophos Technical Support @ 1 888 767 4679 for difficult problems, such as configuring Sophos in a complicated VPC setup, ask them to explain vague documentations, work some obscure features, etc. Their support has been patient, staying on the phone for hours to diagnose the problems. And the support is getting a lot more AWS knowledgable over the past 2 years I've been using Sophos. So good job Sophos!
I've deployed and have seen deployed 10s of Sophos in a variety of projects for different tasks, remote access VPN, site to site VPN, NAT-T, WAF, packet inspection, firewalls etc. This little device has been solid.
Have been using product for years successfully
Product does a great job at protecting our infrastructure, we use all features, and find the product easy to manage and configure. We use on a small environment, under 20 servers.
Avoid like the plague
I would give this a 0-star review if I could.
An entire two day's config was dropped from the system, which broke a production VPN. I contacted support to be given the run around [still looking for license details that are not provided, even though we have multiple sites with paired licenses connecting to the device in AWS].
Also I can no longer connect to AWS DNS servers from the device, which is shocking. It seems to have changed config overnight, without rebooting.
Unfortunately this is in production but I am actively looking for a replacement. This is a pile of rubbish, while having the audacity to charge a couple of grand for absolute crap.
Stay away. You have been warned. You can see all reviews since 2015 have been 1 star reviews, and a number of the others prior to that look dubious.
We stop using this product, after put it on production for 2 weeks
The IPS feature seem not working, and after we config ssl vpn on it according to the manual. the whole office cannot access to all infrastructure instances.
We try to roll-back the configuration that we have back-up, things still not work.
So we have to remove it.
Response:
Hi Phoenixict,
We are committed to helping you have a great user experience. We can help you configure IPS and SSL VPN, as well as walk you through how to perform a rollback. Please send us email at aws.marketplace@sophos.com and we will coordinate a time to help you.
Thanks Sophos.
OK to poor depending on what capabilities you are looking for
The product has lots of issues which are not apparent if you only going to use it in a non-demanding environment and might also not be apparent in the actual appliance version. In the AWS environment though it needs lots of work which Sophos doesn't seem eager to do anytime soon in fact in some forums it looks like it has taken Sophos over 5 years to implement some changes. I had high hopes for the product when I first started using it but as I have used more and more it seems that Sophos management is not willing to pay attention to the details nor is willing to fully test the product before declaring it ready for production.
Response:
Reply from Byron Watson at Sophos 08/24/2016
Hi secgeek,
Thanks for the feedback. We’d love to chat with you to understand where we can improve, and if we can help you out. Our UTM with support for Auto Scaling may be a better fit for your environment, as it offers more integration with AWS. Your feedback is very important to us, as is the feedback of all of our customers. Would you please reach out to us at aws.marketplace@sophos.com . Look forward to hearing from you.
Sincerely,
Byron Watson, Sophos SA