Sophos Cloud UTM 9 Standalone or HA (PAYG)

My main use case for Sophos UTM  is to support several customers; we have some enterprise customers as well, but they use different firewalls, and for the smaller customers, usually we have our local Sophos, and then they have their own Sophos at their premises. We usually have site-to-site VPNs and monitor their on-premise equipment with our monitoring system.

At our own company, we also use Sophos UTM  as a mail gateway, and we use it for the VPNs for the road warriors, providing remote access for employees.

In my opinion, the best features Sophos UTM offers are part of the firewall itself, so we don't need an extra appliance, we don't need to set up extra open-source VMs or anything. It's just part of the gateway that is connected to the internet anyway, and we protect our Exchange servers with it. This works fairly well in my opinion, and it's good.

What I appreciate most about the features is that you can have modules with Sophos UTM, so network protection including the reverse proxy, or that you can have a module for the email protection, a module for the network protection, and so on. You really can only purchase the functions you need and still have the possibility to add later, so that's excellent.

Sophos UTM has positively impacted my organization certainly in all of those areas because any security system you have is better than none. The ease of use and the pricing have made it very easy even for smaller clients to have certain security measures in place. I would count that as a win for security and cost saving at the same time.

I can share specific outcomes regarding Sophos UTM; we've seen reduced costs certainly. Either the clients wouldn't have any security measures at all, just an ISP provided router, but those don't serve very well security-wise. Or they would have had larger, more expensive firewalls, and Sophos UTM really is easier on the budget. We've also seen time saved, definitely. We streamlined all our clients into using Sophos UTM if they want to have their on-premise infrastructure monitored, and that really saves a ton of time.

The needed improvements for Sophos UTM include that the GUI could be a little more high-resolution-aware because it's still stuck in the small, low-resolution admin days, and those are long over.

I choose a rating of nine out of ten for Sophos UTM because, as I mentioned, the graphical user interface is stuck in the past, and some things here and there are not implemented to the full, such as the reverse gateway thing, reverse proxy, and web application firewall. If you want to really implement some rules that are a little bit more difficult, Sophos always recommends getting the dedicated WAF , or web application firewall, but I would prefer to have more features on the web application firewall in the firewall itself because it would make more sense. Other than that, it's a very smooth experience, and I really appreciate it.

I have been using Sophos UTM since before it became Sophos. I used it from the Astaro days, actually, before they were bought by Sophos, so since 2009. I have been using Astaro and all the way up until recently when it became Sophos UTM.

Sophos UTM is very stable.

In terms of scalability, Sophos UTM is very good. You can have large appliances or small appliances, you can change them, you can have high availability clusters, so very, very scalable in my opinion.

The customer support for Sophos UTM used to be better when it was still Astaro, but those days are long gone. The customer support has been good to mediocre, but not very good.

I previously used different solutions; for the smallest of our customers, I usually use OPNsense , for example, the open-source firewall, because they don't want to pay any money whatsoever, besides needing more time to set up and everything. For larger customers, we usually had a FortiGate, for example, but FortiGate is a little bit more expensive and a little bit harder to set up, so I count Sophos UTM really good for that.

My experience with pricing, setup cost, and licensing with Sophos UTM is that I was astonished to find that the prices are a little lower than competitors, and I'm really pleased with the functionality that you get for the price.

I have seen a return on investment with Sophos UTM, and I can share that the price is around thirty percent better, especially if you count in the employee time.

Before choosing Sophos UTM, I evaluated other options including FortiGate, OPNsense , and SonicWall, which was one customer using.

The customer support for Sophos UTM used to be better when it was still Astaro, but those days are long gone. The customer support has been good to mediocre, but not very good.

In my opinion, the best features Sophos UTM offers are part of the firewall itself, so we don't need an extra appliance, we don't need to set up extra open-source VMs or anything. It's just part of the gateway that is connected to the internet anyway, and we protect our Exchange servers with it.

I choose a rating of nine out of ten for Sophos UTM because, as I mentioned, the graphical user interface is stuck in the past, and some things here and there are not implemented to the full, such as the reverse gateway thing, reverse proxy, and web application firewall.

What I appreciate most about the features is that you can have modules with Sophos UTM, so network protection including the reverse proxy, or that you can have a module for the email protection, a module for the network protection, and so on.

At our own company, we also use Sophos UTM as a mail gateway, and we use it for the VPNs for the road warriors, providing remote access for employees.

In terms of scalability, Sophos UTM is very good. You can have large appliances or small appliances, you can change them, you can have high availability clusters, so very, very scalable in my opinion.

I can share specific outcomes regarding Sophos UTM; we've seen reduced costs certainly. Either the clients wouldn't have any security measures at all, just an ISP provided router, but those don't serve very well security-wise.

Before choosing Sophos UTM, I evaluated other options including FortiGate, OPNsense, and SonicWall.

My advice for others looking into using Sophos UTM is that it's really good to have fairly good knowledge of Linux because Sophos UTM is built on Linux and it helps debugging, it helps, for example, network tracing, and issue fixing. Other than that, get the introduction course and get ready to deploy. It's really easy. I give Sophos UTM an overall rating of nine out of ten.

Sophos UTM  was implemented to facilitate laboratory use. I needed a solution for my laboratory, and since I did not have the budget for a license, Sophos provided me with a 15-license free offer, which I use full-time.

The best features Sophos UTM  offers are its ease of use and extensive functionality. Sophos UTM is very straightforward to use and has many features, making it simple for me to operate.Creating proxies and proxy rules is fantastic. Sophos UTM has positively impacted my organization with its various functions, and it is the best choice I could have ever made.

At the moment, I have no suggestions on how Sophos UTM can be improved.I created Zero Trust in Sophos, which is excellent.

I have used Sophos UTM for 10 years, operating from Brazilian data centers and the infrastructure of a remote center.

Sophos UTM is stable based on my experience.

My experience with customer support for Sophos UTM has been positive.

I previously used two open-source solutions before switching to Sophos UTM.

I have not seen a return on investment with Sophos UTM.

I have no declaration regarding my experience with pricing, setup cost, and licensing for Sophos UTM.

I did not evaluate other options before choosing Sophos UTM.

If security is necessary, I advise using Sophos. My company has a business relationship with this vendor as a reseller. I was offered a gift card or incentive for this review. There is nothing else I want to share about Sophos UTM. You can use my real name when publishing this review. There is no problem using my real name in the review. I do not think there is anything you should change for the future based on this interview. I would not like for you to provide a short poem or haiku that summarizes this review. I rate this review a 9.

We are still working with Sophos UTM , so I can confirm that we have not switched to something else.

I have been working with Sophos UTM  since 2018.

The most valuable features in Sophos UTM are Mail Protection, Web Server, advanced endpoint, and the servers. Our systems are silent, secure, and we don't have many problems with security policy enforcement.

In terms of setting rules to guard the organization, especially on the network, we can set those rules, and through Sophos Central , we are able to see the equipment that has been registered and all the reports on the performance of each piece of equipment. For the endpoint equipment, there are close to 300 people using Sophos UTM in my company.

We have five administrators and around 10 servers, so we have advanced server protection that we are using.

We find the most valuable features in Sophos UTM to be Mail Protection, Web Server, advanced endpoint, and the servers. It helps us quite a lot, especially because since we use Sophos UTM, malware intrusions are not rampant.

It has helped us to set rules to guard our organization against any intrusion from outside. Our systems are silent, secure, and we don't have many problems with security policy enforcement. In terms of setting rules to guard the organization, especially on the network, we can set those rules, and through Sophos Central , we are able to see the equipment that has been registered and all the reports on the performance of each piece of equipment.

I would prefer to see additional features in the next release of Sophos UTM because cyber crime increases every day, so we also need to improve our game to prevent any chances for intrusion.

I cannot be specific regarding the features I would prefer to see in the future in Sophos UTM. In everyday life, there is room for improvement; it is the biggest room, so there is always a need to improve. Through the technical team, they can look at the loopholes and then be able to seal all the vulnerabilities that would bring problems.

I have been working in this field for 18 years.

So far, I have not had any problems with the scaling of Sophos UTM.

We have not experienced any problems with the technical support because we are getting support from both the partner and Sophos directly.

I would rate the technical support by Sophos a 10.

Before we used Sophos UTM, we were using Kaspersky.

I took part in the implementation of Sophos UTM.

The implementation was straightforward, with no difficulties during the process.

It took approximately two hours to complete in my case.

Four people were needed for the implementation.

I completed the implementation with the help of a Sophos partner.

The company that helped us is called Cloud Logic.

The pricing would be more economical if sold directly to the user compared to going through a partner, as they need to take their percentage.

We evaluated other options before choosing Sophos UTM. We tried Sophos UTM and found it to be more helpful than what we were using initially, which was Kaspersky.

For an organization similar to ours, we recommend working directly with Sophos instead of going through a partner. Additionally, having regular webinars would be beneficial so that people can be trained and given insights.

On a scale of 1-10, I rate Sophos UTM a 10.

Most of my customers have more than one or two sites which are connected with the IPsec tunnel. For some people, they need VPN to enter the particular main HO site and access all other remote site subnets, such as when there is a file server hosted on another site. This was a simple use case: from one site, they will enter from SSL VPN  to one site and access all their remote sites using this VPN policy only. We don't need to require the VPN for all particular single sites; we create only one single VPN, and from that single console, they can access all these sites as well.

Currently I am working at AVH, which is a system integrator that provides solutions such as security and UTM solutions to clients. My task is the complete installation and implementation of these firewalls and, apart from that, post-support calls. If clients are facing any issues, they reach out to our company, and the company assigns me to their tech solutions.

For the initial setup, we create an SSL VPN  portal for this customer's public IP, and we make some local subnet so that the user will get some local subnet IP after connecting with Sophos UTM . After that, we allow the security policy, which determines which resources they can access after connecting with Sophos UTM . They access Sophos UTM VPN using the public IP, and then when they enter the site, they can access the limited resources we have allowed in the policies.

The most useful features I have worked with in Sophos UTM mostly involve the DNATing process and their web filters. Many customers require these web filters to be aligned, such as when they need to access resources over the VPN or over the DNATing process.

Application control reduces their bandwidth consumption. When users consume large amounts of bandwidth, this application filter can limit their usage, ensuring they won't face bandwidth failures. Users are limited to a particular bandwidth for a specific application only.

When connecting to Sophos UTM VPN, certain applications can be restricted from being accessible using this VPN policy. It is more secure with more granular security, allowing the user to only access specific, allowed applications.

I can very easily manage my Sophos UTM VPN users and get all the logs, details, and traffic monitoring over my single dashboard console.

For the challenges I've faced, zero trust is one area where I haven't worked much or have sufficient experience.

I have around 2.5 years of experience in this particular domain.

I currently don't have experience with deployment issues.

I have connected with the Sophos UTM technical team one or two times.

It is user-friendly and straightforward, so there are no certain challenges to configuring this VPN with Sophos UTM.

Compared to other OEMs and other vendors' firewalls, Sophos UTM is very user-friendly. It has a user-friendly dashboard so that anyone, even a new beginner, can easily learn where the options are and how to configure UTM profiles. Different industries such as hospitality and manufacturing can have customized UTM profiles. The UTM is a granular and easy step, and non-standard categories can be manually added.

Regarding pricing, it's affordable for the features that Sophos UTM provides; there is no higher price, it is affordable.

When deploying on-premises, all customers have suggested this deployment type. Occasionally, there are certain failures; however, it's mostly user-friendly and reliable, with no major challenges in configuration. I definitely suggest checking it out.

On a scale from one to ten, I rate Sophos UTM a nine.