Sign in
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Sophos Cloud UTM 9 Standalone or HA (BYOL)

Sophos | 9.718

Linux/Unix, Other 9.718 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

6 AWS reviews

External reviews

86 reviews
from G2

External reviews are not included in the AWS star rating for the product.


2-star reviews ( Show all reviews )

    Security and Investigations

SOPHOS UTM meant for SMB with plug and Play Features... When It's come to SSL traffic inspection

  • October 24, 2020
  • Review provided by G2

What do you like best about the product?
SOPHOS use its own technology for Gateway A/V and for IDS.. unlike other OEMs..they use share database.. with each other..
What do you dislike about the product?
Not have Full DLP features like other OEMs..some times Firmware issue alos persist with SOPHOS.
What problems is the product solving and how is that benefiting you?
We were looking for solution for Multiple branch secure connectivity..where SOPHOS RED help us.. with quite competitive budget.
Recommendations to others considering the product:
For SMB I will recommend to go with SOPHOS.


    tkent

Buyer beware, you're on your own

  • August 16, 2015
  • Review verified by AWS Marketplace

We've been using the UTM in our VPC for a few months now. A few solid pro's for the product:

1. If you're coming from the Cisco ASA world (we were), you'll find the UTM interface incredibly simple. It makes common setup a breeze.
2. It supports a lot of stuff you wouldn't expect without extra cost (e.g. OTP soft tokens, a solid LDAP integration, Site2Site VPN, etc)
3. It's linux under the hood, so you can script certain things - even use tcpdump to analyze traffic.

Unfortunately, the product & company also have some huge drawbacks.

1. Sophos doesn't really care about it's documentation. As another user noted, the documentation provided by Sophos is just terrible. A good portion of it is plain wrong or outdated, and well over half of it is simply useless. An easy example is their documentation for HA support for EC2 (spoiler, they have no HA support for EC2, they have a rough idea of how somebody might do it).

2. A lot of the advanced features are too buggy to use in production. For example, if you want to use their web application firewall (similar to the IDS feature on the ASA), you're going to be manually adjusting Apache mod_security configs or deal with regular connection losses due exceptions. Don't bother reporting these issues to Sophos, due to #3.

3. When things go wrong, Sophos support is not there to help you. This wouldn't be as big of a deal if it wasn't for the documentation problem. When dealing with Sophos support, you get the very strong indication that you're really dealing with Windows AV tech support reps. Most of the time, the tech's don't have the slightest clue about what the UTM does or why. A few days (or weeks) after you file an issue, a properly trained tech may contact you, but who has that kind of time?

4. If you undergo PCI/HIPPA complaint scans, it's probably going to be the device with the most violations. You can report the violations to Sophos support, and they'll tell you to file a UTM feature request.

5. You just can't fix certain things. One of the best parts about the UTM is it's super-easy web interface. However, it completely lacks a command line interface into a lot of it's core features (NACLs, etc). If something misbehaves (e.g. needing to remove a stuck rule), you're down to scrounging the internet for some example of how somebody got Sophos support to give out a magic command.

So, if you're ok being on your own, then the UTM is a great starting point. Lots of good open source tools and it's not terribly difficult to poke around and figure out were they've configured most things.


    Jeff Collins

Rolling out Sophos UTM in EC2

  • September 06, 2014
  • Review verified by AWS Marketplace

There are virtually no instructions on the Sophos or Amazon web sites, beyond the video <http://www.sophos.com/en-us/lp/aws.aspx>. There is no advice on how to size the UTM VM instance and how it interacts with internal interfaces (virtual network cards). This lack of clear documentation is a major stumbling block when attempting to deploy UTMs in EC2. Personally I wasted over twenty hours, and was almost on the point of giving up when I was finally able to get a UTM working in EC2. Despite the fact I have access to Premium Support from Sophos, they offered almost no support on how to size and deploy a UTM in EC2. The support from Amazon was very spotty. The Amazon technicians I dealt with had never used a soft UTM and did not understand how they work, so I spent a lot of time educating them about the Sophos architecture. All in all, the product is fine but the obstacles to deploying it in EC2 are very daunting. In summary, the lack of documentation could make the Sophos UTM almost useless in the Amazon cloud. If you are brave enough to attempt to use this product, make sure you have phone support from Amazon.


showing 1 - 3