Sophos Cloud UTM 9 (Auto Scaling PAYG)
Sophos | 9.718Linux/Unix, Other 9.717 - 64-bit Amazon Machine Image (AMI)
External reviews
External reviews are not included in the AWS star rating for the product.
Sophos is a great entry-level into computer security
What do you like best about the product?
I liked the options that were provided, they have an array of products that cover the endpoints or servers even firewalls
What do you dislike about the product?
It wasn't super simple to maneuver or get started.
What problems is the product solving and how is that benefiting you?
When I had it, it allowed me to secure the endpoint for my clients who were recently starting a new LLC but need peace of mind that it would work.
- Leave a Comment |
- Mark review as helpful
existing VPC template is missing
can you please create an existing template for this autoscaling ?
as it stands the Sophos UTM 9 (Auto Scaling PAYG) only supports new vpc
many customers already have vpc with their subnets including utm firewalls
Sophos UTM is suitable for SME/education institute.
What do you like best about the product?
Sophos UTM is stable, I can say it included a lot of features inside one appliance such as AV, IPS, QoS, SD-WAN.
What do you dislike about the product?
The user interface is not friendly enough. I hope Sophos can give more visibility for the logs.
What problems is the product solving and how is that benefiting you?
The reason why I am saying Sophos UTM is good for SMEs is that it's cheaper than markets' firewalls.
Great all around UTM
What do you like best about the product?
Very flexible, you have great control over how your traffic flows.
What do you dislike about the product?
Part of the GUI (Web filter Profiles) can be a bit cumbersome.
What problems is the product solving and how is that benefiting you?
Needed many layers of protection but did not have the staff to manage them independently.
Sophos UTM Review
What do you like best about the product?
Network protection
Wireless protection
web protection
What do you dislike about the product?
Cost
No support for earlier versions
Complicated system
No support for earlier versions
Complicated system
What problems is the product solving and how is that benefiting you?
Securing assets in the data centers
Sophos UTM
What do you like best about the product?
Lots of data available to change, lots of things to change and monitor
What do you dislike about the product?
Support hard to reach sometimes, takes time to get back to you
What problems is the product solving and how is that benefiting you?
Firewall and protection
Recommendations to others considering the product:
Get third party support if possible
Enables us to fully isolate an infected server or workstation with the click of a button
Threat management for servers is our primary use case. We're not using it on all workstations, just a few. We're primarily using it on servers.
The version we're using is fully in the cloud, not on-prem.
How has it helped my organization?
We don't have to worry about viruses anymore. Before Sophos, we didn't have anti-virus at all because we're a newer company and we're just now starting to get into business-level stuff. When we installed it on a few of the users' machines, we saw that they did have very minor infections - they downloaded something they shouldn't have, something that could have hurt the computer. We were able say, "Well, we're glad they didn't click on that."
What is most valuable?
The isolation of infected machines is a big feature. Also, the ability to detect external sources that change files on a file server is really big.
The third key feature is something called EDR. It's a type of advanced file analysis. If you aren't sure what a file is you can click on it and it will upload a sample to Sophos and it will respond saying, "That's malicious," or "Not malicious." You can see every individual file and registry key that that file has ever interacted with, and what they did. It will show you every single thing it's done to the machine so you can clean up everything or check everything that it has ever touched. You don't have to worry about, "Oh, did I clean everything up?"
What needs improvement?
It does have built-in policies which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them.
For how long have I used the solution?
Less than one year.
What do I think about the stability of the solution?
In terms of stability, it's definitely top-notch, a market leader. The ability to do things and the availability of it being online aren't an issue.
What do I think about the scalability of the solution?
It seems very scalable. All you do is install the client, and it pulls it in. You don't have to actually have more Sophos servers running. It all goes back to their central, cloud-based platform, which is nice.
How is customer service and technical support?
I haven't had to use Sophos' technical support.
How was the initial setup?
The initial integration and configuration of Sophos in our AWS environment was incredibly easy. They give you a license key and a file. You download that file on the operating system type that you're trying to install it on. Install it and it's done. There's nothing else at all to do. It gets auto-configured for you.
What was our ROI?
We haven't seen ROI because we just got it two or three months ago. Over time we will.
What's my experience with pricing, setup cost, and licensing?
The biggest issue with Sophos is the pricing. It's definitely more expensive. We looked at Webroot, which is a big alternative, and Sophos was almost three times the price of Webroot. That's a pretty big difference.
We actually went with both Webroot and Sophos. We went with Webroot for most of the client machines. We're only using Sophos for the servers and the really important client machines, like the ones the managers use. That way, we can split our cost up a little bit.
Which other solutions did I evaluate?
We looked at Webroot, primarily. That was pretty much the only one we evaluated that was even close to being a competitor. We did look at a few others, but we didn't even do the trials because \Webroot and Sophos offered so much more.
Webroot seemed really nice for Windows, but we have a lot of Macs. Our servers are Windows, and we definitely went with Sophos for the servers because it has a little bit more capability with Webroot.
An example would be that if you have a file server, it will actually detect if a source is changing stuff on the file server. Suppose that a client was connected to them. That client wouldn't even need protection. Sophos is smart enough to understand, "Hey, a client just uploaded this virus." Webroot wouldn't do that. Sophos also lets us do full isolations of the servers or workstations. So if something gets infected, we can isolate that machine with the click of a button, clean it up, and then release it back into the network. That's not something Webroot was capable of handling either. Those were two big things to us because both of those features stop viruses from spreading.
Everyone's going to get infected at some point. We just want to stop the spread as soon as possible.
What other advice do I have?
If you're running a full Windows-based shop you're going to have a lot more options, so make sure you shop around. If you're running a Mac-based shop like we are, Sophos is definitely the way to go. Just make sure you can afford it.
Regarding how well Sophos integrates with other products, so far we haven't integrated it with anything. We have it on the servers and we have it scanning our Amazon accounts, but that's it. The integration with Amazon is cool. Maybe they could work on that because it seems like a newer feature. You can see what's available but not really do anything yet.
Allows our client to use cross-region AWS VPCs to connect remote dev offices
A client wanted to trial Sophos UTM 9 before deploying it into a production environment because, historically, Sophos has not had the best of reputations in AWS. The client had used Sophos in other environments, hence they wanted to stick to what they know.
How has it helped my organization?
The solution allows the client to use cross-region AWS VPCs to connect remote dev offices.
What is most valuable?
Classic defence in depth, with layered features.
* SPI (stateful packet inspection)
* IPS
* WAF
* VPN capability with built-in load balancer
Nothing out of the ordinary these days, but the fact Sophos has such a big name and good support was a big plus for the client who already had a relationship with Sophos support. Also, auto-scaling of UTM workers using EC2 is a nice and handy feature.
UTM 9 brings along IPSec as well as iPhone and iPad support. This seems small but it’s useful.
Finally, Cold Standby CloudFormation script to one node, with persistent info in S3, is a convenient feature.
What's my experience with pricing, setup cost, and licensing?
We procured this solution via the AWS Marketplace because of BYOL (bring your own licence). That was the driving force behind the choice. In addition, they had test and production environments in AWS already so it was easy to get a sign-off.
What other advice do I have?
We didn’t find any issues but I know there have been some in the last few years. I can’t comment about Sophos’ on AWS previously but they seem fine now. There were no problems for our client so all I can comment on is the experience they had. I think it’s taken a little while for Sophos to get experience in solving problems with their product in the AWS environment, but they do seem to go the extra mile.
Application Control should be able to be managed with users; however, we now have a protected, standardized network.
Our datacenter cloud services such as email, and web services for internal and external use, had to be protected with different systems and the web services where left really unprotected, since we used an standard IPS/IDS to protect ourselves from web attacks (from the outside) which nowadays are really sophisticated. Also, we had to employ many work hours to have a protected, standardized network. With Sophos EndPoint and Sophos UTM, we simplified and also protected our network at the same time, with less work force.
What is most valuable?
The web filter and the ATP (Advanced Threat Protection) are great and easy to manage, and the integrated WAF (Web Application Firewall) allows the administrator to seamlessly protect HTTP/S services without having to pay thousands of dollars. The just introduced Sandstorm system for protection, is awesome as well.
What needs improvement?
Sophos UTM has many improvements that I would suggest, but the main one is for the Application Control to be managed with users as well, and with timeframes (schedules) for the administrator to allow certain apps outside an specific timeframe, or vice versa.
What do I think about the stability of the solution?
No issues encountered.
What do I think about the scalability of the solution?
The scalability is awesome as when you need the network protection systems to grow immediately, you just activate and license the exact same box, and configure it in cluster mode for Active-Active mode in Cluster/High Availability.
How is customer service and technical support?
This is where Sophos vendor outclasses every other vendor. They have grown so much throughout the last four to five years, but they have grown as well in their capability to attend support cases. We've had some really advanced cases, and we have never been forgotten or left behind.
Which solutions did we use previously?
We used a commercial product, Untangle, with our own brand called Rhino Box. Untangle did not invest in the development of features as we expected, such as the adoption of IPSec VPNs (they had it but very limited), and IPv6. This was what made us do research for our SMB/Enterprise market offering. We tried out Sophos UTM (recently purchased as Astaro UTM) and it was really easy to deploy and came with Sophos Support, which is awesome.
How was the initial setup?
The initial setup is straightforward. Sophos brand is well known in the market for being a unique and powerful tool that is simple to deploy and manage. This is what makes it different from any other vendors. The Sophos UTM, comes with a deployment "Wizard for Dummies" since it show the wizard at the initial setup, and in less than three minutes, you can have your box up and running. Also for Policies deployment, you are clicks away to customize your security settings.
What about the implementation team?
We always deploy by ourselves, so that way we can test how the customer will see the initial implementation. Our main advice, is to read the manual, and follow the wizards that comes with each tool. Also, it is strongly recommended to have a professional firm contracted for the initial setup, and support, as we are, to can design, and help with any kind of implementation issues.
What was our ROI?
The ROI is in 12-16 months, since with this kind of tool, we deliver the best of breed protection, and increment the focus of the end user, in being productive.
What's my experience with pricing, setup cost, and licensing?
I recommend you get the three year licenses, since Sophos offers three years for the price of two. I would also recommend that you acquire any Sophos Licensing with Professional Services added, that way, you'll have the best experience possible.
What other advice do I have?
As both a firewall and UTM it's perfect, however, sometimes with setting up the spam filters there is an issue.
As we are a solution provider and not product oriented, we give the best solution for our customers, with a good price. We are the number one company in the region, BTC, and operate in Egypt, Iraq, Jordan, Lebanon, and Saudi Arabia.
What is most valuable?
As both a firewall and UTM it's perfect.
What do I think about the scalability of the solution?
No issues encountered.
How is customer service and technical support?
Customer Service: For me, the customer satisfaction, and awareness, is the most important thing. I usually train all my clients on their chosen system.
Technical Support: 10/10.
Which solutions did we use previously?
As we are a service provider, we offer various other products to our customer:
* Astaro ASG
* Avaya/Netscreen
* Fortinet
* HP Switches & WiFi
* Juniper SSG
* Juniper SRX 210 & 240
* Juniper WXC
* Sophos next generation SG, including RED, SG, and WiFi
* Telindus Crocus E1Q
How was the initial setup?
For me, the installation and setup is simple. I work hard to do the simulation for the customer, and discuss all the requirements before implementation with the client.
What about the implementation team?
In one project I implemented Sophos for was a bank. I had to involve the Sophos team as the client was asking for WAF in transparent mode with HTTPS inspection. They were 10/10.
Which other solutions did I evaluate?
Prior to Sophos, it was mainly Juniper and Fortinet.
What other advice do I have?
showing 1 - 10