Sign in
Migration Mapping Assistant Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help

Sophos UTM 9 Standalone or HA (PAYG)

Starting from $0.10/hr or from $788.00/yr (10% savings) for software + AWS usage fees

Sophos UTM9 is a AWS Security Competency approved NextGen Firewall solution that helps customers with their shared security responsibilities by offering multiple layers of protection in a single virtual appliance that scans, controls and reports on traffic entering and leaving a VPC. Security features... See more

Customer Reviews

Create Your Own Review

Really good product

  • By Liang
  • on 07/06/2018

I'm really not sure why this product is getting so much negative reviews. Here's my 2 cents:
1. This is probably the only device that can give you VPN + MFA (a Sophos mobile app soft token) right out of the box. Other big name network security devices usually require you to integrate with another service like Okta or add another server like a RADIUS server.
2. Has multiple Site to Site VPN and Remote Access VPN protocols builtin.
3. Can directly dump its log to CloudWatch logs, other network devices require you to add another syslog server to do the same thing
4. Has great IPS, IDS, Firewall functionalities, it is actually difficult to outgrow this device's capability.
5. Sophos charges $.1/hr for t2.small. You have to pay multiple of that price to get equivalent features from large vendors. And you would have to pay $$$$ to hire a competent network engineer to duplicate Sophos features on a vanilla linux box.
6. I've called Sophos Technical Support @ 1 888 767 4679 for difficult problems, such as configuring Sophos in a complicated VPC setup, ask them to explain vague documentations, work some obscure features, etc. Their support has been patient, staying on the phone for hours to diagnose the problems. And the support is getting a lot more AWS knowledgable over the past 2 years I've been using Sophos. So good job Sophos!
I've deployed and have seen deployed 10s of Sophos in a variety of projects for different tasks, remote access VPN, site to site VPN, NAT-T, WAF, packet inspection, firewalls etc. This little device has been solid.

Have been using product for years successfully

  • By Rudy G
  • on 04/26/2018

Product does a great job at protecting our infrastructure, we use all features, and find the product easy to manage and configure. We use on a small environment, under 20 servers.

Avoid like the plague

  • By Brian O Mahony
  • on 03/15/2018

I would give this a 0-star review if I could.

An entire two day's config was dropped from the system, which broke a production VPN. I contacted support to be given the run around [still looking for license details that are not provided, even though we have multiple sites with paired licenses connecting to the device in AWS].
Also I can no longer connect to AWS DNS servers from the device, which is shocking. It seems to have changed config overnight, without rebooting.

Unfortunately this is in production but I am actively looking for a replacement. This is a pile of rubbish, while having the audacity to charge a couple of grand for absolute crap.

Stay away. You have been warned. You can see all reviews since 2015 have been 1 star reviews, and a number of the others prior to that look dubious.

We stop using this product, after put it on production for 2 weeks

  • By Phoenixict
  • on 03/17/2017

The IPS feature seem not working, and after we config ssl vpn on it according to the manual. the whole office cannot access to all infrastructure instances.

We try to roll-back the configuration that we have back-up, things still not work.

So we have to remove it.


Hi Phoenixict,

We are committed to helping you have a great user experience. We can help you configure IPS and SSL VPN, as well as walk you through how to perform a rollback. Please send us email at and we will coordinate a time to help you.

Thanks Sophos.

OK to poor depending on what capabilities you are looking for

  • By secgeek
  • on 08/22/2016

The product has lots of issues which are not apparent if you only going to use it in a non-demanding environment and might also not be apparent in the actual appliance version. In the AWS environment though it needs lots of work which Sophos doesn't seem eager to do anytime soon in fact in some forums it looks like it has taken Sophos over 5 years to implement some changes. I had high hopes for the product when I first started using it but as I have used more and more it seems that Sophos management is not willing to pay attention to the details nor is willing to fully test the product before declaring it ready for production.

Reply from Byron Watson at Sophos 08/24/2016

Hi secgeek,

Thanks for the feedback. We’d love to chat with you to understand where we can improve, and if we can help you out. Our UTM with support for Auto Scaling may be a better fit for your environment, as it offers more integration with AWS. Your feedback is very important to us, as is the feedback of all of our customers. Would you please reach out to us at Look forward to hearing from you.


Byron Watson, Sophos SA

Piece of Junk

  • By clinux
  • on 07/15/2016

Not an easy deployment and pretty much ZERO support. My company would have made the investment in Sophos if they could adequately support their offering. But i guess Sophos isn't interested in that!

Reply from Rich Vorwaller at Sophos 08/24/2016

Hi clinux,

We are definitely interested in supporting you on AWS, or at least hearing how we can improve our products for you and other customers. Please email us at We can set up a time to discuss your experience, determine a way to resolve your issues, and answer any questions you may have.


Rich Vorwaller, Senior PM

External ELB and TLS Does Not Work - Support is a Joke

  • By Jeremy
  • on 09/01/2015

I want to give this product a good review but cannot. Setup was relatively easy but if you require external AWS ELB (Elastic Load Balancing) AND TLS (i.e. no TLS termination) then this product does not appear to work.

But more than the TLS issue, after a week of going back and forth with email based Sophos support that don't appear to read or understand English AND don't call when they say they will call - I have given up.

Prompt and accurate support is important for any product that will be supporting your production systems and from my experience, Sophos has failed miserably in this area.

Excellent all in all Security Virtual Appliance

  • By john bell
  • on 07/25/2015

Easy to use, Fast curve learning, works great on minimal core instance, tons of features.
I highly recommend this product.

Multi-purspose and sometimes overcomplicated product.

  • By Jean-Yves Sireau
  • on 05/12/2015

We used this product during our evaluation of software for client's VPNs.

It works well, but:

* configuration from my point of view is over-complicated
* documentation is sometimes confusing
* technical support is not very responsive

I would use this software only if I wouldn't have another choice.

very easy

  • By
  • on 10/01/2014

There are a lot of functions related to security, its functions can be controlled from the WEB is a good. We are going to try using a time when there is a requirement of the customer.