Sophos XG 115 - security appliance - with 3 years TotalProtect
Mfg # XB1B3CSUS
CDW # 3906489
Know your gear
Based upon the award-winning Sophos SG series, the XG series firewalls come pre-loaded with the Sophos Firewall OS to provide optimal performance to meet today's network security requirements.
Enhance your purchase
Sophos XG 115 - security appliance - with 3 years TotalProtect is rated5.00 out of5 by3.
Rated 5 out of 5 byIvanildo Teixeira Galvão from Efficiently protects against malware attacks, gives visibility into ports, apps, and websitesHow has it helped my organization?My clients gain efficiency in protecting against attacks from malware such as ransomware and hacker attacks. It also provides them efficient internet access control, and full visibility of ports, applications, and websites.What is most valuable?* IPS* Very efficient* Web Filter* Captive Portal with Voucher and Application Control.What needs improvement?It could offer other important functions such as a DNS Filter for blocking botnet networks.For how long have I used the solution?One to three years.What do I think about the stability of the solution?No stability issues.What do I think about the scalability of the solution?No scalability issues.How is customer service and technical support?Satisfactory.Which solutions did we use previously?I still use Fortigate, also Sophos UTM. As I'm a solution consultant, I have different clients where each solution fits the environment.How was the initial setup?Simple and easy.What other advice do I have?Excellent product, meets most of the security needs of companies of various sizes. You can buy it without fear.Disclaimer: My company has a business relationship with this vendor other than being a customer:Partner.
Date published: 2018-01-25T00:00:00-05:00
Rated 5 out of 5 byTunji Gbola from Excellent integration with the Sophos firewall and has a user-friendly interfaceWhat is our primary use case?I use the solution as my endpoint firewall and at the same time, I use it for load balancing and spillover.What is most valuable?What I like the most is the reporting.The integration with the Sophos firewall is brilliant. I don't need to be physically present in the office. I can monitor everything from Sophos Central. That is a great feature and it's one thing that I really appreciate about the solution.I like the fact that it can self remove malware and do updates on the cloud via Sophos Central.The interface is good.What needs improvement?Although I enjoy the reporting elements of the solution, it can still be improved. I still can't drill down. There is some information that I would really, really like to see, but I still can't access it.On reports, they sometimes give a summary, but it lists different users as unknown. There are times that I really want to know which user or which IP is causing a problem.For how long have I used the solution?I've been using the solution for ten months.What do I think about the stability of the solution?There is something that have observed and I don't know what exactly the problem is. Right now, from my ISP I'm supposed to have unlimited bandwidth, but I observed behind the firewall my bandwidth seems low. I'm not exhausting what I have from my ISP. I've checked the TOS and there's no limit. When I spoke with one of the resellers they said that they too had experienced it before and that probably I should restart the device.That they observed that the clients that restarted had their internet service improve. I don't think that is a good solution. I don't want to have to restart my device to have the internet service improved.I've checked the setup. I even checked with the reseller, who told me everything is okay. I've gone for XG training. Even after the XG training, I've gone back to look at my setup. I can't see anywhere the bandwidth is being shared. I'm not sure if it's the device itself, but I've checked everything.What do I think about the scalability of the solution?The scalability is okay. We have about 200-250 users.How are customer service and technical support?Technical support can be improved upon. There are times that I've had some issues that I've tried escalating in technical support and it takes a while before we really get it resolved.Once I was getting a particular malware from an unknown source on one of my servers which was behind the firewall. I asked their support why. Later they advised that I should install Intercept X for servers on that particular device. I was confused about how it was behind a firewall; the firewall should be able to detect which system is getting infected. The system doesn't really go to the internet and nobody browses on it. The only thing I could imagine that could cause it was a Windows update. If it was from an update they least it should have been able to say, "Okay, it was from this particular update that this malware was filtered in."Out of ten, I would give their service a five.If you previously used a different solution, which one did you use and why did you switch?The solution we were using previously was Cyberoam.The Cyberoam device was about five years old and had started malfunctioning. It wasn't giving us the output it had previously provided. At that time, Sophos had already bought Cyberoam. We had the option to either upgrade the OS to a Sophos OS or to a Sophos device.We decided to go for a Sophos device since the Cyberoam device was already problematic.How was the initial setup?The initial setup is straightforward.What about the implementation team?I used a reseller to assist with implementation.What's my experience with pricing, setup cost, and licensing?We pay on a yearly basis.We have Sophos XG, but we also have Intercept X for our endpoint and recently we just deployed Intercept X for the servers. I've not done a calculation of the costs of all three to know what my yearly maintenance costs would be.What other advice do I have?Once you have basic networking skills and firewall management it's easy to set up. With Sophos Central, I think it's a good solution for any IT department.I would rate the solution eight out of ten.As it is now, the solution is good, but I believe that there's still room for more improvement. I still believe the reporting could be improved. Sophos, from my experience, seems to affect my bandwidth. I didn't set any limit, so I don't know where that is coming from, but it's something that we've noticed with the XG.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2019-08-28T00:00:00-04:00
Rated 5 out of 5 byOlufemi Adalemo from An easy to manage solution that streamlines processes and managementWhat is our primary use case?We use the solution as an internet firewall, and a VPN concentrator.How has it helped my organization?It streamlines the process of creating VPN access for users. Because of the AD integration, it makes it very easy to manage these users from different locations from a central source. It also helps us to get a good idea of what our risks are, or if there's any risky activity going on with the users.What is most valuable?The SSL VPNs are the most valuable feature for me. I have a lot of systems out of the head office that need to connect to the local networks, and they all connect via the Sophos VPN client.What needs improvement?The initial set up process can be a little tricky, especially when you are registering with Sophos and you have a poor internet connection. Setup is not necessarily complex, but it's not trouble-free. You do have connectivity issues at the initial setup with registering the device on the Sophos platform to access the advanced features. It doesn't always go through the first time around. That may be an issue with the quality of our connection. I'm not sure exactly what it is.The single sign-on client I get maybe a 60% success rate on. There are times when it will use single sign-on for verification of users to access Internet resources. It still doesn't always catch the user. The user gets sent to the web login. Even though the single sign-on is helping, it doesn't always work.I would like to see a better single sign-on performance. I'd like to see a more streamlined way of managing your licensing as well.For how long have I used the solution?I've been using the solution for eight months.What do I think about the stability of the solution?There are no issues with stability. It's a very stable system and you almost never have serious problems for any reason. It's only when you do an upgrade that you have to restart. Stability-wise, for the on-premise solution, I'd give it 4 stars.What do I think about the scalability of the solution?Once you've bought the specific version, you are locked into the limitations of that plan. You can't exceed the number of VPNs, connections, etc. There's no way to increase that capacity, per se. You do have options where you can increase the port count and so on. However, in terms of scalability, you have to buy the capacity you require.On the system I have now, it's not fully populated, but we have about 100 users. The plan is to eventually support about 1,400 users.How are customer service and technical support?I don't use the solution's technical support. I typically just use the documentation. There are lots of guides and videos available. In most cases, I search the guide. There's a step-by-step guide to deploy so I don't have to contact technical support.How was the initial setup?The initial setup isn't hard, but it can be tricky. Since I've been using several Sophos devices, I now find it's fairly simple. I get the deployment done in two hours, including integration. For others, it may take about a day to get everything done.There's almost no maintenance. There's really only the requirements of adding users and populating VPN connections. One person does that on a part-time basis.What about the implementation team?I handled the implementation myself.What was our ROI?We do see an ROI. It would be the cost of the support. If I had to hire a CCNP in Nigeria, I would be paying about $10,000 per annum for a CCNP minimum. For a less experienced person, I can get for about $6,000. I am probably saving about $4,000 a year in personnel costs from going with the XG rather than the ASA.What's my experience with pricing, setup cost, and licensing?We are paying about $1,500 yearly for the Enterprise Plus. As far as I know, there aren't costs above this standard fee.Which other solutions did I evaluate?We evaluated Cisco ASA as well as the FortiGate before ultimately choosing Sophos.I chose Sophos over FortiGate because I'd already had experience with Cyberoam and it was a fairly similar migration in terms of configuration from the UTM over. But in terms of features and capabilities, I think FortiGate is pretty similar to the Sophos. Cisco ASA I choose not to go with because it's much harder to configure. I also needed to be able to have someone other than myself manage it and not need to have someone with CCNP sitting down just to add VPN users etc. I felt that the Sophos solution was a better option because it gave me all the functionality of the ASA, but it's much easier to manage.What other advice do I have?We use the on-premises deployment model.We definitely plan to increase the usage and also add high variability too. Right now, it is the main internet gateway and firewall for my network.We're using both Sophos XG and Sophos UTM.I would warn those considering implementation that, once you've got it, you're stuck with it. You can't really increase the capacity very much beyond what you have. It's always good to have the expertise available to take care of the box because even though it's a lot easier than the Cisco ASA, you still need someone that has a little expertise in managing it.You can get very good performance without spending all of your money and without having to send a lot of high-end techs in-house to monitor processes.I would rate the solution nine out of ten.Disclaimer: My company has a business relationship with this vendor other than being a customer:Partner.
Date published: 2019-08-22T00:00:00-04:00
Rated 5 out of 5 byVikas-Gupta from The pricing is very competitive in the market and the support is awesomeWhat is most valuable?* Internet security, where we have one single point of console; where I can manage my endpoint and my gateway.* Any messages coming in, I am getting the intermission immediately.* If my endpoint is getting infected, I get to know.* If my file is getting infected, I get to know from a single pane point of view.How has it helped my organization?The product has been upgraded, and one of the features we were looking for has been incorporated into the newer version. It has allowed me to customize for my needs as well.For how long have I used the solution?The past six months.What do I think about the stability of the solution?Nothing. No issues. It is quite stable.What do I think about the scalability of the solution?This is a little bit of a challenge. Scalability is one issue with the hardware device and hardware files. Any kind of hardware file which has been delivered has been a challenge.How is customer service and technical support?Sophos is being preferred only because of their technical support. The tech support there is very good. It is a five-star support system that they have there.Which solutions did we use previously?Our previous solution was Check Point. I switched to Sophos just because of the pricing issue.How was the initial setup?It is very user-friendly to set up. Very straightforward.What's my experience with pricing, setup cost, and licensing?Pricing is very competitive in the market.Which other solutions did I evaluate?Only Check Point. That was the one product which I evaluated.What other advice do I have?The support is awesome. QA is very simple, and the administration is very straightforward.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-11-21T00:00:00-05:00
Rated 5 out of 5 bySecMgr5390 from Cloud portal allows me to manage firewall from any location; interface is user-friendlyWhat is our primary use case?We use it for VPN connectivity with remote sites, as well as general IPS and IDS.It's a satisfactory solution so far, no problems. It's very easy to use, and we have technical support for any issues, so it's quite good.How has it helped my organization?It's cost-effective. We are not that big a company. It gives us the features that we need.What is most valuable?* The ease of setting up the VPN connection.* The fact they have the cloud management option, I can manage it on a cloud platform. So anywhere I am, I can always manage the firewall.* The user interface is very user-friendly, so it's very easy for the administrator to make any policy changes.What needs improvement?I would like the update process to be easier, to update the firmware of the boxes. I think it's much better automatically than having to do it manually: Download the file, do network discovery. If they can make the update process much more automatic that would help.What do I think about the stability of the solution?The stability, so far, is actually quite good. I think the only issue we have had is some flapping on the connection, but it was a bug. The support is quite good, so the issue was resolved in no time at all. We have not had many issues at all. It's been working fine.What do I think about the scalability of the solution?I don't think this applies in our own case because we just bought the medium-range box, so it's adequate for our needs.How is customer service and technical support?It's very good, very responsive, and they resolve our issues in no time at all.Which solutions did we use previously?We were previously using a different solution, a Cisco ASA firewall, but it was not a next-generation of firewall, next-generation meaning it can do unified threat management. We wanted a new solution that would also give us next-generation features, like anti-malware and end-point management and the like. That informed our choice of Sophos.When selecting a vendor, the stability of the solution and then the technical support are very important. Also, the cost-to-reward ratio, the value we get from the product compared to what we pay for it. In addition, ease of management; how easy is it to manage? If it's too complex to manage it's a problem because you don't want to spend too much time managing it.How was the initial setup?It was completely straightforward, but our internal network is not that complex.Which other solutions did I evaluate?We evaluated Sophos vs Fortinet ( https://www.itcentralstation.com/products/comparisons/fortinet-fortigate_vs_sophos-utm ) and Sophos vs Cisco ( https://www.itcentralstation.com/products/comparisons/cisco-asa_vs_sophos-utm ).The cost of Sophos was more competitive compared to the rest. We also considered the management and it was easier to manage than the rest. That's how we came to our conclusion.What other advice do I have?I would rate it an eight out of 10. I don't rate it "perfect" because it can always improve. But the features that come along with Sophos are very, very extensive. It gives me so many options, the ability to remotely manage my firewall ( https://www.itcentralstation.com/categories/firewalls ) from anywhere, given the cloud portal. The solution hasn't given us too many problems at all, and even when we did have an issue, it was resolved.My advice is to take advantage of the trials, they have a trial on their website where you can see how the cloud management works; you can have a free account for one month and play around with it and see how easy it is to manage. That way you can know if it can handle the services you are going to require. Take advantage of training on their website as well. Check the industry ratings, they are pretty highly rated.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2018-04-17T00:00:00-04:00
Rated 5 out of 5 byDanyllo Cabral from Very intuitive and easy-to-use interface making it much easier to setup access and business rulesWhat is most valuable?* URL Filtering: because of the importance of controlling what and individual might access from the organization’s network. Sophos XG ( https://www.itcentralstation.com/products/sophos-xg ) has 90+ categories, providing a level of granularity that eliminates the need to create customized categories.* IPS (Intrusion Prevention System): because of the importance of preventing hackers from using exploits and other mechanisms that might compromise the network* Anti-malware: Sophos XG comes with two anti-malware engines: its own and Avira, making the UTM more effective at catching malicious code.* Control Center: an interface crammed with the most vital information like security issues, appliance performance, and Internet link status.How has it helped my organization?With a very intuitive and easy-to-use interface, it made it much easier to setup access and business rules, VPNs and to identify issues like Internet link outages and security issues.What needs improvement?Sophos XG lacks link load balancing options like ratio and spill over, both useful in some scenarios.I also think they might consider improving the RAM of some of the appliances, since there are processes that are very memory intensive.Lastly, I would say packet monitor is another area for improvement as it lacks capabilities like exporting the capture from inside the GUI tool.For how long have I used the solution?A year and a half.What do I think about the stability of the solution?Yes, on the SFOS Version 15, I had to upgrade the firmware of an appliance since it had a problem with the JAMVM process (an apparently known issue in which that process consumes almost all of the CPU resources).What do I think about the scalability of the solution?No.How is customer service and technical support?I would say that Sophos Brazil has an excellent support team.Which solutions did we use previously?No.How was the initial setup?It was very straightforward. And I credit that to the great job Sophos did on its OS interface, providing different ways of accessing the same option, hiding some of the complexities of a firewall system, and deploying it with many pre-built policies, objects and rules that for most of the environments makes it unnecessary to spend hours tuning the system.What's my experience with pricing, setup cost, and licensing?Sophos is clearly trying to position itself as the market leader in the UTM niche. One way they are doing this is by having an aggressive pricing policy and this makes it a good moment to start using their products.Which other solutions did I evaluate?Yes, FortiGate ( https://www.itcentralstation.com/products/fortinet-fortigate ).What other advice do I have?Try to have the help of a Sophos Partner for the correct sizing and purchasing of an adequate licensing bundle.In addition, I would recommend having a PoC in place in order to make sure that the solution is what the organization needs.It is important to notice that the XG is available for a 30 days free trial and that there are virtual appliances available for the main virtualization platforms on the market.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-07-30T00:00:00-04:00
Rated 5 out of 5 byKolanji Selvaraj from Email security features are good, but the technical support needs improvementWhat is our primary use case?Our primary use case for this solution is to act as the main broadband device in our data center. The XG 210 model is being used for a hospitality solution.How has it helped my organization?The main improvement for us is with our email. The email options and email security features are good.What is most valuable?We have found that the simplicity of the XG 210 is its most valuable feature. There are a lot of options available for the default firewall rules, such as email and web, that are used to secure the network.I like all of the options, but the most important thing is that it is easy to understand how to configure everything, compared to other firewalls.What needs improvement?We are having a lot of issues with conflicts and user sessions, and Sophos has suggested that we change the device to the XG 400.Aside from these issues with scalability, the email security features are good, but there are not many options. We would like to know why an email is being blocked, and how we can allow delivery. It does not keep emails in the queue for delivery. It can only log whether it is delivered or not delivered. If I need more details then I have to log in using SSH to get that information.When an email comes in from the outside it is detected. When we check the log it only tells us that it is not delivered. We would like to create an exception, but there are not many options available for this. For example, a domain space is not allowed. Only the user name can be used to do that. We need a domain-based exception for email.Next, the XG 210 is easy to configure, but when we are looking for more details then we can only get this information through SSH. It is quite difficult. If we can get all of those details then it would help us to understand, so this needs to be improved.There are a lot of options and it gets confusing sometimes. If they can give limited options, with more information, then it would be good for the large sites.For how long have I used the solution?Less than one year.What do I think about the stability of the solution?The product is stable, but by stable, I mean that we still have issues. The issues are more technical, which is why they suggest that we change the device to fix the problems.What do I think about the scalability of the solution?Our main data center has more than seventy servers that host a web server and internal applications. This is where we use the XG 400.We have installed the XG 210 model at a smaller data center. We have between three and four hundred users at the most. However, because we have more than three hundred sessions, the vendor has suggested that we change to the XG 400. We do not yet know if this will fix our problem.At our remote sites, we use the XG 135 model, and we do not have many issues.How are customer service and technical support?I am not sure why Sophos suggested using the XG 210 model after doing a site check, but we are facing issues and they suggested that we replace the model.When I call, I have to wait for at least one to two hours to reach them. Sometimes they will pick up the call immediately, but most of the time they will not. I usually have to wait one hour before they pick up the phone.When a ticket is created we have to wait three days before getting a reply from them. When they create a ticket for a critical issue, the response is delayed. This is a new device, and we expect support from Sophos. At least the partner should support the product, but the partners are always looking for money. Even if they deploy the device, for example, the XG 450, then they only offer support for one day. After that, there is no support.If you previously used a different solution, which one did you use and why did you switch?We have been using the Sophos XG 135 model at our remote sites and it works.This year we deployed the XG 210 model at our data center, but prior to this we used Barracuda. We switched because Barracuda is too expensive. The options are very limited because you have to pay for each additional option. Each one represents a different service, like ADP (Active DDoS Prevention) or firewall. In contrast, Sophos is only a single payment, so we switched even though we lost some options that we liked.How was the initial setup?The initial setup is very easy.Our deployment took only two to three days. The problem is that we had a lot of issues, especially with the email. The SMTP did not work, so I could not continue with the deployment. It took between fifteen and twenty days to resolve this. I do not know what they did to fix it, but we were delayed between twenty-five days and a month.We had contacted the Sophos partner for help, but they were not able to fix our issue. After the problem was resolved I re-initiated the deployment. Only one staff member is required to maintain the solution.What's my experience with pricing, setup cost, and licensing?Even when you purchase the product from Sophos, they ask for a separate contract for support which is on an hourly basis.For licensing the XG 210, we paid approximately $3000 for three years. There are no additional fees on top of this.Which other solutions did I evaluate?Other than the Barracuda and the Sophos models, I did not evaluate other solutions.What other advice do I have?Because of the problems that we are having, I cannot recommend this solution to anyone at this time.I would rate this solution five out of ten.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2019-04-18T00:00:00-04:00
Rated 5 out of 5 bySherifFouad from Gives us customizable policies, modifiable templates, and customized rules for single usersWhat is our primary use case?It's being used as a UTM, no firewalling. So it acts as a bridge. It doesn't provide the IP services, it doesn't provide DNS, it doesn't provide DHCP services, and it doesn't operate as a router or a point of mapping. It's only being used for filtering: Web and application filtering, as well as antivirus. I usually disable the anti-spam on all those units, because I have a gateway anti-spam server in place.What is most valuable?The web and application filters, as well as the quality of service. It has a very friendly interface like the Cyberoam iNG units, it has customizable policies, it has proper templates that you can even modify, and you can customize the rules, down to each single user.It gives flexibility in the rules and the filters that you apply, based on, for example, the level of usage and the managerial level, etc. It's highly customizable.The dashboard is customizable as well. It gives you the feature of including what you need to see as soon as you open the dashboard and to remove the non-necessary stuff, which varies from one organization to the next and from one IT manager to the next. And it has a wide variety of reports as well, template and customizable reports.What needs improvement?The major problem that I am facing, and I know that others are facing as well, is with the HTTPS classic, in general, or any classic that works on Secure Socket Layers. Let's say I set up a rule to block users from accessing YouTube or Facebook. The rule will only block the HTTP traffic, which is non-secure traffic. But most websites right now, most of the reputable web services providers, for extra security for their own web servers and for the user's security, provide a connection over Secure Socket Layer.The problem comes when you are trying to block, or allow, similar traffic that uses HTTPS. You have to create a certificate and import it into the users' web browsers, whatever they are using. Now, this is not a problem when you're dealing with users stationed and fixed in a specific site or location. They are using desktops, they will never take the desktops and go home with them, nor will they ever take the desktops and travel to another country, or another site with it. The problem occurs when you're dealing with roaming users who use laptops and have to move between different sites that have different types of policies applied to them. You have to import all sorts of certificates from each site into their browser. Doing so will most probably conflict with something else that is totally irrelevant and cause a problem.A way around this is if you are using authentication with Active Directory. But most of the time, especially if you're operating in a remote site with a very slow internet connection, if it's available in the first place, authentication with Active Directory is impossible.So it needs an easier way to apply HTTPS filters, without importing certificates into users' browsers and without the need for using an Active Directory. There must be a way around it. There are workarounds. But with applied workarounds, it will work out once, it won't work out properly 10 other times. That is my only request.Also, since Sophos took over Cyberoam, the online technical library and support library have become super messy. To get a piece of information is becoming a nightmare. They need to reorganize the online technical support and technical library. The easiest way to overcome this is to look at how the Cyberoam online technical library was structured and to build the Sophos technical library the same way. It is messy, totally unorganized, time-wasting. Instead of getting what you want in five minutes it takes half an hour.What do I think about the stability of the solution?Stability is good. I was so happy with the Cyberoam iNG unit, and I think the Sophos XG series is exactly the same as the Cyberoam iNG unit. It's a very good unit for a smaller or medium business. It's very stable and it takes overload easily, so it can add to the throughput. It has versatility, it will support extra users, it will support extra bandwidth, to a limit, and it keeps on working as a monster. I have barely replaced any of those units through the years.What do I think about the scalability of the solution?Scalability is brilliant.How is customer service and technical support?I usually deal with one of the major partners in Egypt. The name is Gateworx. I've been dealing with those guys since my previous company, back to 2002. Even when we're buying devices that will be used in other countries outside of Egypt, we get them from them.They provide outstanding technical support and they provide outstanding pre-sales services. If I require a device to be delivered to a country outside of Egypt, they contact the partner directly and they set up everything, and I get the hardware delivered. They are outstanding.This is one of the major reasons we didn't look at another UTM or firewall through the years. These guys were a proper representative of Sophos and Cyberoam.Which solutions did we use previously?I've used heaps of them through the years. I've used Fortigate, which is now Fortinet. I've used Websense, they issued something like that years ago. ISS issued something like that years ago.Sophos UTM, along with Cyberoam UTM, since they are both the same - it's only a different interface and a different hardware look - they provide the best value for the money. You get the best features for the best cost. They are the best, to a certain limit for a certain usage. I never use any of those units as a firewall. What I usually do is, I have an edge firewall responsible for routing, switching, and firewalling. And then I deploy the UTM behind it, only for filtering.The most important criteria when selecting a vendor include getting the best features that you can get for an equivalent cost, so you're paying for what you're getting. You don't want to be paying for the name or the brand or the reputation of it. Also important are pre-sales services and "1000-percent" technical support services, in the environment and the remote areas we operate in, the warranty services as well.How was the initial setup?The setup is straightforward. But what could be a straightforward setup for me might be complex for others. It depends on your level of experience, the training that you got, and the engagements.They have a setup wizard, and I have had heaps of technicians, over the years to set it up, even initially.Which other solutions did I evaluate?I was looking at either Cyberoam iNG or Sophos XG.What other advice do I have?My advice would vary based on your requirements. If you have a dedicated edge firewall, like Cisco ASA, you should get Cyberoam iNG and Sophos XG. They will do the job brilliantly. They will take the load, they will do a fantastic job.If you are looking at units that will do both jobs - being an edge firewall and a UTM at the same time - with routing features, if you are going with Cyberoam and Sophos XG, I'd always recommend that you buy a higher model than what will meet exactly their requirements. So let's say that I'm looking at features that could be fulfilled with an XG 125 or 115, but I want to use the same unit as a firewall. I'd step up and buy an XG 135. You will always need those extra machine resources when you're providing routing, switching, and firewalling as well. Both of those products provide the best support ever, for the money being paid.I rate it at eight out of 10. It's not higher because of the HTTPS issue that I told you about. That's my major issue. That's a super-disastrous issue that, unfortunately, cannot be solved easily.And, sometimes we'll get a specific detailed report, stressing a certain aspect and it's not straightforward. I'll be able to do it, but then I'll have to combine or merge more than one, two, or three reports to get the results that I want. So more specific reports would be good. But then, again, there is a work-around by customizing the reports you want and then getting several reports and comparing them together. It's workable. My only issue is trying to save time, administration time is an issue for us.But other than that, I'm happy. The product is brilliant, support is brilliant.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2018-07-24T00:00:00-04:00
Rated 5 out of 5 byMohamedAhmed from Multifaceted security protection to protect us and our customersWhat is our primary use case?This solution is implemented for medium and large enterprises to protect their network from attacks and to filter the web traffic through web protection and application protection modules.This solution includes Email protection, IPS, Antivirus gateway, ATP, Reporting, VPN, Sophos Wireless controller, load balancer, WAF, and traffic shaping.How has it helped my organization?* It's protecting our networks from threats.* Block URLs and web applications based on business needs.* Not expensive when compared to other vendors, with a great added value.* Impressive synchronized security with its endpoint solution.What is most valuable?All of the features are amazing, especially Sandstorm, which prevents bad traffic or downloaded files from reaching our customers' and partners' networks.What needs improvement?Network security is in need of improvement.For how long have I used the solution?I have been using this solution for five years.Disclaimer: I work for the vendor.
Date published: 2019-09-17T00:00:00-04:00
Rated 5 out of 5 byLeadvanceng574 from Very easy to use but bugs find their way through their securityWhat is our primary use case?Our primary use case of this program is for antivirus and security purposes.What is most valuable?What I like about this program is that it is easy to use and easy to manage.What needs improvement?Sometimes we experience difficulties with our server and that is usually due to a bug. Somehow bugs seem to find their way through Sophos' security. The issue is usually resolved when we contact technical support. In the next version, I would like to see an improvement in this. The developers should test everything after any update to ensure that bugs don't come though with the update.For how long have I used the solution?We have been using Sophos XG for three years now.What do I think about the stability of the solution?I've used FortiGate before and I would say that Sophos is just as stable, both being around 70% as stable as other products on the market.What do I think about the scalability of the solution?The scalability is good. We have 300 to 400 antivirus end users, and our company has around 1,000 users. We do have plans to increase usage because we are growing our projects around the world to countries like the US, Germany, Pakistan, India, UAE (Dubai) and Egypt.How are customer service and technical support?The technical support is okay. Whenever we call them with an issue, they come to us and resolve the issue. Sometimes they take time, but I still think it's good. I will rate the technical support eight out of ten.If you previously used a different solution, which one did you use and why did you switch?We only use Sophos because it can integrate with other product like FortiGate and we can easily connect the two programs. This makes the program scalable and easy to use. Many other products on the market are not compatible with each other and that is why we chose Sophos.How was the initial setup?The initial setup was rather complex but we had no issues with the deployment.What's my experience with pricing, setup cost, and licensing?We bought a license for three years and we will renew it but I think the price is too high. If it could be less expensive, more end-users or partners will be able to afford it.What other advice do I have?It is a good product and I will definitely recommend it. I rate this product a seven out of ten. In the next version I would like to see an advanced level and not only a basic level. Nowadays it is a very useful feature to be able to upgrade.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2019-08-26T00:00:00-04:00