Barracuda Web Security Gateway vs. Sophos Cloud Web Gateway (discontinued)

For a larger organization, this is a must. It provides insight into what the users are doing online and most malicious sites will no longer be accessible if access is denied. This can also give access to non-work related sites, but in a limited capacity, based on user or time of day. Though a smaller company would benefit from the features, it may be cost prohibitive.

Sophos Secure Web Gateway is great for almost any business that needs an easily-manageable proxy server. We're a medium-sized enterprise, but the product would work great for much larger companies as well. The only real limitations would be hardware resources, but it isn't that intensive. The administration of it is very intuitive, and it was quick to set up. Where it might not make sense is across multiple sites, unless all internet traffic is funneled through one place. It would be a bit complicated to maintain multiple setups.

Incentivized

• Integrates with other Barracuda products, including the Barracuda Web Application Firewall and the Barracuda Email Security Gateway.
• Helps manage bandwidth to improve network performance.
• Easy to use.
• Allows you to perform SSL inspections to view content on social networks.
• Help prevent data loss.
• Protect our privacy.

Incentivized

• When IT Admins need to deploy virtually.
• When IT Admins want to have high availability without an extra cost (via the Virtual Appliance Deployment).
• When IT Admins want to control and give the internet fair use within the organization.

Incentivized

• I don't think I have anything to mention here. The Barracuda Web Security Gateway does everything we need it to do.

• Administrator Permissions: There's not enough granularity on the administrative side. We ran into an issue where we wanted to restrict junior admins from being able to see traffic per user. But in doing so, it also prevented them from adusting some other settings they had to have access to, like setting exceptions for sites.
• CA Database: I occasionally run into issues where the list of certificate authorities in the appliance is not up to date, and I have to manually add a CA. These aren't rare, never-heard-of authorities, either, but they are usually subsidiaries of one of the major ones.
• Feedback: Sometimes it takes some good detective skills to track down why a legitimate site isn't working. It's often because of content hosted elsewhere (images, for example), but the reports aren't always clear as to what actually gets blocked. It takes some trial and error sometimes to unblock something that should be okay for our business.

Incentivized

There are a lot of settings you can adjust. The web log is easy to use. If a user is having issues accessing a website, you can go in and see what's being blocked and why. After that, you can make adjustments fairly easy. The GUI is easy to navigate and updating the software is a simple click of a button.

Incentivized

Barracuda support have also been excellent when we have had to contact them. The only time we had a hardware issue on a device (and that device was about 8 years old) it was replaced within about 24 hours of reporting it. Generally there has not been much need to contact their support, as once the device is in and set up, it just works.

Incentivized

SonicWall, Barracuda NG Firewall, and WatchGuard provides Content Filtering, but are primarily firewalls with Content Filtering features. The Web Filter is a dedicated appliance with more storage space and better reporting of users.

Incentivized

Sophos Secure Web Gateway has flexible pricing and deployment options. It offers a huge range of categorization options and they also pull web categorization info from other services

Incentivized

• I came into the company with Barracuda already implemented so it worked well for a number of years.
• Their support contract was a bit pricey.
• For what the company paid for the system, Barracuda was worth the money over the 10 years it was implemented.

Incentivized

• We have not had a single instance of malware since installing Web Gateway. We have other ways to prevent infections and attacks, of course, so this is just one tool in the box, but we had a handful before this from people visiting sites they should not have. Web Gateway has prevented those, at least.
• There was some pushback initially as users had to deal with some business sites not working (usually due to CA problems). After the initial growing pains, however, we've seen very few other problems.
• The appliance updates itself, in the middle of the night, so that reduces some overhead and planned downtime.

Incentivized