Likelihood to Recommend This is the best product for small-size organizations with a low budget that want advanced and deep-level security features. Sandboxing and advanced malware protection are the most valuable features available on Sophos devices. Other features like applications and web content make your organization more secure, and you can put more restrictions on users.
Read full review Any scenario where a dedicated firewall administrator is on staff and a secure firewall solution that requires high availability is needed will be a good solution for the McAfee Firewall Enterprise product. The McAfee Firewall Enterprise however comes with some of its own parlance that is different from other vendors and does require some comfort on the administrators side when it comes to working in the command line. Added knowledge of protocols and how they interact is a must for any firewall admin but particularly for the McAfee Firewall Enterprise product due to its flexible nature. If the environment is to be mostly hands off where a very limited rule set is to be configured and not likely to change often, I would defer to a different product
Read full review Pros You can scan every packet deeply through sandboxing. Control the user traffic through content filtering. Put the restrictions on user web traffic through web filtering. Control any type of malware through anti virus. Read full review Based on the SecureComputing Sidewinder firewalls, the McAfee Firewall Enterprise does similar backend containerization of each service which provides for added security in the unlikely event of failures or breeches. Tie in reporting services (if used by the admin) provide very granular details on rules accessed and the firewalls response to the requests. Configurable options are plentiful. Unbound DNS can be configured on each "burb" (SecureComputing/McAfee parlance for interface), similar options for sendmail while rulesets can be configured at the application level down to simple IP-filter making options for enhancing security as well as troubleshooting equally as useful. Full control over shell for scripting and/or scheduling (cron) purposes. Solid HA and patching architecture. Support was always helpful, knowledgeable and insightful (especially the staff that migrated from SecureComputing). Read full review Cons If using Endpoint security and the Firewall it would be nice to have an easier back and forth between the portals rather than have two separate tabs open. Especially if using more than one in multiple locations. If dealing with different revisions options are moved around and sometimes in places that doesn't normally seem like they should be there. Read full review For an application-layer firewall the applications supported (at the time I managed them) were too few and would need to be expanded and the application ruleset needed to be expanded as well. The remote access VPN client configuration was overly complex for the average user and would need to be supplemented with a configuration file that had already been generated. Other solutions from CheckPoint or Cisco ASA are not as complex for end user remote access. Enhancing the GUI with a builtin "packet capture" feature would be useful for administrators not familiar with tcpdump. Read full review Usability It is a good and pleasant experience to use Sophos XG firewall and it offers more then what we expect and the price is ok in the current market level
Read full review Support Rating Honestly we didn't get the premium support from them, but our partner has been supportive. Online forums are also a good place to learn things from.
Read full review Alternatives Considered We have been a Sophos customer for the most part but i have seen some other offerings from SonicWall, Barracuda, and Cisco. While they all offer nice products, we've always been content with our Sophos XG firewalls, especially as they release more and more features/etc.
Read full review Compared to other firewalls I've managed (Palo Alto, Cisco ASA & CheckPoint) I would say that McAfee Firewall Enterprise was probably at the time not the leader in its field however it is a product that proved its reliability and flexibility over the other vendors. The addition of many new features usually comes as a detriment to some other area (restricted CLI, decreased logging etc.). In my experience this product gave the flexibility and options that the organization needed.
Read full review Return on Investment Easy to integrate with Active Directory & LDAP We don't need to purchase any additional 2FA & VPN Tools so the cost is saved for us High Availability Read full review In its highly available configuration the impact on any business objective has been positive given the fact that any downtime of the firewall would negatively impact all business objectives. Read full review ScreenShots Sophos XG Firewall Screenshots