Sophos Secure Web Gateway is a no-brainer!
June 03, 2019

Sophos Secure Web Gateway is a no-brainer!

Robert Paul | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Sophos Secure Web Gateway

We currently use Sophos Web Gateway as our proxy server at our enterprise. Every user's internet traffic goes through the gateway. This allows us to control what kinds of sites employees may visit, making sure they're business appropriate, review this data, and adjust as necessary. In addition, it acts as another defense against malware, since it scans sites and downloads for anything malicious.
  • Web filtering: This is the primary purpose of Web Gateway, and it does it very well. It uses Sophos' external database to check URLs against the type of content on a website, and then based on the rules we've set up in the admin portal, allows or blocks it. It alerts IT when a user attempts to view blocked content. And, just in case, it also lets us override specific sets, either explicitly, or by re-categorizing.
  • SSL Checking: Web Gateway works on encrypted traffic as well, so even HTTPS sites are filtered appropriately. It verifies certificate authorities too.
  • Groups: Web Gateway can tie into Active Directory, so you can set specific groups to behave differently. For example, our public information department requires access to social media whereas we block that for most users. But with the group settings, PIO has a separate rule that allows them to post and respond to social media.
  • Administrator Permissions: There's not enough granularity on the administrative side. We ran into an issue where we wanted to restrict junior admins from being able to see traffic per user. But in doing so, it also prevented them from adusting some other settings they had to have access to, like setting exceptions for sites.
  • CA Database: I occasionally run into issues where the list of certificate authorities in the appliance is not up to date, and I have to manually add a CA. These aren't rare, never-heard-of authorities, either, but they are usually subsidiaries of one of the major ones.
  • Feedback: Sometimes it takes some good detective skills to track down why a legitimate site isn't working. It's often because of content hosted elsewhere (images, for example), but the reports aren't always clear as to what actually gets blocked. It takes some trial and error sometimes to unblock something that should be okay for our business.
  • We have not had a single instance of malware since installing Web Gateway. We have other ways to prevent infections and attacks, of course, so this is just one tool in the box, but we had a handful before this from people visiting sites they should not have. Web Gateway has prevented those, at least.
  • There was some pushback initially as users had to deal with some business sites not working (usually due to CA problems). After the initial growing pains, however, we've seen very few other problems.
  • The appliance updates itself, in the middle of the night, so that reduces some overhead and planned downtime.
I had experience in the past with Barracuda and WatchGuard. Barracuda was fine, although I found it harder to configure and administrate. Less intuitive, but possibly more robust. WatchGuard was a nightmare, it either blocked too many things or not enough, and the rules were too complex. I would pick Sophos over either of these, both for ease of use, and for cost.
Sophos Secure Web Gateway is great for almost any business that needs an easily-manageable proxy server. We're a medium-sized enterprise, but the product would work great for much larger companies as well. The only real limitations would be hardware resources, but it isn't that intensive. The administration of it is very intuitive, and it was quick to set up.

Where it might not make sense is across multiple sites, unless all internet traffic is funneled through one place. It would be a bit complicated to maintain multiple setups.