A review from an admin who have used a lot of firewall products.
June 02, 2022
A review from an admin who have used a lot of firewall products.
Score 7 out of 10
Overall Satisfaction with Sophos SG Firewall Appliances
Sophos SG Firewall Appliances for us is our unified threat management solution that we use along with the Fortinet firewall. For us, Sophos SG Firewall Appliances provides our antivirus solution as well. After using Cyberoam for many years, we decided to move into Sophos SG Firewall Appliances. We needed a Unified threat management solution for your company and there were only a few in the market where the antivirus actually speaks with your firewall. So for end-users, this was a natural solution. We have pushed antivirus software to the end devices and they are configured to speak with our firewall. So when threats are detected the devices are blocked off on a network and a firewall level.
- Sophos' support is actually pretty decent compared to Fortinet. We as a customer who uses both have first-hand experience in that. Sophos' way of support is much more hands-on. For instance, if you raise a ticket, they will contact you via chat, email, or phone in a timely manner and based on your SLA.
- Sophos antivirus can speak with your firewall natively so that when a threat happens it can be blocked on a network level. We had first-hand experience of this where there was a potential outbreak on the network but the machines were getting isolated and prevented the spreading of malware.
- Sophos comes with a whole suite of products like Intercept X, MDM, Antivirus, On-premise, and a virtual firewall. So they are like a one shop stop for all your security needs. We liked Sophos compared to our other firewall, which only had on-premise and virtual firewall boxes.
- Sophos did come a long way from the time they bought out Cyberoam. But the thing with Sophos is it is concentrated on SMBs. You cannot put a Sophos Firewall on a very large organization with thousands of users because the hardware simply cannot take that much load. They normally fall flat against the likes of Palo Alto's or Fortinet's when it comes to large enterprises. But with the world moving to cloud and remote working being a thing I doubt it would be an issue.
- If you do a side-by-side comparison I always felt Sophos Firewall breaks faster under load compared to Fortinet Firewall on an OS level. For example, Fortinet devices are like once you set it up it will keep doing what it's supposed to do until you change it. But Sophos Firewall configs do seem to give problems when you are hammering your firewall. But if the firewall does break you have wonderful support which will assist you to fix the issues.
- Very poor Ansible Support. Most of the companies are heavily invested in DevOps and CICD. Sophos has very little support for Ansible compared to its peers. In this day and age, no one really wants to go into firewalls to make changes. Sophos really needs to invest in ansible support so that admins can simply write playbooks to get things done and add them to the CI/CD pipeline or Jenkins.
- One positive impact that i really need to mention is with our AV talking to our firewall we dont need to manage them separately. When malicious contents are detected they get blocked automatically on the firewall as well. This really saves a lot of time and effort.
- There is a good centralised platform from sophos which collets metrics from all your end devices. Compared to the old symantec type of products where you had to maintain the onpremise solution for management this is an upgrade.You can simply run basic analysis from this platform or push data to a SIEM from your centralised solution.
- You can manage your AV's and your firewall from your centralised cloud solution. You can do some tasks like update/run scans etc from the cloud. You dont need to login to end user devices to do this. This features help in reducing the time that we have to spend on each end points.
Sophos does hold its ground against its main competitor which is Fortinet in their respective markets in my opinion. Sophos does excel in some key areas like support and antivirus. But compared to mammoths like your Zscaler and Palo's which are designed for large-scale customers who prefer performance under load Sophos cannot compete. But that being said with the world moving to the cloud and with remote work being a norm I don't think that is the right business segment that Sophos needs to concentrate on. They are doing quite well in their own markets.
Do you think Sophos SG Firewall Appliances delivers good value for the price?
Are you happy with Sophos SG Firewall Appliances's feature set?
Did Sophos SG Firewall Appliances live up to sales and marketing promises?
Did implementation of Sophos SG Firewall Appliances go as expected?
Would you buy Sophos SG Firewall Appliances again?
If your organization wants to purchase a Firewall that has the ability to talk with your antivirus and you need a pretty decent antivirus look no further than Sophos. They provide great antivirus products and decent firewalls and their centralized management solution is clean and straightforward. But if you are looking for only a firewall and you are a very large organization for example an organization with tens of thousands of users and you only need performance without the UTM capability then this is not the right product for you. You may invest in purchasing one of their competitors like Zscaler or Palo's or Ciscos. Sophos does provide decent UTM capability and their AV product is very nice. So this is a good product for the SMB market segment.
Sophos SG Firewall Appliances Feature Ratings
Evaluating Sophos SG Firewall Appliances and Competitors
Yes - We were a Cyberoam customer for a long time. When sophos purchased cyberoam we were given an option to swap out the hardware for a license cost. During that phase we actually approached fortinet with our requirements. But their AV option was very bad honestly. So we didnt go with fortinet for our UTM at that time. We at that time was not that big to invest in palo alto's or Z scaler. Sophos had the perfect firewall for us based on pricing and capacity. So it was a natural choice for us to choose Sophos.
- Product Features
For us it was the product features. Like i mentioned before we needed a device that could "do it all" Sophos with their interceptx, MDM, AV and rasom protect was a good solution that fitted our budget. Also the support for the product was good compared to Fortinet.
I dont think there is other competitors who actually have a full suite of products which we are looking for. Even if it does exist the pricing and vendor support would be something that we really look at before making a decision. So Sophos ticked all our boxes. Hence if we are given an option most probably we would go with sophos.
Sophos SG Firewall Appliances Support
The biggest selling point for sophos is their vendor support. Those guys put a smile on our faces. There are multiple ways you can contact their support like chat, or telephone or email. They are very responsive and they do have very knowledgable and patient support staff. We have raised tickets at all odd hours and they have been addressed correctly.
Problems get solved
No escalation required
Immediate help available
Support cares about my success
Quick Initial Response
We didnt have to purchase premium support for 2 reasons. One being the firewall was not put in a mission critical part of our network and two we knew that sophos had a good reputation for providing good support. They had also provided us with free training on their products so by the time the hardware arrived we were trained on the product.
There was this time when i was running an update on a weekend before the annual financial year end. I never expected anything to go wrong so thats why i originally chose to update the firewall before the year end. In the middle of the upgrade something happend to the power and the whole firewall was stuck and was not coming back on. With the year end on Monday i acutally got really worried and immediately contacted support over the phone as the internet was off. They guided me step by step on how to restore the firewall and do the correct upgrade and stayed with me on the phone until i made sure all the services were back up and running.