Sophos SG Firewall Appliances review with Pawan
Updated April 23, 2025

Sophos SG Firewall Appliances review with Pawan

Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Reseller

Overall Satisfaction with Sophos SG Firewall Appliances

I have used Sophos SG Firewall Appliances for my organization as well as for my clients. I was looking for L2-L3 support for Sophos SG Firewall Appliances firewall which would resolve multiple issues like troublesome web and app based policies issues, NAT related issues

Pros

  • DDOS protection
  • NAT
  • VPN
  • Use of wireless technology very well with Sophos SG Firewall Appliances

Cons

  • From my point of view everything is fine but it would be very good if the old firewall logs could be managed for a long time
  • Positive is easy management
  • Negative is high cost
Because i have work with Sophos SG Firewall Appliances since 2020, and i have well hands on experience on that
CheckPoint It takes a lot of time to work with it as its deployment is mentioned in the three teir architecture section.

Do you think Sophos SG Firewall Appliances delivers good value for the price?

Not sure

Are you happy with Sophos SG Firewall Appliances's feature set?

Yes

Did Sophos SG Firewall Appliances live up to sales and marketing promises?

Yes

Did implementation of Sophos SG Firewall Appliances go as expected?

Yes

Would you buy Sophos SG Firewall Appliances again?

Yes

It has a very user friendly and interactive dashboard which makes doing any work quite easy. VPN works very well in Sophos SG Firewall Appliances.

Sophos SG Firewall Appliances Feature Ratings

Firewall
9.7
Identification Technologies
10
Visualization Tools
9
Content Inspection
9
Policy-based Controls
10
Active Directory and LDAP
10
Firewall Management Console
10
Reporting and Logging
9
VPN
10
High Availability
10
Stateful Inspection
10
Proxy Server
10

Using Sophos SG Firewall Appliances

600 - In my 5 years of hands-on experience with Sophos SG Firewall, I've seen it directly support key business functions:


Network Security: Protects critical assets via IPS, ATP, and firewall rules.


Compliance: Helps meet security standards (ISO, GDPR) with DLP, web filtering, and logging.


Business Continuity: Ensures 24/7 access with VPN, HA, and failover.


Productivity: Manages bandwidth, controls access, and boosts operational efficiency.


Customer Trust: Prevents breaches, ensuring data integrity and brand reputation.


Sophos SG Firewall isn't just a technical tool — it's a strategic business enabler.
5 - To effectively manage and support Sophos SG Firewall appliances, we rely on a diverse team with the following technical roles and skill sets:


Network Security Engineer


Expertise in firewall policies, IPS, NAT, and advanced threat protection (ATP).


Manages overall network segmentation and perimeter defense.




UTM Specialist / Sophos Certified Engineer


Specializes in Sophos UTM features like web filtering, email protection, DLP, and SSL inspection.


Handles firmware upgrades, licensing, and Sophos Central integration.




VPN & Remote Access Specialist


Configures and maintains IPsec, SSL VPNs for remote users and site-to-site connectivity.


Ensures secure and reliable access for distributed teams.




Monitoring & Reporting Analyst


Monitors logs, generates reports for audit/compliance, and tracks suspicious activity using tools like Sophos Reports and syslog servers.




Technical Support / Helpdesk Lead


First point of contact for user-level issues related to blocked access, captive portal, or VPN login.


Escalates advanced cases to the core firewall team.
  • Perimeter Security & Threat Prevention
  • Sophos SG Firewall protects our network from external threats using IPS, ATP, and web filtering — securing both internal systems and remote access.
  • Secure Remote Access for Employees & Clients
  • We use IPsec and SSL VPNs to provide reliable and encrypted connectivity for remote users, enabling safe work-from-anywhere without compromising security.
  • Compliance & Internet Usage Control
  • With features like content filtering, logging, and DLP, we enforce internet usage policies, generate audit-ready reports, and ensure compliance with internal and external security standards.
  • Bandwidth Prioritization for Business-Critical Apps
  • We configured QoS and traffic shaping to prioritize applications like video conferencing and ERP over social media or non-essential services — improving productivity and user experience.
  • Using Captive Portal for Guest Access Control
  • Instead of a traditional open guest network, we used the built-in captive portal feature to provide time-bound, role-based internet access to visitors and temporary staff — improving security.
  • Automated Alerts via Email for Suspicious Activities
  • We set up firewall rule triggers and log monitoring to automatically send alerts via email for unusual login attempts, port scans, or geo-blocked traffic — helping the security team respond in real-time.
  • Integration with SIEM Solutions for Centralized Monitoring
  • We plan to integrate firewall logs with a SIEM (e.g., Splunk or Wazuh) for deeper threat analysis, correlation, and centralized incident response.
  • User-Based Access Control via Directory Sync
  • Implementing full integration with Active Directory to apply granular policies based on user identity and group membership — enhancing access control.
  • Cloud Application Control and Shadow IT Detection
  • Using app control and reporting to identify and block unauthorized cloud apps (e.g., unsanctioned file-sharing services) that may pose data risks.
  • Redundant Internet Links with Load Balancing
  • Setting up dual WAN links with automatic failover and load balancing to ensure high availability and uninterrupted connectivity for critical operations.
I rated Sophos SG Firewall a 9 out of 10 because it has consistently provided strong and reliable security for our organization over the past five years. Its unified features like IPS, VPN, web filtering, and reporting make it easy to manage and highly effective in protecting our network. The interface is user-friendly, and support from Sophos has been timely and helpful. I deducted one point only because deeper cloud-native integration and more advanced analytics would further enhance its future readiness.

Evaluating Sophos SG Firewall Appliances and Competitors

Not Sure
  • Scalability
Scalability was the single most important factor in our decision to choose Sophos SG Firewall. As our organization and client base continued to grow, we needed a solution that could adapt to increasing network demands without compromising on performance or security. Sophos SG provided the flexibility to scale both vertically and horizontally — whether it was adding more users, expanding VPN usage, or implementing new security policies across branches. Its modular licensing and support for HA (High Availability) setups made it a future-proof choice for our evolving infrastructure.
I would focus more on real-world testing, evaluating its performance and security features under actual traffic and scenarios. I would also place greater emphasis on vendor support and the user community to ensure quick resolution of issues post-deployment. Additionally, I would consider the scalability and integration capabilities more thoroughly, ensuring the firewall can handle future growth and integrate seamlessly with existing infrastructure. Lastly, I would conduct a comparative analysis to benchmark Sophos SG against other firewalls in the market, ensuring the best option is selected.

Sophos SG Firewall Appliances Implementation

I was very satisfied with the implementation of the Sophos SG Firewall, giving it a rating of 9. One key insight from the implementation process is that while the setup was relatively straightforward, it’s crucial to carefully plan the network configuration in advance, especially for high availability (HA) and VPN setups. Ensuring compatibility with existing infrastructure and performing thorough testing before going live can significantly reduce issues later on. Additionally, leveraging the built-in wizards and configuration guides helped streamline the process, but hands-on testing was essential to ensure everything worked as expected in our specific environment.
  • Implemented in-house
Change management was a small part of the implementation and was well-handled - One key lesson I took away from implementing the Sophos SG Firewall is the importance of clear communication with all stakeholders throughout the process. Early and continuous communication helped ensure everyone was on the same page regarding changes and expectations. Additionally, providing adequate training and support for users was crucial in minimizing resistance to the new system. I also learned that testing configurations in a staging environment before full deployment can help prevent disruptions and facilitate smoother transitions. Lastly, documenting all changes thoroughly proved to be invaluable for troubleshooting and future upgrades.
  • Compatibility with Existing Infrastructure: One significant issue was ensuring compatibility between the Sophos SG Firewall and our existing network hardware and software. Some adjustments were required to integrate the firewall smoothly into the existing setup.
  • High Availability (HA) Configuration: Configuring HA for redundancy was more complex than anticipated. Syncing between the two units presented some challenges, requiring additional troubleshooting and manual intervention.
  • User Training and Adoption: There was a learning curve for some team members unfamiliar with the Sophos interface. Ensuring everyone was adequately trained to manage and monitor the firewall was time-consuming.
  • Performance Under Load: After the initial deployment, we faced performance bottlenecks under heavy traffic loads, which required fine-tuning firewall settings and network configurations to optimize performance.

Sophos SG Firewall Appliances Training

  • In-Person Training
I rated the in-person training a 10 because the sessions were thorough, engaging, and well-structured. The trainers had a deep understanding of the Sophos SG Firewall and were able to clearly explain both basic and advanced features. The hands-on approach allowed us to directly apply what we were learning, which made the training highly practical and valuable. Additionally, the trainers were available to address specific questions and provide real-time troubleshooting during the sessions, making it an overall positive experience.

Configuring Sophos SG Firewall Appliances

I rated the configurability a 10 because the Sophos SG Firewall offers a wide range of customizable options, allowing us to tailor it to our specific network security needs. The product's configurability is just right—it provides extensive features for advanced users while maintaining a user-friendly interface for those who need simpler setups. The balance between flexibility and ease of use makes it suitable for different types of environments, from small businesses to more complex enterprise networks. Overall, it offers the right level of control without being overwhelming or too limited.
Yes, we’ve developed a set of best practices for configuring Sophos SG Firewall Appliances that our engineering team follows. Some key recommendations include:


Network Segmentation: We ensure proper segmentation of the network to isolate different types of traffic. This improves security and simplifies the management of firewall rules.


Minimal Rule Set: We follow the principle of least privilege, keeping the firewall rule set as minimal as possible to reduce attack surfaces and improve performance.


Regular Firmware Updates: We make it a point to regularly update the firewall’s firmware to ensure we have the latest security patches and features.


Use of VPN and SSL/TLS Inspection: We configure VPNs for remote access and ensure SSL/TLS inspection is enabled to detect potential threats in encrypted traffic.


Monitoring and Logging: We set up extensive logging and monitoring to track any suspicious activity and regularly review the logs to ensure the firewall is functioning properly.


By following these practices, we’ve been able to maintain a secure and efficient firewall environment in our organization.
No - there is no facility to customize the interface
No - the product does not support adding custom code
To date, we haven't needed any additional configuration or customization beyond the standard setup. The default features and configurations provided by Sophos SG Firewall have been sufficient for our requirements. We’ve been able to meet our security and performance needs using the out-of-the-box features, and there hasn’t been a need for further customization.

Sophos SG Firewall Appliances Support

I give the Sophos SG Firewall support a 10 because I have consistently received excellent service when needed. The support team is responsive, knowledgeable, and resolves issues promptly. Additionally, the resources available, such as detailed documentation, community forums, and troubleshooting guides, are comprehensive and easy to navigate. The support is well-structured, offering various channels of communication, which makes it convenient to get the assistance needed. Overall, the reliability and quality of support have been outstanding, ensuring smooth operations for our organization.
ProsCons
Quick Resolution
Good followup
Knowledgeable team
Kept well informed
Immediate help available
Support cares about my success
Quick Initial Response
Problems left unsolved
Escalation required
No, we did not purchase premium support because the standard support provided by Sophos has been more than sufficient for our needs. The response times have been quick, and the issues we've encountered have been resolved through the regular support channels without the need for premium services. Additionally, the extensive documentation and community resources have helped us address many common challenges on our own
One time, Sophos provided exceptional support when we were preparing for a visit from the Chief Minister of Uttarakhand. We needed to configure High Availability (HA) for our Sophos SG Firewalls to ensure maximum uptime and reliability. During this critical setup, the Sophos support team was with us every step of the way. They guided us through the configuration process, troubleshooting potential issues in real time, and ensuring everything was up and running smoothly before the event. Their expertise and prompt assistance were invaluable in ensuring that the network was secure and reliable during such an important occasion.

Using Sophos SG Firewall Appliances

ProsCons
Like to use
Easy to use
Well integrated
Consistent
Feel confident using
Requires technical support
Lots to learn
  • Firewall Rule Configuration: The Sophos SG Firewall offers an intuitive interface for creating and managing firewall rules. The policy wizard simplifies the process, allowing users to define granular access controls with ease.
  • VPN Setup: Setting up VPNs, whether site-to-site or remote access, is straightforward. The step-by-step configuration guides ensure that the process is simple and error-free, with clear options for encryption and authentication.
  • Web Filtering and Application Control: Sophos SG makes it easy to configure web filtering and application control policies. The built-in categories and granular control options allow administrators to quickly block or allow specific web content and applications.
  • Centralized Logging and Reporting: The centralized logging and reporting feature is user-friendly, making it simple to monitor network activity, detect potential threats, and generate detailed reports for compliance and analysis.
  • Advanced Reporting Customization: While the default reporting options are useful, creating highly customized reports with specific filters and data points can be cumbersome. The reporting engine can be a bit rigid for more complex use cases.
  • Firmware Updates and Compatibility: The process of updating the firmware on Sophos SG Firewalls can sometimes be tricky, especially when dealing with compatibility issues between different firmware versions and hardware configurations. It can require careful planning to avoid disruptions.
  • High Availability (HA) Configuration: While setting up HA is generally straightforward, troubleshooting HA-related issues can be more complex, especially when the synchronization between firewalls doesn't go as expected. It often requires a deep dive into logs and manual intervention to resolve.
Yes - The mobile interface for Sophos SG Firewall works reasonably well, allowing users to perform essential tasks like monitoring network activity, checking system status, and receiving alerts. It provides a simplified version of the desktop interface, making it convenient for administrators to stay on top of firewall functions while on the go. However, for more complex tasks like rule configuration or advanced troubleshooting, the mobile interface may not be as fluid as the desktop version, and it might require access to a full system for complete management. Despite this, it's a useful tool for basic monitoring and quick checks.

Sophos SG Firewall Appliances Reliability

I rated the product's scalability a 9 because Sophos SG Firewall offers excellent flexibility and can be easily scaled across multiple departments and sites. It provides the ability to add more firewalls, manage them centrally, and integrate with other security solutions as our network grows. However, the only reason I didn’t give it a perfect score is that, in some complex environments, managing a large-scale deployment with many firewalls can become a bit challenging, especially in terms of centralized management and monitoring. Despite this, the overall scalability is highly effective for most use cases.
I rated the availability of Sophos SG Firewall a 10 because, in our experience, it has been highly reliable and available whenever we needed it. We have not faced any significant application errors or unplanned outages. The system has been robust, ensuring continuous protection and minimal downtime, even during firmware updates or configuration changes. Its stability and uptime have been consistent, allowing us to trust it as a critical part of our network security infrastructure.
I rated the performance of Sophos SG Firewall a 10 because it consistently delivers fast and reliable results. Pages load quickly, reports are generated within a reasonable time frame, even for complex queries, and overall system responsiveness is excellent. Additionally, the firewall integrates seamlessly with other software and systems without causing any noticeable slowdowns or performance degradation. Its optimized performance has contributed to smooth network operations and minimal disruption to other services, making it a highly reliable solution for our needs.

Integrating Sophos SG Firewall Appliances

I rated the ease of integration a 10 because integrating Sophos SG Firewall with our Active Directory (AD), Network Management System (NMS), and syslog was straightforward. The firewall provides robust integration options and clear documentation, making it easy to connect and synchronize with these systems. The integration process was smooth, and there were no major issues, allowing us to centrally manage user authentication, monitor network activity, and collect logs without any performance or compatibility concerns. Overall, the product’s flexibility and ease of integration made it highly effective for our infrastructure.
  • Active Directory (AD): We integrated Sophos SG Firewall with Active Directory to manage user authentication and enforce security policies based on user roles.
  • Network Management System (NMS): The firewall was integrated with our NMS to monitor network traffic, track firewall performance, and generate alerts for potential issues.
  • Syslog Servers: We set up syslog integration to centralize logs from the firewall, allowing for better monitoring, analysis, and reporting in our SIEM system.
  • VPN and Remote Access Solutions: The firewall was also integrated with our VPN infrastructure to provide secure remote access for employees, ensuring seamless connectivity and security.
The depth of integration with Sophos SG Firewall was quite comprehensive, involving seamless synchronization with Active Directory for user authentication, integration with our Network Management System (NMS) for network monitoring, and syslog integration for centralized logging and analysis. Achieving this level of integration was relatively straightforward, thanks to the clear documentation and flexible configuration options provided by Sophos. While there were some minor configuration tweaks required, the process was not overly difficult, and the firewall’s user-friendly interface made the integration smooth and efficient.
  • SIEM Systems: We plan to integrate Sophos SG Firewall with a Security Information and Event Management (SIEM) system for more advanced threat detection and centralized security monitoring.
  • Cloud-Based Platforms: We’re considering integrating with cloud platforms like AWS or Azure to manage hybrid network security and extend our firewall policies across cloud-based resources.
  • Endpoint Protection Solutions: We aim to integrate with advanced endpoint protection software to provide a unified security approach that covers both network and endpoint devices more effectively.
To my knowledge, the vendors do support many of these integrations, including with SIEM systems, cloud platforms like AWS and Azure, and endpoint protection solutions. Sophos provides comprehensive documentation and regularly updates its support for integrations with a wide range of security tools and platforms. They also have a strong commitment to enhancing integration capabilities in future releases, ensuring that their products remain compatible with evolving network infrastructures and security solutions.
  • File import/export
  • API (e.g. SOAP or REST)
  • AppExchange or similar marketplace
We have primarily used the following integration technologies with Sophos SG Firewall Appliances:


Single Sign-On (SSO): We’ve integrated the firewall with Active Directory for user authentication, enabling seamless access control across our network.


API (e.g., REST): We’ve utilized RESTful APIs for automating firewall configuration, monitoring, and logging processes, allowing for efficient integration with our other security tools.


File Import/Export: We’ve used file import/export capabilities for importing configuration settings and exporting logs for external analysis and reporting.


We have not yet utilized Javascript widgets, ETL tools, or AppExchange, but these could be explored in the future depending on our evolving integration needs.
My advice for integration with Sophos SG Firewall Appliances would be:


Plan Integration Early: Start planning your integration strategy early in the deployment process, especially for systems like Active Directory, NMS, and SIEM. This ensures smooth synchronization and minimizes any disruptions to your network.


Test Integrations in Staging: Before rolling out any integrations to production, thoroughly test them in a staging environment. This helps catch any issues related to configuration or compatibility early on.


Utilize Available Documentation: Make sure to take full advantage of Sophos’s extensive documentation and support resources. These will guide you through the integration process and provide valuable troubleshooting tips.


Monitor Post-Integration: After integration, continue to monitor the performance and stability of the connected systems. Regularly review logs and reports to ensure everything is functioning as expected.


By following these steps, you can ensure that your integrations are smooth and provide long-term value to your network security infrastructure.

Relationship with Sophos

I rated the vendor a 9 because the sales process was smooth and efficient. The vendor was responsive, provided clear information, and was proactive in understanding our specific needs. They offered relevant product demonstrations and addressed our questions promptly. The only reason I didn’t give a perfect score is that there was a slight delay in the initial response time for a few queries, but overall, the experience was positive, and we felt well-supported throughout the process.
I rated the vendor a 9 because, after the sale, the vendor provided excellent support and was responsive to our needs. They offered timely assistance with the setup and configuration, and their technical support team was knowledgeable and helpful. The only reason I didn’t give a perfect score is that there was a brief delay in receiving some follow-up documentation and updates, but overall, their post-sale support has been very reliable and efficient.
I rated the professional services a 10 because the support we received was outstanding. The team was highly skilled, responsive, and provided tailored solutions to meet our specific needs. They guided us through the entire implementation process, from setup to optimization, ensuring that the firewall was configured efficiently and securely. Their expertise helped us avoid potential pitfalls and ensured a smooth deployment, which greatly contributed to the success of our project.
The principal terms we were able to negotiate with the vendor included flexible licensing options based on our current and projected usage, ensuring scalability as our network grows. We also secured a competitive support package, which included priority access to technical support and a dedicated account manager. Additionally, we negotiated favorable terms for software updates and access to training resources, which helped us get the most value from the Sophos SG Firewall over time.
I rated the contract terms and pricing structure a 9 because, overall, they were fair and competitive. The unit pricing for the Sophos SG Firewall was reasonable considering the features and performance offered, and the billing frequency was flexible, allowing us to align it with our budget cycles. However, one area that could be improved is the pricing for multi-year commitments—there could be more significant discounts or additional incentives for long-term agreements. Overall, the structure worked well for our needs, but some adjustments could make it even more cost-effective.
My advice for more effectively dealing with the vendor would be:


Clear Communication: Make sure to clearly outline your requirements and expectations upfront. This helps the vendor better understand your needs and offer solutions that are more aligned with your objectives.


Leverage the Support Resources: Take full advantage of the vendor's technical support, training materials, and documentation. These resources can help you avoid common pitfalls and optimize the product for your specific environment.


Negotiate for Added Value: Don’t hesitate to negotiate for extra services, discounts, or extended support when signing the contract. Vendors are often open to offering additional benefits, especially for long-term customers or larger purchases.


Regular Check-Ins: Maintain regular communication with the vendor, even post-purchase. This allows you to stay updated on new features, updates, or potential issues, and ensures they remain engaged with your success.

Upgrading Sophos SG Firewall Appliances

Yes - Yes, we have gone through the process of upgrading to a new release of Sophos SG Firewall Appliances. The upgrade process was generally smooth and well-documented, with minimal disruptions to our network operations. We followed the recommended steps for backup and testing in a staging environment before deploying the upgrade to production. The vendor provided clear guidance and support throughout the process, ensuring that we were able to take advantage of new features and security enhancements without any significant issues.
  • Enhanced Security Features: The upgrade introduced improved security protocols, including better intrusion prevention and updated malware detection, which bolstered our network defense against emerging threats.
  • Improved Performance: The upgrade enhanced the overall performance of the firewall, reducing latency and improving traffic handling, which resulted in better network efficiency.
  • New Management Tools: We gained access to new management features that simplified the configuration and monitoring process, providing better visibility into network traffic and security events.
  • Bug Fixes and Stability Improvements: The upgrade resolved several bugs that had been affecting system stability, ensuring smoother operations and reducing the likelihood of unexpected downtime.
  • Enhanced Threat Intelligence: We anticipate improved threat detection capabilities, with more up-to-date security signatures and advanced protection against emerging cyber threats.
  • Better Cloud Integration: We expect improved integration with cloud environments, allowing for better protection of hybrid network architectures and more seamless scalability.
  • Advanced Reporting and Analytics: We look forward to more detailed and customizable reporting features, helping us to better analyze security events and network performance.
Yes - Yes, we have changed the edition of Sophos SG Firewall Appliances, but it was done for one of our customers based on their evolving requirements. As their network grew and the demand for more advanced features increased, we recommended and implemented an upgrade to a higher edition. This helped them benefit from enhanced security, better performance, and improved management capabilities, ensuring their infrastructure remained secure and efficient.

Comments

More Reviews of Sophos SG Firewall Appliances

  1. Home
  2. Firewall Software
  3. Sophos SG Firewall Appliances Reviews
  4. User Review of Sophos SG Firewall Appliances