Considering moving from SonicWall to Sophos XG (Looking for feedback on Sophos)

dave247

So as the title says, we use SonicWALL firewall/UTM at our company. It's really nice and we make good use of it between the various security services, but it still seems to lack some of the functionality we are looking for. We did a little bit of research and Sophos XG looks like it might be a really good fit for us as a firewall/UTM, and we would also be using their endpoint protection services well.

I was just wondering if anyone had any experience with Sophos XG and could offer some input/ feedback. Was there anything unexpectedly negative about it? How is support?

We did have a product demo and everything looked really good but I'm still looking around for various bits of feedback from actual customers.

dbeato

@dave247 said in Considering moving from SonicWall to Sophos XG (Looking for feedback on Sophos):

So as the title says, we use SonicWALL firewall/UTM at our company. It's really nice and we make good use of it between the various security services, but it still seems to lack some of the functionality we are looking for. We did a little bit of research and Sophos XG looks like it might be a really good fit for us as a firewall/UTM, and we would also be using their endpoint protection services well.

I was just wondering if anyone had any experience with Sophos XG and could offer some input/ feedback. Was there anything unexpectedly negative about it? How is support?

We did have a product demo and everything looked really good but I'm still looking around for various bits of feedback from actual customers.

I am a reseller of Sophos so I am a little bias on this as I have used both. The Sophos XG are more expensive but they integrate with their AP and other products to apply and contain the infections.

I would also check out Palo Alto as well.

dave247

@dbeato said in Considering moving from SonicWall to Sophos XG (Looking for feedback on Sophos):

@dave247 said in Considering moving from SonicWall to Sophos XG (Looking for feedback on Sophos):

So as the title says, we use SonicWALL firewall/UTM at our company. It's really nice and we make good use of it between the various security services, but it still seems to lack some of the functionality we are looking for. We did a little bit of research and Sophos XG looks like it might be a really good fit for us as a firewall/UTM, and we would also be using their endpoint protection services well.

I was just wondering if anyone had any experience with Sophos XG and could offer some input/ feedback. Was there anything unexpectedly negative about it? How is support?

We did have a product demo and everything looked really good but I'm still looking around for various bits of feedback from actual customers.

I am a reseller of Sophos so I am a little bias on this as I have used both. The Sophos XG are more expensive but they integrate with their AP and other products to apply and contain the infections.

I would also check out Palo Alto as well.

I asked some other folks in a different online community and some of the feedback I got was good but then I had some people comment that the integrated wifi and the support were not very good (at least in their experience).

scottalanmiller

I split out the discussion of UTM vs. no-UTM to a different thread as it is a great conversation, but not the same as what was being asked here. Here Dave is just looking for which UTM to buy, not whether any UTM is useful.

scottalanmiller

@dave247 said in Considering moving from SonicWall to Sophos XG (Looking for feedback on Sophos):

@dbeato said in Considering moving from SonicWall to Sophos XG (Looking for feedback on Sophos):

@dave247 said in Considering moving from SonicWall to Sophos XG (Looking for feedback on Sophos):

So as the title says, we use SonicWALL firewall/UTM at our company. It's really nice and we make good use of it between the various security services, but it still seems to lack some of the functionality we are looking for. We did a little bit of research and Sophos XG looks like it might be a really good fit for us as a firewall/UTM, and we would also be using their endpoint protection services well.

I was just wondering if anyone had any experience with Sophos XG and could offer some input/ feedback. Was there anything unexpectedly negative about it? How is support?

We did have a product demo and everything looked really good but I'm still looking around for various bits of feedback from actual customers.

I am a reseller of Sophos so I am a little bias on this as I have used both. The Sophos XG are more expensive but they integrate with their AP and other products to apply and contain the infections.

I would also check out Palo Alto as well.

I asked some other folks in a different online community and some of the feedback I got was good but then I had some people comment that the integrated wifi and the support were not very good (at least in their experience).

In generally, integrated wifi is not considered a good idea for business use cases. It's not like a security thing, just impractical. It's a bundling that often creates high cost and low quality. Like high end stereo equipment, generally if things are all bundled into one box, it's very low end and even the vendor probably doesn't take it too seriously.

For something that is a security aggregation point, you'd take that aversion to another level. Even as someone who would almost never recommend a UTM, even less often would I recommend any firewall with an access point integrated into it.

When looking for UTMs, I would look purely for a UTM and get a good AP(s) to put behind it.

scottalanmiller

Just to throw another option out there...

I know nothing of this product so don't take this as a recommendation. But Sunny Valley was at SpiceWorld and they make a UTM add on for pfSense.

https://sunnyvalley.io/

scottalanmiller

Also worth noting, while very light, there are some UTM features in most firewalls today.

UBNT for example, has DPI filtering rules that can be used. Most of us don't use the, but they exist.

https://help.ubnt.com/hc/en-us/articles/218732788

Nothing like a full IDS or Network AV, but will fit some peoples' needs.

dave247

@scottalanmiller said in Considering moving from SonicWall to Sophos XG (Looking for feedback on Sophos):

Also worth noting, while very light, there are some UTM features in most firewalls today.

UBNT for example, has DPI filtering rules that can be used. Most of us don't use the, but they exist.

https://help.ubnt.com/hc/en-us/articles/218732788

Nothing like a full IDS or Network AV, but will fit some peoples' needs.

Cool, thanks for the info.

black3dynamite

@scottalanmiller said in Considering moving from SonicWall to Sophos XG (Looking for feedback on Sophos):

Just to throw another option out there...

I know nothing of this product so don't take this as a recommendation. But Sunny Valley was at SpiceWorld and they make a UTM add on for pfSense.

https://sunnyvalley.io/

Add on for OPNsense.

scottalanmiller

@black3dynamite said in Considering moving from SonicWall to Sophos XG (Looking for feedback on Sophos):

@scottalanmiller said in Considering moving from SonicWall to Sophos XG (Looking for feedback on Sophos):

Just to throw another option out there...

I know nothing of this product so don't take this as a recommendation. But Sunny Valley was at SpiceWorld and they make a UTM add on for pfSense.

https://sunnyvalley.io/

Add on for OPNsense.

Yes, but the founders were talking pfSense too at the conference last week. So I think that's available too. That's what they were talking about most.

scottalanmiller

Here is a quote from IT Central Station that I find slightly odd, but interesting:

"Palo Alto Networks WildFire is ranked 1st in Advanced Threat Protection with 7 reviews vs Sophos UTM which is ranked 3rd in Firewalls with 19 reviews. The top reviewer of Palo Alto Networks WildFire writes "It catches modified signatures of known viruses". The top reviewer of Sophos UTM writes "Initial configuration was super simple. Management and monitoring have never been easier". Palo Alto Networks WildFire is most compared with Fortinet FortiGate, Cisco ASA and Cisco Sourcefire Firewalls. Sophos UTM is most compared with Fortinet FortiGate, pfSense and WatchGuard XTM. "

I'm not sure I agree with the list. I mean it is obviously user generated, so not saying that anyone is lying here. Just odd. Cisco ASA is a complete joke and has no place in the list with PA. Fortinet is middle of the road, more for the second list. Sophos seems likeit should be in the first list.

And pfSense on its own doesn't fit here at all. Weird.

scottalanmiller

Something to keep in mind is NGFW. Ubiquiti and Meraki, for example, are NGFW.

It looks like much of the market is already starting to cool on the UTM crazy and NGFW is taking off as the "next stage" of popular approaches. Basically a reversal of direction or marketing at least, even from the big players in the UTM space like Palo Alto, Fortinet, Cisco, etc.