Am I the only person who likes this new XG product?

I don't really think that it's an issue of 'not liking' the new product.

The problems that most have an issue with, is that it was released for use with missing and/or incomplete items that we are used to having with UTM 9. The fact is, this is not a finished product and will continue to be scrutinized for being released. I know it's 'bleeding edge' - the very reason why I haven't implemented it at home yet. The other issue, is that there has been so many requests for so long put into for UTM to have, those were ignored for a stable product and placed into this 'beta/bleeder' product.

Hardware limitations are something that greatly disturbs me personally, as I just bought my new system right before Copernicus was put out, because I needed a big upgrade from an ATOM processor to what I have now. Now, I won't even get to use some of that hardware in place of IP restrictions being removed - something of which I don't have a problem with, yet I will be punished for whenever I upgrade. That should have been an option, not a mandatory thing. Not all of us are running out of IP addresses.

Beta testers screamed bloody murder about some item-stopping issues for them - no one came back to them with addressing their concerns, some of which I am betting had to do with the forum board being moved in a hurry, but other parts of just flat out being ignored, or 'duly noted'. There are some people in the UTM community who know exactly what will work and what has been a problem - they want to see Sophos and UTM/XG succeed but get completely frustrated when ignored, told to not post, or something else that hinders them. Nature of the beast I suppose, but there are some hurt feelings going around lately between Sophos and its community members.

Not to be an apologist for them, but from my discussions with their people, it sounds like they had - and continue to have - a very aggressive development timeline - and made it especially clear that in V1, it WOULD NOT have parity with UTM. Combine that with the fact that you do not have to upgrade, and seriously - I see no reason for everyone's extreme frustration.

As for those restrictions, lets actually look at them....You'll be "penalized" by only being able to use 6 of your 8GB of RAM in something they're providing you for FREE, and removing other restrictions that are probably hitting a good number of folks. In addition, that 4-core and 6gb is enough to run a PRETTY GOOD-SIZED firewall. That is the eqiv. of their third level up in their commercial software version. To license that same "free" product for use in business, you'll pay $2300 MSRP for the BASE license, and that does not even include web protection which the free home version includes.

So tell me why this is a raw deal? I realize you had a restriction on IP addresses previously instead of the hardware restriction, but really? I seriously just don't see the problem there.


For those folks complaining about the move to 64bit architecture - I can understand that, but seriously - x64 the 'now' and has been for several years. Next time folks buy hardware, they will probably be getting x64 BY DEFAULT whether they try or not... so hey, then, they can upgrade to XG. There is PLENTY of time to do that. 9.x is not going anywhere for a long time, and they've ALSO made it clear that NEW RELEASES will continue for a while.

As for Sophos "not listening" - they are trying several new things with this new software... sometimes, you have to know when to tell people "duly noted" and forge on. Now they get to refine and improve and listen and see what happens. Give them a chance to.

I've seen people call this release "stillborn" and "not viable." I've seen people hollering about how they've been loyal (free edition) customers for years and will be leaving now. Wow. Come on, guys.

Not to be an apologist for them, but from my discussions with their people, it sounds like they had - and continue to have - a very aggressive development timeline - and made it especially clear that in V1, it WOULD NOT have parity with UTM. Combine that with the fact that you do not have to upgrade, and seriously - I see no reason for everyone's extreme frustration.

As for those restrictions, lets actually look at them....You'll be "penalized" by only being able to use 6 of your 8GB of RAM in something they're providing you for FREE, and removing other restrictions that are probably hitting a good number of folks. In addition, that 4-core and 6gb is enough to run a PRETTY GOOD-SIZED firewall. That is the eqiv. of their third level up in their commercial software version. To license that same "free" product for use in business, you'll pay $2300 MSRP for the BASE license, and that does not even include web protection which the free home version includes.

So tell me why this is a raw deal? I realize you had a restriction on IP addresses previously instead of the hardware restriction, but really? I seriously just don't see the problem there.


For those folks complaining about the move to 64bit architecture - I can understand that, but seriously - x64 the 'now' and has been for several years. Next time folks buy hardware, they will probably be getting x64 BY DEFAULT whether they try or not... so hey, then, they can upgrade to XG. There is PLENTY of time to do that. 9.x is not going anywhere for a long time, and they've ALSO made it clear that NEW RELEASES will continue for a while.

As for Sophos "not listening" - they are trying several new things with this new software... sometimes, you have to know when to tell people "duly noted" and forge on. Now they get to refine and improve and listen and see what happens. Give them a chance to.

I've seen people call this release "stillborn" and "not viable." I've seen people hollering about how they've been loyal (free edition) customers for years and will be leaving now. Wow. Come on, guys.

ChavousCamp,

the XG Firewall is a new product and if you did not see any Enterprise Firewall before, for anyone it is beatiful.
As BillyBob said, we came from Astaro point of view and thinking and Sophos should remember that they won so many awards on Network Security thanks to UTM9.
I personally manage other Sophos Products on big company, like SEC and Email Appliances and they are doing they job without pains.
From UTM side, I work and know even other vendors and to be honest UTM9 has the best UI and all the feaures built-in that are competitor do not have.
So know Sophos released XG (Copernicus line). How can you imagine to manage 1000 users with Copernicus at the moment?
Many base feature are missing, such as Live Log, Renema Objects, MTA (BillYBob they planned to bring MTA back, please vote on feature.astaro.com/.../10614999-mta-bring-it-back), UI object placement (you need to remember where the things are), TABS, cloning, better Policy UI (ID does not match the order).

I think that Sophos want to redisegn UI and Firewall to better compete with other vendors in order to get more business in this area but they need to eat a lot of dust before they can fight for a better placement.
For me this product is still in beta and until version 2 or 3, I will not move any of my customers to XG (Sophos said to keep our Customers on UTM9).

The other thinkg really strange is feedback from them. "Lack of information".
Sometimes they publish some news and only few Sophos moderator reply to this forum. No one know how updates pattern works and what firmware fixes or what bugs exist at the moment (a pdf saying really few bugs).
No roadmap. What do they will add into next release? Maybe they do not even know, but what we would like to know is HONESTY.

In the meanwhile, we can pray and feedbacking until XG is ready and UTM9 will be end-of-support.
If the XG will not be ready and nice as UTM9 we will think about. Future is a mistery!

Luk

ChavousCamp said:

Not to be an apologist for them, but from my discussions with their people, it sounds like they had - and continue to have - a very aggressive development timeline - and made it especially clear that in V1, it WOULD NOT have parity with UTM. Combine that with the fact that you do not have to upgrade, and seriously - I see no reason for everyone's extreme frustration.

I never said anything about their aggressive development timeline.  I've been here a long time and I am well aware of their timelines, as well as how fast they address things.  That wasn't what you were asking about, and I replied as such.  Your post above has taken a complete turn from asking a valid question, to potential hardcore re-seller.  Extreme frustrations may ahve been covered - I don't know.  I just comprehended them as such when I read them.

ChavousCamp said:

As for those restrictions, lets actually look at them....You'll be "penalized" by only being able to use 6 of your 8GB of RAM in something they're providing you for FREE, and removing other restrictions that are probably hitting a good number of folks. In addition, that 4-core and 6gb is enough to run a PRETTY GOOD-SIZED firewall. That is the eqiv. of their third level up in their commercial software version. To license that same "free" product for use in business, you'll pay $2300 MSRP for the BASE license, and that does not even include web protection which the free home version includes.

So tell me why this is a raw deal? I realize you had a restriction on IP addresses previously instead of the hardware restriction, but really? I seriously just don't see the problem there.

1.  Being 'free' is irrelevant - has nothing to do with issues that products have.  Am I happy it is?  You betcha, and I have used it since V6.  If you don't know when that was - it was before Y2K.  This shouldn't be used in your original question and analysis of my response.  Will I use it when it's not working correctly or 'broken'?  No way, if that has potential to be harmful to the environment I have it protecting, or even potentially not up to what I need it to be or do, then no I won't use it.  I whole-hardheartedly support Sophos products and preach the UTM products.  I think they are really good and Lord knows, places need this type of stuff.

2.  'Third level up in their commercial software' - that doesn't mean much to me when the UTM product has been under-performing at their rated tiers for some time.  Go to astaro.org boards, and review William's NUMEROUS posts about the inferior hardware performances based off of 'recommended tiers'. 

3.  Where did I in fact say this was a raw deal?  Nowhere did I lambaste the product and talk down about it.  Did I also not point out specifically that I would be updating my firewall eventually to this?  In response to the IP restriction, as I pointed out for it being optional - there is nothing wrong with providing this as optional.  They have the ability to make licensing work in this fashion - it's already proven by the implementation of said product, and already existing in another.  Either option is limiting end users.

ChavousCamp said:

For those folks complaining about the move to 64bit architecture - I can understand that, but seriously - x64 the 'now' and has been for several years. Next time folks buy hardware, they will probably be getting x64 BY DEFAULT whether they try or not... so hey, then, they can upgrade to XG. There is PLENTY of time to do that. 9.x is not going anywhere for a long time, and they've ALSO made it clear that NEW RELEASES will continue for a while.

Personally, I agree with you about 64-bit architecture, but I don't recall anyone complaining about it.  We know UTM 9 isn't going anywhere and it is still going to be supported, even with the option of being updated inside the software to the new product.  It's working - and working well.  IMO, that is better right now for me than the current version of 'bleeding edge' XG.

ChavousCamp said:

As for Sophos "not listening" - they are trying several new things with this new software... sometimes, you have to know when to tell people "duly noted" and forge on. Now they get to refine and improve and listen and see what happens. Give them a chance to.

That ship has already sailed and docked at the port.  A business telling their customer base 'duly noted' has a bad business model.  Law enforcement, fire departments or paramedics wouldn't do that to their customer base would they?  Yes, ultimately, it is the decision of the business, we all know this and they move forward with what they think is best for the company. 

ChavousCamp said:

I've seen people call this release "stillborn" and "not viable." I've seen people hollering about how they've been loyal (free edition) customers for years and will be leaving now. Wow. Come on, guys.

This is nothing new in the industry of I.T., and even gaming platforms.  Frankly, it is comical to watch at times; however, when someone does this, it's for a reason.  They aren't happy or confident in the product they have and want to vent their frustration.  What better way to do that than with bad marketing, word of mouth, and overall (for the paying customers) speaking with their wallets.  Great thing about capitalism.  Please don't mention the whole 'free' thing about this - it's also free to speak your mind to potential future clients and bad-mouth the business model products and future holdings.  Nowhere in my replies to you did I do that.

TL:DR:  In short, if you don't like the answers given, perhaps not ask the hard question?  Your hard sell of this new product is overboard, and frankly, out of perspective as to the original question asked by you.

Hi Luk, thanks for pointing out the MTA feature request as accepted, I had already noticed it ;) I see you have a lot of other feature requests trying to improve everything. Thanks for not giving up and actively pressuring sophos into making SFOS better. Maybe they will listen to a few feature requests this time.
Regards
Bill

BillyBob,

we will continue to support Sophos and customers if Sophos is going in the direction we are hoping to.

We only have 2 ways to let them hear from us:

1. this community

2. feature requests.

At the moment I have XG at home and I am trying to push what is really missing before to move some small customer to XG.

So add feature request and vote the one that are already there.

It is a great news that MTA will be back! At least, something is moving! [:D]

Now we need live log, better UI navigation and dashboard too.

Luk