Here's goes my rant. I guess this is what we get for scrapping opensource pfSense.
We have 8 small offices, we were happily using pfSense with 0 issues for 4 years (for free) but recently were forced into NIST 800-171 compliance, hence the move to Sophos payware. Let me outline my experience so far, and no, I'm not a novice; developer and networking for 10+ yrs now.
Lets start with the light touch deployment via USB key. We purchased 10 new USB sticks, configured them per the KB video, and out of 8, 2 actually worked. Some how, I figured out that the USB light touch deployment doesn't work if FW is below 17.5, which all of our brand new units were, except 2 of them.
After spending hours instructing novice staff on how to scrap USB light touch deployment and configuring manually, the web GUI only loads part way? WTF would cause this you ask? It's because the HTTPS cert. for the router doesnt' match the time of the PC because the XG doesnt' take NTP updates by default and the router date/time is really out of sync and needs to be manually setup. Nice.
I'll even mention the 2 extra XG125s we received, a week after the initial shipment that included the other 8. I had no clue what these XG125s were for, and it turns out, the inclusion of them messed up our 2 XG125 EnterpriseGuard licenses, that Sophos Support is still trying to straighten out. Nice.
Custom hardware 2C4GB RAM unable to get HA active-passive working, support is "investigating" for 4 days now. I've followed every KB I can find. And, it's really hard to find docs related to HW/SW virtual appliances. Nice.
HW failure on an XG106 after 5 days, it was running so hot, staff ended up putting a fan on it and moving papers away from it. Support fixed the issue with an RMA a week later. Nice.
Setting up that RMA, on basic config. screen and trying to restore the backup file result in the 2nd screenshot. Ignoring the restore, and just setting it up with default config results in 1st screenshot. Nice.
How about RED tunnels with compression enabled, that doesn't work, they loose connectivity several hundred times per day. The solution is to disable compression, who would have known. Nice.
We purchased and extra $1600 USD Professional service package. I still have no clue how to use this "license". I sent an email to professionalservices@sophos.com outlining the issues I was having and requesting a consultation, I guess that email went into outer space.
WTF is going on here. Am I the only one with these issue? Was I spoiled with opensource software for too long? $15K isn't a ton of money, but we spend that on other software platforms that I can call support, immediately.
This thread was automatically locked due to age.
