Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

If you want to lose customers use Sophos XG

The title sums up the way we feel about Sophos after selling hundreds of thousands of dollars worth of equipment and subscriptions. We have tried working with support, development, sales engineers, and anyone else who will listen, and we can never get a meaningful resolution.

The problem with Sophos like many other companies is they are more worried about selling new technology than they are supporting and fixing what's already in place. Every year the sales team tries to force whatever the new acronym is to sell, two years ago Intercept X and now EDR.

We have a lot of firewall devices deployed in the field and a lot of antivirus clients. For us to move them is an incredible PIA but things have gotten so bad we have no choice. We used a small company called GTA for 20 years prior and never had an issue with any firewall, restore, update etc.

Here is a small list of things to think about if you're planning on using Sophos products.

·        AV has blue screened 500 machines at a time and took months to fix

o  AV/Intercept X has about 30 running processes. If you have CAD users or AV users, they will likely flip out when they see all these. Even after all this time it still shows Hitman Pro in task manager which the customer thinks is a different product.

·        Restores for firewalls do not work. This is reproducible and a huge consideration, I don’t know how you can ever expect to have a firewall company when restores do not work. Restores should take 15 minutes, instead you will be rebuilding.

·        Version 18 deployment could not have been worse. They said all good to move forward with the install and then the firewall does not pass network traffic. This is in the KB articles for anyone to look up. How can you not test NAT when deploying a new build? There are many things I can see happening, but the primary function of every firewall did not work, yet every pamphlet and webinar says how smooth it was. How bad are things if NAT is not tested?

·        When you delete an interface, it deletes all IPSEC tunnels and all rules associated with that interface. Think about that, if you have an interface change you are starting over. (Reproducible)

·        When version 17 was upgraded to 18 on certain devices it completely wiped the device (reproducible). What’s left is you standing at a customer site with a wiped firewall and no way to restore because the restores do not work – I personally have proved this failing restore process to many on the team including Alan T.

·        Before 17 they got hacked and this is well known but even now a year later every time, we log in to the firewall it asks us to change passwords. This makes the customer very nervous after the breach. Instead of doing this in an organized fashion it was a total debacle. Almost all our customers asked why we are using this non-sense considering how it was handled.

·        STAS does not work

o  We opened a ticket a year ago and it was closed with no resolution         

§  We were then told Sophos has no access to those old tickets and to open a new ticket about six months ago. I walk through the entire scenario spending countless hours on the phone with several engineers that were supposed to be the highest level and they came to the same conclusion. It does not work and there is no resolution – Wait for STAS 3.0????What does this even mean?

§  Last Friday I got an email reading the ticket had been closed again with no explanation. In the Sophos system if you close the ticket you cannot reopen it you have to go through the entire process again for me this was the final straw.

When I brought up to Shane, Drummond, others on support that we are leaving because of this ticket closure they said "good luck". If we are spending 20k per month and this is the treatment we get what do you think you will get?

o  STAS throws so many errors in the event log, DCs were dropping DNS request – still no fix after a year

o  In many instances (like after the hack) they expect you do something manually on the firewall device. If you have ten firewalls this is probably okay. If you have 1000 how exactly is that getting done and who is paying for it? The answer is the partner get screwed beyond belief.

·        With EDR they are now charging partners for NFR licenses!

·        Prepare to pay thousands to take tests to be certified platinum or whatever your level will be

There are many more things we could go in to but these are the main points.

 

 

Support

·        In short if you get UK for support you will be fine anywhere else is garbage, expect a mess.

·        Development is trash. They do not test and are happy when 80,000 firewalls go offline because “its not that big of a percentage of all firewalls”. I did not make this up I was told this directly.

·        My engineering/sales team is basically nonexistent and worse than support. If I have an order, I get a response in two minutes. Anything else regardless of importance is ignored. When we get tired of this and blow up it makes things even worse. Its very hard not to get fed up considering the endless amount of BS we have endured.

·        I have emailed/LinkedIn everyone on the leadership team and always get ignored.

o  Just know if you buy this product and something doesn’t work you are on your own. We have lost several customers because of Sophos and we have several right now that need AD/STAS/Web filtering that are not happy. We cannot use a company that doesn’t care about having a good long-term relationship. In the end we will likely be buying firewalls for our customers from another vendor to make them happy. We don’t take this lightly as it means we will be spending more than $100k just to get started.

I hope this helps you decide which vendor is right for your company. Sophos has a great looking interface but that doesn’t matter if basic things like web filtering and AD integration do not work. If you use XG be prepared to look really bad in front of your long-term customers. This is why you will see so many on the forums using the old product from Astaro. 

I'll post this where I can and surely it will get deleted or attacked by fan boys but that's okay. I can assure you everything in this post is repeatable and has supposedly been looked at by the highest level of support.


Certainly open to firewall suggestions! I think we will be moving to Eset for AV.

Thanks.



This thread was automatically locked due to age.
Parents
  • Thank you DBASQL, you speak right from the bottom of my heart.

  • Thanks Nafets
    This is not a slam campaign but I am certain there are many people struggling with the same problems. Matters that are this critical should be dealt with much faster. What I see is many folks on here having issues with STA for example filling up the event logs on the server. These post are years old and have no excuse to be outstanding at this point. The problem is if we cant get support to get with the devs all the time identifying is wasted.
    when that happens we are emailing the people ultimately responsible and they dont care. They just move on to sell whatever is next in line.

    I am checking but it appears they also cut margins quietly which is a consideration. I don't know this to be fact but I think that is what is going on here. More tests, less margin and ongoing serious problems that never seem to get fixed is not a good recipe for success.

    Changing vendors for us is like turning the Titanic, its not something we want to do but when you are presented with customers leaving anything in the way must be fixed or removed from the portfolio.

    3 years ago and same issue today
    community.sophos.com/.../370134

Reply
  • Thanks Nafets
    This is not a slam campaign but I am certain there are many people struggling with the same problems. Matters that are this critical should be dealt with much faster. What I see is many folks on here having issues with STA for example filling up the event logs on the server. These post are years old and have no excuse to be outstanding at this point. The problem is if we cant get support to get with the devs all the time identifying is wasted.
    when that happens we are emailing the people ultimately responsible and they dont care. They just move on to sell whatever is next in line.

    I am checking but it appears they also cut margins quietly which is a consideration. I don't know this to be fact but I think that is what is going on here. More tests, less margin and ongoing serious problems that never seem to get fixed is not a good recipe for success.

    Changing vendors for us is like turning the Titanic, its not something we want to do but when you are presented with customers leaving anything in the way must be fixed or removed from the portfolio.

    3 years ago and same issue today
    community.sophos.com/.../370134

Children
No Data