Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 29 subscribers
  • Views 529 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Anyone have any experience using Sophos XG?

dhan desis

We use SonicWALL firewall/UTM at our company. It's really nice and we make good use of it between the various security services, but it still seems to lack some of the functionality we are looking for. We did a little bit of research and Sophos XG looks like it might be a really good 192.168.1.254  fit for us as a firewall/UTM, and we would also be using their endpoint protection services well.

I was just wondering if anyone had any experience with Sophos XG and could offer some input/ feedback. Was there anything unexpectedly negative about it? How is support? 10.0.0.0.1

We did have a product demo and everything looked really good but I'm still looking around for various bits of feedback from actual customers.



This thread was automatically locked due to age.
  • 0

    The thing is when you work with products for as long as I have, you find negatives. That doesn't necessarily speak of a bad product, it's just because you've spent so much time with it, you can see where it falls short.

    Ultimately, as well as a business solution for our customers, I run XG at home, which I believe speaks lounder than a lot what else I could say. It's a decent product considering the price, maybe the best fit for SME out there.

    That said, I'm not excited about how they are trying to tie it all together with cloud and endpoint, locking you into that ecosystem. It's the same reason I dumped apple years ago, that smothering model. However, it looks like you may see that tie in as an advantage as you mention you're also interested in endpoint.

    Support, honestly, it's not good enough at the moment. So you may want to consider working with a reputable partner who can be that first and second line support before you get stuck in the mud with Sophos support.

    Lastly, if I was to start over again I'd be looking at Fotinet/gate and see what they offer, so may be worth it in your investigations.

    Whatever you decide, good luck!

  • 0

    I am using an XGS and their Intercept X endpoint in a small installation and it's working well for us. I haven't had an "our network is down and we need tech support immediately" moment, but I have had multiple experiences with tech support and they've been responsive. I've submitted two tickets and they assigned them and got back to me within a day or so. In one case, they want me to capture some packets and submit them. In the other case the rep was mistaken about what the issue was, but the issue also resolved itself. I also mentioned in a forum thread about noise levels on the XGS and they followed up with me and eventually replaced the unit.

    So I'd say the support is reasonable and they have folks who want to do a good job. One of the reasons I chose Sophos is that their corporate personality seems a lot more friendly and caring than Fortinet, Sonicwall, and others. Our XGS87 has been reliable and I like the feature set. I can't speak to whether their tech support is the best knowledge-wise and I have read tech support complaints in these forums, but from my experience they're reasonable. (Again, I'm not in a situation where 50 people are breathing down my neck and I need immediate help, either.)

    I chose the Sophos over Sonicwall (got negative feedback from friends who had used it), Fortinet (seems like firmware releases are expected to be buggy, and didn't like their corporate personality), Cicso (cost and bad corporate personality), Palo Alto (couldn't afford them, they don't have access points, and they seem arrogant). The two finalists were a Fortinet firewall and AP, and the Sophos XGS and AP.

    You need to consider your important features, of course. For example, it's my impression that XG is behind competitors in terms of IPv6. It's also my impression that the XGS series of hardware has been a big leap forward, and the 18.5 firmware is a solid improvement as well, so it's a good time to consider Sophos. The XGS integrates well with Sophos' WiFi AP's -- which are only WiFi 5 but very solid -- so it's pretty much an extension of the XGS and I don't think about it separately. I use the Sophos Central for logging, but not control of the XGS itself. (If we were larger and used multiple XGS's things would be different.)

    You do not control the Intercept X endpoints from the XGS, so at a minimum you will have to use Sophos Central to configure/control them. Intercept X seems to work well, though I have had some issues with things being slower because of it. I think they've mostly fixed that now. One tip: websites can be blocked by the appliance or by Intercept X and I spent an hour or so trying to figure out why the firewall was blocking a site when it turned out to be Intercept X. It can be hard to tell which is which. (I've added a logo to the block page on the firewall to more quickly distinguish this.)

    Also, my background is software development so I'm comfortable with debugging and with scripting things. So I was able to fix a recent glitch that happened with the latest update where something changed and IMAP traffic from Apple email servers was classified as Torrent traffic and blocked. Took about an hour to figure out what was going on and to do a workaround. (That's the ticket where they want a packet capture to figure out what's going on.)

    So I would recommend a Sophos XGS and Intercept X. Any particular functionality that you perceive the Sonicwall to lack that you're looking for in a Sophos solution?