XG Roadmap - Still too early?

Hi BillyBob,
not wanting to put a damper on the discussion/thread because I agree entirely about the lack of response/support by the developers for a very new product in this forum. Also the migration to the new BB has killed most of the dynamics and support from the Astaro board.
Folks, the is a rough quote from the Astaro board, these forums are primarily a user to user forum and the devs come here in their spare time excpet during a beta. Seeing that most users consider XG to be in beta where are the devs providing support and asking questions about configurations.

Agreed. I for one am keeping my options open and reviewing other products for both business and personal home use. 2016 is going to be an interesting year for us. Sophos better pull there ear plugs out and start listing and saying something soon.

Maybe a little off-topic, but I am mostly surprised with the lack of communications from the existing Cyberoam users, both in previous Astaro.org and now in this new forum. I've seen max. 3-4 posts from the users who identified themselves as existing Cyberoam users. They obviously never had this kind of community (just checked, there is no official Cyberoam users forum).

That could explain that lack of communication between company and community, because they never had that kind of relationship with users before. Guys like AlanT and others are from Sophos and I am sure that they are not allowed or not entitled to expose things like future Roadmap. They are, in my opinion, only the second-hand source of  information.

Vilic,

XG is under "Sophos" brand, so developers need to follow Sophos's policies (they like or not). It is a mess at the moment. Here we are helping each other but for me it seems the "war of the poor" and sometimes some Sophos stuff pop-ups. This is not the way it should work.

It is a new product and no one has experience on XG (I mean us) so we need support from Sophos otherwise we will never buy this product and even product improvements will stuck. Most of us are using XG at home because one day we would like to sell it (or swap UTM) but if this is the way the communication works, more time will be required and some of us will move to another vendor!

So Sophos Managers should coordinate Cyberoam staff and decide a way to move and communicate with people and partners. Do not forget that Sophos acquired Cyberoam almost 2 years ago, so at least Cyberoam developers should be compliant with Sophos rules (more or less).

Moreover this product still seems to be a beta product, where basic functionality are missing and many bugs are there.

We absolutely need contact with developers as they need our feedback.

[:@][:@][:@]

Luk

I understand your thoughts, but realize the following

1. "good community" was a cultural of Astaro, not Sophos. With the move to XG, Sophos is dumping the Astaro pieces entirely and I suspect the Astaro codebase devs are not moving over to the XG code base and have little interest to support XG users.

2. Cyberroam has not had any community focus so this is par for the course for them.

3. XG is not considered beta to Cyberroam devs. Its a minor upgrade to the Cyberroam code base. So they don't see any need to keep tight tabs on this like its a beta program. For cyberroam, XG isn't "missing" anything. Its only missing features when you come from Astaro/Sophos.

The aswer is simple:

"Sophos will lose many many Astaro customers and position in Magic Quadrant".

They are publishing XG as the "Next Generation Firewall with innovative Technology ", then the product can be used at home only (if you have a lot of patience and not many requirements).

Luk

Just to add my opinion regarding XG feature requests...;)

Luk, your suggestions for improving logging and GUI, and mine for enabling rename/comment network interfaces functionalities are positioned below requests like "MS Azure site-2-site VPN" or "VPN for mobile platforms".

I just can't believe that this requests have more than double user votes comparing with this essential functionalities.
It looks to me that they are adapting feature requests and voting system based on what can be done quickly and with as less as possible development efforts.

For others, please review all of the feature suggestions and give your votes accordingly:
feature.astaro.com/.../330219-sophos-xg-firewall

lferrara said:

The aswer is simple:

"Sophos will lose many many Astaro customers and position in Magic Quadrant".

They are publishing XG as the "Next Generation Firewall with innovative Technology ", then the product can be used at home only (if you have a lot of patience and not many requirements).

Luk, If you attended XG sales course on Sophos partner portal, you should noticed the slide with a truck and a sports car (comparing UTM and NGF), explained with:

1. "Whilst UTMs will typically do more, they are designed with those other tasks in mind, so they are more utilitarian; they will still get you safely from A to B, but are designed to do many other things on the way. The NGFW is more focused in nature... it's the one you want for the race track!"

2. "The Next-Generation Firewall market is dominated by Palo-Alto networks and Checkpoint followed by Fortinet and Cisco in the distance. We’re currently a niche player in this market place… but we intend to change that.".

My conclusion -> no more UTM, we are now NGF.

 

I've been experimenting with this 'non beta' release, I would not recommend any client buy it, sorry. Clearly dropping one line of work and after two years still not being on par with a new line of work could be viewed as 'floundering'. I know from my own work it is possible to groom and manage a great team of Indian developers. Two years, really? This is a stew of your own making. The people here are potentially your best advocates, yet you let them 'help each other' and keep them as mushrooms.

vilic , I always enjoy your interpretations of little tidbits that you find from sophos. I agree on the feature request site. Maybe cyberoam user base has different requirements and they don't see lack of logging and interface names being stuck as problems.

Regarding the partner sales course and race car analogy, I know they have touted the speed numbers before blogs.sophos.com/.../ and I am not testing the troughputs in the lab so I won't challenge what they say but those numbers seem unrealistic to me.

Unless they have added some kind of hardware acceleration for packet processing, kernel tweaking is not going to give you 50% additional throughput. Same with IPS/AV engines specially with a single threaded v2 of snort. Running multiple instances of snort won't increase your processing by 40% if you are downloading a single file using a single stream.

Have they given any indication in the sales meetings on where this FASTER concept is coming from? Or are they moving full speed ahead listening to their own FUD in their own echo chamber? This is really curious considering that now that they are a public company with more funding availability, you would think their future plans would include better quality software along with better ideas and not just better marketing.