This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM firewall being phased out?

I was visited by our Sophos reseller, he tells us that Sophos UTM is no longer being developed, and we should migrate to XG instead. We can keep the same hardware (SG300), we just need to install new software, and migrate the firewall rules. Licenses and support remain the same.

Anyone else heard that UTM is no longer being developed, and advised they should switch to XG?

Thanks,

Richard.



This thread was automatically locked due to age.
Parents
  • Hi Richard,

    Whoever that Reseller was, they can get a big fat ol' "WRONG" rubber stamp.

    However, doubling back that is not without a hint of truth and below is the current "score" from my personal perspective which is subject to change depending on Sophos' roadmaps:

    • The UTM is currently on v9.6 and there are a v9.7 and v9.8 listed in the roadmap for 2020 and 2021 releases respectively. There is no schedule for a v9.9 so no news on that for now
    • The number of features being implemented into the major-minor version numbering is a far cry smaller than those going into the XG
    • The development manpower assigned to the UTM is an order of magnitude smaller than the XGs development manpower
    • The support for the UTM is still going strong
    • The UTM is a big mature ol' beastie that still has a lot of fight left in him but because of the diversity and size (not to be confused with bloat) of the codebase the difficulty of adding new features is pretty major. v9.6 was meant to have the Charon support for Strongswan but implementing it to get IKEv2 support actually would have impacted the systems in far reaching ways that were unacceptable so Charon implementation was canned (that was a big thing)

    However, here is the kicker from the UK Partner conference last month which was the UTM was only mentioned once in pretty much the entire conversational topics and that was a footnote. Sophos is going cards all in on the XG and that will be the only firewall they will support in the future but for now the UTM is here to stay and will continue for while longer.

    Again, a personal observation is if we hypothesise there will be a v9.9 (unlikely, again personal observation) then 2022 will be the final release for the UTM, that will last for at least 2 years then go End of Sales Life (no new licenses/renewals can be purchases) and then 3 years till End Of Life so 2027/2028 is when we may light a candle outside Abingdon HQ and push a UTM appliance on a viking longboat across the moat outside the cafe (then maybe set fire to it).

    We also have to remember that some of these UTMs are installed on 5 year (or longer) life times and switching to the XG would take years of planning in large infrastructures so they have to scope for that as well.

    But please remember: What has been said above is my own personal opinion and is not reflective of the business I work for or from any other relationships/information I may/may not be aware of, it is not to be taken as gospel and is an objective observation on the UTM lifetime state.

    I would be interest to hear your thoughts on the matter,  as a gentlemen harkening back from the days of v4 Astaro!

    Emile

  • Would be nice if someone of Sophos can atleast tell us if we still can use UTM until 2025 (that would be 3yrs earlier then your estimate)

Reply Children
  • Hi Renede,

    Well, you can take it this way, until they state that there is an End of Sales Life date, people can still buy 5 year contracts (the absolute maximum they'll generally allow) so you have at least until 2024 while that should expectantly hold true. Then you have EOSL to End of Life which will be 2-3 years.

    Emile

  • I just downloaded me the home utm version and looked at the license it seems endpoint security ends on: 10/13/2019 and most other features end on: 06/25/2022

    So if I read your mail we show apply for a new license at 2022.

    The license generator they use now shows registered at: 12/17/2015 

     

    [LicenseInfo]
    Owner = xxxxxxxxx private account
    Id = xxxxxxxxx
    LicenseString = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    Revision = 1

    [LicenseOptions]
    Type = 50
    RegistrationDate = 12/17/2015
    ExpirationDate = Never
    LicenseMode = ondemand
    UserLimit = 50
    ConcurrentConnections = 32000
    Special = Home use only
    SiteWideLicense = OFF
    ClusterNodes = 0
    OEM = off

    [NetworkSecurity]
    Start = 12/17/2015
    Stop = 06/25/2022

    [WebSecurity]
    Start = 12/17/2015
    Stop = 06/25/2022

    [MailSecurity]
    Start = 12/17/2015
    Stop = 06/25/2022

    [WebApplicationSecurity]
    Start = 12/17/2015
    Stop = 06/25/2022

    [WirelessSecurity]
    Start = 12/17/2015
    Stop = 06/25/2022

    [StandardSupport]
    Start = 12/17/2015
    Stop = 06/25/2022

    [EndpointAntiVirus]
    Count = 10
    Start = 12/17/2015
    Stop = 10/13/2019

  • Hi Renede,

    The Endpoint on UTM is finally (finally!) being decomissioned and the EOL notification has been around for a while but that is mainly down to the difficulty of maintaining such diverse management systems (utm, sec and central) and various other pain points.

    That is interesting about the home license expiration, i will go look at mt old license file generated in 2015 and look at the date on that (if i can find it) to compare.

    But i can imagine why that was done so there would not be permanently licensed firewalls. However, i highly doubt the expiry on a home license is in no way an indicator of UTM lifetime as we have a Customer whome had a 5 year license issues in december of last year taking that to 2023.

    Emile

  • Hi,

    Homelicense always is issued for 3 years.