Since XG is still buggy as hell, why doesn't Sophos upgrade the UTM 9 home license to 100 for home use?

TedAmes said:

Since XG is still buggy and from what I have read, not even ready yet, I have tried XG on a vm, and not impressed yet.

That is because the XG UTM is still basically a beta at best, in my honest opinion.

After the New York Times got hacked and Symantec got a crap storm of bad press, they moved to integrate Check Point and Palo Alto Network appliances with the Symantec Endpoint.  Basically they are attempting to do what FireEye does by developing network boxes that integrate with software endpoints. Sandboxing and running what they can on the network appliances and having the endpoint react accordingly, if the network appliance finds malicious code.

With XG, Sophos introduced "Heartbeat," which allows the UTM and the endpoint to work together, through the Sophos cloud. Sophos already announced and is the process of developing "Sandstorm" it's cloud based sandbox which will upload files to Sophos to test before users open them. In all honestly, not all that much different than what Check Point, Palo Alto Networks, and FireEye does.

Sophos released XG at the same time that Symantec first released there Symantec/Check Point appliance. Coincidence, I very much doubt it. Basically I am saying that XG was rushed to market to counter the Symantec release. I believe XG will be a solid product when it is fully developed, but currently I would consider it beta software.

That all being said, Sophos is the only vendor that allows home users to use there network appliance. Also, I looked at the Symantec network appliances and they are designed to work best for large scale clients, ie., large corporations and huge universities; however, Symantec does not even open the network appliances, they are relying on third parties to develop there boxes, which are all hardware boxes.

Basically, for anyone running a home/small business/medium sized business, the Sophos UTM and Endpoint integration is the perfect solution.  Although many small business Symantec Endpoint, it would be ridiculous for them to buy a Symantec appliance.

With your network issues, you might want to consider splitting your network into two and implementing two UTMs. If your issue is VMs, you might be able to just virtualize a second UTM for your VMs. Not a perfect solution, but depending upon your setup, might be worth while.

TedAmes said:

Since XG is still buggy and from what I have read, not even ready yet, I have tried XG on a vm, and not impressed yet.

That is because the XG UTM is still basically a beta at best, in my honest opinion.

After the New York Times got hacked and Symantec got a crap storm of bad press, they moved to integrate Check Point and Palo Alto Network appliances with the Symantec Endpoint.  Basically they are attempting to do what FireEye does by developing network boxes that integrate with software endpoints. Sandboxing and running what they can on the network appliances and having the endpoint react accordingly, if the network appliance finds malicious code.

With XG, Sophos introduced "Heartbeat," which allows the UTM and the endpoint to work together, through the Sophos cloud. Sophos already announced and is the process of developing "Sandstorm" it's cloud based sandbox which will upload files to Sophos to test before users open them. In all honestly, not all that much different than what Check Point, Palo Alto Networks, and FireEye does.

Sophos released XG at the same time that Symantec first released there Symantec/Check Point appliance. Coincidence, I very much doubt it. Basically I am saying that XG was rushed to market to counter the Symantec release. I believe XG will be a solid product when it is fully developed, but currently I would consider it beta software.

That all being said, Sophos is the only vendor that allows home users to use there network appliance. Also, I looked at the Symantec network appliances and they are designed to work best for large scale clients, ie., large corporations and huge universities; however, Symantec does not even open the network appliances, they are relying on third parties to develop there boxes, which are all hardware boxes.

Basically, for anyone running a home/small business/medium sized business, the Sophos UTM and Endpoint integration is the perfect solution.  Although many small business Symantec Endpoint, it would be ridiculous for them to buy a Symantec appliance.

With your network issues, you might want to consider splitting your network into two and implementing two UTMs. If your issue is VMs, you might be able to just virtualize a second UTM for your VMs. Not a perfect solution, but depending upon your setup, might be worth while.

I'm in the same boat. My kludge for a while was to have all the non server/lab gear (phones, tablets, tv's, etc) run behind an Asus router which was behind the UTM. This made all of those devices show up as 1 IP, but it also meant that streaming media from a file server was having to be routed through the little Asus router, which was a serious bottleneck. I recently setup an XG VM and have been running everything through it. It's one of the buggiest firewalls I've ever used. The default protection rules kill Netflix access in apps but not in browsers... it reboots randomly... and it doesn't do IPv6 prefix delegation.

I really like UTM, it's been extremely reliable and performs really well, XG is garbage in comparison. And at this stage I'm about to pull the trigger on buying an actual SG appliance, the recently announced SG85 sounds promising. Or if I can figure out the licensing, I'll get a UTM s/w license to run on my own hardware. Anybody have any pointers on where to go to buy UTM for SOHO use?

*edit: Forgot this one, XG doesn't retain logs after a reboot. Good luck troubleshooting that pile of garbage if it starts rebooting on you randomly....

*edit2: I keep remembering things the XG fails at. The reporting sucks too. It can't count bytes it seems. Executive reports that it sends out, don't actually show anywhere near the right number for amount of data transferred.