sophos antivirus and security bundle feedback

leop1212 used Ask the Experts™
I am looking for feedback from current users of sophos antivirus and mail security web security and firewall solution compare to AVG,
 checkpoint and websense solutions.
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
btanExec Consultant
Distinguished Expert 2018

If you are looking at UTM - one in one box as in Sophos UTM or sometimes they may term it as security gateway for the 3 services compared to Websense and Checkpoint, I would factor in the below as baseline at least in my context aspect of relevance
- Ease of deployment, configuration, management such as reporting and analytical triggers
- Resources of the vendor including speed for deployment esp in secured wireless setup
- Ability to deal with remote offices and mobile workers, agility and flexibility to scale up (capacity) and laterally (more services)
- Regulatory requirements and compliance (support with vulnerability management providers).

I am not able to go into details but maybe the below is just brief sharing
- Checkpoint fared better off in areas of URL filtering and application controls;
- Websense fares better in handling malicious URL and files (or blended);
- Sophos fares on par with L7 appl aware Firewall throughput and handling,  

Sophos on average still remain comparable to the other two candidates. Especially compared to throughput with services running. Also it does have acceptable few false positives and provides early detection of compromised sites. So far, deployment and integration is still generally fine for AD to meet the required granular rules/policy setting.

Probably area to examine is (for "bonus") to their own labs providing some real time threat analysis. I know Checkpoint and Websense have (looking from the blog or cloud services they maintained) but not so much heard of from Sophos though. This coincide closely with the agility to share in form of intelligence feeds (like cloud services subscription into box, two ways etc)...


thank you very much for your input,
we are currently have checkpoint 4400 box with 11 blades and websense in place is there any compaling reason to move towards sophos?
what is
Exec Consultant
Distinguished Expert 2018
I will say stick with existing then since checkpt and instead review the throughput n soft blades onboarded, websense too. It is always good to make not putting all eggs into one basket, create that diversity and reinforced their defences.

Probably the push factor is going single one Sophos and easier operationally since patch and change mgmt will be only revolving one principle. It can be hassle if your OPS team is not competent or are wearing too many hats..

Capabilities it is a balanced. You should instead question if the blades will to activate all at one go how the throughput can really be optimised and websense can serves seamlessly through any wcp passive to checkpt etc..otherwise it is still the UTM choice.

 The only thing to consider is if the resiliency us up to mark against L7DdoS with low bandwidth, high botnet surge flooding using NTP, DNS and SSDP and a centralised monitoring withe SIEM capability to oversight additionally. It goes beyond UTM as likely WAF, cloudflare or equv may be address those threat and use of appl delivery controller which F5 loadbalancer can do more as ADC... apologies as I digress as this make up the ringfence strong perimeter not overdo as appl can be slowed...

Pardon as I will not go into the spec aspecf


thank you

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial