so I can only recommend one thing to you, start using another solution from another vendor. Trust me, I've been using Astaro / Sophos UTM solutions since 2003 and it is hell for the last 5 years. You won't find such a low-quality and unreliable product like XG anywhere else in the world.
Trust me, I really have many and many years of experience with these products and such a bad situation in quality and reliability has not been in the past.
If you are a home user, I understand your enthusiasm. But if you are a corporate network administrator or a supplier of security solutions for companies, this is hell ....
I've never used Sophos support since on the place I has in didn't used Sophos XG.
But looking in to your experience, the Checkpoint TAC is the same thing, unless my problem got hand over to Israel, I would be in a state of suffering the whole time with the LATAM L1 support.
When was the last time you encountered a problem that a function is not implemented correctly or its implementation is not completed? Again for the last 2 to 3 years, this situation has been repeated regularly.
I'm right, I think you've experienced it too, right?
Well, that's another good point; What makes me angry with this, is knowing the back-end of the firewall, (which most parts are GPL code) supports a lot of things that isn't available on the management plane.
Personally I rated v18 as a very failed version (same as v16).
I don't rate v18 "as a very failed version", they did something right which is the new SSL/TLS Inspection engine, but some other features that we got, such as SD-WAN support don't even work correctly.
An example is: try to use the "Application Objects" to route the streaming application traffic to another interface, most of the time the engine will detect YouTube.com as TCP/443, instead of the YouTube streaming application.
If a post solves your question use the 'Verify Answer' button.
I just went back and looked and MR1 was released nearly 3 1/2 months ago. There was an unannounced MR2 that was released to MySophos with no release notes whatsoever, despite repeatedly being asked for them, in what I would call a very bizarre event. People are clamoring for MR3 because there are still many serious bugs in v18 that we are hoping are addressed and we're wary of installing an undocumented, beta (or is it?) release in production when we have no idea what it fixed or didn't fix or what bugs it might introduce. The new DPI inspection engine sounds nice on paper, we had so many problems we had to end up disabling it entirely. And while its nice that Sophos is out there doing innovative things, most all of us would appreciate the simple things, like a logging facility that actually, you know, can give you good consistent information. God help you if you have to troubleshoot and need logs. I would say that the decision making process on what features to work on seems totally broken to me. For example, was there any great outcry for a new DPI engine for v18? But DHCPv6-PD, which is how just about ALL business class cable modem providers distribute IPv6 addresses, nah....who needs that. But if you do need it, a cheap $75 home Chinese router from Wal-mart can do it for you. Its just baffling.
My interactions with Sophos support have been generally decent, so I can't offer much complaint on that.
I mean, medium to big companies don't care about DHCPv6-PD, and thats the point. Sophos want to stop appealing to the home/small busines and go bite the medium/large companies.
They care about DPI/Scanning TLS, routed based vpn, decoupled NATs and rules, etc.
So yeah, that's why and I don't blame them, the money is in the biggest corporations, not small business. And they have to include functions that are present in bigger fw companies (vrf?, central management?, etc)
believe me, you will not definitely alone who decides like you in the near future. Many current Sophos customers are planning the same decision as you. Only Sophos doesn't know about it yet ....
We apologize for any inconvenience you have experienced. We are actively working on initiatives to improve the overall Support experience and appreciate your patience. emmosophos will follow up with you via PM regarding your specific support cases.
For other Community users seeing this, If you had concerns regarding a specific support case, please don’t hesitate to reach out to myself via PM and i'll be happy to help follow up.
Its a shame, I do like Sophos XG and the value for the money is good. If they are truly wanting big enterprise customers only, I would say good luck. XG as it exists right now is not nearly a good enough product to break into that market, the terrible logging alone would be a disqualifier for many.
I don't rate v18 "as a very failed version", they did something right which is the new SSL/TLS Inspection engine, but some other features that we got, such as SD-WAN support don't even work correctly.
And what is the throughput on the DPI again? The xtreme DPI engine...
One honest question, is the firewall not doing It's job to protect your clients, which is the main purpose of it.
I totaly gave up on XG even for home use after the remote code execution problems that was in the wild so no the firewall was not doing its job in its default configuration.
I check in here once in a while since I use SG in my lab due to abundant logging and things are still the same as they were when v16 was released. Big promises little follow through as alda pointed out. Now there is a remote code execution on the SG UTM webadmin. Luckily someone was nice enough to tell them instead of leaking it to the hackers.
