Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unwanted Parenting - Why does SOPHOS insist on removing features "for our own good"?

SOPHOS markets their XGS product to network administrators, who are professionals in their field. These are expensive devices that owned by the customer, and should be up to the customer how they wish to deploy\configure\use them. 

SOPHOS, however, is intent on "Parenting" their network administrator customers. SOPHOS is removing another feature that some admins are using because I guess SOPHOS "knows better". We've been using the new XGS Firewalls for a few months and this is the second time I've seen this behavior.

While SOPHOS is busy removing functionality and features from their Firewalls to "Parent" their customers who don't need parenting, other functionality is direly needed, however that does not appear to be the focus.

Why don't we work on improving the MANY missing features that XGS needs, before we start making the product less flexible.

   



This thread was automatically locked due to age.
Parents
  • One thing is for certain, this is not a decision Sophos should be making on the partners behalf. There is a long history of this happening though it doesnt come as a suprise.

    Why remove SSL VPN client when the Sophos Connect client is far from full featured?

    Whats next? Sophos doesnt like NAT any more so that gets deleted? Why not work on website filtering that actually works?

    Its going to be something to behold when Sophos Central needs an update and no one can access firewalls.

  • I don't remember Sophos saying anything about removing the SSL VPN functionality. Is this true....? I heard about ZTNA, whatever that is, but don't remove SSL VPN. This push to the cloud is getting ridiculous. 

    Even Christian Lempa, who is a highly vocal engineer for Sophos, does a video on youtube about why the cloud (ex. Cloudflared tunnels) are not even a good idea compared to on premise VPN.

Reply
  • I don't remember Sophos saying anything about removing the SSL VPN functionality. Is this true....? I heard about ZTNA, whatever that is, but don't remove SSL VPN. This push to the cloud is getting ridiculous. 

    Even Christian Lempa, who is a highly vocal engineer for Sophos, does a video on youtube about why the cloud (ex. Cloudflared tunnels) are not even a good idea compared to on premise VPN.

Children
  • There's no plan to remove SSL VPN. 

  • I believe he was referring to the SSL VPN client that was replaced with the SOPHOS Connect VPN client.

  • Yes correct again thinking like we have 5 firewalls deployed. Take the SSL client out of portal, what is the customer going to do? They are going to download Sophos connect and then ask us why it doesnt work. 

    We just had this happen last week, 400 installs done and then the IT staff reaches out to ask us why they can't make two connections at once. What can we tell them outside of its not full featured and Sophos keeps doing things that don't make sense.
    Why force it when its not ready? What is the purpose of doing this when it can't do trivial things its a downgrade and we are not beta testers.

    We want to partner with Sophos not work for them. Decisions are obviously made without thinking about larger footprints in terms of of total users. We cant update 60,000 users every time a lackluster decision is made. We will need 10 people on staff just to keep up with the Sophos non sense.