Time to Move on

This is a tricky thread to jump into! it's going in several directions at once, so I'll try to respond to these different directions, with some perspective from within Sophos.

 1) William, I'm sorry to see you go. you've been a staple of this community for many years, and you'll be missed. I do wish you well, and understand your frustrations. I can't speak to your sales frustrations, but I know we have publicly disagreed on points in the past on technical matters in these forums. All I can say, is sometimes the right solution is not nearly as straightforward as it may seem. I sincerely mean it when I say good luck to you as you change path.

2) Astaro vs Cyberoam - This is such a hard topic to comment on. There's just so much to say, and not enough space to say it all. Without getting too long-winded, XG is not about preserving money spent on cyberoam (I'm pretty sure Sophos paid more for Astaro than Cyberoam), or about choosing Cyberoam over Astaro. Yes XG is in some ways, the next version of Cyberoam, but in many more ways, its far more than that. all of the core security features in XG are either taken from UTM9 directly, or at least significantly enhanced with capabilities from UTM9. I've writen on that before, and won't expand on it again, in this thread. 

Of course XG still needs some improvements that many of you consider very basic, but it's not so black and white as many of you express. There's a clear line of differentiation on opinion, depending on your background. Customers coming in from competitors firewalls typically find XG very compelling, with few or no caveats. Those who object to XG, are most commonly those who were most appreciative of UTM9's UX design. In many ways, UTM9 has superior usability on a micro level, but not on the macro level. What I mean, is that UTM9 has a better implemented object model, with fairly consistent support for enable/disable and renaming, and it has some more powerful object types, like unified hosts, and availability groups. These make a big difference in specific tasks, and when configuring specific features, but don't greatly contribute to the overall discoverability and usability of UTM9. XG's object model is still a couple steps away from what UTM9 offers, but it also solves some of the biggest usability problems UTM9 has. Config is far too spread out in UTM9. Web and app control are intimately related to each other in purpose, but in UTM9, are confusingly different. One is fully user-aware, and the other is not. They're configured in different sections, so if you want create policy relating to a web application, you may need to independently setup web and appcontrol policies, and because of the incomplete user awareness, it's very difficult to match them up completely. In XG, they're not fully equal either, but they are much closer. A single rule applying to a group of users, can apply both web and appcontrol policies per user or per group. That's one example, and there are more. UTM has its strengths, but so does XG, and the strengths in XG are growing every version. v17 will make many more improvements. many of you PM me with suggestions or comments, and I welcome your feedback on what we need to improve. I promise you, I will always give your suggestions fair consideration. 

3) Finally, does Sophos care - yes, very much so. Is your voice being heard? absolutely. It may not always feel like it, and it won't always change our company direction - especially if you're asking us to make major investments in Cyberoam or UTM9. We've said publicly many times now, that we won't. You may not like the volume of improvements in v16/16.5, but the improvements chosen in 16/16.5/17 almost entirely echo requests directly coming from this community. 

With any company, support is often the victim of blame when people feel unheard, and often, the product itself is a factor in why support is less responsive than needed. Sophos is continuing to make serious improvements both to support and to usability and quality. We've done extensive review of what is taking up support's time, and we've been putting out a steady pattern of maintenance releases this year. Each one targeting ways we can make minor improvements to help eliminate the most common reasons people contact support. You'll see some usability improvements on areas of initial setup that cause people confusion today, as well as resolving bugs in each release. For instance, in MR3, we fixed a workflow problem with registration, and also added registration deferral. In MR4, we are adding links to training and how-to videos in the product. In MR6, we will release a completely new initial setup wizard, that also further improves the registration process. These, along with the issues resolved in each MR, are measurably reducing the support costs of XG, and making support better able to help when needed. We're also continuing to increase the size of our support teams, and you should be seeing the results of these actions now. 

4) Sophos vs PFsense - Really? Sophos, no question! :) 

Hopefully, this give some friendly Sophos perspective on this conversation

Cheers,

-AT

Ben has concisely and elegantly explained what I have been babbling about since v15 beta. I get your perspective and the vision that you may have going forward but it provides no comfort to current users that see UTM as a stable workhorse that  mostly just works while XG is still struggling to add basic features that should be expected from  sohos' flagship product.

What you have explained as great accomplishmnets in the web tab of XG interface bringing Webfiltering/ IPS/ QoS/ App Control/ NAT all grouped in one tab is indeed powerful and proud moment for sophos devs but to outsiders, UTM was already doing that years ago maybe not in such a concise way, but definitely not something that would make you switch from a UTM9 to XG. I also understand that its easy to criticize what sophos does and what our expectations are but you guys set the high bar for yourself by promising next gen firewall.

I have said it before and I will say it again... if sophos had spent even half the effort revamping UTM9 as they keep on spending on XG, I wonder where UTM9 would have been today. Completely abandoning your flagship product while putting all your eggs developing XG has always made me scratch my head.

Ben has concisely and elegantly explained what I have been babbling about since v15 beta. I get your perspective and the vision that you may have going forward but it provides no comfort to current users that see UTM as a stable workhorse that  mostly just works while XG is still struggling to add basic features that should be expected from  sohos' flagship product.

What you have explained as great accomplishmnets in the web tab of XG interface bringing Webfiltering/ IPS/ QoS/ App Control/ NAT all grouped in one tab is indeed powerful and proud moment for sophos devs but to outsiders, UTM was already doing that years ago maybe not in such a concise way, but definitely not something that would make you switch from a UTM9 to XG. I also understand that its easy to criticize what sophos does and what our expectations are but you guys set the high bar for yourself by promising next gen firewall.

I have said it before and I will say it again... if sophos had spent even half the effort revamping UTM9 as they keep on spending on XG, I wonder where UTM9 would have been today. Completely abandoning your flagship product while putting all your eggs developing XG has always made me scratch my head.