Sophos UTM Retirement / EOL announced

seroal over 1 year ago

Finally, Sophos announced the EOL of UTM. Interestingly, the EOL does not apply to Sophos UTM AWS....

Moved to Lifecylce and Migration Forum
[edited by: Raphael Alganes at 3:02 AM (GMT -7) on 23 Jun 2023]

Top Replies

alan weir over 1 year ago +5

The benefit to mankind would be to release the source code of UTM and make it open source once it reaches EOL. This probably won't happen but for such a great piece of software to be abandoned and lost…

Parents

0 Dr No over 1 year ago

This is a mess. Please support existing installations with UTM beyond 2026. These appliances just do what they should and they do ist really good.

We will never sell XGS as long as no simple lets encrypt implementation will be available. Why? Replacing certificates every year for VPN, user portal, SMTP TLS and WAV is a stupid and senseless job. The UTM approach with lets encrypt is an intelligent solution. XGS is dead therefore for us. Some other competitors are more attractive.

There were also some other limitations with XGS (using port 443 with VPN and WAF was not possible even with several IP addresses or 2 WAN lines for some time, if I am not wrong, maybe this is fixed in the meantime, I don't know).

Nevertheless: UTM is still on demand and we would pay for.

BTW: will UTM Home be stopped also in 2026?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Jay Jay over 1 year ago in reply to Dr No

Maybe EOL will be re-evaluated if more customers complain directly to Sophos?

There was a post on reddit indicating the early announcement (this thread) was a leak. Intentional or not, it's out there now. Does Sophos care if it loses the paying customers who refuse to to the XG route.... ?
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Dr No over 1 year ago in reply to Jay Jay

this might be possible, just to see what would happen. In my case and that of my customers, transition away from Sophos to a competitor.

XGS is no solution for our concepts, as long as key features like a simple lets encrypt implementation is missing.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 LuCar Toni over 1 year ago in reply to Dr No

Did you reach out to your local Sales Rep to discuss your possibilities for the future for you and your customers?

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Dr No over 1 year ago in reply to LuCar Toni

Hi Toni, it is just that easy: without a suitable Let's Encrypt implementation Sophos is history for us. I contacted already a sales rep - from a competitor.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 Dr No over 1 year ago in reply to LuCar Toni

Hi Toni, it is just that easy: without a suitable Let's Encrypt implementation Sophos is history for us. I contacted already a sales rep - from a competitor.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 LuCar Toni over 1 year ago in reply to Dr No

As you could easily integrate this via a Script, you could do LE still on SFOS. Even with a Wildcard LE Certificate, which would replace the need of using individual certificates per domain. This is possible via API in DNS and i am using this for years on multiple SFOS firewalls.

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel