Sophos UTM Retirement / EOL announced

Yes this is sad, I concur that the UTM, in what concerns the Sophos portfolio, is far superior, far more professional. I've tested yesterday a quick manual in place migration with XG.. It's okay'ish although far from the UTM if you ask me -- and when I saw that changing parameters on a parent interface would completely removed both, underneath VLANs as well as IPsec tunnels configured upon them, I've been thorn to say the least -- my AP50 not supported and so on... hence nothing for me I guess.

I cannot think other than that Sophos actually lost the main "Astaro developers" of the UTM branch long ago -- which is perhaps why it was a bit dormant on new features etc. In the end it's a sad story because let's be honest, Sophos kills an incredibly good product, loved by the vast majority.

Let's hope for the open source alternative.

You are so right. We have been using the product since the days of Astaro and really loved it. The XG line can't compare in any way. It is so much more complicated. We already have some of them in remote offices and have to replace our HQ UTM this year with XG. So sad...

Untangle does not work without uplink to the vendor cloud. so not useable for me, home or busines, doesn't matter.

i dont like vendors that call home and for me it's a security risk in an firewall enviroment.

By the way: did anyone ask sophos how much money they want for the UTM 9 ? Or if it is for sale ?

WolfgangS said:

Untangle does not work without uplink to the vendor cloud. so not useable for me, home or busines, doesn't matter.

i dont like vendors that call home and for me it's a security risk in an firewall enviroment.

Almost all NGFWs call home, including Sophos, for AV pattern updates and to check for firmware. The home version of SFOS does not offer Heartbeat or Application synchronization so no need to worry. Disable the Sophos Assistant, un-register the firewall with Sophos Central, disable automatic hotfix installation, and telemetry and it should not be calling home.

alan weir said:

The home version of SFOS does not offer Heartbeat or Application synchronization so no need to worry.

I thought this was allowed via Sophos Central through the XG firewall?

Synchronized Application Control requires Security Heartbeat to be enabled which is not available.

Ah good to know, thanks.  I haven't enabled that.

All other things aside, I think I'll be moving on to another product within this year.

You could look into Ubiquity's line of Dream Machines/Routers. The release of the Unify OS version 3 now adds support for running an OpenVPN server right on the Dream Router/Pro. 

Well, u can't use untangel without online connection. It's that the software look for updates , Av pattern and stuff.

u can't use it if your are not online. > no go.

Why would you use a firewall anyways unless you were online? What would be the point of it unless you were online?

It was clearly said on Sophos partner conference that there will be no free/community version of UTM after EOL!

I can understand that point because there will be no further security fixes for the whole product and all used modules after EOL. This is a no-go for a SECURITY solution/appliance. So EOL will be 100% EOL/DEAD of Sophos UTM.

It was clearly said on Sophos partner conference that there will be no free/community version of UTM after EOL!

I can understand that point because there will be no further security fixes for the whole product and all used modules after EOL. This is a no-go for a SECURITY solution/appliance. So EOL will be 100% EOL/DEAD of Sophos UTM.