i am currently looking into other use cases, which i could potentially migrate via Powershell like here: Sophos Firewall: PowerShell Script Library for migrating Sophos UTM to Sophos Firewall
As i am looking into "what would potentially save time" - Anything, which an UTM administrator wants to migrate from A to B, which are potentially the same?
About certain use cases, which are likely not migrate able / or complex in doing:
1. VPN (Remote Access). By that time of Sophos Connect, you can simply use Sophos Connect and the .pro file to convert your users. No need to convert any kind of complex user based scenario. See: https://docs.sophos.com/nsg/sophos-firewall/19.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/RemoteAccessVPN/IPsecSSL/SophosConnect/RAVPNSConClientsConfigurations/index.html
2. Firewall Rules are likely migrateable but would only have simply "ANY" Zone and host objects. The point of migrating them is likely not there.
3. I am looking at Ipsec VPN (Site to Site) but UTM Configuration is more complex to migrate them - Will likely take some time.
4. User Migration is something, which is likely not working due the concept of how SFOS interact with the users and the backend. Read more here: Sophos Firewall: Backend Group Membership in Sophos Firewall
5. Not sure if WAF is worth this kind of effort, as WAF is likely quick to migrate from A to B. But i am open for discussion, if there would be a use case to do that. UTM uses a different approach to WAF than SFOS in terms of configuration, which means, the complexity increases by doing this via script.