Hi,
We all know what happend to Microsoft ISA/TMG server. - It was no longer development by Microsoft, and evertually it got dropped.
So I imagine, like me, other users looked at alternatives. The truth is though, there wasn't any third party products that could meet the feature set, especially with the third party plug-ins that were availabile to ISA/TMG.
We didn't need a firewall, we are happy with our current brand thank-you. Plus I don't believe in a Swiss Army security product.
So we decided on using Sophos Web Appliance to be our replacement server. It provided the functionality we needed at the right price.
Over the time of using the product we have noticed that there is a clear lack of development with this product. I've raised other feature requests, such as improving the abysmal reporting, but these requests clearly aren't being developed. The only answer from Sophos is to "use a third party reporting tool to interpret the Sophos logs."
I fail to see how spending thousands of pounds on a product to make use of someone else's data (which they should report on in the first place) would help.
Anyhow, I can live with that, but this.... Recently I found an issue whereby the Sophos Web Appliance lets users download certain file types, such as image file types (.DMG, .ISO) without scanning them, as a result we are seeing lots of malware being let through by the Sophos Web Appliance, as the Sophos Web Appliance doesn't scan the files and doesn't have the capability of blocking them.
I raised a ticket with Sophos support, and the answer from Sophos support was:
A. "The end-point should capture the malware" WHAT!!! That's like saying the doorman/bouncer on a nightclub decides to let known troublemakers in, leaving his collegues inside the nightclub to deal with them. Potentially after they've hurt a few customers.
B. Raise a change request on the Astaro feature request forums. Please Mr Bouncer, can you stop the troublemakers from coming in? REPLY: Sorry sir, I'll have a discission with the management and owners before and see what they want beforehand.
BTW: The official feature request link on the Sophos Website: http://www.sophos.com/en-us/support/feature-requests.aspx doesn't list the web products as being part of the feature request forums.
However, I did find the link to the Sophos Web products feature requests link (Thanks to GOOGLE). http://feature.astaro.com/forums/143211-sophos-web-security
I was asked to raise a change request on the Astaro portal, but noticed that someone else had pipped me to the post:
Sophos's answer to this:
DECLINED: "The UTM policy model provides this kind of flexibility. We will not be implmenting this in the SWA"
Here's another comment from a Sophos official:
DECLINED: "This feature already exists on the UTM. Future web development will be focused on the UTM and so we won’’’’t be doing this on the SWA
Since Sophos was bought out by Apax Partners, I've noticed a lack of interest in customer engagement, good products being dropped, and customers being left in the lurch. Being a customer for over 15 years I've seen a huge change from Sophos since this buy-out, and not for the better.
So Sophos. I'd like to see some honesty and transparency please:
Q1. What is happening with the SWA product. Are you still developing it?
Q2. Are you telling us to move to UTM?
Q3. Are you doing anything about the abysmal reporting?
Q4. Are you really telling us that you are knowingly and willing allowing malware in, and are telling customer that the end-point product should catch them instead of SWA, and that we should raise a change request that you have clearly declined!?
This thread was automatically locked due to age.