Sold by: SophosÂ
Deployed on AWS
Free Trial
Sophos Cloud UTM9 Auto Scaling is an AWS Security Competency approved NextGen Firewall Auto Scaling solution that helps customers with their shared security responsibilities by offering multiple layers of protection in a single solution
Overview
Video
Video 1
Video
Product video
Sophos Cloud UTM9 Auto Scaling is an AWS Security Competency approved NextGen Firewall Auto Scaling solution that helps customers with their shared security responsibilities by offering multiple layers of protection in a single solution that scans, controls and reports on traffic entering and leaving a VPC.
Security features include a Web Application Firewall (WAF), a pre-tuned and automatically updated Intrusion Prevention System (IPS), an Outbound Web Proxy/ Layer 7 Application Engine to protect and control connections to the Public Internet, an Advanced Threat Protection engine to identify and block unknown and evasive threats, and VPN Gateway features to securely connect remote sites and users. The UTM9 NextGen Firewall solution also provides detailed logs and reports which can be viewed on system and/or exported to the AWS CloudWatch Logs service and any Syslog compatible device.
Sophos provides a CloudFormation template to easily deploy the Active/Active solution across multiple Availability Zones while integrating with key AWS services such as Auto Scaling, CloudWatch, and S3 to comply with AWS Best Practice guidance on secure architecture. UTM9 Auto Scaling also provides Outbound Gateway which provides for secure, scalable outbound traffic protection, and a secure REST API to automate configuration.
Part of a complete cloud security portfolio. A selection of Sophos AWS Marketplace offerings is included below, while more can be found at www.sophos.com/cloud .
- Sophos UTM Standalone or HA (Free Trial): https://soph.so/utm-paygÂ
- Sophos XG Firewall Standalone (Free Trial): https://soph.so/xg-firewall-paygÂ
- Sophos Cloud Optix (CSPM with Free Tier): https://soph.so/cloud-optixÂ
If you have any questions about Sophos solutions or if you need assistance with deployment or configuration, please contact the Sophos Public Cloud team at aws.marketplace@sophos.com .
Highlights
- Control infrastructure and security costs by combining multiple security tools into a single, easy to deploy, scalable solution.
- Web App Firewall (WAF) protects your web apps against common threats like SQL injection and Cross-Site Scripting. Next-Gen Firewall protection and reporting with stateful traffic inspection, Layer-7 application control, secure proxies, and IPS.
- Outbound Gateway (OGW): automatically scale up or down for outbound network packet inspection, or URL filtering and whitelisting to help ensure your applications are accessible only to authorized services.
Details
Sold by
Categories
Delivery method
Delivery option
Auto Scaling using CloudFormation
Latest version
Operating system
OtherLinux 9.720
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
m3.large | $0.75 |
m4.large | $0.76 |
m5.large | $0.76 |
c3.2xlarge | $1.30 |
t2.small | $0.10 |
c4.2xlarge | $1.30 |
c3.4xlarge | $1.75 |
c5.2xlarge | $1.30 |
c4.4xlarge | $1.75 |
c5.4xlarge | $1.75 |
Vendor refund policy
Terminate the EC2 instance(s) or delete the CloudFormation stack at any time to stop incurring charges. You may email aws.marketplace@sophos.com for questions regarding Sophos UTM charges and refund requests.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Auto Scaling using CloudFormation
This CloudFormation template allows you to deploy Sophos UTM in an Auto Scaling scenario to automatically scale up and down with your application in AWS. The template will deploy three EC2 instances: one EC2 instance hosts the UTM Controller used for administration, and two EC2 instances host UTM Workers used to inspect traffic. The UTM Controller resides in an Auto Scaling group and stores configuration details, logs, and reports to an S3 bucket. The UTM Workers reside in another Auto Scaling group behind Elastic Load Balancing (ELB) and automatically increase the number of UTM Workers during demand spikes to maintain performance and decrease the number of UTM Workers during lulls to reduce costs. The UTM Workers use the configuration file stored in S3 to launch new UTM Workers for Auto Scaling and to propagate configuration changes via notifications from Amazon Simple Notification Service (SNS).
Sophos UTM Auto Scaling also offers an additional layer of security called Outbound Gateway (OGW) which allows customers to inspect and scale security based on outbound connections. OGW works by deploying gateway instances into VPC subnets (both local and remote) that forward all traffic to UTM workers via Generic Routing Encapsulation (GRE) tunnels. OGW provides failover across Availability Zones (AZs) and supports VPC peering to allow you to direct all application traffic to a Shared Security VPC.
CloudFormation Template (CFT)
AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."
Version release notes
Additional details
Usage instructions
You can manage your Sophos UTM on AWS from the Web Interface using HTTPS (TCP port 4444), the command shell using SSH (TCP port 22), and via the RESTful API.
Sophos UTM requires a valid email address for administration purposes. This email address is not used for any other purpose and remains local to the Sophos UTM AMI. Please refer to the Sophos Privacy Policy for more details. https://www.sophos.com/en-us/legal/sophos-group-privacy-policy.aspxÂ
Sophos UTM on AWS Quick Start Guide https://www.sophos.com/en-us/medialibrary/PDFs/documentation/SophosUTMAWS.pdfÂ
For additional information about deploying on AWS please see: https://www.sophos.com/en-us/support/documentation/sophos-utm.aspxÂ
Resources
Support
Vendor support
For customers who participate in the AWS Product Support Connection, Sophos provides technical support via phone and web portal. Phone: +1-844-591-2756 Web portal:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Palo Alto Networks
By Juniper Networks
Top
10
In Network Infrastructure, Security
Top
10
In Network Infrastructure
Top
50
In Migration
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Network Traffic Inspection
Advanced stateful traffic inspection with Layer-7 application control and comprehensive packet analysis
Intrusion Prevention System
Pre-tuned and automatically updated Intrusion Prevention System (IPS) to detect and block potential security threats
Web Application Protection
Web Application Firewall (WAF) with protection against common web vulnerabilities like SQL injection and Cross-Site Scripting
Advanced Threat Detection
Advanced Threat Protection engine capable of identifying and blocking unknown and evasive threats
VPN Connectivity
Secure VPN Gateway features for establishing encrypted connections between remote sites and users
Network Traffic Inspection
Advanced layer-7 application visibility and control with comprehensive traffic inspection capabilities
Threat Prevention Technology
AI/ML-powered security engine with researcher-grade signatures for detecting known and zero-day threats
Cloud Security Integration
Native integration with AWS infrastructure components including Gateway Load Balancer, Auto Scaling, and Transit VPC
Dynamic Policy Management
Automated policy application using AWS tags, Application IDs, User IDs, geographies, and network zones
Deployment Flexibility
Seamless deployment through EC2 instance creation workflow with cloud-native form factor
Network Security Services
Advanced firewall solution with core firewall, VPN, NAT, and L4-L7 security services
Threat Protection
Intrusion detection and prevention (IPS) with application visibility and control through AppSecure
Cloud Integration
Native integrations with AWS services including Elastic Load Balancer, CloudWatch, Security Hub, and Amazon GuardDuty
Routing Capabilities
Advanced cloud-grade routing with IPsec and full mesh VPN termination services
Protocol-Level Protection
Anti-virus capabilities detecting and blocking malware across POP3, HTTP, SMTP, and FTP protocols
Standard contract
No
No
No
Customer reviews
3.9
14 ratings
14 AWS reviews
|
94 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Daniel ElĂas
Seamless integration, enhanced security, and good pricing
Reviewed on Jan 03, 2025
Review provided by PeerSpot
What is our primary use case?
Currently, I have Sophos UTM. I don't remember the details. I know it's about management. I have monitoring from Sophos, alongside the Sophos firewall and Sophos antivirus. Sophos manages the service, with people monitoring my network, including the data from my endpoints and firewalls. They can alert me if there is a security risk. I purchase this service through a distributor in Colombia because the service offers direct management and monitoring.
What is most valuable?
This integration of the antivirus and the firewall works together to enhance security. Integration is key in securing my system.
What needs improvement?
With artificial intelligence, there is room for improvement in all antivirus and security software. However, the bad actors are also improving their methods by using artificial intelligence.
For how long have I used the solution?
I have been using the solution since 2014 or 2015.
How are customer service and support?
Sometimes, I communicate with Sophos support. It was hard for me to talk with them since my English is not as good as American English.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I used WatchGuard before. WatchGuard was used as part of Azure's antivirus suite. Although all firewalls work similarly, the integration of antivirus and firewall from one company decided my preference for Sophos.
How was the initial setup?
The people who sold me the solution helped me configure everything.
What about the implementation team?
The installation was done by one engineer. Inside my company, two or three people worked with him to deploy it, including my boss, a technician, and myself.
What's my experience with pricing, setup cost, and licensing?
The value between what I receive and what I pay is the best in the industry.
What other advice do I have?
I definitely recommend Sophos. I rate it a nine out of ten.Â
Other firewall companies do not have antivirus development as well as Sophos. Sophos is unique in this regard, having developed its antivirus before the firewall, and now both are very good.
Samaila Yusuf
Network protection strengthens through effective threat management features and secure access control
Reviewed on Dec 30, 2024
Review provided by PeerSpot
What is our primary use case?
I have been using Sophos UTMÂ for the past six years to protect the network at my organization. I use it for my customers and to secure our internal infrastructure.
What is most valuable?
The zero-day protection and firewall rules are some of the most effective features for threat management. I can set the rules and features, and also use IPsec to connect all my on-premises servers and link them to Sophos UTMÂ so that they are protected even when in the cloud.Â
Additionally, I use it to control access into the building through a captive portal integrated across all the PCs we have, ensuring secure access only for authenticated users.
What needs improvement?
I would love to see artificial intelligence capabilities integrated into Sophos UTM. This would help reduce reliance on external support.
For how long have I used the solution?
I have been using the solution for the past six years.
What do I think about the stability of the solution?
There have been no issues with the stability of Sophos UTM.
What do I think about the scalability of the solution?
There have been no problems with the scalability of the solution.
How are customer service and support?
The technical support by Sophos is amazing, especially when I pay for the enhanced support. I receive maximum attention and it is a good system.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have been using these boxes for a long time now, all the way from CyberRoam until we migrated to Sophos.
How was the initial setup?
The initial setup was easy because I have been using these boxes for a long time. The operator provided an option to send someone down, however, I worked with them remotely and we were done with configuration in 30 minutes to an hour.
What about the implementation team?
They just sent somebody. However, I was able to handle most of it myself remotely due to my previous experience.
What's my experience with pricing, setup cost, and licensing?
Pricing has become expensive recently due to the dollar hike and naira value changes in Nigeria. Even though it's expensive, I consider Sophos a major first line of protection, so I pay for it nonetheless.
What other advice do I have?
I've been recommending Sophos UTM to others, and I would continue to do so.Â
Overall, I would rate the solution a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Emanuele-Gnali
Enhances security by providing intuitive firewall policy settingsÂ
Reviewed on Jul 11, 2024
Review provided by PeerSpot
What is our primary use case?
The primary use case for the solution is as a perimeter protection firewall, which includes functionalities such as VPN, web control, and traffic inspection. It is used in various customer environments, providing comprehensive security management and network protection.
What is most valuable?
The platform's most valuable features include the integrated multifactor authentication (OTP) for VPNs, which enhances security, and the flexible and intuitive firewall policy settings that simplify management.
What needs improvement?
Enhancing the user interface to achieve the same level of flexibility as the older UTM interface could improve the product. The current XG interface needs to be more consistent during configuration.
For how long have I used the solution?
I have been using Sophos UTM for 15 years.Â
What do I think about the stability of the solution?
The solution is stable. I rate it a ten for stability.
What do I think about the scalability of the solution?
The solution is highly scalable, especially with VM offerings, though it can be pricey. I rate scalability as eight or nine.
How are customer service and support?
The customer service and support for Sophos UTM have been exceptional. The developer community is also valuable, offering substantial support and insights.
Which solution did I use previously and why did I switch?
I previously used solutions like FireGuard and WatchGuard but switched to Sophos for its comprehensive features and superior user interface.
How was the initial setup?
The initial setup for basic functions is very straightforward and can be completed in less than an hour. However, advanced configurations can become challenging.
What about the implementation team?
Our in-house team manages the deployment. We seek help from third-party MSPs with expertise in complex configurations.
What's my experience with pricing, setup cost, and licensing?
The product pricing and licensing are higher, but they offer good value for the features and stability provided.
Which other solutions did I evaluate?
I evaluated other options including Fortinet FortiGate, but found Sophos to be more suited to our needs at the time due to its ease of use and robust feature set.
What other advice do I have?
The platform requires regular monitoring. Overall, I rate it a ten.Â
Malline Ligawa
Protects endpoint equipment and offers protection against any infiltration in the network
Reviewed on Mar 18, 2024
Review provided by PeerSpot
What is our primary use case?
We use Sophos UTM for our organization's network security.
What is most valuable?
The most valuable feature of Sophos UTM is the endpoint protection feature.
What needs improvement?
The technical support team’s response time could be improved.
For how long have I used the solution?
I have been using Sophos UTM since 2018.
What do I think about the stability of the solution?
I rate the solution ten out of ten for stability.
What do I think about the scalability of the solution?
We use the solution daily in our organization.
I rate the solution ten out of ten for scalability.
Which solution did I use previously and why did I switch?
I previously used Kaspersky. I switched to Sophos UTM because of the features that it is offering.
How was the initial setup?
On a scale from one to ten, where one is difficult and ten is easy, I rate the solution’s initial setup ten out of ten.
What about the implementation team?
The solution's deployment took a week for the first time because our organization is big and has over 300 endpoint equipment. It takes a few hours to do the renewals now. We deployed Sophos UTM from the Active Directory. Three people were involved when we deployed the solution for the first time.
What's my experience with pricing, setup cost, and licensing?
You cannot really say that the solution is expensive, given the protection it gives.
What other advice do I have?
Sophos UTM has improved our network's threat detection and response. It has been good so far because we don't have many attacks. We use the solution's web filtering feature for our organization's security. We use the firewall to protect our endpoint equipment and protect against any infiltration in our network. We also use the solution’s VPN feature.
Around one or two people are required for the solution’s maintenance. I would recommend the solution to other users because it has helped us. The solution's installation and deployment are seamless, and its protection is secure.
Overall, I rate the solution ten out of ten.
Which deployment model are you using for this solution?
On-premises
Abhilash K.
Best secure way
Reviewed on Jan 11, 2024
Review provided by G2
What do you like best about the product?
Ultimate edition for security to safe from any illegal activity.
What do you dislike about the product?
Neither any of them to dislike. Login process is different but all are đź‘Ť
What problems is the product solving and how is that benefiting you?
Cyber security is important to us for data security.