Technical Administrator in Information Technology at New Hampshire Retirement System (51-200 employees employees)

Web filtering: This is the primary purpose of Web Gateway, and it does it very well. It uses Sophos' external database to check URLs against the type of content on a website, and then based on the rules we've set up in the admin portal, allows or blocks it. It alerts IT when a user attempts to view blocked content. And, just in case, it also lets us override specific sets, either explicitly, or by re-categorizing.
SSL Checking: Web Gateway works on encrypted traffic as well, so even HTTPS sites are filtered appropriately. It verifies certificate authorities too.
Groups: Web Gateway can tie into Active Directory, so you can set specific groups to behave differently. For example, our public information department requires access to social media whereas we block that for most users. But with the group settings, PIO has a separate rule that allows them to post and respond to social media.

Administrator Permissions: There's not enough granularity on the administrative side. We ran into an issue where we wanted to restrict junior admins from being able to see traffic per user. But in doing so, it also prevented them from adusting some other settings they had to have access to, like setting exceptions for sites.
CA Database: I occasionally run into issues where the list of certificate authorities in the appliance is not up to date, and I have to manually add a CA. These aren't rare, never-heard-of authorities, either, but they are usually subsidiaries of one of the major ones.
Feedback: Sometimes it takes some good detective skills to track down why a legitimate site isn't working. It's often because of content hosted elsewhere (images, for example), but the reports aren't always clear as to what actually gets blocked. It takes some trial and error sometimes to unblock something that should be okay for our business.

We have not had a single instance of malware since installing Web Gateway. We have other ways to prevent infections and attacks, of course, so this is just one tool in the box, but we had a handful before this from people visiting sites they should not have. Web Gateway has prevented those, at least.
There was some pushback initially as users had to deal with some business sites not working (usually due to CA problems). After the initial growing pains, however, we've seen very few other problems.
The appliance updates itself, in the middle of the night, so that reduces some overhead and planned downtime.

Barracuda Web Filter and WatchGuard XTM - Discontinued Product

Proofpoint Email Security and Protection, Cisco ASA, PRTG Network Monitor

CEO And Founder in Information Technology at Advisor Consulting Group Corp (1-10 employees employees)

When IT Admins need to deploy virtually.
When IT Admins want to have high availability without an extra cost (via the Virtual Appliance Deployment).
When IT Admins want to control and give the internet fair use within the organization.

The registration process with Sophos sometimes has issues with the installation key.
The registration key can't be changed after installation. They should allow for placing a new one.
When renewing the system it's almost impossible for the end-user to place a new key. You need a high-level engineer to do this.

Pricing flexibility against competitors is a great positive impact.
Deployment options are always a great positive impact.
Our CTO and IT Departments have seen ROI in less than a year. We have noticed an increase in overall productivity from co-workers once we took control over the internet and connectivity.

Sophos UTM, Sophos Web Content Filtering and Barracuda Web Application Firewall

Sophos Endpoint Protection, Sophos Mobile, Sophos Phish Threat

Sophos Cloud Web Gateway (discontinued)

What is Sophos Cloud Web Gateway (discontinued)?