We performed a comparison between Cisco Secure Firewall and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. The only major difference between the two is that some users of Cisco Secure Firewall consider the deployment to be somewhat complex.
"The initial setup is straightforward."
"It's user-friendly and easy to operate."
"The SD-WAN feature is the most valuable. This feature evolved from link load balancing. It has helped us in terms of our uptime and privatizing applications whenever we experience an outage. The SD-WAN feature has been a plus for us. Two-factor authentication has allowed us to add more users in terms of remote working. We have two-factor authentication for remote workers to authenticate them before they get on the network."
"FortiGate improved our security. It's one of the best hardware firewalls."
"Initial setup is easy to configure."
"The payment function for applications is good."
"The solution is very user friendly. The user interface in particular is quite nice."
"The most valuable features of Fortinet FortiGate are the ease of use and there are several operating systems that can include the hardware capacities. In the newer releases, the resources were more useful because they were included in the operating system."
"The most valuable feature we have found to be the VPN because we use it often."
"We have not had to deal with stability issues."
"The customer service/technical support is very good with this solution."
"Previously, our customers had to always utilize hand-to-hand delivery. Now, they are able to move completely to a secure digital method. They use a strictly dark fiber optics connection from a central location to the endpoint."
"Firepower has reduced our firewall operational costs by about 25 percent."
"The firewall and policy side are easy to use."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"Signature-based detection; user-defined signatures with regular expressions; integrated URL and content filtering; custom URL categories filtering."
"The cloud-based interface makes it easy to manage."
"The product's initial setup phase was straightforward."
"The most valuable feature of Sophos XG is the VBM."
"The most valuable features of Sophos XG for our use cases are its firewall capabilities, its ability to connect to wide area and local networks, and its VPN functionality."
"This solution does everything and anything a firewall can do."
"The solution is very easy to use and straightforward."
"Sophos is a stable solution, and we haven't had any bugs or limitations."
"The initial setup is straightforward."
"I would suggest that Fortinet add sandboxing to their solution."
"The logs need to be better. They need to be more visible and easier to access."
"We have an issue with hotel guest vouchers."
"It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features."
"The search tool needs improvement. It's very difficult to search for policies right now."
"Some of the filtering is not robust, you can escape it with a VPN. Some of the users bypass some of the filters. It catches some but it also misses some, that area could be improved. It's functioning reasonably but there's room for improvement in that area."
"They need faster serviceability and more security features."
"There are a lot of bugs I have found in the solution and it is difficult to upgrade. These areas need improvement."
"I would like for them to develop better integration with other security platforms."
"With regards to stability, we had a critical bug come out during our evaluation... not good."
"I was just trying to learn how this product actually operates and one thing that I see from internal processing is it does fire-walling and then sends it to the IPS model and any other model that needs to be performed. For example, content checking or filtering will be done in a field processing manner. That is something that causes delays in the network, from a security perspective. That is something that can be improved upon. Palo Alto already has implemented this as a pilot passed processing. So they put the same stream of data across multiple modules at the same time and see if it is giving a positive result by using an XR function. So, something similar can be done in the Cisco Firepower. Instead of single processing or in a sequential manner, they can do something similar to pile processing. Internal function that is something that they can improve upon."
"One area where the ASA could be improved is that it doesn't have AMP. When you get an ASA with the Firepower model, ASA with FTD, then you have advanced malware protection."
"If they want to add better features to the current Cisco ASA, they can start by increasing the encryption. That is the only thing they need to improve."
"Security generally requires integration with many devices, and the management side of that process could be enhanced somewhat. It would help if there was a clear view of the integrations and what the easiest way to do them is."
"The initial setup was complex."
"It has poor performance."
"The current bandwidth consumption is no longer shown in the XG and XGS."
"Even though things work on the back end, we have encountered bugs in the solution."
"The solution’s reporting could be improved."
"The support from the vendor needs to be improved."
"There is an area that is very specific to our setup, where working tools you cannot easily establish a VPN between two internal networks."
"We are not very happy with the customer support they provide — it's quite slow."
"I would like to next release to be able to support on-premise deployment. The construction of the rules within the firewall could also use some improvement."
"We had a difficult time assigning IP addresses to specific MAC addresses."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Cisco Secure Firewall is rated 8.2, while Sophos XG is rated 8.2. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and SonicWall NSa. See our Cisco Secure Firewall vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
My preference is the Sophos XGS, particularly when you team it up with the Sophos Endpoint Protection client and configure it for synchronized security.
Both can be managed through Sophos Central and are available at a decent price for the power they offer the SMB.
I recommend Sophos XGS firewall. It will offer the best solution for malware protection.
Also, I recomend Sophos CIXA with XDR (Sophos Endpoint), so you can use Syncronized Security.