We performed a comparison between Sophos XG and Zscaler Cloud Firewall based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it."
"Valuable features include the Web Application Firewall, and it even has DLP (data leak prevention)."
"The solution is extremely reliable."
"Fortinet FortiGate is a scalable solution."
"The most valuable feature is the bundled subscription, which is IPS, TV and web filtering."
"The most important features of Fortinet FortiGate are the Intrusion Prevention System (IPS) and firewall control applications."
"It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working."
"Fortigate's most valuable feature is that it doesn't need a push policy when writing rules."
"The scalability of Sophos XG is good."
"It is feature-rich, I like the server authentication, and the reports are good."
"I like the tunneling part which we are using for the VOIP. We have various other sites where we connect via tunneling. The tunneling part is very fast and easy to implement."
"Each user has the ability to manage the solution."
"We are able to trace any user and pinpoint any vulnerability or any malicious software. We are able to synchronize between the local and active directories so we can catch users easily through their login names and IDs."
"The most valuable features are the central management, the user VPN, and communications."
"As a security solution, it's a very good security solution."
"The firewall provides network visibility and reporting capabilities, constantly improving over time. It can be integrated with the cloud console, allowing centralized management of multiple firewalls. integration with endpoint security products ensures seamless traffic flow and rule enforcement, even when endpoints are not directly connected to the firewall."
"The product’s firewall and VPN package are fantastic compared to any other solution."
"Zscaler Cloud Firewall understands the applications in the current generation and adapts to the present generation cloud applications."
"It is a stable solution."
"The scalability is okay. We have around 2200 people using this solution."
"The visibility and log availability offered are highly valued for troubleshooting purposes, and this is a key factor driving customer interest in the firewall module."
"Zscaler provides effective protection against various cyber threats ensuring a safe environment"
"Once you have Zscaler running you have access to configure it however you want."
"The solution offers good sandboxing."
"I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security."
"The cloud features and integration could be improved."
"Fortinet currently has many products bundled with FortiGate including the basic firewall and load balancer, and I think that that they need to have separate product portfolios for each of these specialized services."
"They've become quite expensive."
"It is stable, but its stability can be improved."
"I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE."
"Fortinet FortiGate is not very easy to use. The navigation could be improved to make it easier to use."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"When upgrading the firewalls, the process could be easier."
"The pricing has gotten much higher."
"The two main areas where this product needs improvement are routing and reporting."
"The solution’s reporting could be improved."
"They made some changes to the firmware update sometime last year, which moved some of the policies from where they were before. Some of the policies, such as NAS policies, were separated, which made it a bit hard for people to trace the policies they had configured."
"The reaction time of the GUI is terrible when compared to other manufacturers."
"They can simplify its interface so that it is mostly drag-and-drop. There was an SQL injection attack on some Sophos devices. They just need to harden their devices a little bit so that they can't be hacked very easily."
"They need to allow their solution to integrate with other products and not just other Sophos solutions."
"When it comes to customer support, there is room for improvement in Zscaler's service."
"There are some areas it could improve when it comes to blocking, we have to block some things manually. For example, if we block a top-level domain we have seen that the new IPs come through, the IPs are not blocked. There should be some more granular way of doing it. My only request is if you're blocking something at a top level, the sub-level sub-domains and all those other IPs should be blocked too automatically."
"The product could improve its integration with some legacy systems."
"The issue right now is probably that Zscaler is not providing web browser isolation. Another solution, Menlo, offers this. For one customer, we had to send traffic to Menlo to do the isolation for us. It was requested by the customer so that they could integrate any iframe. Zscaler needs to add this type of feature in their next release."
"Zscaler Cloud Firewall should have a better understanding of all dynamic cloud applications."
"Instead of the standard license, they should certainly provide customers with the visibility to access and view the logs."
"We are having some issues with internet access being denied when organizational ID-based policies change. For example, a lower level employee ends up getting the same level of access as that of a higher level employee."
"It would be nice to have some sort of a form factor, a physical form factor perhaps, or virtual machine that you could install on devices or on a cloud, and have some cloud computing."
Sophos XG is ranked 6th in Firewalls with 192 reviews while Zscaler Cloud Firewall is ranked 26th in Firewalls with 15 reviews. Sophos XG is rated 8.2, while Zscaler Cloud Firewall is rated 8.4. The top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". On the other hand, the top reviewer of Zscaler Cloud Firewall writes "A highly stable and comprehensive cloud security and access solution". Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and Sophos UTM, whereas Zscaler Cloud Firewall is most compared with Azure Firewall, OPNsense, Cisco Multicloud Defense, Cisco Secure Firewall and Juniper vSRX. See our Sophos XG vs. Zscaler Cloud Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.