We performed a comparison between Cisco Secure Firewall and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. The only major difference between the two is that some users of Cisco Secure Firewall consider the deployment to be somewhat complex.
"This solution has solid UTM features combined with a nice GUI."
"In terms of security, we have not experienced any security flaws or loopholes, and it has proven to be quite stable."
"Overall security features and performance routing is good."
"It's great for capturing the traffic and troubleshooting it."
"Fortinet FortiGate is user-friendly and affordable."
"The most valuable feature of this solution is Quota."
"This version is stable. I don't have any issues with this solution, in our environment, it works well."
"Anti-Spam web content filterinG."
"I have not contacted technical support. There is a lot of information on the internet for troubleshooting. All you need to do is use a search engine and you will find the information you are looking for easily."
"The most valuable feature is IPS. It's a feature that's very interesting for tackling the most current attacks."
"Cisco ASA works very nicely from an administration perspective. The management of the device is very nice. The ASDM (Adaptive Security Device Manager) is the software that we use and it is very easy to configure using the GUI."
"The most valuable feature of this solution is its ability to integrate vertically."
"The configuration support is very good. You can find a lot of configuration samples and troubleshooting tips on the internet, which is very good."
"There are no issues that we are aware of. It does its job silently in the background."
"I like all of the features."
"A stable, reliable solution used to protect the network's perimeter."
"The interface is very user-friendly and it's easy to manage."
"The user authentication rules are very useful."
"The solution has good performance and is easy to use."
"We get good usage out of the features. It has enabled us to gain popularity. It has great features."
"The web application firewall reverse proxy is very good."
"Content filtering and intrusion prevention are most valuable. Our customers are fully satisfied with the performance of Sophos. It has all the features that they require in a firewall."
"The most valuable feature of Sophos XG is the VBM."
"The product offers many great features."
"The ease of use could be improved."
"Its customer service could be better."
"It would be ideal if they had some sort of GUI interface for troubleshooting and diagnostics."
"You do need some IT knowledge in order to effectively work with the solution."
"If I had any criticism that I would give FortiGate, it would be that they need to stop changing their logging format. Every time we do a firmware upgrade, it is a massive issue on the SIM. Parsers have to be rebuilt. Even the FortiGate guys came in and said that they don't play well in the sandbox."
"The sniffing packets or packet captures, can be simplified and improved because it's a little confusing."
"This product could be improved with Active directory integration and better handling in IPsec and GRE Tunnels."
"Cisco Meraki products are rising very quickly in the cloud and the connected era. Meraki products offer much better ROI, upgradability, and manageability."
"I think they need to review their whole UI because it feels like it was created by a whole bunch of different teams of developers who didn't fully talk to each other. The net policy screen is just a mess. It should look like the firewall policy screen, and they should both act the same, but they don't. I feel like it's two different buildings or programming, who don't talk to each other, and that really annoys me."
"One thing that we really would have loved to have was policy-based routing. We had a lot of connections, and sometimes, we would have liked to change the routing depending on the policies, but it was lacking this capability. We also wanted application filtering and DNS filtering."
"The operation of the ASA is good but the problem is that whenever you require an upgrade, there are multiple pieces of software that you have to upgrade. Extensive planning is required, because if you upgrade one piece of the software it has to be compatible with the others as well. You always need to check the compatibility metrics."
"In general, they can make it easier to manage the solutions. They can make it easier in terms of administration and provide a single tool for different firewalling solutions. They have different tools to manage different firewalls, such as Firepower or ASA. Sometimes, both are on the same thing. You have ASA with Firepower modules, so you manage some of the things via HTML, and then you manage some of the things via another management tool. It's not seamless."
"It has poor performance."
"They could improve by having more skilled, high-level engineers that are available around the clock. I know that's an easy thing to say and a hard thing to do."
"There's a little bit of a disconnect between Firepower’s management and the rest of the products, like DNA and Prime. The solution should have fewer admin portals for network, security, and firewalls."
"The throughput highlighted on the datasheet (10Gbps) should be reviewed. This throughput is only for a UDP running environment, which you will never find in the real world. Rather consider a multiprotocol throughput."
"It would be helpful if they had a set of standard templates because it would assist in the beginning, when you are just getting started."
"The product's technical support services could be better."
"I need to open the email to see what it contains and the value of it before I know whether to access it or not."
"The reporting could be improved in this solution by adding more details."
"The cloud support needs to be improved."
"We recently did an upgrade on the Sophos XG firmware and we were surprised that after the upgrade, the automatic switch actually we were using did not work anymore."
"Their support is fairly good, and they come back to me. I've had an issue once or twice where I couldn't understand what the support person was saying because those calls were probably routed to India. They were a bit difficult to understand, but it is generally not an issue."
"The time taken by Sophos XG's support team to respond to and resolve an issue is an area of concern where improvements are required."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Cisco Secure Firewall is rated 8.2, while Sophos XG is rated 8.2. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and SonicWall NSa. See our Cisco Secure Firewall vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
My preference is the Sophos XGS, particularly when you team it up with the Sophos Endpoint Protection client and configure it for synchronized security.
Both can be managed through Sophos Central and are available at a decent price for the power they offer the SMB.
I recommend Sophos XGS firewall. It will offer the best solution for malware protection.
Also, I recomend Sophos CIXA with XDR (Sophos Endpoint), so you can use Syncronized Security.