We performed a comparison between Sophos UTM and Sophos XG based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We can use our devices to check all of the perimeters. It secures email websites."
"I like that you are able to manage FortiGate from the FortiManager to create a more centralized environment."
"Security, SD-WAN, and Streetscape are valuable features."
"Fortinet FortiGate is easy to use."
"Good anti-malware and web filtering features."
"The multi-tenancy feature is most valuable. It integrates very well with FortiManager and FortiAnalyzer."
"The most valuable features are simplicity, management, and that it's constantly evolving."
"Some of the valuable features are the firewall, IPS, web filter, and gateway capabilities. Additionally, it is easy to use and flexible."
"The most valuable feature is ransomware protection."
"What I like about Sophos UTM is that it improves my company's security. The solution is easy to set up, which I like, and it's very stable."
"It is not an easy task to protect your web servers from the big bad internet. The Web Server Protection in this solution does it elegantly and, if configured correctly, even hides the server's base system from prying eyes."
"Brings greater visibility into the network traffic coming inside and passing away from the company."
"The stability, overall, is excellent. I haven't had a problem in the last two years."
"They are all good, but most-used are Network Protection and Web Filtering."
"We find all of the features valuable because together they fit the needs of our customers."
"Sophos UTM's most valuable features are profiling and its simple configuration."
"We created and configured a VPN for connecting our remote sites and also to make it more secure and reliable. We also like its two-factor authentication features."
"Compared to other firewalls that I had looked at, I thought Sophos was the better solution. It just seems to be easier to manage versus Cisco, Fortinet, or one of the other options I was looking at."
"What I have found most valuable with the Sophos XG is it's a key component of the Intercept X EDR environment. You have to have it to receive the full benefit. If you've you are using Sophos SG firewalls, they're great firewalls and in many ways, I prefer them to the Sophos XG. Since I have set them up, programmed them, and manipulate firewall rules, et cetera, the Sophos SG's a better interface. However, the Sophos XG's very powerful. I prefer it over other solutions I have used, such as Cisco Meraki and SupportNet, I don't like them. They're not very friendly to people who have to set them up and implement them."
"This is a very stable solution."
"it's user-friendly, not complex."
"SD-WAN features should be added."
"I particularly like the visibility it provides into network traffic, allowing us to identify and address issues efficiently."
"The stability of Sophos XG is good, it has good performance."
"The solution's framework needs to be frequently updated in order to have a stable solution."
"The support team for Fortinet FortiGate needs to be more customer friendly."
"The web-cache feature which was previously on the FortiGate device, but was deleted with the recent upgrade should be returned. It was a very valuable feature for us."
"I would like to see improvements in the product's application rules."
"There are SD-WAN network monitoring, SD-WAN features, Industrial Databases, Internet of Things, Detection, etc., however, we do have not licenses for those features. We thought that if you bought a product, you should have all of the features it offers. Why should you need to make so many extra purchases to enable features? They should have one price for the entire offering."
"Its price could be better."
"Stability and technical support are the two major issues I have found with Fortinet."
"I think there could be more QoS features"
"Doesn't provide antivirus for individual computers."
"The support could be better."
"The reporting system needs to allow for customizations because many reports do not include details that we expect."
"Sophos should improve its ability to check something like bandwidth consumption for users or something more real-time."
"It would be nice if it had basic features, such as DLP (Data Loss Prevention)."
"I don't really have any notes for improvements."
"The solution's technical support for India needs to be improved."
"Sophos customer support could use some improvement."
"Inability to investigate incidents, there is no tracking."
"The reports could improve, they do not seem complete and more information could be added."
"Everything is working as expected at this moment, but the anti-spam solution in Sophos XG needs to be improved. It needs more granular features and more stability. The anti-spam solution currently doesn't have many features, and we would like to have more features. At this moment, there is no expression filter for anti-spam. We need something to be able to filter subjects or attachments in emails based on the keyword. Sometimes, there is an issue with anti-spam, and Sophos XG suddenly stops processing incoming or outgoing emails. The only solution for this issue is to restart the appliance. Their support should be improved. It takes a long time to escalate a support case from level one to level two."
"The installation could be faster and is longer than that of other solutions, lasting more than a month instead of five minutes."
"The GUI and support could be better. I think there are other products that we are going to deploy instead of Sophos. We have already upgraded a month ago because the interfaces and support for Sophos are really weak. But other products like Juniper, Cisco, or FortiGate are better than Sophos. It's also complicated, and the end-user or client does not understand it."
"I would like to see in future releases a tool to scan for malicious packets and give the location of where they are coming from."
"Support for this product is something that is really important, and it needs to improve."
"The reaction time of the GUI is terrible when compared to other manufacturers."
Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Sophos UTM is rated 8.4, while Sophos XG is rated 8.2. The top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Sophos UTM is most compared with Netgate pfSense, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and Palo Alto Networks NG Firewalls. See our Sophos UTM vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
The biggest difference between Sophos SG and Sophos XG is performance.
Now, there's even a newer Hardware Platform (same OS as Sophos XG, which is called SFOS) - the Sophos XGS which has different chipset architecture, to attend each security module, with its newest feature called XStream Technology.
Besides that, the GUI is very different. Nevertheless, it's worth trying the Sophos XG or XGS, since its GUI is getting overhauled for better performance and easier management, by each new release.
Sophos UTM is no longer being developed, according to our reseller. All the development effort is going into XG. So XG will be the only Sophos firewall going forward, UTM will eventually be end of life.
Hi,
The new appliances XGS have a dedicated streaming CPU (Xstream), in addition to the main CPU.
I have personally tested the differences between the XG and XGS similar appliances. The result is spectacular. 30% more perf minimum:
https://www.sophos.com/en-us/p...
The UTM-9 is soon end-life. Sophos security staff is now focused on SFOS 18, XG, XGS.
To respond to the question "the biggest difference", I think is the "Synchronized Security":
https://www.sophos.com/en-us/l...
The firewall is one of the full security solutions centralized in Sophos Central:
https://www.sophos.com/en-us/p...
At most of our customers, we implement a Sophos Endpoint locally on servers and workstations and firewall XGS. The synchronized security interact between firewall and endpoints. This can resolve the problem with the "lateral movement" of an infected computer. It can isolate a computer from the network when detected as infected:
https://news.sophos.com/en-us/...
It can be extended to secure cloud systems with Sophos ClouOptix:
https://www.sophos.com/en-us/p...
Tested with VM in AWS and Azure, work 5*!
Another big difference is the Webserver Application Firewall. All my customers with an internal webserver to be published in the net are protected with this "reverse proxy" (WAF). It really does the job of protecting IIS, Apache, etc. from externals attacks.
Another trick is the SSL VPN sites to sites. When a branch office is implemented with a front ISP router, sometimes the NAT traversal is not possible, for IPSEC VPN connections (UDP 500). With this SSL VPN, Simple NAT works and gives an SSL 128-bit AES encryption.
Finally, I have a lot of experience in implementing UTM and, now, XG(S). No way, the log is a big difference, easier to use as in Fortigates! It is similar to CheckPoint firewalls.
For my experience, no way: -> Sophos XG(S)
Here is an interesting link on differences between UTM and XG:
https://www.avanet.com/en/blog...
Regards,
A.Rastello
My understanding is that UTM is the software; SG is the hardware. You can buy Sophos UTM running on SG hardware and then later upgrade to the XG running on the same hardware.
I've been told by our Sophos reseller that Sophos are pushing the XG as next generation firewall, and developing it to at least as good as UTM. So XG will be the firewall of choice moving forward. UTM will not be developed further, according to him.
To my understanding, UTM and XG are from different legacy companies that
are now owned my Sophos. During my time researching anti-virus, UTM makes
more sense for our needs seeing as XG is primarily a firewall. From the
information I was able to find during the time of research, it seemed most
of the community felt XG had feature gaps from UTM.
UTM specifically SG series is a very mature and stable platform. It lacks some of the new features of XG; however has a very strong feature set. If you are looking for stability, ease of use and something well documented and understood than I suggest going this way. If however you are looking for a strong level of integration and have a greater than 3 year horizon then I suggest XG.
Wifi integration for example works better on the new platform.
There are several differences since there are 2 versions,
XG firewall has integrations with other products like intercept X and admin from Sophos central.
SG UTM has less integration since it's a separate product. It was formerly Astaro firewall, but the most advanced features have been only set to the XG.
There are appliance and software versions of both products. Depending on your need you might choose one or another. But basically, look at them as 2 different firewalls.