We performed a comparison between Cisco Secure Firewall and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. The only major difference between the two is that some users of Cisco Secure Firewall consider the deployment to be somewhat complex.
"It's super reliable. I don't think I've ever had a reliability issue with it."
"The SD-WAN feature is the most valuable. This feature evolved from link load balancing. It has helped us in terms of our uptime and privatizing applications whenever we experience an outage. The SD-WAN feature has been a plus for us. Two-factor authentication has allowed us to add more users in terms of remote working. We have two-factor authentication for remote workers to authenticate them before they get on the network."
"Whenever I need something, Fortinet improves and updates the software for me."
"The features that we have found most valuable are the SSL VPN and the User Portal."
"The product offers very good security."
"I like Fortinet's cloud management. It allows me to manage all my devices in different branches for three cloud accounts. Even though I use on-prem devices, I can manage everything on the cloud."
"Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution."
"FortiGate improved our security. It's one of the best hardware firewalls."
"Cisco tech is always good and helpful. I would rate them as 10 out of 10."
"This solution is easy to use if you know how to set it up."
"It is very stable compared to other firewall products."
"It is a secure product."
"Beats sophisticated cyber attacks with a superior security appliance."
"The greatest benefit for the organization is the confidence that we are secured."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"Previously, our customers had to always utilize hand-to-hand delivery. Now, they are able to move completely to a secure digital method. They use a strictly dark fiber optics connection from a central location to the endpoint."
"The simplicity of the setup is the most valuable feature."
"The antivirus features are valuable."
"The filtering is very easy to do. You can segment and create profiles for usage very easily."
"My clients gain efficiency in protecting against attacks from malware such as ransomware and hacker attacks. It also provides them efficient internet access control, and full visibility of ports, applications, and websites."
"It gives me a very good, stable connection in all tunnels."
"The most valuable feature of this solution is that the license offers everything."
"The SL VPNs are the most valuable feature. I have a lot of systems out of the head office that need to connect to the local networks, and they all connect wirelessly via the Sophos VPN client."
"It is a very stable solution."
"Sometimes you do need to know some CLI commands, so it's a bit harder for technicians or new people that don't know it."
"The support from Fortinet FortiGate could improve. They are not easily accessible when we need them. They could improve their response time."
"I would like to see better pricing in the next release, as well as a simplification of the installation."
"I would like reporting to be improved and should offer a lot more tools to monitor the products."
"Fortinet FortiGate should improve the VPN tokens."
"The captive portal could be improved."
"Fortinet FortiGate needs to improve to be on par with its competitors, such as Palo Alto and Sophos. They are the market leaders. Fortinet FortiGate needs to improve its capabilities. However, we are happy with Fortinet FortiGate."
"We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs."
"I'm not very familiar with the largest Firepower models, but competitors like Palo Alto seem to have a more capable engine to do, for instance, TLS/SSL decryption. As I understand, Firepower doesn't let you export the decrypted traffic so that, for instance, the security department can look at the traffic or inspect traffic. It's all in the box. I've heard rumors that this is something Cisco is working on, but it isn't yet available."
"The Cisco Firewall UI could be improved."
"Cisco ASA Firewall could improve by adding more advanced features such as web filtering, which is available in the next-generation firewalls. However, the Cisco ASA Firewall I am using could be old and these features have been updated."
"It doesn't have a proper GUI to do troubleshooting, so most people have to rely on the command line."
"For what we use it for, it ends up being the perfect product for us, but it would help if they could expand it into some of the other areas and other use cases working with speeding up and the reliability of the pushes from the policy manager."
"We only have an issue with time sync with Cisco ASA and NTP. If the time is out of sync, it will be a disaster for the failover."
"It is hard to control the bandwidth of end-users with a Cisco Firewall. That is the main issue I've faced. I used Mikrotik for many years for this very reason. Mikrotik has the option to set a bandwidth restriction for a single IP or complete segments. Cisco should add this option to their firewall."
"The one thing that the ASAs don't have is a central management point. We have a lot of our environments on FTD right now. So, we are using a Firewall Management Center (FMC) to manage all those. The ASAs don't really have that, but they are easy to use if you physically go into them and manage them."
"The reaction time of the GUI is terrible when compared to other manufacturers."
"The cloud support needs to be improved."
"The program is rather expensive."
"Sophos XG's web server protection and log viewer could improve. They should also introduce sandboxing."
"Sophos can definitely improve with the interoperability between solutions."
"Fortinet surpasses Sophos in terms of support, particularly with its comprehensive five-one feature console."
"Everything is working as expected at this moment, but the anti-spam solution in Sophos XG needs to be improved. It needs more granular features and more stability. The anti-spam solution currently doesn't have many features, and we would like to have more features. At this moment, there is no expression filter for anti-spam. We need something to be able to filter subjects or attachments in emails based on the keyword. Sometimes, there is an issue with anti-spam, and Sophos XG suddenly stops processing incoming or outgoing emails. The only solution for this issue is to restart the appliance. Their support should be improved. It takes a long time to escalate a support case from level one to level two."
"Sophos XG's user interface has some room for improvement."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Cisco Secure Firewall is rated 8.2, while Sophos XG is rated 8.2. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and SonicWall NSa. See our Cisco Secure Firewall vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
My preference is the Sophos XGS, particularly when you team it up with the Sophos Endpoint Protection client and configure it for synchronized security.
Both can be managed through Sophos Central and are available at a decent price for the power they offer the SMB.
I recommend Sophos XGS firewall. It will offer the best solution for malware protection.
Also, I recomend Sophos CIXA with XDR (Sophos Endpoint), so you can use Syncronized Security.