We performed a comparison between Fortinet FortiGate and Sophos UTM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Fortinet FortiGate and Sophos UTM had a similar user rating regarding ease of deployment, service and support, and ROI. If pricing is a factor, Sophos UTM is a more cost-effective solution based on user reviews. In terms of features, Fortinet FortiGate users felt the interface was complex, and the reporting feature needed improvements. In contrast, Sophos UTM users felt the solution needed to do a better job at covering mobile devices.
"It can expand easily."
"The features that we have found most valuable are the SSL VPN and the User Portal."
"The solution is very easy to understand. It's not overly complex."
"The solution is easy to configure and maintain remotely."
"It's user-friendly and easy to operate."
"The product is easy to use and is stable. The SV1 functionality is a benefit."
"Fortinet FortiGate is easy to use."
"This solution has solid UTM features combined with a nice GUI."
"Sophos UTM is very user-friendly and has good integration with other solutions."
"The product is extremely intuitive."
"Technical support is very responsive."
"The most valuable feature of Sophos UTM is reporting, it is flexible. I can monitor the end user's devices, even when they are not on my network. It has good drill-down capabilities."
"The initial setup is pretty straightforward."
"Has great security features and does a good job of protecting the network."
"I like the web filtering options."
"It has made our organization more secure, because we are using a VPN. We are not accessing services directly. It allows us to segregate some of the traffic for individuals which may be more of a developer role rather than an operational role needing access to developer resources, but not necessarily production operational resources."
"The routing capability on the FortiGate devices has room for improvement."
"My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."
"The logging details need to be improved."
"It does not have key authentication for admin access."
"The solution is very expensive."
"The UTM filtering needs improvement."
"Fortinet FortiGate could improve by adding FortiAnalyzer to its solution, we should not have to use another solution. FortiAnalyzer can provide more detailed information."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"Anti-phishing functionality should be improved."
"Monitoring and reporting are areas that need improvement."
"We need to speed up the support."
"Sophos UTM could improve if there was no limitation on users."
"Support for IKEv2 is needed in this solution."
"The ease of use could be a bit better."
"I would like them to move from the Classic Load Balancer to the Network Load Balancer. This would make it easier to do certain things with Amazon. They are able to do some enhancements with Network Load Balancer that they are unable to do with Classic Load Balancer."
"We would like to have unique viewable IDs for rules and in the packet filter logfile, for easier debugging of old log files."
Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Fortinet FortiGate is rated 8.4, while Sophos UTM is rated 8.4. The top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Netgate pfSense, Meraki MX and Check Point NGFW, whereas Sophos UTM is most compared with Netgate pfSense, Sophos XG, OPNsense, Palo Alto Networks NG Firewalls and Cisco Secure Firewall. See our Fortinet FortiGate vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I would have no doubt in recommending Fortinet. I do not know the Sophos UTM product specifically but in general, in companies, we have had unpleasant experiences with Sophos with customers. They typically declare performance values that are overestimated in the field.
We replaced Fortinet with Sophos as our public-facing UTM in 2017 & since then the ride has been extremely rough. I would not recommend Sophos for any mission-critical environment.
Fortinet is easy to manage and it include secure SDWAN as well including many features with easy to configure.
Both firewalls are easy to deploy. But the issue you will encounter when performing troubleshooting. You will not get flexibility in troubleshooting through Cli in Sophos whereas, in FortiGate, we have much more control. Besides if you are deploying a firewall on a large scale where visibility, control, performance as well as the flexibility is important it is better to go with Fortinet rather than Sophos.
I would also like to elaborate on the reporting part in FortiCloud. There is no need to pay any extras. Every box connects to ForticCoud service, and if you want reports to be greater than 7 days (meaning to be kept longer than that in their memory system) then you have to pay. In the meantime, by default Forticloud will send daily emails with reports and once a week you will get 4 to 5 reports, with lots of granular information. These reports are all in PDF with color graphics. In reality, I would be happy to send you some of the reports as in words typed herein would be more than a book. The FortiGate appliance also comes with 10 endpoint security (Forticlient) licences. So you can put this endpoint protection software to servers or clients. It also has a two-factor authentication license included. With these boxes, you can also create VDOM (Virtual Domains, totally separate).
They can afford that as the hardware, as I mentioned before (ASIC) has the power to do that. In 3 years I have had 1 spam message entering my mail server, is that telling you something??? In my first reply, I did tell you that where I work now they purchase Sophos. Well, when the antivirus is set the CPU gets up to 90%. My Fortigate CPU is 0% and peaks during attacks. And I have had quite a few. They were attempting to break into the mail server. More than 2 million attempts in less than 2 hours. Have a look at NSS Labs site. FortiGate is a Rolls Royce, you cannot compare.
Here in Australia, where I work now, the decision was to go with Sophos, ONLY ON PRICE. Yes, great brains. Now they regret that big time. FortiGate is a much more powerful device, especially when it comes to being able to handle the traffic. Most of the models handle throughput via ASIC (Application Specific Integrated Circuit) which is nothing more and less than a customer semiconductor. So, this is handled via hardware. It may be initially more difficult to implement. Now, what does "difficult" mean? To me when there is an unknown, difficult comes up till you learn. So if you make a decision on price and because "it is the easiest" to install.
I would not touch Sophos. Simple as that.
Sophos UTM is better by far. but it is more expensive
Done many installations of both Sophos and FortiGate, Sophos is the easiest to install and best in terms of features.
Reporting is free in Sophos while we need an extra subscription for FortiGate. Deep packet inspection, intrusion prevention advanced threat protection, web filtering, app control and email protection are key features of Sophos. Browsing is made safe with phishing protection and new functionality of ransomware protection. Sophos support is brilliant and community website from Sophos answers to all your questions and ease deployment.
I can’t really comment on FortiGate. We’ve been working with Sophos for years and like it’s integration with their endpoint.