We performed a comparison between Sophos UTM and Sophos XG based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features are the policies, filtering, and configuration."
"The most valuable feature of Fortinet FortiGate is URL filtering."
"The features that I have found most valuable are that it is good to use, and most importantly, the pricing. The customer especially likes the discount when they trade up or something like that."
"It is simple to manage, and there are a lot of functionalities in the same box."
"Web filtering and two-factor authentication are great features."
"It performs very well."
"The management console is pretty simple, so anyone who understands networking can initially deploy the solution."
"The license management is very valuable. You can get a new license each year, or you can enroll every two to four years. You can get the logs, and you will get the information on the risk in your network and the entire organization. With this information, you can take action on your actives, computers, or devices. You can bring your own device as an SSE."
"Sophos UTM is the simplest of these products to setup."
"The most valuable features of the solution are application filtering and web filtering."
"We've found the technical support to be helpful."
"Sophos UTM's best feature is SIM in the cloud, which combines the gateway solution and endpoint solution to send telemetry data to the cloud and provides full contact visibility regarding security."
"The firewall itself is very strong and provides great security."
"It has allowed us to design a bespoke cloud space for our clients, while still having an excellent level of protection."
"The most valuable feature is the price. I've been requesting prices all over these years between different solutions like Fortinet, Palo Alto, and Check Point and Sophos has been the cheapest and the best of all of them that I have tried. I have been working with Fortinet, it's a fact that the price is surprisingly better."
"Monitoring and reporting are areas that need improvement."
"The antivirus features are valuable."
"Overall, this is a good product and I would recommend it for small to mid-sized customers."
"The initial setup is pretty simple."
"The solution comes with a common bundle which comprises all the feature."
"It has a very friendly interface like the Cyberoam iNG units, it has customizable policies, it has proper templates that you can even modify, and you can customize the rules, down to each single user."
"The most valuable feature of this solution is flexibility."
"Good security and a good interface."
"They really work scalability into the solution at the outset."
"The solution needs to improve its integration with cybersecurity."
"Usually, we sell the bundle with the UTM or threat management piece with IPS, IDS. Other providers, such as Palo Alto, are ahead in terms of safe functionality. So, for me, delivering truly safe service is probably something that still needs to be improved."
"The solution lacks multi-language support."
"FortiGate should have a better way of detecting and managing the system memory because otherwise if the memory is too low, a system restart is required."
"There are some complex administration tasks in their administration portal. That needs to be improved."
"Maybe they could make some features more accessible, such as a way to translate directions between two networks that share the same subnets."
"We were not able to build a full-mesh VPN; however, I am not sure if this was the fault of Fortinet FortiGate."
"The integration with third-party tools may be something that they should work on."
"The memory and processing were problematic. The interface could be better."
"I would like some features that are available in other brands. For example, I sometimes a person is using too much bandwidth, and it isn't easy to find this information in Sophos. Also, we have to switch connections manually when we are using a VPN and lose the MPLS connection. It isn't automatic."
"Sophos UTM's internet security could be better."
"The virus updates will always depend on new viruses that are discovered. Maybe they can send a notification or a reminder for update time."
"Last year, Sophos had some major internal management changes that negatively impacted their support."
"Sophos UTM could improve if there was no limitation on users."
"I didn't like it much. It suits only small businesses. It isn't scalable and reliable. There is a very critical issue with the power supply."
"It needs a better user interface. The one they have is not so good."
"The reports could improve, they do not seem complete and more information could be added."
"The price should be cheaper."
"The SD-WAN capability is not as good as it is in FortiGate, and is something that should be improved."
"The VPN is in need of improvement."
"An area of improvement would be the reporting as diagnostic graphs take a long time to load and refresh. If there could be an option to show only select graphs, it may speed up the graphics."
"In the next release, I would like to see improvements to simplify the interface and more policy deployments."
"Lacking network access control, user profiling and analytics dashboards."
"The cloud support needs to be improved."
Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Sophos UTM is rated 8.4, while Sophos XG is rated 8.2. The top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Sophos UTM is most compared with Netgate pfSense, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and Untangle NG Firewall, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and WatchGuard Firebox. See our Sophos UTM vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
The biggest difference between Sophos SG and Sophos XG is performance.
Now, there's even a newer Hardware Platform (same OS as Sophos XG, which is called SFOS) - the Sophos XGS which has different chipset architecture, to attend each security module, with its newest feature called XStream Technology.
Besides that, the GUI is very different. Nevertheless, it's worth trying the Sophos XG or XGS, since its GUI is getting overhauled for better performance and easier management, by each new release.
Sophos UTM is no longer being developed, according to our reseller. All the development effort is going into XG. So XG will be the only Sophos firewall going forward, UTM will eventually be end of life.
Hi,
The new appliances XGS have a dedicated streaming CPU (Xstream), in addition to the main CPU.
I have personally tested the differences between the XG and XGS similar appliances. The result is spectacular. 30% more perf minimum:
https://www.sophos.com/en-us/p...
The UTM-9 is soon end-life. Sophos security staff is now focused on SFOS 18, XG, XGS.
To respond to the question "the biggest difference", I think is the "Synchronized Security":
https://www.sophos.com/en-us/l...
The firewall is one of the full security solutions centralized in Sophos Central:
https://www.sophos.com/en-us/p...
At most of our customers, we implement a Sophos Endpoint locally on servers and workstations and firewall XGS. The synchronized security interact between firewall and endpoints. This can resolve the problem with the "lateral movement" of an infected computer. It can isolate a computer from the network when detected as infected:
https://news.sophos.com/en-us/...
It can be extended to secure cloud systems with Sophos ClouOptix:
https://www.sophos.com/en-us/p...
Tested with VM in AWS and Azure, work 5*!
Another big difference is the Webserver Application Firewall. All my customers with an internal webserver to be published in the net are protected with this "reverse proxy" (WAF). It really does the job of protecting IIS, Apache, etc. from externals attacks.
Another trick is the SSL VPN sites to sites. When a branch office is implemented with a front ISP router, sometimes the NAT traversal is not possible, for IPSEC VPN connections (UDP 500). With this SSL VPN, Simple NAT works and gives an SSL 128-bit AES encryption.
Finally, I have a lot of experience in implementing UTM and, now, XG(S). No way, the log is a big difference, easier to use as in Fortigates! It is similar to CheckPoint firewalls.
For my experience, no way: -> Sophos XG(S)
Here is an interesting link on differences between UTM and XG:
https://www.avanet.com/en/blog...
Regards,
A.Rastello
My understanding is that UTM is the software; SG is the hardware. You can buy Sophos UTM running on SG hardware and then later upgrade to the XG running on the same hardware.
I've been told by our Sophos reseller that Sophos are pushing the XG as next generation firewall, and developing it to at least as good as UTM. So XG will be the firewall of choice moving forward. UTM will not be developed further, according to him.
To my understanding, UTM and XG are from different legacy companies that
are now owned my Sophos. During my time researching anti-virus, UTM makes
more sense for our needs seeing as XG is primarily a firewall. From the
information I was able to find during the time of research, it seemed most
of the community felt XG had feature gaps from UTM.
UTM specifically SG series is a very mature and stable platform. It lacks some of the new features of XG; however has a very strong feature set. If you are looking for stability, ease of use and something well documented and understood than I suggest going this way. If however you are looking for a strong level of integration and have a greater than 3 year horizon then I suggest XG.
Wifi integration for example works better on the new platform.
There are several differences since there are 2 versions,
XG firewall has integrations with other products like intercept X and admin from Sophos central.
SG UTM has less integration since it's a separate product. It was formerly Astaro firewall, but the most advanced features have been only set to the XG.
There are appliance and software versions of both products. Depending on your need you might choose one or another. But basically, look at them as 2 different firewalls.