We performed a comparison between Meraki MX and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Sophos XG received better user ratings. Although the two solutions are comparable in most areas, Meraki MX lacks a lot of features in comparison with Sophos XG.
"FortiGate has a strong security topic which allows all of the Fortinet devices to communicate and share information which makes their security more powerful."
"The initial setup of Fortinet FortiGate was straightforward."
"The pricing is excellent. It's much less expensive than Cisco."
"The VPN is the most valuable feature."
"The most valuable features of Fortinet FortiGate are the rules and quality of service."
"The features that prevent internet connections, the filtering are the most valuable because we did not have any internet protection before."
"Fortinet FortiGate protects against internet-based threats, both internal and external. It is scalable, stable, easy to use, and easy to install."
"We use the FortiGate Sandbox to detect zero-day vulnerabilities, such as anomalies or malware, that are unknown and have not yet been discovered."
"The solution's most valuable feature is the Meraki dashboard, which is a single pane of glass."
"The cloud management system is really valuable."
"The internet traffic shaping has been very valuable."
"Dual WAN connections are greatly simplified and point-to-point VPNs automatically connect regardless of what WAN connection is active."
"The technical support people from Meraki are brilliant."
"It is a robust SD-WAN solution."
"The solution is good for load balancing."
"You can use your web browser to do the configuration which is easier than Cisco CLI transcripts."
"I particularly like the visibility it provides into network traffic, allowing us to identify and address issues efficiently."
"Over the past two years, during the COVID pandemic, the VPN has helped us a lot."
"There are many valuable features."
"Sophos firewalls are scalable. They are pretty strong in security. So, when they provide any kind of firewall, they provide all the features such as anti-spam, antivirus, etc."
"If you want to install antivirus and firewalling on endpoints, then Sophos is the best option."
"I like how you can integrate with other endpoints and Intercept X in one central management platform. I think it's a perfect solution. Sophos will manage everything in one container. You can manage many firewalls or endpoints within one panel."
"One of the most valuable features is the VPN."
"I rate Sophos support 10 out of 10. When my device was freezing, I contacted them, and sent me a replacement. It only took a couple of days for Sophos to ship the device to Kenya. I didn't have a redundant device, so it was urgent."
"The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. When I have used the Sophos solution it is a complete solution, in Fortinet FortiGate you have to use additional tools to have the features needed."
"The sniffing packets or packet captures, can be simplified and improved because it's a little confusing."
"It could use better throughput on some of the smaller boxes for the branch offices."
"The search tool needs improvement. It's very difficult to search for policies right now."
"Monitoring and reporting could be better."
"We would like to see a better training platform implemented."
"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files."
"They need faster serviceability and more security features."
"The current lead time is longer for Meraki MX, and it needs to be improved."
"Meraki has some hidden features and information that is only privy to their engineers. If that information became available to us, then it would improve our ease of management, and we would be able to make certain adjustments instead of having to go to them."
"In general, the SD-WAN feature needs to be improved. The load sharing and load balancing of the traffic should be improved. I have had some problems with these features in the past."
"Meraki MX firewalls are great for small to medium-sized businesses, but other solutions are better for enterprise-sized companies."
"We can’t access GUI management and CLI opening features when the Internet is unavailable."
"You cannot use switching behaviors as you see on the Meraki switch."
"The security is not as strong as it could be"
"They need to improve the link between Meraki and Active Directory."
"The solution could improve by having better security."
"Data traffic analysis could be better. I think Fortinet products like FortiAnalyzer are very effective in analyzing data traffic. I think it's better than Sophos. It could also be more stable."
"Sophos XG could improve the connectivity with Microsoft 365 or Azure Active Directory(AD). It doesn't work directly as other solutions do, such as Fortinet FortiGate. The client needs a separate AD server which is a problem."
"Their technical support needs improvement. I've been on hold with them for hours waiting for their support."
"SD-WAN needs to be improved because it often fails at the network security level."
"The solution’s reporting could be improved."
"When it comes to improvements that the vendor can make, we see that the cloud integration for managing all the firewalls is essentially a replacement of the on-prem version we had and is not sufficiently mature."
"We are facing some technical issues with Sophos XG right now. We have already escalated this issue with the Sophos technical support. They seem to be working on it. We are satisfied with the technical support. They reply quickly to our queries, but sometimes take time upgrading their systems."
Meraki MX is ranked 2nd in Unified Threat Management (UTM) with 58 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Meraki MX is rated 8.2, while Sophos XG is rated 8.2. The top reviewer of Meraki MX writes "Cost-effective, simplified, easy to manage, and reliable with advanced security features and granular visibility". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Meraki MX is most compared with Palo Alto Networks NG Firewalls, Cisco Secure Firewall, SonicWall TZ, Netgate pfSense and SonicWall NSa, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and Sophos UTM. See our Meraki MX vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Meraki is designed for zero deployments and no in-house firewall specialist personnel. Best to secure Networks like remote offices, branches or home offices. Also to protect Internet Access (your computer accesses the internet).
Sophos is more of a professional firewall, not only protecting internet access but also providing security for publishing services like web servers, data centers, central services. They will need a specialist to install and support them. Therefore offer much more sophisticated protection features.
So, you can't really compare these solutions as they are targeting different markets.
Meraki MX is a small business product and lacks a lot of features compared to Sophos XG/XGS.
- IPsec IKEv2 does not work (it is in the menu, but does not work and can only be enabled by meraki support)
- no SSLVPN or IPsec VPN client. AnyConnect can only be tested with beta firmware.
Cisco Client VPN (L2TP) is a total joke - not sure for who it is meant for?
- no user based firewall rules (for VPN)
- no firewall rule grouping
- no masquerade option for DNAT (sometimes it is very useful if I can do a DNAT with masquerade to another subnet)
- no VLAN tagging support on WAN port (would be usable for IPTV - solvable if WAN is bypassed through a managed switch)
- no multiple IP support on WAN port (Sophos has alias support on every interface, which means that multiple IP addresses can be added on the same LAN or WAN port)
- no LAG or LACP support (would be usable to connect aggregation switch to firewall to bypass more traffic through the MX)
- no DAC cable support for SFP port (why I do have to use optical cable to connect aswitch?)
- no custom IPS policies - only on/off button
- no e-mail protection option (Sophos has it with extra license)
- no web server protection (Sophos has it with extra license)
- no sandstorm option (most firewalls have it with extra license)
- hardware may probably too weak compared to the user count
- no BGP, OSPF routing
- no multiple VPN user groups and LDAP servers
Cisco mx64, for example, has 2 WANs, is very practical and simple for the two services, has a balancing for two internet services and bandwidth control (by groups and users).