We performed a comparison between Check Point NGFW and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Check Point NGFW is praised for its extensive security features, centralized management, and virtualization capabilities. It is highly regarded in terms of comprehensive protection and adaptability. Sophos XG is known for its usability, user-friendly interface, and straightforward installation process. Both options provide robust threat defense and the ability to expand as needed.
Check Point NGFW, needs to improve various aspects, including integration with other infrastructures, hardware upgrades, cost and pricing, stability and security, UI, complexity issues, redundancy options, and memory management. Sophos XG needs improvements in antivirus features, graphical interface and performance, bandwidth management and VPN capabilities, reporting and user management, support and response time, and specific issues and feature requests.
Service and Support: Some customers have found Check Point NGFW's customer service to be helpful and responsive, while others believe there is room for improvement. Sophos XG's support has received both positive and negative feedback. Some customers have found it to be good and helpful, while others have been dissatisfied with unhelpful and unresponsive support.
Ease of Deployment: The initial setup for Check Point NGFW can range in difficulty, with some users finding it simple while others find it more challenging. Knowledge and experience may be required for certain configurations and migrations. The initial setup for Sophos XG is generally seen as uncomplicated and straightforward, although some users may struggle if they are unfamiliar with the product.
Pricing: Check Point NGFW is known for its high setup cost, particularly when compared to other products. Users find it challenging to add new licensing to existing devices, especially for larger enterprise-level devices. Sophos XG provides flexible pricing options based on the required functionality, offering reasonable and competitive pricing, particularly for educational institutions.
ROI: Check Point NGFW stands out for its cost savings, simplicity, and effective security enforcement. Sophos XG offers a high ROI by reducing support expenses and enhancing security practices.
Comparison Results: Sophos XG is the favored product when compared to Check Point NGFW. Users find the initial setup of Sophos XG to be simple. They appreciate the functionality and user interface of Sophos XG, as well as its extensive protection against threats. The pricing for Sophos XG is considered fair and the technical support is satisfactory.
"Security, SD-WAN, and Streetscape are valuable features."
"Fortinet FortiGate is a scalable solution."
"Offers good security and filtering."
"It is user friendly, and has all the features you need."
"The VPN is the most valuable feature."
"The solution is very easy to understand. It's not overly complex."
"The solution is easy to configure and maintain remotely."
"The security on offer is very good."
"The logging and central policy management are the most valuable aspects for us as we were not having success earlier with the ASA in terms of upgrading/managing."
"The Smart Dashboard and other user interfaces are very easy to use and can be handled without any significant IT skills."
"Check Point is more expensive but easier to manage, and their presales and after-sale support are way better than Fortinet's."
"Check Point firewalls have significantly improved our ability to detect and prevent threats."
"The most valuable feature is the Stateful Inspection, which was developed by Check Point."
"The ease of configuring VPNs can be very useful especially for companies with lots of remote locations."
"Now we can add application signature in the same rule base & don't have to create a different policy for that."
"In R80.10 and above, you can view logs in SmartConsole. You don't have to open another smart tracker to view logs. That is the improvement Check Point has done which makes it better because it is much easier to find logs. This saves time, approximately 40 to 50 a day in one shift."
"The most valuable feature is web filtering."
"It's a product that is in continuous improvement and is following what the customer is asking for. They are taking inputs and designing new releases specifically according to the client and their needs."
"The most valuable is the synchronized security between Sophos XG and Sophos endpoint because it provides a lot of visibility about unknown applications. The endpoint shares the information of unknown applications, and you can learn about those applications and create policies to allow or block those applications."
"Sophos XG deployment is easy and rapid."
"The VPN is easy and has good logging, monitoring and notifications."
"It's a complete firewall solution that has everything."
"Valuable features include: the ease of setting up the VPN connection; the fact they have the cloud management option, so I can manage the firewall on a cloud platform from anywhere I am; the user interface is very user-friendly, so it's very easy for the administrator to make any policy changes."
"Web filtering is easy enough to deploy, manage, or make exceptions to."
"One of the features that I would like to have is to do with endpoint production, it should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"Its reporting capabilities can be improved. It should have some out-of-the-box reporting capabilities and some degree of customization. The basic reporting that it currently has is not sufficient to create more usable reports. It needs some sort of out-of-the-box reporting. They try to make customers purchase FortiAnalyzer for this kind of reporting, which is an additional cost. Other firewall vendors, such as SonicWall and Sophos, provide this sort of reporting without any additional cost."
"We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs."
"It would be nice if FortiGate incorporated some built-in endpoint protection features. I would also like a built-in SOC dashboard for managing multiple Fortinet firewalls."
"I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security."
"Fortinet FortiGate could improve by adding FortiAnalyzer to its solution, we should not have to use another solution. FortiAnalyzer can provide more detailed information."
"The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall."
"There is nothing more that I need in terms of improvement."
"I feel the only thing that I see as a possible improvement in Check Point software is the lack of ability to create "static discard routes" which makes it difficult for NAT ranges to be advertised via BGP to neighbors."
"It's too expensive for mid-market companies."
"Identity Awareness has been a massive source of problems for our deployment and the ability to debug it has been lacking."
"The presentation of the reports need to be more user-friendly."
"Third-party integration could be improved."
"This product has room for improvement in technical support for Africa."
"There are some GUI features in Check Point's SmartConsole that are still from the old versions and are in separate/duplicated interfaces; it would be most useful if it is integrated and not on different menus."
"The solution could improve by making the graphical interface better and increasing the performance."
"For the moment, managing the Sophos interface is a little bit challenging."
"The current bandwidth consumption is no longer shown in the XG and XGS."
"An area of improvement would be the reporting as diagnostic graphs take a long time to load and refresh. If there could be an option to show only select graphs, it may speed up the graphics."
"I'm just a sole proprietor for IT support, and from my perspective, there could be better ways to educate a proprietor, such as myself, on how to set it up, and program it, and manage it. They do tend to have support, but a lot of times, it is for larger networks. I need something that is simpler and more rudimentary as to how to go about setting up and configuring the firewall, setting up the rules, and that type of thing. So, if there is a missing component there, that would be it."
"The only area that requires improvement is scalability."
"When upgrading the firewalls, the process could be easier."
"I would prefer if Sophos XG were cheaper. A lower price would benefit me as a system provider for the end customer. The cost of the license and renewal for all the software and devices is somewhat high."
Check Point NGFW is ranked 5th in Firewalls with 275 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Check Point NGFW is rated 8.8, while Sophos XG is rated 8.2. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Cisco Secure Firewall, Netgate pfSense, Azure Firewall and OPNsense, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and Cisco Secure Firewall. See our Check Point NGFW vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.