We performed a comparison between Meraki MX and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Sophos XG received better user ratings. Although the two solutions are comparable in most areas, Meraki MX lacks a lot of features in comparison with Sophos XG.
"It's user-friendly and easy to operate."
"The IPS is good. It protect my network from attackers."
"There are great templates, so you don't have to customize them if you don't want to. You do have the option to custom create some folders and some reports, however, with what is there, you don't really need to go through extra effort, as they already give you a lot of predefined views of reports and so forth."
"We use a southern institution that's audited for IT security and the reporting that automatically comes off the unit makes it much easier to meet compliance standards and makes it easier as far as the amount of time that has to be spent to compile that information. If you get your reporting set up correctly when you initially set it up, you just select the one you want and hit print. The auditing trail on it is the best feature."
"The flexibility and ease of configuration are the most valuable features."
"The most valuable feature of Fortinet FortiGate is load balancing. It can provide central management and VPNA. Additionally, it has enhanced our security environment."
"It blocks the vulnerabilities that can negatively impact us."
"The Intrusion Prevention System and the web filtering are both working well."
"It is easy to manage, which is one of the most important things for us. It is also flexible, stable, and scalable."
"The solution is good for load balancing."
"I think cloud management is key. The cloud management and support are the two things that make the product great."
"When you try to create an IP or when you have an alert about when a website is banned, these features are helpful."
"I am happy with the technical support for the solution. I rate the technical support a ten out of ten."
"Very easy to use and navigate."
"It's flexible, easy to configure, and easy to manage."
"It has the most advanced security features, for example, layer 3 and layer 7 firewall capabilities and the end team and IPS protection. It also has IPS, and it has very good functioning of cloning services. You don't actually have to touch the device. If you have multiple companies in different countries, you don't really require this device to be touched. You can get it delivered directly to any office of a country, and then you can simply put your configuration over the cloud. It's very simplified and easy to manage. It gives a very good granular visibility about your network. Earlier, a lot of things were lacking in the network. We were unable to identify where the problem was, but after implementing Meraki MX, we are able to dig down and identify where is the problem. We can easily and quickly identify the sources and the root causes of the issues."
"I have found configuring the ports to be easier in Sophos XG compared to the other devices."
"The solution has very good security features, is easy to use for administrators and users, and has informative reports."
"Valuable features include: the ease of setting up the VPN connection; the fact they have the cloud management option, so I can manage the firewall on a cloud platform from anywhere I am; the user interface is very user-friendly, so it's very easy for the administrator to make any policy changes."
"The web application firewall reverse proxy is very good."
"The user authentication rules are very useful."
"The interface is user-friendly and the product is easy to configure."
"I like it for its simplicity. It is very simple to configure and implement. It is a very good product for medium-sized organizations."
"It's a product that is in continuous improvement and is following what the customer is asking for. They are taking inputs and designing new releases specifically according to the client and their needs."
"Performance and technical support are the main issues with this solution."
"Their software support needs improvement. I would prefer to have better support for bug fixes. Sometimes, we open a ticket, and it is very difficult to get a solution. Specifically, we are not at all happy with their support for load balancing."
"Fortinet FortiGate could improve by having more storage in the hardware for log data."
"One of the problems I was having was with user mapping, and it is an issue for which I have escalated tickets with Fortinet support."
"It would be ideal if they had some sort of GUI interface for troubleshooting and diagnostics."
"I think there could be more QoS features"
"In the next release, maybe the documentation on how to use this solution could be improved."
"Its reporting can be improved. Sometimes, I don't get proper reports."
"The IPS, the Intrusion Prevention System, can be improved."
"Expensive licensing and firewall stops immediately working if the license is not renewed at expiration date."
"I do not have the kind of feature I need for SSL decryption in Meraki MX. It would be great to see the SSL decryption feature in Meraki MX."
"It is very expensive."
"They're very complacent and I find the rule set to be a little arcane."
"You can only have one tunnel in the whole infrastructure — one tunnel with one device."
"From the improvement perspective, we need more monitoring capabilities. We want to have full-based access visibility, such as, what is happening when something is trying to reach and it is denying. We cannot see some parts of it. The integration of active directory with this product is not very fruitful. It has some bugs or lacks in the functionality of active directory integration. We are unable to identify where exactly and whether it has really applied our policy."
"Meraki MX can come across as an expensive solution."
"I would like the update process to be easier, to update the firmware of the boxes. I think it's much better automatically than having to do it manually: Download the file, do network discovery. I they can make the update process much more automatic that would help."
"We are not very happy with the customer support they provide — it's quite slow."
"It's easy to use, but it's hard to configure exact settings. They need to make it easier to access advanced features."
"The support engineers of the product are not very tech-savvy, making it an area where improvements are required."
"An area of improvement would be the reporting as diagnostic graphs take a long time to load and refresh. If there could be an option to show only select graphs, it may speed up the graphics."
"The vendor doesn’t publish the price on the website."
"Its price should be improved. Its features are pretty okay, but the price is the area where we have to fight more. They should do something about the price structure."
"I would like to have better SSL decryption and HTTP decryption. There should be filtering of SSL and HTTP traffic. Sophos XG consumes a lot of endpoint resources. It consumes a lot of RAM and CPU resources, and they should look into this."
Meraki MX is ranked 2nd in Unified Threat Management (UTM) with 57 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Meraki MX is rated 8.2, while Sophos XG is rated 8.2. The top reviewer of Meraki MX writes "Cost-effective, simplified, easy to manage, and reliable with advanced security features and granular visibility". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Meraki MX is most compared with Palo Alto Networks NG Firewalls, Cisco Secure Firewall, SonicWall TZ, Netgate pfSense and SonicWall NSa, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and Sophos UTM. See our Meraki MX vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Meraki is designed for zero deployments and no in-house firewall specialist personnel. Best to secure Networks like remote offices, branches or home offices. Also to protect Internet Access (your computer accesses the internet).
Sophos is more of a professional firewall, not only protecting internet access but also providing security for publishing services like web servers, data centers, central services. They will need a specialist to install and support them. Therefore offer much more sophisticated protection features.
So, you can't really compare these solutions as they are targeting different markets.
Meraki MX is a small business product and lacks a lot of features compared to Sophos XG/XGS.
- IPsec IKEv2 does not work (it is in the menu, but does not work and can only be enabled by meraki support)
- no SSLVPN or IPsec VPN client. AnyConnect can only be tested with beta firmware.
Cisco Client VPN (L2TP) is a total joke - not sure for who it is meant for?
- no user based firewall rules (for VPN)
- no firewall rule grouping
- no masquerade option for DNAT (sometimes it is very useful if I can do a DNAT with masquerade to another subnet)
- no VLAN tagging support on WAN port (would be usable for IPTV - solvable if WAN is bypassed through a managed switch)
- no multiple IP support on WAN port (Sophos has alias support on every interface, which means that multiple IP addresses can be added on the same LAN or WAN port)
- no LAG or LACP support (would be usable to connect aggregation switch to firewall to bypass more traffic through the MX)
- no DAC cable support for SFP port (why I do have to use optical cable to connect aswitch?)
- no custom IPS policies - only on/off button
- no e-mail protection option (Sophos has it with extra license)
- no web server protection (Sophos has it with extra license)
- no sandstorm option (most firewalls have it with extra license)
- hardware may probably too weak compared to the user count
- no BGP, OSPF routing
- no multiple VPN user groups and LDAP servers
Cisco mx64, for example, has 2 WANs, is very practical and simple for the two services, has a balancing for two internet services and bandwidth control (by groups and users).