We performed a comparison between Sophos UTM and Sophos XG based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Some of the valuable features are the firewall, IPS, web filter, and gateway capabilities. Additionally, it is easy to use and flexible."
"The solution is stable."
"We've found the solution to be pretty stable."
"Layer-3 firewall and routing are the most valuable features."
"FortiGate has a very strong unified threat management system."
"The main reason why I purchased the particular unit was that it had good reviews and what other people were saying as far as its completeness and its leading capabilities in terms of endpoint security was very good."
"The most valuable features of Fortinet FortiGate are the ability to work in proxy mode, which other solutions, such as Palo Alto cannot. There are some features that are better that come at no extra license or subscriptions cost, such as basic SD-WAN. The DLT is useful, other solutions have the same feature too, such as Palo Alto."
"LinkGreat firewall capabilities"
"It is a stable product... I rate the solution's technical support a nine out of ten...The initial setup is quite easy because they have all the information on their website."
"The stability, overall, is excellent. I haven't had a problem in the last two years."
"If a computer does get infected the Sophos appliance lets us know via it's Advanced Threat Protection so we can get a much faster response time."
"The stability of Sophos UTM is very good. The solution has been stable since Sophos took over Cyberoam which was the original company providing this solution."
"The packet filtering's great. You get out what you put into it. It works great as long as you know your security and configure everything adequately. If you just pop one in and it's not configured, then it's basically wide open. It kind of depends on the admin skill, but it's an excellent product."
"What I like about Sophos UTM is that it improves my company's security. The solution is easy to set up, which I like, and it's very stable."
"So far, the solution has been problem-free."
"The most valuable feature of Sophos UTM is the efficiency and mail filtering module."
"The most valuable features of Sophos XG for our use cases are its firewall capabilities, its ability to connect to wide area and local networks, and its VPN functionality."
"Sophos is a comrehensive solution which allows me to configure all the attendant products, such as Sophos' firewall, Endpoint and Encryption features."
"The user authentication rules are very useful."
"The solution offers a good firewall endpoint and email encryption."
"One of the most valuable features is the VPN."
"It is very user friendly and easy to manage from the administrative point of view. It is good, reliable, and easy to implement."
"Over the past two years, during the COVID pandemic, the VPN has helped us a lot."
"Most of the features Sophos XG has are valuable. However, if I have two different ISP, I'm able to create an automatic switch between the two ISPs. I can do the same thing for the cloud as well. If I have two subnets coming from the cloud, I'm able to create a type of switch between both of them where if there is traffic on one and has the traffic drop, I'm able to switch to the other ISP without any problems. It's a normal feature and I get to enjoy the ability to switch between services with no issues."
"As far as wanting more scalability or things in the network diagram, it's going to cost you."
"It could use more templates for third-party site-to-site VPN setups other than FortiGate and Cisco."
"The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall."
"The Web-filter in this solution is not very good."
"FortiOS is not simple."
"Reporting is limited to providing an external appliance for improving the reporting capabilities of the FortiAnalyzer. It does not offer a central management and is also sold separably as an appliance."
"Fortigate's hardware capacities could be improved."
"They should improve high CPU and memory usage that occurs."
"An area for improvement in Sophos UTM is load balancing because my company cannot use it currently. If Sophos could release a new configuration for the load balancing feature to work for my company, that would be great."
"Monitoring and reporting are areas that need improvement."
"The UI can be cumbersome and, sometimes, features are not where you think they should be."
"I would like this solution to support ICAP. Also, they no longer support on-premises management, and are forcing clients to use centralized management via the cloud, which I don't agree with."
"Sophos UTM could improve if there was no limitation on users."
"It does have built-in policies, which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them."
"Flexibility in pricing could be improved. It's more rigid in its pricing compared to its competitor: Kaspersky."
"I think that additional metrics features are needed to be able to monitor other areas or to monitor as much as you can, at a fine-grain resolution."
"Their tech support is not great."
"The product's user interface has certain shortcomings where improvements are required."
"It would be helpful if they had a set of standard templates because it would assist in the beginning, when you are just getting started."
"Our clients use Karios, and while it integrates well with it, the integration could be improved."
"The support from the vendor needs to be improved."
"The support service level agreement in regard to the amount of time needed to upgrade things is too low. It should be higher."
"Their support is fairly good, and they come back to me. I've had an issue once or twice where I couldn't understand what the support person was saying because those calls were probably routed to India. They were a bit difficult to understand, but it is generally not an issue."
"One area where Sophos XG could improve is in its patch management system."
Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Sophos UTM is rated 8.4, while Sophos XG is rated 8.2. The top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Sophos UTM is most compared with Netgate pfSense, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and Untangle NG Firewall, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and Palo Alto Networks NG Firewalls. See our Sophos UTM vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
The biggest difference between Sophos SG and Sophos XG is performance.
Now, there's even a newer Hardware Platform (same OS as Sophos XG, which is called SFOS) - the Sophos XGS which has different chipset architecture, to attend each security module, with its newest feature called XStream Technology.
Besides that, the GUI is very different. Nevertheless, it's worth trying the Sophos XG or XGS, since its GUI is getting overhauled for better performance and easier management, by each new release.
Sophos UTM is no longer being developed, according to our reseller. All the development effort is going into XG. So XG will be the only Sophos firewall going forward, UTM will eventually be end of life.
Hi,
The new appliances XGS have a dedicated streaming CPU (Xstream), in addition to the main CPU.
I have personally tested the differences between the XG and XGS similar appliances. The result is spectacular. 30% more perf minimum:
https://www.sophos.com/en-us/p...
The UTM-9 is soon end-life. Sophos security staff is now focused on SFOS 18, XG, XGS.
To respond to the question "the biggest difference", I think is the "Synchronized Security":
https://www.sophos.com/en-us/l...
The firewall is one of the full security solutions centralized in Sophos Central:
https://www.sophos.com/en-us/p...
At most of our customers, we implement a Sophos Endpoint locally on servers and workstations and firewall XGS. The synchronized security interact between firewall and endpoints. This can resolve the problem with the "lateral movement" of an infected computer. It can isolate a computer from the network when detected as infected:
https://news.sophos.com/en-us/...
It can be extended to secure cloud systems with Sophos ClouOptix:
https://www.sophos.com/en-us/p...
Tested with VM in AWS and Azure, work 5*!
Another big difference is the Webserver Application Firewall. All my customers with an internal webserver to be published in the net are protected with this "reverse proxy" (WAF). It really does the job of protecting IIS, Apache, etc. from externals attacks.
Another trick is the SSL VPN sites to sites. When a branch office is implemented with a front ISP router, sometimes the NAT traversal is not possible, for IPSEC VPN connections (UDP 500). With this SSL VPN, Simple NAT works and gives an SSL 128-bit AES encryption.
Finally, I have a lot of experience in implementing UTM and, now, XG(S). No way, the log is a big difference, easier to use as in Fortigates! It is similar to CheckPoint firewalls.
For my experience, no way: -> Sophos XG(S)
Here is an interesting link on differences between UTM and XG:
https://www.avanet.com/en/blog...
Regards,
A.Rastello
My understanding is that UTM is the software; SG is the hardware. You can buy Sophos UTM running on SG hardware and then later upgrade to the XG running on the same hardware.
I've been told by our Sophos reseller that Sophos are pushing the XG as next generation firewall, and developing it to at least as good as UTM. So XG will be the firewall of choice moving forward. UTM will not be developed further, according to him.
To my understanding, UTM and XG are from different legacy companies that
are now owned my Sophos. During my time researching anti-virus, UTM makes
more sense for our needs seeing as XG is primarily a firewall. From the
information I was able to find during the time of research, it seemed most
of the community felt XG had feature gaps from UTM.
UTM specifically SG series is a very mature and stable platform. It lacks some of the new features of XG; however has a very strong feature set. If you are looking for stability, ease of use and something well documented and understood than I suggest going this way. If however you are looking for a strong level of integration and have a greater than 3 year horizon then I suggest XG.
Wifi integration for example works better on the new platform.
There are several differences since there are 2 versions,
XG firewall has integrations with other products like intercept X and admin from Sophos central.
SG UTM has less integration since it's a separate product. It was formerly Astaro firewall, but the most advanced features have been only set to the XG.
There are appliance and software versions of both products. Depending on your need you might choose one or another. But basically, look at them as 2 different firewalls.