We performed a comparison between Cisco Secure Firewall and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The interface is very user-friendly and I like it very much."
"The secure web gateway module and the application control module are valuable. HA operations are very easy."
"FortiGate is on the cheaper end, and it offers good value."
"It has very easy management and an amazing ETM configuration."
"I like Fortinet's cloud management. It allows me to manage all my devices in different branches for three cloud accounts. Even though I use on-prem devices, I can manage everything on the cloud."
"Security solution with a straightforward and quick setup. It's a stable and scalable product."
"It's great for capturing the traffic and troubleshooting it."
"UTM/NGFW features and FortiCloud for logs and backups are awesome."
"The VPN is our most widely used feature for Cisco Secure Firewall. Since we were forced into a hybrid working situation by COVID a few years back, VPN is the widely used feature because everybody is working remotely for our agency. So it came in very handy."
"The feature that I found most valuable is the overall stability of the product."
"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."
"The content filtering is good."
"Unfortunately in Cisco, only the hardware was good."
"I think that the firewall feature is the most valuable to me as it is one of the oldest features for this solution. We also appreciate how stable the VPN is."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"Basic firewalling is obviously the most valuable. In addition to that, secure access and remote access are also very useful for us."
"Sophos UTM has a good user interface and granular security controls."
"Efficient and effective - it's easy to separate rules."
"The product is extremely intuitive."
"The most valuable feature is that it is easy to administer."
"It makes it a lot easier for us to maintain things. Prior to it, things were more difficult. This means less time on us. We can focus on other things. The recovery is more in man-hours for us than anything else."
"The most valuable feature of Sophos UTM is reporting, it is flexible. I can monitor the end user's devices, even when they are not on my network. It has good drill-down capabilities."
"Sophos UTM is the simplest of these products to setup."
"Scaling out cannot be easier, as there are many migration paths."
"Fortinet FortiGate should improve the VPN tokens."
"It needs more available central management."
"At first glance, the interface for the device is very confusing."
"Palo Alto has a feature called WildFire Analysis that is unavailable in FortiGate. WildFire is better than a sandbox because it can address zero-day threats and vulnerabilities. It can immediately identify zero-day threats from the cloud."
"There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision."
"There could be more integration between the logging and analytical platforms to make it more seamless and integrated."
"The renewal price and the availability could be improved."
"The Wi-Fi controller needs a lot of improvement."
"We are replacing ASA with FTD which offers many new features not available using ASA."
"Tech support could not answer all of our questions. I had to do research on the web to solve my issues."
"We would like to be able to manage a set of firewalls rather than individual firewalls. We haven't really looked into it or yet implemented it, but a single pane of glass would be helpful. We also use another vendor's firewalls, and they have a centralized management infrastructure that we have implemented, which makes it a little bit easier when you're managing lots of firewalls."
"Other products are becoming easier to access and configure. They are providing UI interfaces to configure, take backup, synchronize redundant machines, and so on. It is very easy to take backup and upgrade the images in those products. Cisco ASA should have such features. If one redundant machine is getting upgraded, the technology and support should be there to upgrade other redundant machines. In a single window, we should be able to do more in terms of backups, restores, and upgrades."
"VPNs are weak as this product still does not support route-based VPNs."
"The only drawback of the user interface is when it comes to policies. When you open it and click on the policies, you have to move manually left and right if you want to see the whole field within the cell. Checkpoint has a very detailed user interface."
"If Cisco could stop rebranding, combine all the CLIs/GUIs, and give a consistent experience, this would be great."
"We had an event recently where we had inbound traffic for SIP and we experienced an attack against our SIP endpoint, such that they were able to successfully make calls out... Both CTR, which is gathering data from multiple solutions that the vendor provides, as well as the FMC events connection, did not show any of those connections because there was not a NAT inbound which said either allow it or deny it."
"The scalability of the product is an area with certain shortcomings where improvements are required."
"The only time we face a problem or issues is when we place a ticket. We have found that response is very slow."
"Needs to improve the certificate management (ex. Let's Encrypt support)."
"VPN needs IKEv2, but it’s in the roadmap. Also, all new, cool features will only come to the new Sophos XG Firewall."
"Sophos UTM sometimes falls short in high-availability environments. They used to launch firmware that didn't work very well in a high-availability environment."
"The UI can be cumbersome and, sometimes, features are not where you think they should be."
"Flexibility in pricing could be improved. It's more rigid in its pricing compared to its competitor: Kaspersky."
"The logs are not clear, which means that you need an additional piece of software in order to read them clearly."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Cisco Secure Firewall is rated 8.2, while Sophos UTM is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and SonicWall NSa, whereas Sophos UTM is most compared with Netgate pfSense, Sophos XG, OPNsense, Palo Alto Networks NG Firewalls and WatchGuard Firebox. See our Cisco Secure Firewall vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.