We performed a comparison between Cisco Secure Firewall and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. The only major difference between the two is that some users of Cisco Secure Firewall consider the deployment to be somewhat complex.
"The most valuable feature is the ease of use."
"The main reason why I purchased the particular unit was that it had good reviews and what other people were saying as far as its completeness and its leading capabilities in terms of endpoint security was very good."
"Fortinet FortiGate is easy to use. Anyone can easily maintain it."
"The Intrusion Prevention System and the web filtering are both working well."
"Customers are more inclined towards FortiGate because of application control, web filtering, and anti-spam features. The support from the FortiGate team is good, and price-wise, it is affordable."
"The solution has very good threat and content filtering switches."
"The most valuable features of Fortinet FortiGate are the rules and quality of service."
"The technical support is great."
"This solution is easy to use if you know how to set it up."
"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."
"For companies prioritizing security, the optimal choice is one that offers a range of feeds to cater to diverse needs. This is particularly crucial for organizations implementing DDoS mitigation. The preferred solutions typically align with the top server vendors, with Cisco, Forti, and Barracuda consistently ranking among the top three vendors we collaborate with."
"I have found the stability of this solution really good. This is why I use it."
"The feature I find most valuable is the Cisco VPN Interconnection."
"We have multiple secure internal networks linked with our plants. We are from a oil company, so we have multiple plant areas which need to have restricted network access. Therefore, we are using it for restricting access to the plant area."
"The most valuable feature is that it's secure."
"The solution is excellent for enterprise-level networks."
"Using Sophos endpoint and the firewall, synchronized security is easy."
"It is a very stable solution."
"It is very easy to use. You can configure and monitor everything from one unique dashboard."
"Great interface and in-built help is very intuitive."
"There are many features. VPN, firewalling, and intrusion detection are the main features that are most useful for us at this time."
"We are able to trace any user and pinpoint any vulnerability or any malicious software. We are able to synchronize between the local and active directories so we can catch users easily through their login names and IDs."
"I like how you can integrate with other endpoints and Intercept X in one central management platform. I think it's a perfect solution. Sophos will manage everything in one container. You can manage many firewalls or endpoints within one panel."
"It has a very friendly interface like the Cyberoam iNG units, it has customizable policies, it has proper templates that you can even modify, and you can customize the rules, down to each single user."
"We'd like more management across other integrations."
"There are a lot of bugs I have found in the solution and it is difficult to upgrade. These areas need improvement."
"One area for improvement is the performance on the bandwidth demands for smaller devices, as well as better web filtering."
"The license renewal process, annual renewal price, and the web application firewall features should be improved."
"Quality control on their firmware versions needs improvement. When they introduce new firmware, there tend to be bugs."
"The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. When I have used the Sophos solution it is a complete solution, in Fortinet FortiGate you have to use additional tools to have the features needed."
"The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are."
"There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision."
"It's not unexpected, but it's a common scenario where customers request dual layers of security. For instance, when dealing with regulatory compliance, especially in financial sectors regulated by entities like the Central Bank, having two distinct units is often mandated. If a client predominantly uses a solution like Palo Alto, they may need to incorporate another vendor such as Cisco or Forti. Importantly, there's a significant disparity in interfaces and management platforms between these vendors, necessitating careful consideration when integrating them into the overall security architecture"
"Most users do not have awareness of this product's functionality and features. Cisco should do something to make them aware of them. That would be quite excellent and useful to organizations that are still using legacy data-center-security products."
"The usability of Cisco Firepower Threat Defense is an issue. The product is still under development, and the user interface is very difficult to deal with."
"Its implementation was not straightforward. It was mainly because we were running two projects together."
"REST API stability needs improvement in order for customizing resource allocation available to the user rather than just being there transparently. This way users can customize REST API and tailor it to their needs."
"The Cisco ASA device needs overall improvement, as configurations alone do not completely secure my network."
"The solution's deployment is time-consuming, which should be minimized and made more user-friendly for us."
"The only improvement that we could make is maybe [regarding] the roadmap, to have better visibility as to what we are targeting ahead in the next few quarters."
"An area of improvement would be the reporting as diagnostic graphs take a long time to load and refresh. If there could be an option to show only select graphs, it may speed up the graphics."
"The solution is tied to the US dollar. You need to pay whatever the equivalent is in your own currency, and, if the exchange is bad, it can really add to the cost."
"This solution could be improved with more effective bandwidth. I found that when I enable DDoS detection for our clients, bandwidth is reduced. If DDoS detection is disabled, the bandwidth will be high, but it isn't secure. We recommend that customers enable DDoS detection, but if they need high bandwidth, we recommend Palo Alto and FortiGate instead of Sophos."
"The initial setup is not straightforward."
"The VPN device could be improved upon."
"There's an IP address delivery for our VPN client and a limited range of IP addresses. So this is a problem in the latest firmware release, but rather than using homework scenarios, we need a lot of VPN clients."
"The VPN has been a persistent problem for us. It's not straightforward to configure."
"I would want the level of integration to have another device on your network that is also reliable."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Cisco Secure Firewall is rated 8.2, while Sophos XG is rated 8.2. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, Palo Alto Networks NG Firewalls and SonicWall NSa. See our Cisco Secure Firewall vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
My preference is the Sophos XGS, particularly when you team it up with the Sophos Endpoint Protection client and configure it for synchronized security.
Both can be managed through Sophos Central and are available at a decent price for the power they offer the SMB.
I recommend Sophos XGS firewall. It will offer the best solution for malware protection.
Also, I recomend Sophos CIXA with XDR (Sophos Endpoint), so you can use Syncronized Security.