We performed a comparison between Cisco Secure Firewall and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. The only major difference between the two is that some users of Cisco Secure Firewall consider the deployment to be somewhat complex.
"This solution has helped our organization by having strong functions and a reliable firewall."
"It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware."
"Fortinet FortiGate is a security device. It can optimize security on the networks of a company. It actually protects the company from attacks from outside. With FortiGate, you can categorize the users. You can create a group of users that can access all of the websites for their work. You can limit other users' access."
"It is useful for protecting and segregating the internal networks from the internet. Most of our customers also use the FortiGate client to connect to their offices by using the VPN client, and of course, they usually activate the antivirus, deep inspection, and intrusion prevention services. They are also using it for web filtering and implementing various policies dealing with forwardings, NAT, etc."
"The security features are about the best that I've seen anywhere."
"The main benefit is the grouping of our security monitoring."
"The most valuable features are simplicity, management, and that it's constantly evolving."
"The solution has very good threat and content filtering switches."
"The initial setup was not complex."
"I love the ASDM (Adaptive Security Device Manager) which is the management suite. It's a GUI and you're able to see everything at a glance without using the command line. There are those who love the CLI, but with ASDM it is easier to see where everything is going and where the problems are."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"It is a highly stable product. We rarely receive any serious outdates, so it works quite well."
"The integration and configuration were pretty straightforward."
"Manageability of Cisco ASA. It has a GUI interface, unlike the most of Cisco IOS. For beginners they can "sneak in" and apply the command and see the actual commands that the GUI launches. In addition, Cisco has the reputation regarding security."
"The traffic inspection and the Firepower engine are the most valuable features. It gives you full details, application details, traffic monitoring, and the threats. It gives you all the containers the user is using, especially at the application level. The solution also provides application visibility and control."
"I like the way Firepower presents the data. It gives you two classifications for the evidence, something based on the priority of the evidence and another classification based on the impact of the evidence in your environment. This makes it very easy to spot the evidence that is most impactful to my environment. Instead of having to go through all the evidence based on that priority, I can focus on the evidence that has the most impact on my environment."
"The initial setup was straightforward."
"Sophos began with a basic version and evolved into something more efficient in terms of performance."
"The most valuable features are the reporting, dashboards, and graphical user interface. It gives a good overall picture of what is happening over the network."
"The web application firewall reverse proxy is very good."
"One of the most valuable features is the VPN."
"The most valuable feature I have found to be the reporting function."
"The product has all the latest features."
"The VPN feature is the most valuable. It has come in handy during this period when people are working from home. The filtering feature is also valuable because you can easily filter the sites that you don't want to visit. You can also set timely surfing quotas."
"The solution's framework needs to be frequently updated in order to have a stable solution."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"Technical support is good but the response time could be faster."
"In the future, I would like to see improvements made to cloud-based management."
"We'd like more management across other integrations."
"The solution lacks multi-language support."
"Some of the software stability could improve."
"The debugging and troubleshooting has room for improvement."
"The solution has not had any layer upgrades. It does not have layer five and upwards, it only has up to layer four. This has caused some problems for us."
"I would like to see an IE version of the solution where it is ruggedized."
"The licensing needs simplification."
"Third-party integrations could be improved."
"It needs to provide the next-generation firewall features that other vendors provide, like data analytics, telemetry, and deep packet inspection."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"Licensing is complex, and I'd like it to be simplified. This is an area for improvement."
"It is hard to collaborate with our filtered environment."
"I would like to see in future releases a tool to scan for malicious packets and give the location of where they are coming from."
"The support from the vendor needs to be improved."
"We are not very happy with the customer support they provide — it's quite slow."
"The UI needs improvement because it can be a little weird at times."
"We feel that the GUI can be improved a bit because it has a lot of information and looks a bit outdated."
"The initial setup is not straightforward."
"While it is possible to configure between two of the solution's devices in the same model, the high available usually fails."
"The manuals or guides we are given are too simple. When we are implementing the product, it is difficult for us as we don't have more detailed information."
Cisco Secure Firewall is ranked 4th in Firewalls with 112 reviews while Sophos XG is ranked 7th in Firewalls with 25 reviews. Cisco Secure Firewall is rated 8.2, while Sophos XG is rated 8.2. The top reviewer of Cisco Secure Firewall writes "Includes multiple tools that help manage and troubleshoot, but needs SD-WAN for load balancing". On the other hand, the top reviewer of Sophos XG writes "Fined tuned web proxy, feature rich, and beneficial VPN technology". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Juniper SRX Series Firewall and Palo Alto Networks NG Firewalls, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, Palo Alto Networks NG Firewalls and Check Point NGFW. See our Cisco Secure Firewall vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
My preference is the Sophos XGS, particularly when you team it up with the Sophos Endpoint Protection client and configure it for synchronized security.
Both can be managed through Sophos Central and are available at a decent price for the power they offer the SMB.
I recommend Sophos XGS firewall. It will offer the best solution for malware protection.
Also, I recomend Sophos CIXA with XDR (Sophos Endpoint), so you can use Syncronized Security.