Compare Fortinet FortiGate vs. Sophos XG

Cancel
You must select at least 2 products to compare!
Cisco ASA Firewall Logo
69,068 views|50,208 comparisons
Fortinet FortiGate Logo
168,827 views|121,944 comparisons
Sophos XG Logo
43,610 views|36,955 comparisons
Most Helpful Review
Anonymous User
Find out what your peers are saying about Fortinet FortiGate vs. Sophos XG and other solutions. Updated: January 2021.
455,301 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"This solution has good security, and it's a good product. You can trust Cisco, and there's support as well, which is really good.""The greatest benefit for the organization is the confidence that we are secured.""Its ability to discover attacks is a valuable feature. All of the other features that have to do with security are good.""I haven't had any major problems so I haven't had to open a ticket with technical support.""The IPS (In-plane switching) is the most valuable feature.""I like the user interface because the navigation is very easy, straightforward on your left side pane you have all the sites that you need to browse. Unlike any other firewalls, it's pretty straightforward.""We have multiple secure internal networks linked with our plants. We are from a oil company, so we have multiple plant areas which need to have restricted network access. Therefore, we are using it for restricting access to the plant area.""The initial setup was completely straightforward."

More Cisco ASA Firewall Pros »

"It's a firewall that secures our internal network. I have been using it since 2013, and I find that most of the features are advanced, and very user friendly.""The most valuable feature is the bundled subscription, which is IPS, TV and web filtering.""It is easy to use and performs very well.""We use a southern institution that's audited for IT security and the reporting that automatically comes off the unit makes it much easier to meet compliance standards and makes it easier as far as the amount of time that has to be spent to compile that information. If you get your reporting set up correctly when you initially set it up, you just select the one you want and hit print. The auditing trail on it is the best feature.""We can use our devices to check all of the perimeters. It secures email websites.""I really like the captive portal feature for our guest network. It has nice VLAN features in terms of separating our network. The anti-virus is also good.""The ability to set up remote systems is the most valuable feature.""Customers want to load balance more than eight lines or six internet lines. FortiGate is the only solution that can accomplish this."

More Fortinet FortiGate Pros »

"We have found that the simplicity of the XG 210 is its most valuable feature.""Sophos XG has cybersecurity. It integrates with the antivirus software.""It gives me a very good, stable connection in all tunnels.""The SL VPNs are the most valuable feature. I have a lot of systems out of the head office that need to connect to the local networks, and they all connect wirelessly via the Sophos VPN client.""What I like about his program, is that it is easy to use and easy to manage.""The filtering is very easy to do. You can segment and create profiles for usage very easily.""The solution seems pretty stable. We've had no issues so far.""I like the fact that it can self remove malware and do updates on the cloud via Sophos Central."

More Sophos XG Pros »

Cons
"The phishing emails could be improved.""There may have been one or two incidences of malicious threats.""Some of the features, like the stability, need to be improved.""In the past though, colleagues have had issues during the upgrade process. The failover didn't work and production was down.""At times the product is sluggish and slow""If I need to download AnyConnect in a rush, it will prompt me for my Cisco login account. Nobody wants to download a client to a firewall that they don't own.""Most of the time, when I try to run Java, it is not compatible with ASA's current operating systems.""We have to rely on Cisco ASDM to access the firewall interface. This needs improvement. Because we have a web-based interface, and it is a lot more user-friendly."

More Cisco ASA Firewall Cons »

"The web-cache feature which was previously on the FortiGate device, but was deleted with the recent upgrade should be returned. It was a very valuable feature for us.""I think they need to improve more in order to be a competitor with the leaders of the field.""There could be more integration between the logging and analytical platforms to make it more seamless and integrated.""They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that.""They need to improve their technical support.""Some of the filtering is not robust, you can escape it with a VPN. Some of the users bypass some of the filters. It catches some but it also misses some, that area could be improved. It's functioning reasonably but there's room for improvement in that area.""They should improve the interface to make it more user-friendly.""The monitor and the visibility, in this proxy, is very weak."

More Fortinet FortiGate Cons »

"When I call, I have to wait at least one to two hours to reach them.""The only issue that Sophos XG now needs to improve is the product's reporting capability.""I would like to have remote access to clients using a static IP for a certain period of time.""The initial set up process can be a little tricky, especially when you are registering with Sophos using your registration number. Setup is not necessarily complex, but it's not trouble-free. You do have connectivity issues at the initial setup with registering the device on the Sophos platform to access the advanced features. It doesn't always go through the first time around. That may be an issue with the quality of our automation. I'm not sure exactly what it is.""The program is rather expensive.""The UTM itself needs improvement. When you're navigating it seems like it takes forever to load anything. The hardware is okay. It's just the software that could be more responsive.""It's easy to use, but it's hard to configure exact settings. They need to make it easier to access advanced features.""On reports, they sometimes give a summary, but it lists different users as unknown. There are times that I really want to know which user or which IP is causing a problem."

More Sophos XG Cons »

Pricing and Cost Advice
"Pricing is high, but it is essentially a corporate decision.""Licensing is expensive compared to other solutions.""The cost is a big factor for us. This is why we are using it only in our restricted area. They are very much higher than their competitors in the market.""We paid about $7,000 for the Cisco firewall, plus another small Cisco router and the lead switch. It was under the combined license. It's a final agreement.""Watch out for hidden licensing and incredibly high annual maintenance costs.""I bought a license for three years and it was really affordable.""With AnyConnect, it depends on your license. It depends on the number of concurrent users you want to connect.""This solution might be expensive, but it is economical in the long run."

More Cisco ASA Firewall Pricing and Cost Advice »

"It is cost-effective, and provides a good value for your money. The pricing, and license renewal, is very reasonable for us.""They need to be competitive with other solutions.""It is a good product from a price perspective versus functionality.""Price-wise, it's at a good price point for our market.""The initial setup is super straight forward and as far as the licensing goes for the small product that we have, the pricing was pretty competitive. It wasn't as simple and as cheap as a SonicWall but for the service we would get it was a good price.""Compared to Palo Alto, which we have used in the past, pricing and licensing are okay.""Our licensing costs are on a yearly basis.""Fortinet is reasonable in pricing and licensing. Overall, FortiGate is affordable. The licensing fee can be a little high, depending on the budget for your project."

More Fortinet FortiGate Pricing and Cost Advice »

"For licensing the XG 210, we paid approximately $3000 for three years. There are no additional fees on top of this.""It's a suitable price and license.""We are paying about $1,500 yearly for the Enterprise Plus. As far as I know, there aren't costs above this standard fee.""The Sophos pricing, in general, is better than SonicWall, Fortinet, WatchGuard, or anybody else.""We paid for our licensing for three years, upfront, and there are no costs in addition to the standard fees.""The price is cheaper than that of some competing vendors.""The pricing is flexible. Sophos looks at a country's economy and offers flexible pricing. This is how they have managed to penetrate the market.""It's approximately $6,000 for each device."

More Sophos XG Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
455,301 professionals have used our research since 2012.
Answers from the Community
AndrewOkamar
author avatarMohamedSamir1
User

My current UTM is FortiGate 1200D and I have finished a POC for Sophos XG450 trying to deduct the cost of the license renewal of the UTM

There is big difference between FortiGate and Sophos. There are some features of FortiGate that Sophos doesn’t provide, and the visibility of network, internet lines, and devices is very poor with Sophos but it’s excellent with FortiGate. Also, the "Traffic Shaping" for bandwidth doesn’t work correctly at all with Sophos but works perfectly with FortiGate.

I strongly don't recommend at all to replace FortiGate with Sophos. Maybe Sophos would be good for a kind of customers who hasn't used UTM appliance before.

author avatarPiyush Patel
User

I do not know more about Sophos but I would like to highlight some FortiGate features:

- Number of IP-sec and SSL VPN user clients. (Minimum 100 with lowest Model FG30E)
- Fortisandbox and Forticloud Free with some good features for managing firewalls from FortiCloud.
- FortiTocken (Dual Authentication) - Two Token Free with every FortiGate device.
- FortiAP (Guest Network without Any L2 and L3 Switch over Wi-Fi and you can also manage FortiAP using FortiCloud too.)
- Secure SD-wan, not only useful for multiple WAN but also useful for MPLS and VPN connectivity fail-over between multiple locations.
- More application list and inbuilt SLA for SD-Wan.
- Web-filter is common in All UTM but google domain-specific feature in FortiGate is awesome.
- Internet-Service-Database list is also very helpful and an advanced feature.
- The Fortiswitch controller is also a good feature.

author avatarAbdul Faheem
Real User

For comparison purpose i.e. Sophos XG 310 & Fortinet FortiGate FG-200E, to my understanding, Fortinet appliance has an upper hand if you are looking for IPSec or VPN Tunnelling and FortiGate has the capability for High Availability configuration options i.e. Active/Active, Active/Passive and clustering.

Also Note Sophos XG 310 has a higher firewall throughput as 28Gbps. Fortinet FG 200E has multi Ethernet fixed port, but only 2 WAN interface while Sophos XG 310 can add up to 8 WAN ports.

author avatarSabyasachi Sen
Real User

I have extensively used Sophos (previously Cyberoam) and FortiGate also. The biggest differences are as below:

1. For FortiGate, it is required to use a Fortinet wifi access point only.
2. In case of expiry of the license in FortiGate, the entire service goes kaput except basic firewall services. The other UTM only updates and support ceases to work.
3. Every 5 - 7 years FortiGate changes its model and the old device becomes trash.
4. Any changes in the policies will need to wait for total version changes and you need to wait till then

Because of the above reasons, presently we are trying our hands with WiJungle UTM. However, the bottleneck is Fortinet WiFi access points which are denied to work in tandem with any UTM other than FortiGate.

We have around 700 Fortinet WiFi access points and it is ridiculous that going away from FortiGate costs a fortune.

author avatarManoj Dusadh
User

In one sentence, the biggest difference between Sophos and FortiGate is the “RED” option in Sophos XG.

author avatarMohamed Y Ahmed
Reseller

The main points between both are Sophos hardware in all of its models except the smallest one, XG 86, have SSD hard desk. It has a total security solution especially when you get the benefits of synchronized security with its Endpoint interceptX as it is amazing when it works with the XG firewall. You can also have benefits if you got the encryption solution and the Wireless.

The reporting on the XG firewall is an amazing feature that does not exist on one box with Fortinet.

The DLP solution on the XG firewall is impressive.

Fortinet in performance is better than Sophos.

For the small and medium businesses, I recommend XG firewall but for large data centers, I recommend Fortinet.

I hope it is informative, please feel free to contact me with any further queries.

author avatarFrancesco Capolupo
User

I evaluated both and in the end, I decided to go with Sophos. It has a good application filter & Web filter, WAF is included, report integrated, has a VPN of any kind, and synchronized security with the endpoint.

Questions from the Community
Top Answer: They provide DDoS protection and multi-factor authentication. That is a good option as it enables work-from-home… more »
Top Answer: In terms of costs, other solutions are more expensive than Cisco. Palo Alto is more expensive than Cisco.
Top Answer: From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
Top Answer: In my opinion and as a result of years of experience: - Both are great firewalls with excellent performance and a… more »
Top Answer: The difference is the poor performance that Fortigate has when it has all its services in use. Compare which customers… more »
Top Answer: The simplicity of the setup is the most valuable feature.
Top Answer: The BGP engine is very limited.
Top Answer: If you pay for the premium support, you'll get better support from Sophos. I would rate Sophos XG an eight out of ten… more »
Popular Comparisons
Compared 7% of the time.
Compared 5% of the time.
Compared 3% of the time.
Compared 9% of the time.
Compared 9% of the time.
Compared 7% of the time.
Compared 13% of the time.
Compared 10% of the time.
Compared 7% of the time.
Compared 4% of the time.
Also Known As
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAvFortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
Learn
Cisco
Fortinet
Sophos
Overview

Cisco ASA firewalls deliver enterprise-class firewall functionality with highly scalable and flexible VPN capabilities to meet diverse needs, from small/branch offices to high performance data centers and service providers. Available in a wide range of models, Cisco ASA can be deployed as a physical or virtual appliance. Flexible VPN capabilities include support for remote access, site-to-site, and clientless VPN. Also, select appliances support clustering for increased performance, VPN load balancing to optimize available resources, advanced high availability configurations, and more.

Cisco ASAv is the virtualized version of the Cisco ASA firewall. Widely deployed in leading private and public clouds, Cisco ASAv is ideal for remote worker and multi-tenant environments. The solution scales up/down to meet performance requirements and high availability provides resilience. Also, Cisco ASAv can deliver micro-segmentation to protect east-west network traffic.

Cisco firewalls provide consistent security policies, enforcement, and protection across all your environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables greater simplicity, visibility, and efficiency.

Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

Sophos XG Firewall is next gen firewall that is optimized for today’s business, delivering all the protection and insights you need in a single, powerful appliance that’s easy to manage.

Offer
Learn more about Cisco ASA Firewall
Learn more about Fortinet FortiGate
Learn more about Sophos XG
Sample Customers
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
Information Not Available
Top Industries
REVIEWERS
Financial Services Firm17%
Comms Service Provider14%
Manufacturing Company10%
Computer Software Company7%
VISITORS READING REVIEWS
Comms Service Provider34%
Computer Software Company22%
Media Company5%
Government5%
REVIEWERS
Comms Service Provider14%
Financial Services Firm8%
Computer Software Company8%
Energy/Utilities Company7%
VISITORS READING REVIEWS
Comms Service Provider34%
Computer Software Company22%
Media Company5%
Government5%
REVIEWERS
Financial Services Firm15%
Healthcare Company15%
Manufacturing Company12%
Comms Service Provider9%
VISITORS READING REVIEWS
Comms Service Provider39%
Computer Software Company20%
Media Company5%
Government4%
Company Size
REVIEWERS
Small Business36%
Midsize Enterprise25%
Large Enterprise39%
VISITORS READING REVIEWS
Small Business28%
Midsize Enterprise21%
Large Enterprise51%
REVIEWERS
Small Business47%
Midsize Enterprise24%
Large Enterprise29%
VISITORS READING REVIEWS
Small Business43%
Midsize Enterprise22%
Large Enterprise36%
REVIEWERS
Small Business62%
Midsize Enterprise27%
Large Enterprise11%
VISITORS READING REVIEWS
Small Business50%
Midsize Enterprise27%
Large Enterprise23%
Find out what your peers are saying about Fortinet FortiGate vs. Sophos XG and other solutions. Updated: January 2021.
455,301 professionals have used our research since 2012.

Fortinet FortiGate is ranked 1st in Firewalls with 107 reviews while Sophos XG is ranked 7th in Firewalls with 44 reviews. Fortinet FortiGate is rated 8.4, while Sophos XG is rated 7.8. The top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". On the other hand, the top reviewer of Sophos XG writes "Offers a high level of visibility of what's happening on your network or on your client machines". Fortinet FortiGate is most compared with Meraki MX, pfSense, Sophos UTM, Cisco Firepower NGFW Firewall and Palo Alto Networks WildFire, whereas Sophos XG is most compared with pfSense, Sophos UTM, WatchGuard Firebox, Palo Alto Networks NG Firewalls and OPNsense. See our Fortinet FortiGate vs. Sophos XG report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.