We performed a comparison between Meraki MX and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Sophos XG received better user ratings. Although the two solutions are comparable in most areas, Meraki MX lacks a lot of features in comparison with Sophos XG.
"The most valuable feature of Fortinet FortiGate is the simple configuration."
"Fortinet FortiGate is user-friendly and affordable."
"Security solution with a straightforward and quick setup. It's a stable and scalable product."
"Offers good security and filtering."
"Fortinet FortiGate's most valuable features are ease of use, flexibility, and most of the configuration we can be done using the GUI. When we compare Fortinet FortiGate with other solutions the firewall policy are very easy to understand."
"The Fortinet FortiGate local partners were good. I did not have direct contact with Fortinet support."
"What's most important is the ease of use."
"The product is very stable, easy to troubleshoot, and configure, so it has reduced the time it takes for support."
"The most valuable feature of Meraki MX is I can manage the solution from anywhere remotely, I can throttle bandwidth, and create all rules. Additionally, it is secure for our customers."
"I use Meraki in my POCs and with my customers as well."
"Both the scalability and the scalability are great with Meraki MX."
"Deployment takes no more than one working day."
"A strong, reliable solution for small companies with little or no dedicated IT department."
"We switched to Meraki because it lets you see what's happening in your LAN and WAN in a graphic and web environment."
"The features we have found most valuable are the firewall and the monitoring tools."
"The internet traffic shaping has been very valuable."
"It has a very friendly interface like the Cyberoam iNG units, it has customizable policies, it has proper templates that you can even modify, and you can customize the rules, down to each single user."
"Reporting is the most valuable feature."
"The product has all the latest features."
"Sophos firewalls are scalable. They are pretty strong in security. So, when they provide any kind of firewall, they provide all the features such as anti-spam, antivirus, etc."
"The product's initial setup phase was straightforward."
"Everything is consolidated into a single box, offering comprehensive functionality, including Wi-Fi access and other features."
"In my experience, the solution was easy to use, has lots of features, and is easy to configure."
"The interface is user-friendly and the product is easy to configure."
"Fortinet FortiGate could improve by having more capabilities for troubleshooting VPN connections. For example, I do get some feedback about the current status, but I could use some history and logging of important events. The information is logged in our Syslog server, but I could use that information from the device. If they could provide a GUI to have some more insight on what's going with my VPN would be useful."
"With the addition of some features, it is possible that FortiGate can be used in all verticals."
"The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. When I have used the Sophos solution it is a complete solution, in Fortinet FortiGate you have to use additional tools to have the features needed."
"WAN load-balancing could be a lot better at detecting when a link is poor or inconsistent, and not just flat out dead."
"The feature which gives us a lot of pain is ASIC architecture."
"It would be nice if backups could more easily migrate between different models."
"FortiGate should have a better way of detecting and managing the system memory because otherwise if the memory is too low, a system restart is required."
"It should be more stable. There should be full integration within Fortinet products themselves as well as with other third-party products. Especially when you're not dealing with SIEM and the correlation of the security box, we want Fortinet to be able to share that information with as many other products as it can."
"FortiGate is cheaper than Meraki. Even the license renewal is less than Meraki."
"We do not have account managers in our region for the solution. Some governments don't use the product since it is attached to the internet."
"We could have more reporting options and the ability to send alarms to the administrator."
"Expensive licensing and firewall stops immediately working if the license is not renewed at expiration date."
"Load balancing options and ability to manage a couple of Internet connections."
"It would be nice if the different services, including the SIEM SOC and endpoint detection and response (EDR) were integrated into one, so that I don't have to go to different vendors for different services."
"Meraki tech support staff have a lot more visibility into your network than you do, which is frustrating at times. I understand the approach is to keep the dashboard easier to understand. This will frustrate more advanced users at times."
"It would be great if the Meraki devices let us see, in real time, the internet demand on a single device."
"The interface could be simplified and diagnostic system graphs improved."
"The interface of Sophos XG could be improved. I would prefer the Sophos XG to have an interface for the technician who is setting it up similar to the Sophos SG. I felt the Sophos SG user interface was superior. however, in terms of the functionality of the product, Sophos XG is in many ways more powerful than the Sophos SG. I have no complaints about the quality of the product or the end result. For someone who has used both, I preferred the old interface to the new one."
"The support engineers of the product are not very tech-savvy, making it an area where improvements are required."
"In the next release, I would like to see improvements to simplify the interface and more policy deployments."
"The vendor doesn’t publish the price on the website."
"Integration with Active Directory is not reliable."
"The program is rather expensive."
"Recently, I've had a problem with updating things."
Meraki MX is ranked 2nd in Unified Threat Management (UTM) with 57 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Meraki MX is rated 8.2, while Sophos XG is rated 8.2. The top reviewer of Meraki MX writes "Cost-effective, simplified, easy to manage, and reliable with advanced security features and granular visibility". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Meraki MX is most compared with Palo Alto Networks NG Firewalls, Cisco Secure Firewall, SonicWall TZ, Netgate pfSense and SonicWall NSa, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and Sophos UTM. See our Meraki MX vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Meraki is designed for zero deployments and no in-house firewall specialist personnel. Best to secure Networks like remote offices, branches or home offices. Also to protect Internet Access (your computer accesses the internet).
Sophos is more of a professional firewall, not only protecting internet access but also providing security for publishing services like web servers, data centers, central services. They will need a specialist to install and support them. Therefore offer much more sophisticated protection features.
So, you can't really compare these solutions as they are targeting different markets.
Meraki MX is a small business product and lacks a lot of features compared to Sophos XG/XGS.
- IPsec IKEv2 does not work (it is in the menu, but does not work and can only be enabled by meraki support)
- no SSLVPN or IPsec VPN client. AnyConnect can only be tested with beta firmware.
Cisco Client VPN (L2TP) is a total joke - not sure for who it is meant for?
- no user based firewall rules (for VPN)
- no firewall rule grouping
- no masquerade option for DNAT (sometimes it is very useful if I can do a DNAT with masquerade to another subnet)
- no VLAN tagging support on WAN port (would be usable for IPTV - solvable if WAN is bypassed through a managed switch)
- no multiple IP support on WAN port (Sophos has alias support on every interface, which means that multiple IP addresses can be added on the same LAN or WAN port)
- no LAG or LACP support (would be usable to connect aggregation switch to firewall to bypass more traffic through the MX)
- no DAC cable support for SFP port (why I do have to use optical cable to connect aswitch?)
- no custom IPS policies - only on/off button
- no e-mail protection option (Sophos has it with extra license)
- no web server protection (Sophos has it with extra license)
- no sandstorm option (most firewalls have it with extra license)
- hardware may probably too weak compared to the user count
- no BGP, OSPF routing
- no multiple VPN user groups and LDAP servers
Cisco mx64, for example, has 2 WANs, is very practical and simple for the two services, has a balancing for two internet services and bandwidth control (by groups and users).