Compare Sophos UTM vs. Sophos XG

You must select at least 2 products to compare!
Sophos UTM Logo
40,667 views|33,631 comparisons
Sophos XG Logo
43,607 views|36,394 comparisons
Most Helpful Review
Find out what your peers are saying about Sophos UTM vs. Sophos XG and other solutions. Updated: March 2020.
523,742 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

"It allows me to easily connect with more than forty-five remote sites and more than fifty remote users between IPsec and SSL VPN, applying the web filter and application filter to ensure a secure connection.""We find all of the features valuable because together they fit the needs of our customers.""I would recommend UTM over XG because it's easier to manage.""It is a very good product. The threat monitoring process is the most valuable feature.""It is easy to manage.""The most valuable feature is the price. I've been requesting prices all over these years between different solutions like Fortinet, Palo Alto, and Check Point and Sophos has been the cheapest and the best of all of them that I have tried. I have been working with Fortinet, it's a fact that the price is surprisingly better.""The initial setup is pretty easy.""Good basic firewall functions with advanced firewall scanning."

More Sophos UTM Pros »

"It gives me a very good, stable connection in all tunnels.""The SL VPNs are the most valuable feature. I have a lot of systems out of the head office that need to connect to the local networks, and they all connect wirelessly via the Sophos VPN client.""What I like about his program, is that it is easy to use and easy to manage.""The filtering is very easy to do. You can segment and create profiles for usage very easily.""The solution seems pretty stable. We've had no issues so far.""I like the fact that it can self remove malware and do updates on the cloud via Sophos Central.""Price-wise the solution offers acceptable rates. You can find cheaper solutions on the market but when you go cheaper you have fewer features. Today, based on iQuate market the price is very reasonable and affordable, and it's good if you get a good discount. Discounts can be offered by the vendor. If it's a competitive upgrade which means the customer is upgrading from another vendor, Sophos provides extra discount so they can win the deal. In general, it is a good price.""We are able to trace any user and pinpoint any vulnerability or any malicious software. We are able to synchronize between the local and active directories so we can catch users easily through their login names and IDs."

More Sophos XG Pros »

"I would like to see the SD-WAN feature improved.""We would like to have unique viewable IDs for rules and in the packet filter logfile, for easier debugging of old log files.""It's stable, but the reaction time of the GUI is terrible.""Sophos should be more user-friendly, have more dashboards, and an easier implementation.""The five-factor authentication needs improvement.""Sophos should improve its ability to check something like bandwidth consumption for users or something more real-time.""There needs to be some improvement in the IPsec VPN. There is implementation only support. I have version one. I'd be most interested in having IP version two from the protocol.""Updates come out agonizingly slowly, a trickle."

More Sophos UTM Cons »

"I would like to have remote access to clients using a static IP for a certain period of time.""The initial set up process can be a little tricky, especially when you are registering with Sophos using your registration number. Setup is not necessarily complex, but it's not trouble-free. You do have connectivity issues at the initial setup with registering the device on the Sophos platform to access the advanced features. It doesn't always go through the first time around. That may be an issue with the quality of our automation. I'm not sure exactly what it is.""The program is rather expensive.""The UTM itself needs improvement. When you're navigating it seems like it takes forever to load anything. The hardware is okay. It's just the software that could be more responsive.""It's easy to use, but it's hard to configure exact settings. They need to make it easier to access advanced features.""On reports, they sometimes give a summary, but it lists different users as unknown. There are times that I really want to know which user or which IP is causing a problem.""They should expand their DDoS feature. It's basic. They need to enhance it.""There needs to be a way that we can distinguish between educational institutions on Youtube and other Youtube videos. You can do this on Fortinet. Basically, they can block all other Youtube videos besides those that are from educational institutions. With Sophos, you either allow for all Youtube videos or none at all. They need to allow for more specification on different websites."

More Sophos XG Cons »

Pricing and Cost Advice
"This solution is less expensive than FortiGate.""It is the cheapest product available. It's good if you have a low budget.""We pay for the service on a yearly basis. The last time we paid was in June, for a year. At the time, it was about $20,000.""Our licensing fees are paid on a monthly basis.""It's reasonably priced.""This product is free for home users. The more expensive products have better performance.""I think the pricing of Sophos is very fair.""It is necessary to pay for a licence to use the solution, but it is not very expensive."

More Sophos UTM Pricing and Cost Advice »

"It's a suitable price and license.""We are paying about $1,500 yearly for the Enterprise Plus. As far as I know, there aren't costs above this standard fee.""The Sophos pricing, in general, is better than SonicWall, Fortinet, WatchGuard, or anybody else.""We paid for our licensing for three years, upfront, and there are no costs in addition to the standard fees.""The price is cheaper than that of some competing vendors.""The pricing is flexible. Sophos looks at a country's economy and offers flexible pricing. This is how they have managed to penetrate the market.""It's approximately $6,000 for each device.""It is not expensive, it's a reasonable price,"

More Sophos XG Pricing and Cost Advice »

Use our free recommendation engine to learn which Unified Threat Management (UTM) solutions are best for your needs.
523,742 professionals have used our research since 2012.
Answers from the Community
Miriam Tover
author avatarJuan C. Sanchez Pignalosa
Real User

The biggest difference between Sophos SG and Sophos XG is performance. 

Now, there's even a newer Hardware Platform (same OS as Sophos XG, which is called SFOS) - the Sophos XGS which has different chipset architecture, to attend each security module, with its newest feature called XStream Technology. 

Besides that, the GUI is very different. Nevertheless, it's worth trying the Sophos XG or XGS, since its GUI is getting overhauled for better performance and easier management, by each new release.

author avatarRichard Artes
Real User

Sophos UTM is no longer being developed, according to our reseller. All the development effort is going into XG. So XG will be the only Sophos firewall going forward, UTM will eventually be end of life.

author avatarAlexandre RASTELLO


The new appliances XGS have a dedicated streaming CPU (Xstream), in addition to the main CPU.

I have personally tested the differences between the XG and XGS similar appliances. The result is spectacular. 30% more perf minimum:

The UTM-9 is soon end-life. Sophos security staff is now focused on SFOS 18, XG, XGS.

To respond to the question "the biggest difference", I think is the "Synchronized Security":

The firewall is one of the full security solutions centralized in Sophos Central:

At most of our customers, we implement a Sophos Endpoint locally on servers and workstations and firewall XGS. The synchronized security interact between firewall and endpoints. This can resolve the problem with the "lateral movement" of an infected computer. It can isolate a computer from the network when detected as infected:

It can be extended to secure cloud systems with Sophos ClouOptix:

Tested with VM in AWS and Azure, work 5*!

Another big difference is the Webserver Application Firewall. All my customers with an internal webserver to be published in the net are protected with this "reverse proxy" (WAF). It really does the job of protecting IIS, Apache, etc. from externals attacks.

Another trick is the SSL VPN sites to sites. When a branch office is implemented with a front ISP router, sometimes the NAT traversal is not possible, for IPSEC VPN connections (UDP 500). With this SSL VPN,  Simple NAT works and gives an SSL 128-bit AES encryption.

Finally, I have a lot of experience in implementing UTM and, now, XG(S). No way, the log is a big difference, easier to use as in Fortigates! It is similar to CheckPoint firewalls.

For my experience, no way: -> Sophos XG(S)

Here is an interesting link on differences between UTM and XG:



author avatarRichard Artes
Real User

My understanding is that UTM is the software; SG is the hardware. You can buy Sophos UTM running on SG hardware and then later upgrade to the XG running on the same hardware.

author avatarRichard Artes
Real User

I've been told by our Sophos reseller that Sophos are pushing the XG as next generation firewall, and developing it to at least as good as UTM. So XG will be the firewall of choice moving forward. UTM will not be developed further, according to him.

author avatarAnthony Petecca
Real User

To my understanding, UTM and XG are from different legacy companies that
are now owned my Sophos. During my time researching anti-virus, UTM makes
more sense for our needs seeing as XG is primarily a firewall. From the
information I was able to find during the time of research, it seemed most
of the community felt XG had feature gaps from UTM.

author avatarSuheyl Khaki

UTM specifically SG series is a very mature and stable platform. It lacks some of the new features of XG; however has a very strong feature set. If you are looking for stability, ease of use and something well documented and understood than I suggest going this way. If however you are looking for a strong level of integration and have a greater than 3 year horizon then I suggest XG.

Wifi integration for example works better on the new platform.

author avatarJavier Medina
Real User

There are several differences since there are 2 versions, 

XG firewall has integrations with other products like intercept X and admin from Sophos central. 

SG UTM has less integration since it's a separate product. It was formerly Astaro firewall, but the most advanced features have been only set to the XG. 

There are appliance and software versions of both products. Depending on your need you might choose one or another. But basically, look at them as 2 different firewalls.

Questions from the Community
Top Answer: In my opinion and as a result of years of experience: - Both are great firewalls with excellent performance and a useful integration witch Active directory and LDAP - Fortinet is easier to… more »
Top Answer: Sophos UTM is no longer being developed, according to our reseller. All the development effort is going into XG. So XG will be the only Sophos firewall going forward, UTM will eventually be end of… more »
Top Answer: The most valuable feature is ransomware protection.
Top Answer: The solution is a next generation firewall and we have gotten good customer feedback.
Top Answer: The solution is more cost-effective than FortiGate, Cisco and Palo Alto, which have very expensive licenses.
Top Answer: The box needs to be fixed Moreover,the bugs need fixing. I also think that SD-WAN features should be added. The intelligence feature should be improved and Sophos needs upgrading and updating.
Average Words per Review
out of 48 in Firewalls
Average Words per Review
Popular Comparisons
Also Known As
Learn More
The global network of highly skilled researchers and analysts, protecting businesses from known and emerging malware - viruses, rootkits and spyware.

Sophos XG Firewall is next gen firewall that is optimized for today’s business, delivering all the protection and insights you need in a single, powerful appliance that’s easy to manage.

Learn more about Sophos UTM
Learn more about Sophos XG
Sample Customers
One Housing Group
Information Not Available
Top Industries
Financial Services Firm14%
Manufacturing Company14%
Comms Service Provider7%
Computer Software Company7%
Comms Service Provider39%
Computer Software Company19%
Media Company6%
Financial Services Firm13%
Manufacturing Company11%
Comms Service Provider9%
Healthcare Company9%
Comms Service Provider39%
Computer Software Company18%
Media Company5%
Company Size
Small Business59%
Midsize Enterprise24%
Large Enterprise17%
Small Business42%
Midsize Enterprise39%
Large Enterprise18%
Small Business61%
Midsize Enterprise25%
Large Enterprise14%
Small Business46%
Midsize Enterprise26%
Large Enterprise28%
Find out what your peers are saying about Sophos UTM vs. Sophos XG and other solutions. Updated: March 2020.
523,742 professionals have used our research since 2012.

Sophos UTM is ranked 3rd in Unified Threat Management (UTM) with 18 reviews while Sophos XG is ranked 5th in Firewalls with 101 reviews. Sophos UTM is rated 8.6, while Sophos XG is rated 8.0. The top reviewer of Sophos UTM writes "Great web and email filtering with reasonable pricing". On the other hand, the top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". Sophos UTM is most compared with Fortinet FortiGate, pfSense, Untangle NG Firewall, OPNsense and Cisco ASA Firewall, whereas Sophos XG is most compared with Fortinet FortiGate, pfSense, Palo Alto Networks NG Firewalls, WatchGuard Firebox and Meraki MX. See our Sophos UTM vs. Sophos XG report.

See our list of .

We monitor all Unified Threat Management (UTM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.