2020-02-13 12:46:00 UTC

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?


I have around ten years of experience as a system support engineer for an engineering company. 

We are currently evaluating Sophos UTM and Fortinet FortiGate. What are the technical differences between the two. Which would you recommend?

Thanks! I appreciate the help. 

Guest
99 Answers
author avatar
Top 20User

I would have no doubt in recommending Fortinet. I do not know the Sophos UTM product specifically but in general, in companies, we have had unpleasant experiences with Sophos with customers. They typically declare performance values ​​that are overestimated in the field.

2020-02-17 09:18:10 UTC
author avatar
Top 5LeaderboardReal User

We replaced Fortinet with Sophos as our public-facing UTM in 2017 & since then the ride has been extremely rough. I would not recommend Sophos for any mission-critical environment.

2020-02-17 08:05:10 UTC
author avatar
Top 5Real User

Both firewalls are easy to deploy. But the issue you will encounter when performing troubleshooting. You will not get flexibility in troubleshooting through Cli in Sophos whereas, in FortiGate, we have much more control. Besides if you are deploying a firewall on a large scale where visibility, control, performance as well as the flexibility is important it is better to go with Fortinet rather than Sophos.

2020-02-18 10:21:13 UTC
author avatar
Top 5User

I would also like to elaborate on the reporting part in FortiCloud. There is no need to pay any extras. Every box connects to ForticCoud service, and if you want reports to be greater than 7 days (meaning to be kept longer than that in their memory system) then you have to pay. In the meantime, by default Forticloud will send daily emails with reports and once a week you will get 4 to 5 reports, with lots of granular information. These reports are all in PDF with color graphics. In reality, I would be happy to send you some of the reports as in words typed herein would be more than a book. The FortiGate appliance also comes with 10 endpoint security (Forticlient) licences. So you can put this endpoint protection software to servers or clients. It also has a two-factor authentication license included. With these boxes, you can also create VDOM (Virtual Domains, totally separate).

They can afford that as the hardware, as I mentioned before (ASIC) has the power to do that. In 3 years I have had 1 spam message entering my mail server, is that telling you something??? In my first reply, I did tell you that where I work now they purchase Sophos. Well, when the antivirus is set the CPU gets up to 90%. My Fortigate CPU is 0% and peaks during attacks. And I have had quite a few. They were attempting to break into the mail server. More than 2 million attempts in less than 2 hours. Have a look at NSS Labs site. FortiGate is a Rolls Royce, you cannot compare.

Here in Australia, where I work now, the decision was to go with Sophos, ONLY ON PRICE. Yes, great brains. Now they regret that big time. FortiGate is a much more powerful device, especially when it comes to being able to handle the traffic. Most of the models handle throughput via ASIC (Application Specific Integrated Circuit) which is nothing more and less than a customer semiconductor. So, this is handled via hardware. It may be initially more difficult to implement. Now, what does "difficult" mean? To me when there is an unknown, difficult comes up till you learn. So if you make a decision on price and because "it is the easiest" to install.

I would not touch Sophos. Simple as that.

2020-02-17 21:09:24 UTC
author avatar
Top 5Real User

Sophos UTM is better by far. but it is more expensive

2020-02-17 18:27:09 UTC
author avatar
Top 5LeaderboardReal User

Done many installations of both Sophos and FortiGate, Sophos is the easiest to install and best in terms of features.
Reporting is free in Sophos while we need an extra subscription for FortiGate. Deep packet inspection, intrusion prevention advanced threat protection, web filtering, app control and email protection are key features of Sophos. Browsing is made safe with phishing protection and new functionality of ransomware protection. Sophos support is brilliant and community website from Sophos answers to all your questions and ease deployment.

2020-02-17 16:05:24 UTC
author avatar
Top 5Real User

I can’t really comment on FortiGate. We’ve been working with Sophos for years and like it’s integration with their endpoint.

2020-02-17 06:58:16 UTC
author avatar
User

I will recommend the Fortinet being very aggressive in the firewall terminology.
Fortinet Devices are Multi-Utility Next generation Firewall which can give your facility of L2 as well as L3 functions along with transparent and NAT mode of Firewall.
Moreover it provides your the AV, IPS,Application Control, Web Filter etc. on Proxy as well Flow based inspection modes.
Their support line also very good. One must try it. Further if you have need of Monitoring Industrial Protocols then it is one of the best choice in market

2020-03-23 17:46:58 UTC
Find out what your peers are saying about Fortinet FortiGate vs. Sophos UTM and other solutions. Updated: March 2020.
405,901 professionals have used our research since 2012.