We performed a comparison between Check Point NGFW and Sophos XGS based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The user interface is relatively easy. The devices are easy to deploy and figure out when you have experience with other security appliances."
"It has improved our organization with control data."
"We use a southern institution that's audited for IT security and the reporting that automatically comes off the unit makes it much easier to meet compliance standards and makes it easier as far as the amount of time that has to be spent to compile that information. If you get your reporting set up correctly when you initially set it up, you just select the one you want and hit print. The auditing trail on it is the best feature."
"The payment function for applications is good."
"Good anti-malware and web filtering features."
"Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution."
"From the firewall perspective, the rules and policies are very sufficient and easy to use."
"It is simple to manage, and there are a lot of functionalities in the same box."
"It offers a range of models to enhance network security and it can be customized to secure endpoint client machines or user devices by deploying features like malware detection, antivirus, and mail security blades."
"Advanced logging capabilities: Check Point generates extensive logs which may be very useful to figure out the issues. Its logs also contain too much information which can be used to modify the policy as per user need and organizational security environment. The same can be used to figure out probable attack surface or necessary steps for mitigation."
"It has allowed us to grow in a safe way and in accordance with our particular needs."
"The solution is easy to administer thanks to its dashboards. The monitoring is really useful."
"We can build the new firewalls with minimum efforts."
"The AntiSpam/Mail blade was also one of the main reasons we went with this product since we hosted our email server locally. This was an extra layer of protection on top of the existing solution."
"The configuration is one of the best features of this product."
"Check Point is awesome from a security standpoint. Based on our experience and also the experience of the other customers, it is a very stable appliance."
"The threat intelligence capabilities of the tool are good."
"The most valuable feature of Sophos XGS is its ease of use."
"Sophos XGS has contributed to the reduction of the overall security costs of our company's customers."
"The initial setup is straightforward."
"Sophos XGS' most valuable features are protection and intrusion prevention detection."
"The feature that I find most valuable is the synchronized security option where the endpoint talks to the firewall."
"The initial setup is very user-friendly because they have graphical user interface options and command line interface options. I would give the initial setup a rating of five out of five."
"The most valuable features in Sophos XGS are bandwidth management, content filtering, and WAN link management failover. If one internet activity or one link would fail, automatically it will switch over to another one."
"Sometimes you do need to know some CLI commands, so it's a bit harder for technicians or new people that don't know it."
"Difficult to add or define, and not that easy to configure and manage."
"They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI."
"There are some license issues. Not every feature must have a separate license. There must be some of kind synergy between the license so we don't have to pay for every individual license that we would like to have."
"My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."
"The UTM filtering needs improvement."
"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files."
"There are just some services that aren't available. For example, the Ethernet or point-to-point protocols. They could add these services to their product offering - especially services for ISPs."
"Check Point NGFW needs to run marketing events. They have also to set up a support center in India."
"The debugging of VPN tunnels is very stressful."
"Something worth mentioning is the need for Spanish support and better representation for teams in the Latin American area."
"The software licensing model is too complicated with all the various tiers of SKUs (i.e. per software blade). They need to simplify this for easier purchasing and renewing."
"One of my issues with Check Point is the stability. There have been too many bugs, over the years, when I compare them with other vendors. Their QA team should do better work before releasing their GA versions."
"One of the biggest disappointments is the GUI."
"If you have the standard support level, sometimes they take a long time to understand or even give you a solution or good workaround to a problematic situation."
"If you have a long ruleset, you may experience performance issues on the GUI, and installing rule changes on gateways can take a comparatively long time."
"Its pricing could be better."
"In the new release 19, there should be the implementation of a cloud service that you can use to set up the IPSec tunnels, and the SD-WAN from the WAN dashboard, and then you can push that configuration out to every firewall that you have."
"The solution could have a bit more functionality."
"It has recently started to suddenly block and crash."
"Level one technical support is not good at all and needs to be improved."
"I would like to see them in third-party evaluation reports like Gartner, Magic Quadrant, or Forrester to make it easier for us to show our customers that Sophos is a leader in the market."
"The customer service response time can be improved."
"The solution could be easier to manage and configure."
Check Point NGFW is ranked 5th in Firewalls with 279 reviews while Sophos XGS is ranked 17th in Firewalls with 62 reviews. Check Point NGFW is rated 8.8, while Sophos XGS is rated 7.8. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Sophos XGS writes "Easy to use, simple to learn, and offers great reporting". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and SonicWall NSa, whereas Sophos XGS is most compared with Sophos XG, OPNsense, Netgate pfSense, WatchGuard Firebox and Sophos UTM. See our Check Point NGFW vs. Sophos XGS report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.