Palo Alto Networks PA-Series vs Sophos XGS comparison

Comparison Buyer's Guide

Executive Summary

We performed a comparison between Palo Alto Networks PA-Series and Sophos XGS based on real PeerSpot user reviews.

Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Palo Alto Networks PA-Series vs. Sophos XGS Report (Updated: May 2024).

Buyer's Guide

Palo Alto Networks PA-Series vs. Sophos XGS

May 2024

Download the complete report

Helped 787,061 peers since 2012

Categories and Ranking

Fortinet FortiGate

Featured Reviews

reviewer2152560

Technical Project Manager at a tech services company with 1-10 employees

Apr 14, 2023

Challenging licensing model and process

There are mainly two areas of improvement in Fortinet FortiGate— the licensing cost and the timing of upgrading licenses for boxes. FortiGate's renewal cost is quite high, and our customer care team also receives complaints about it. The renewal part of the firewall is expensive. If a customer pays for the license in advance, they may lose their privileges. For example, if the license of a box expires in one or two months, and the customer wants to upgrade, there are three to four months between the operation and the end of the current license. If I purchase a new license, it will only take effect from that date. So, it fails in the backward fetch, and I am currently busy setting it up. But if the customer is not processing the card for six months, they will not benefit from the system.

Read full review

Serkan Tok

Cyber Security Solutions Technology Consultant at a tech services company with 51-200 employees

Mar 5, 2024

Easily adds new functions to existing hardware without any performance degradation and offers good network visibility and control

It offers application-based policy enforcement. Palo Alto Networks firewalls help us recognize protocol anomalies, contrasting with other vendors that may require policies based on port numbers. With Palo Alto Networks, the port number isn't a constraint because their devices handle protocol traffic at Layer 7, allowing for accurate identification of protocol usage and port numbers. They can identify which protocol actually uses which port. So, if there's an unplanned issue, like, for example, a hacker trying to create a DNS tunnel using a non-standard port (like 1536 instead of the usual 53), Palo Alto's Endpoint UI will easily detect it and allow you to take measures. PA-Series includes built-in network packet brokers, a valuable feature as it allows SSL traffic to be decrypted just once. If you need to inspect this decrypted traffic further, there's no need for a third-party solution—Palo Alto Networks firewalls handle it themselves.

Read full review

Shadab Usman

Presales Consultant Information Security Services at Team Computers

Apr 30, 2022

A good VPN solution that has valuable threat management, IPS and IDS features

We use Sophos XGS in 15 locations with 15 firewalls for the XG. We dedicate one person to maintain the solution The most valuable feature of Sophos is the VPN solution. I also value their threat management, IPS, IDS, and login features with single sign-on. Sophos XGS needs improvement with the…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I like that they have given me a solution at a fair price."

"This is an easy solution to deploy."

"The SD-WAN is the most valuable feature."

"Fortigate is very scalable to serve our customers' needs. We have scaled already from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers."

"The user interface (UI) is very, very good."

"I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over."

"Fortinet FortiGate has many valuable features, such as IDS, and intrusion detection. It has security features that are in part with the technologies that are available in the market."

"FortiGate SD-WAN facilitated a smooth transition for our customers between their two internet service providers, ensuring uninterrupted connectivity without any downtime."

More Fortinet FortiGate pros

"It offers a seamless transition from one option to another, making it exceptionally versatile and user-friendly in an enterprise setting."

"Comprehensive logging is essential for monitoring and analysis purposes. For remote users, the firewall can be configured as a VPN concentrator, with VPN policies defined within the firewall settings."

"The cloud-based aspect helps significantly. It integrates seamlessly with other Palo products like Prisma Cloud, offers robust VPN protection, and it's all in one convenient package."

"It has its own logging system. You can go to monitoring and check the logs to see if a connection is getting blocked. You can use multiple types of logs to check if a file or a port is getting blocked or if there are any TCP resets from the source or destination. It's easy to troubleshoot with the monitoring and logging it provides."

"The solution is used for security and IoT security."

"It is a scalable solution."

"The most effective features for threat prevention in the PA-Series are its integration with Cortex and the use of machine learning AI for advanced threat detection."

"The documentation is great."

More Palo Alto Networks PA-Series pros

"There are good KCL rules and policies as well as NATing rules."

"Web filtering and intrusion detection are essential features. As system integrators, we also like the dashboard because it's easier to configure all the features."

"The policies are the greatest feature. They allow us to configure granular control over our network traffic."

"The initial setup is straightforward."

"Sophos XGS's best features are its VPN and ATPR1 cert protection."

"I like the Sophos UI. It interface has a more comfortable feel than the competitors."

"It's easy to use, and the service is good. If anything goes wrong, their support system is very reliable."

"The solution offers more antimalware and antivirus feeds than others."

More Sophos XGS pros

Cons

"With the reports, you can see it, and you can get good feelings so upper management can go, "Oh, wow. That looks pretty." However, it's very basic."

"A lack of integration between our data centers."

"Vulnerability scanning could be improved."

"FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and that presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate."

"They've become quite expensive."

"The process of configuring firewall rules appears excessively complex."

"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."

"They have to just improve its performance when we enable all UTM features. When you enable all the features, the performance of FortiGate, as well as of Sophos and SonicWall, goes down."

More Fortinet FortiGate cons

"The web interface is slow."

"The solution's licensing price could be improved."

"I have found that the tool works well for me, but there are areas where security testing and protection could be improved, especially in virtual or cloud environments. However, in this project, once we deployed it, we haven't encountered any issues. The cost is currently manageable, but as we migrate fully into the cloud, additional features like capacity upgrading and improvements to hardware resources will be necessary, especially since our equipment consists of older generation switches and routers. So, I'm looking for additional capabilities in these areas."

"With Palo Alto Networks PA-Series, I find that the support team takes a long time to resolve the issues that a user may face during the use of the product."

"Palo Alto Networks PA-Series is expensive. We would like to see additional threat hunting features."

"The product's gateway services can be improved."

"The UI definitely needs work. In my opinion, the UI could be simpler and more user-friendly for the average user."

"Pricing flexibility could be an aspect worth considering, as it has been a concern for some of our clients."

More Palo Alto Networks PA-Series cons

"It has recently started to suddenly block and crash."

"Support is great, however, it can always be improved."

"In my view, Sophos operates effectively in a reactive mode, focusing on static detection and forwarding traffic. However, Fortinet takes a more proactive approach, blocking both connection and route connections. While Sophos forwards any connection in both inbound and outbound traffic, I believe this is a positive aspect, especially in a country with various sizing considerations. This is my perspective, emphasizing the significance of Sophos XGS in software work."

"Support could be improved."

"I recommend Sophos increase the user capacity of the firewall by 1.5 times. For example, say the firewall can accommodate 1,000 users now, then it should handle a load of 1,500 users."

"When it comes to different interfaces there is some speed issue that can be improved in Sophos XGS."

"I would like to see a history of the monthly bandwidth utilization, the bandwidth consumption for a period of time."

"They should customers who are facing issues with their product reviews; they found bots in it. If they can do their proper research and use the user analysis and testing, that would greatly help the clients."

More Sophos XGS cons

Pricing and Cost Advice

"The pricing is very reasonable."

"The main reason we chose Fortinet FortiGate was that the price was better than the competition."

"The pricing for the product is alright."

"The price is high compared to some of the other solutions."

"The cost is too high... They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost."

"Each feature costs money, so it is important to study your needs."

"If the price of the license in Fortinet FortiGate was less expensive it would be better."

"Fortinet FortiGate is reasonably priced."

More Fortinet FortiGate pricing and cost advice

"The pricing is fair."

"Palo Alto Networks PA-Series's price is much higher than other firewall brands."

"Compared to other vendors, Palo Alto Networks PA-Series is expensive."

"It is a very expensive solution."

"While other firewalls may come with a higher cost, when you consider the cost in relation to the services and features that Palo Alto offers, it is clear that Palo Alto is delivering excellent value."

"Palo Alto is more expensive than FortiGate."

"The pricing is a bit on the higher side."

"The prices are pretty high, definitely on the upper end."

More Palo Alto Networks PA-Series pricing and cost advice

"We pay about $150."

"A central firewall on the cloud with a cluster might be 70,000 to 80,000 euros for a three-year license."

"I live in Bolivia and the price of Sophos XGS is high. However, they have adjusted their price a little over the past while but the price could still be less expensive to be affordable."

"Sophos XGS costs around $75,000 for fifty units."

"The cost is comparable to other similar solutions."

"Sophos XGS is a cost-effective solution."

"Sophos XGS is competitively priced."

"The licensing cost for Sophos XGS is high. However, they do apply competitive discounts and different layers of discounts."

More Sophos XGS pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

787,061 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

21%

Computer Software Company

15%

Comms Service Provider

Manufacturing Company

Computer Software Company

24%

Manufacturing Company

13%

Construction Company

University

Computer Software Company

17%

Comms Service Provider

Construction Company

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

What do you like most about Palo Alto Networks PA-Series?

The reporting feature and application ID functionality within Palo Alto Networks PA-Series are incredibly valuable to...

See all answers

What is your experience regarding pricing and costs for Palo Alto Networks PA-Series?

The licensing is great. We renew it, and it works. The pricing is fair. I rate the pricing a five out of ten.

See all answers

What needs improvement with Palo Alto Networks PA-Series?

I don't have any specific suggestions for improving the Palo Alto Networks PA-Series at the moment. I find it to be a...

See all answers

What do you like most about Sophos XGS?

The policies are the greatest feature. They allow us to configure granular control over our network traffic.

See all answers

What is your experience regarding pricing and costs for Sophos XGS?

Sophos XGS is a cost-effective solution.

See all answers

What needs improvement with Sophos XGS?

I do not get notifications regarding ISP downtime. It would be better if I could get notifications related to the cri...

See all answers

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 19% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 13% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 12% of the time

Meraki MX vs Fortinet FortiGate

Compared 7% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

More Fortinet FortiGate Competitors

OPNsense vs Palo Alto Networks PA-Series

Compared 36% of the time

SonicWall NSa vs Palo Alto Networks PA-Series

Compared 18% of the time

Sophos XG vs Palo Alto Networks PA-Series

Compared 14% of the time

Juniper SRX Series Firewall vs Palo Alto Networks PA-Series

Compared 12% of the time

More Palo Alto Networks PA-Series Competitors

Sophos XG vs Sophos XGS

Compared 36% of the time

OPNsense vs Sophos XGS

Compared 11% of the time

Netgate pfSense vs Sophos XGS

Compared 8% of the time

WatchGuard Firebox vs Sophos XGS

Compared 8% of the time

Palo Alto Networks NG Firewalls vs Sophos XGS

Compared 6% of the time

More Sophos XGS Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

June 2024

Download Fortinet FortiGate product report

Buyer's Guide

Palo Alto Networks PA-Series

May 2024

Download Palo Alto Networks PA-Series product report

Buyer's Guide

Sophos XGS

May 2024

Download Sophos XGS product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate

No data available

Learn More

Fortinet

Video not available

Palo Alto Networks

Sophos

Overview

Fortinet FortiGate enhances network security, prevents unauthorized access, and offers robust firewall protection. Valued features include advanced threat protection, reliable performance, and a user-friendly interface. It improves efficiency, streamlines processes, and boosts collaboration, providing valuable insights for informed decision-making and growth.

PA-Series constitute the full range of our ML-Powered Next-Generation Firewall physical appliances that are easy to deploy into your organization’s network and purposefully designed for simplicity, automation, and integration. No matter where you need protection, our PA-Series ML-Powered Next-Generation Firewalls are architected to provide consistent protection to your entire network – from your headquarters and office campus, branch offices and data center to your mobile and remote workforce.

Sophos XGS is a comprehensive network security solution designed to protect organizations from advanced threats. It combines next-generation firewall capabilities with advanced threat protection, web filtering, and application control.

XGS has powerful deep learning technology and can detect and block even the most sophisticated malware and ransomware attacks. It also offers granular control over web access, allowing organizations to enforce policies and prevent access to malicious or inappropriate websites. Additionally, XGS provides application control features, enabling organizations to manage and prioritize network traffic based on specific applications or user groups.

With its intuitive management interface and centralized reporting, XGS offers easy deployment and monitoring of network security.

Sample Customers

1. Amazon Web Services 2. Microsoft 3. IBM 4. Cisco 5. Dell 6. HP 7. Oracle 8. Verizon 9. AT&T 10. T-Mobile 11. Sprint 12. Vodafone 13. Orange 14. BT Group 15. Telstra 16. Deutsche Telekom 17. Comcast 18. Time Warner Cable 19. CenturyLink 20. NTT Communications 21. Tata Communications 22. SoftBank 23. China Mobile 24. Singtel 25. Telus 26. Rogers Communications 27. Bell Canada 28. Telkom Indonesia 29. Telkom South Africa 30. Telmex 31. Telia Company 32. Telkom Kenya

Information Not Available

Buyer's Guide

Palo Alto Networks PA-Series vs. Sophos XGS

May 2024

Free Report: Palo Alto Networks PA-Series vs. Sophos XGS

Find out what your peers are saying about Palo Alto Networks PA-Series vs. Sophos XGS and other solutions. Updated: May 2024.

DOWNLOAD NOW

787,061 professionals have used our research since 2012.

See our Palo Alto Networks PA-Series vs. Sophos XGS report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.