We performed a comparison between Check Point NGFW and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Unified Threat Management (UTM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The features that I have found most valuable are the SD-WAN and their IP4 policy."
"The management console is pretty simple, so anyone who understands networking can initially deploy the solution."
"Fortinet has a very good solution for Secure SD-WAN. One very good feature is that they have robust and simple FortiOS through which they provide all solutions. That's their strength. There's not much complexity involved with the Secure SD-WAN solution of Fortinet as compared to Cisco's solution, which has a lot of flexibility but complexity also comes with that flexibility."
"The most valuable features of Fortinet FortiGate are the APIs. They are the most widely known."
"It has very easy management and an amazing ETM configuration."
"The interface is very user-friendly and I like it very much."
"The security fabric is excellent."
"We are a visual effects company, and there have been a number of high profile security issues in our industry. This has brought us to a higher standard of security, which our clients are very keen on these days."
"It is easy to configure and it is a valuable antivirus protection. I especially like the IPS feature of this product."
"Log storage gives us insights when required."
"Check Point has strong security features as well as some decent monitoring and management capabilities."
"It provides a central station where it is very easy to deploy our firewall policy in one click to many firewalls. This is one of the leading perks. It saves time by having one central station because I can deploy the same kind of policy to many firewalls at once."
"The threat emulation blade and user identity awareness feature has helped us a lot in terms of perimeter security and have given us granular visibility of user access."
"The IPS is frequently updated so the rules are always new and in place."
"The SmartView monitor and SmartReporter help us to monitor and report on traffic."
"It filters unwanted traffic."
"The initial setup has been fine."
"It meets our compliance needs in an elastic computer environment."
"We find all of the features valuable because together they fit the needs of our customers."
"The intrusion prevention is great, and I like dual virus scanning on the network layer because we scan it through Avira and Sophos. Web filtering is also a fantastic option for clients who want to really lock down internet access."
"So far, the solution has been problem-free."
"The initial setup is pretty easy."
"The stability, overall, is excellent. I haven't had a problem in the last two years."
"It is not an easy task to protect your web servers from the big bad internet. The Web Server Protection in this solution does it elegantly and, if configured correctly, even hides the server's base system from prying eyes."
"Fortinet FortiGate is not very easy to use. The navigation could be improved to make it easier to use."
"Fortinet Fortigate could benefit by simplifying some of their processes."
"The renewal price and the availability could be improved."
"Fortinet should focus on enhancing the capabilities of FortiGate by consolidating its various products, such as FortiGate Cloud, FortiManager, and FortiAnalyzer."
"I feel that the reporting needs to be improved."
"With FortiGate, the main complaint that I have heard is about the technical support."
"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files."
"The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are."
"Scalability should be improved."
"Debugging is very complex when compared to Fortinet, for example. That's the worst thing about Check Point. The deployment of the solution is harder than it is with the competitors. But after you've deployed it, the operation is easy."
"In the past year, we faced severe downtime that lasted many days due to a misconfiguration."
"The smart consoles could be improved."
"Stability issues. I built out this firewall in a cluster, and I had stability issues day one. Needs to be rebooted frequently. Tunnels need to be bounced frequently. Their hardware compatibility guide, when I built out the servers to host them on, was not accurate."
"In a VPN setup, we have Internet connection via Check Point. The connectivity is not turnkey like competing devices. We have not yet terminated our site-to-site VPN because things are fluctuating right now and Check Point needs to be upgraded. Also, their troubleshooting needs to be improved for this."
"For the next release, we would like to have better ruleset cleanup tools that are already included."
"The management of memory in the hardware needs to improve. They have had a lot of issues with memory leakage."
"With Sophos UTM, there is a general rule in the firewall when the country blocking can block some countries from accessing your data. In the current version, you still need to add it by putting in the IP range. This feature would be helpful for administrators and it gives them the advantage to block stuff in less time."
"During initial configuration, I encountered a few issues."
"There needs to be some improvement in the IPsec VPN. There is implementation only support. I have version one. I'd be most interested in having IP version two from the protocol."
"It is a little too CPU resource intensive, so we would like to see improvements there."
"The interface configuration could be improved."
"The virus updates will always depend on new viruses that are discovered. Maybe they can send a notification or a reminder for update time."
"Finding information about Sophos’ sizing guidelines can actually be difficult. Also, Sophos does not make it clear what they mean by “users” when you are sizing a firewall, which then leads to undersized implementations."
"It is a pretty straightforward setup, but it should be some sort of documentation that takes you step-by-step to help set it up for your VPC."
Check Point NGFW doesn't meet the minimum requirements to be ranked in Unified Threat Management (UTM) with 277 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Check Point NGFW is rated 8.8, while Sophos UTM is rated 8.4. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Azure Firewall, whereas Sophos UTM is most compared with Netgate pfSense, Sophos XG, OPNsense, Palo Alto Networks NG Firewalls and Cisco Secure Firewall. See our Check Point NGFW vs. Sophos UTM report.
See our list of best Unified Threat Management (UTM) vendors and best Firewalls vendors.
We monitor all Unified Threat Management (UTM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
