Try our new research platform with insights from 80,000+ expert users

Cisco Secure Firewall vs Sophos UTM comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 9, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
318
Ranking in other categories
Firewalls (2nd), Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Cisco Secure Firewall
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
409
Ranking in other categories
Firewalls (7th), Cisco Security Portfolio (4th)
Sophos UTM
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
113
Ranking in other categories
Unified Threat Management (UTM) (4th)
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Maharajan S - PeerSpot reviewer
Enhances security with precise access control but has integration challenges
Overall, I would rate the product six out of ten. Because of the support and cost, I moved away from Cisco, but otherwise, it is a good product. Recommendation depends on the requirement. If lacking a proper team and being dependent on the OEM and partner, Cisco is not suitable. However, if the team is qualified with Cisco-certified people and the requirement is a big network, it can be considered. In today's hybrid work world, having an expanded gateway is more typical than having a single one. Thus, Cisco is unlikely to be recommended for a hybrid requirement unless in-house skills align. Otherwise, depending on partners and Cisco, it can be a risk. I rate the overall solution six out of ten.
Samaila Yusuf - PeerSpot reviewer
Network protection strengthens through effective threat management features and secure access control
The zero-day protection and firewall rules are some of the most effective features for threat management. I can set the rules and features, and also use IPsec to connect all my on-premises servers and link them to Sophos UTM so that they are protected even when in the cloud. Additionally, I use it to control access into the building through a captive portal integrated across all the PCs we have, ensuring secure access only for authenticated users.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The IPS is good. It protect my network from attackers."
"It's very fast and easy to configure."
"The tool is a nice product and easy to handle. The software's user interface is also good. You can easily implement remote access in the solution."
"The most valuable feature is the FortiManager for centralized management."
"The web filtering facility and application control are the most valuable features from the point of view of our clients. The VPN feature is also quite popular amongst our clients. Two-factor authentication is one of the good features in Fortinet. These features are important for the current scenario of security. Security has become a necessity nowadays. With cyber-attacks becoming more common, protecting an organization's data is one of the major tasks. It is also very stable and scalable, and it is very straightforward to configure. Their technical support is also good."
"One of the valuable features is a standardized OS."
"The feature I like most is the SD-WAN. It allows you to manage more than one ISP at the same time. And there is a high-availability mode, so if one of your ISPs is down, you still have a backup."
"The most valuable features of Fortinet FortiGate are the rules and quality of service."
"The initial setup is easy."
"VPN and firewall are good features."
"The monitoring dashboard is valuable to us for troubleshooting."
"The VPN is our most widely used feature for Cisco Secure Firewall. Since we were forced into a hybrid working situation by COVID a few years back, VPN is the widely used feature because everybody is working remotely for our agency. So it came in very handy."
"The most valuable feature of the Firepower solution is FireSIGHT, which can be easily managed and is user-friendly."
"Firepower has reduced our firewall operational costs by about 25 percent."
"The return on investment is not going to be restricted to just the box... Now, these genres have been expanded to cyber, to third-party integrations, having integrated logging, having integrated micro and macro segmentations. The scope has been widened, so the ROI, eventually, has multiplied."
"Clustering architecture which offers zero downtime upgrades, keeping uptime close to 99.999%."
"The most valuable feature is ransomware protection."
"Configuration troubleshooting is eased by the use of the color-coded, live firewall log."
"The scalability is good."
"So far, the solution has been problem-free."
"I definitely recommend Sophos. I rate it a nine out of ten."
"The most valuable feature of Sophos UTM is the efficiency and mail filtering module."
"UTM 9 brings along IPSec as well as iPhone and iPad support. This seems small but it’s useful."
"Sophos UTM's best feature is SIM in the cloud, which combines the gateway solution and endpoint solution to send telemetry data to the cloud and provides full contact visibility regarding security."
 

Cons

"The performance and speed are aspects of the solution that could always be improved upon."
"It could use more templates for third-party site-to-site VPN setups other than FortiGate and Cisco."
"The captive portal could be improved."
"The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. When I have used the Sophos solution it is a complete solution, in Fortinet FortiGate you have to use additional tools to have the features needed."
"Fortinet FortiGate could improve by having better visibility. Palo Alto has better visibility."
"I use the FortiGate 60D model and realized the 300Mbps bandwidth limitation. Because it is a product that offers many services, I think it could have greater bandwidth capacity."
"With the addition of some features, it is possible that FortiGate can be used in all verticals."
"The platform's compatibility with Wi-Fi equipment needs improvement."
"I would like for the user interface to be easier for the admin and network admin. I would also like to be able to access everything from the GUI interface. The way it is now, it needs somebody experience in iOS to be able to operate it. I would like to have a GUI interface."
"Technical support is unsatisfactory for me. There might be restructuring within Cisco India or with the partner's capability."
"The ASAs are being replaced with the new Firepowers and they have a different type of structure in the configuration to be able to migrate from one to the other."
"Critical bugs need to be addressed before releasing the version."
"We had an event recently where we had inbound traffic for SIP and we experienced an attack against our SIP endpoint, such that they were able to successfully make calls out... Both CTR, which is gathering data from multiple solutions that the vendor provides, as well as the FMC events connection, did not show any of those connections because there was not a NAT inbound which said either allow it or deny it."
"We would really like to see dual dual power supplies for some Cisco Firewall products."
"The usability of Cisco Firepower Threat Defense is an issue. The product is still under development, and the user interface is very difficult to deal with."
"Cisco Firepower is not completely integrated with Active Directory. We are trying to use Active Directory to restrict users by using some security groups that are not integrated within the Cisco Firepower module. This is the main issue that we are facing."
"I would like to see the SD-WAN feature improved."
"​Reporting: We have had to work manually in many of our reports."
"Stay away from the wireless models, since you cannot put them in HA. They start to give you some weird issues once you start getting into multiple SSIDs and networks."
"We need to speed up the support."
"The pricing is an issue."
"I would like this solution to support ICAP. Also, they no longer support on-premises management, and are forcing clients to use centralized management via the cloud, which I don't agree with."
"The integration capabilities could be better."
"Sophos should improve its ability to check something like bandwidth consumption for users or something more real-time."
 

Pricing and Cost Advice

"It was worth the money overall. It's good value."
"A year or two years back, its price was competitive and reasonable. That was one of the reasons that people easily switched to Fortinet. Over the last two years, the prices have increased drastically. However, the prices of others have also increased. An advantage is there from the price point but not as much as it was previously."
"The price of Fortinet FortiGate is affordable. Most of our customers are on a three-year license to use the solution. All the features and support are included in the price."
"I think that the pricing is fair."
"The solution requires a license annually, it is not a user license, you can have as many users as your want. I must renew the license regularly per device."
"The price of Fortinet FortiGate is reasonable."
"For our organization, the licensing costs are approximately $7,000 per year."
"Its pricing is competitive with other solutions."
"Based on the services that you will get, especially the AMP license, the price is very reasonable."
"We normally license on a yearly basis. The hardware procurement cost should be considered. If you're virtual maybe that cost is eradicated and just the licensing cost is applied. If you have hardware the cost must be covered by you. All the shipping charges will be paid by you also. I don't thing there are any other hidden charges though."
"It definitely competes with the other vendors in the market."
"With AnyConnect, it depends on your license. It depends on the number of concurrent users you want to connect."
"The pricing of Cisco's boxes is pretty good."
"Their pricing is very aggressive and good. Even a small company can afford it. I am happy with its pricing. Its licensing is on a yearly basis."
"It would be nice if pricing could do more to reflect the economy of the country where the product is being implemented."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"Sometimes more is less, meaning if you want more than three features, take the FullGuard licence."
"The biggest issue with Sophos is the pricing. It's definitely more expensive. As I said, we looked at Webroot, which is a big alternative, and Sophos was almost three times the price of Webroot. That's a pretty big difference."
"I rate the product's price a five on a scale of one to ten, where one is cheap, and ten is expensive."
"We pay for the service on a yearly basis. The last time we paid was in June, for a year. At the time, it was about $20,000."
"You cannot really say that the solution is expensive, given the protection it gives."
"This solution is less expensive than FortiGate."
"Pricing for the upgrade was very competitive as Sophos wanted to retain existing customers."
"Our licensing fees are paid on a monthly basis."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Comparison Review

it_user216600 - PeerSpot reviewer
Jan 3, 2016
Sophos UTM vs. Fortinet FortiGate
I have used both Sophos and Fortinet products in production and I have found the Sophos UTM appliances (hardware and virtual) to be a better fit most of the time -- with a few caveats which I will touch on below. In both instances, the transition from TMG will be mostly straightforward. The main…
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Comms Service Provider
7%
Manufacturing Company
6%
Educational Organization
42%
Computer Software Company
13%
Manufacturing Company
4%
Government
4%
Computer Software Company
18%
Comms Service Provider
8%
Government
7%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
What do you like most about Sophos UTM?
The most valuable feature of Sophos UTM is the endpoint protection feature.
What is your experience regarding pricing and costs for Sophos UTM?
The value between what I receive and what I pay is the best in the industry.
What needs improvement with Sophos UTM?
With artificial intelligence, there is room for improvement in all antivirus and security software. However, the bad ...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
Astaro
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
One Housing Group
Find out what your peers are saying about Cisco Secure Firewall vs. Sophos UTM and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.