We performed a comparison between Cisco Secure Firewall and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. The only major difference between the two is that some users of Cisco Secure Firewall consider the deployment to be somewhat complex.
"The notable features that I have found most valuable are that it includes the antivirus, and also IPS, and even SD-WAN."
"The reporting and monitoring are very good."
"The interface is very user-friendly and I like it very much."
"Initial setup is easy to configure."
"We are very happy with the general bandwidth agility we have seen from one website to another website."
"The ease of setting the solution up is a valuable aspect for us."
"You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances."
"Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough."
"You can also put everything into a nice, neat, little package, as far as configuration goes. I was formerly a command-line guy with the ASA, and I was a little nervous about dealing with a GUI interface versus a command line, but after I did my first deployment, I got a lot more comfortable with doing it GUI based."
"The feature I find most valuable is the Cisco VPN Interconnection."
"I think Cisco ASA Firewall is the most stable firewall solution."
"Provides good integrations and reporting."
"Even in very big environments, Cisco comes in handy with configuration and offers reliability when it comes to managing multiple items on one platform."
"It protects our network."
"The monitoring dashboard is valuable to us for troubleshooting."
"Cisco Secure Firewall's security solutions, advanced malware protection, and DDoS communication are very good."
"The initial setup was straightforward."
"The interface is user-friendly and the product is easy to configure."
"The scalability of Sophos XG is good."
"The most valuable feature of this solution is flexibility."
"The stability of Sophos XG is very good. However, there have been some issues with other weaker models because they are limited in hardware in resources."
"One feature of Sophos XG that I found incredibly beneficial for threat prevention is its endpoint protection."
"Most of the features Sophos XG has are valuable. However, if I have two different ISP, I'm able to create an automatic switch between the two ISPs. I can do the same thing for the cloud as well. If I have two subnets coming from the cloud, I'm able to create a type of switch between both of them where if there is traffic on one and has the traffic drop, I'm able to switch to the other ISP without any problems. It's a normal feature and I get to enjoy the ability to switch between services with no issues."
"Sophos XG Firewall is very usable, very easy to install, and very user friendly."
"For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial."
"Fortinet FortiGate is a stable solution. However, my issue is the performance only. When I use all the profiles, this affects the performance. From the beginning, I should have had a better sizing of the box."
"If they could extend their fabric towards other vendor environments for integration, that would be great."
"Its customer service could be better."
"We would like to see a better training platform implemented."
"The support system could be improved."
"Reporting is limited to providing an external appliance for improving the reporting capabilities of the FortiAnalyzer. It does not offer a central management and is also sold separably as an appliance."
"It would be nice if backups could more easily migrate between different models."
"The GUI interface could be improved when compared to other solutions."
"The policies module in FMC specifically isn't the most user-friendly. Coming from Cisco ASA, Cisco ASA is a little bit easier to use. When you get into particularly complex deployments where you have a lot of different interfaces and all that kind of stuff, it's a little bit tricky. Some usability improvements there would be nice."
"The content filtering on an application level is not as good as other solutions such as Palo Alto."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"It can probably provide a holistic view of different appliances because many customers do not have only one brand, besides the traditional SNMP protocols, to cover all their devices. There are some specific requirements in terms of configurations or actions that sometimes have to be done in a very manual way because of the different versions or brands in a customer's infrastructure. It could also have some additional analytics capabilities. It has some very interesting ways to monitor the traffic and identify false positives from the architecture and the environment. It would be good if there is a way to patch with some other industry-specific solutions and synchronize some of the information, such as what other customers experience in their operations and probably share some additional information that could be leveraged or shared among the industry. Such information would be something interesting to see. It could have AI capabilities related to how the appliances could benefit from learning the current environment and different exposures."
"Cisco ASDM is a problem because it is old."
"Integration aspects and traffic shaping need improvement."
"The solution is overcomplicated in some senses. Simplifying it would be an improvement."
"Some of the firewall rules are complicated for us to understand, they should be simplified."
"The only area that requires improvement is scalability."
"In the next release, I would like to see improvements made to the policy and simplify the policy-making, as the complexity of it makes it really tough."
"The VPN has been a persistent problem for us. It's not straightforward to configure."
"The cloud support needs to be improved."
"Its user interface is a little bit slow."
"The number of ports, especially on the entry-level appliances, should be increased."
"The solution could improve by making the graphical interface better and increasing the performance."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Cisco Secure Firewall is rated 8.2, while Sophos XG is rated 8.2. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and SonicWall NSa. See our Cisco Secure Firewall vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
My preference is the Sophos XGS, particularly when you team it up with the Sophos Endpoint Protection client and configure it for synchronized security.
Both can be managed through Sophos Central and are available at a decent price for the power they offer the SMB.
I recommend Sophos XGS firewall. It will offer the best solution for malware protection.
Also, I recomend Sophos CIXA with XDR (Sophos Endpoint), so you can use Syncronized Security.