Try our new research platform with insights from 80,000+ expert users

Cisco Secure Firewall vs Sophos XGS comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
318
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Cisco Secure Firewall
Ranking in Firewalls
7th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
409
Ranking in other categories
Cisco Security Portfolio (4th)
Sophos XGS
Ranking in Firewalls
13th
Average Rating
8.0
Reviews Sentiment
6.6
Number of Reviews
83
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.1%, up from 17.7% compared to the previous year. The mindshare of Cisco Secure Firewall is 5.8%, up from 5.5% compared to the previous year. The mindshare of Sophos XGS is 2.4%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Maharajan S - PeerSpot reviewer
Enhances security with precise access control but has integration challenges
Overall, I would rate the product six out of ten. Because of the support and cost, I moved away from Cisco, but otherwise, it is a good product. Recommendation depends on the requirement. If lacking a proper team and being dependent on the OEM and partner, Cisco is not suitable. However, if the team is qualified with Cisco-certified people and the requirement is a big network, it can be considered. In today's hybrid work world, having an expanded gateway is more typical than having a single one. Thus, Cisco is unlikely to be recommended for a hybrid requirement unless in-house skills align. Otherwise, depending on partners and Cisco, it can be a risk. I rate the overall solution six out of ten.
Jaffar Ali - PeerSpot reviewer
Has provided stability, security, ease of management, and better reporting options
People use Sophos XGS because the overall channel support is very good, so they don't face issues. Additionally, it is competitive in pricing against Fortinet in some cases, especially when considering high availability, email subscriptions, and gateways Sophos XGS has provided stability,…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most useful functionality of Fortinet FortiGate is the user interface, multiple engines, and their cloud with the latest integrations. Additionally, the Security Fabric tool is very good."
"We were looking for the VPN feature and controlling the inflow and outflow of all the traffic within the site and across the sites. We are also using it for the VPN and VLANs."
"The scalability of Fortinet FortiGate is good."
"FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all of these features on one device because it can cause performance issues."
"The most valuable features of Fortinet FortiGate are the different types of profiling. It has been the most effective for me. The WAF and the antivirus profile are the most effective in network protection."
"Good anti-malware and web filtering features."
"The stability of the solution is excellent, as it is with other Fortinet products."
"Mainly the FortiGate reporting system is very good. It guides us through all the expectations of security. Fortinet provides us all that we need for security. Also, Fortinet FortiGate is a next-generation firewall. It is much more advanced than others."
"We have multiple secure internal networks linked with our plants. We are from a oil company, so we have multiple plant areas which need to have restricted network access. Therefore, we are using it for restricting access to the plant area."
"The technical support is excellent. I would rate it as 10 out of 10. When there has been an issue, we have had a good response from them."
"Their hardware can handle substantial amounts of data without causing latency."
"The features I have found most valuable are the ASA firewalls. I like to have features like most integrated systems in ACI."
"URL filtering is valuable."
"A stable and solid solution for protection from external threats and for VPN connections."
"We have been using a 5520 for seven years in our datacenter and we are satisfied by this version."
"It is a very stable product. I've not had any issues with it. It is a super product, and I won't need to change it anytime soon."
"Setup was straightforward. One person is enough for deployment."
"Sophos XGS's best features are its VPN and ATPR1 cert protection."
"It's easy to use, and the service is good. If anything goes wrong, their support system is very reliable."
"I find DLP, API, IP, SDK, and web control to be valuable features."
"Sophos XGS has contributed to the reduction of the overall security costs of our company's customers."
"The most valuable features in Sophos XGS are identity and VPN. It is a very good solution that is able to detect and prevent a lot of malicious activity."
"I like the Sophos UI. It interface has a more comfortable feel than the competitors."
"The policies are the greatest feature. They allow us to configure granular control over our network traffic."
 

Cons

"The solution could be more secure and stable."
"They should improve the interface to make it more user-friendly."
"Fortinet FortiGate should improve the VPN tokens."
"The scalability could be better."
"Maybe they could make some features more accessible, such as a way to translate directions between two networks that share the same subnets."
"It should provide better visibility over the network and more information in the form of reports for the end users. Its installation should also be easier."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"The advanced models are expensive."
"I wouldn't give them a ten. Nobody is perfect. I'll give them a nine because they help me with any issues I've had."
"HTTPs inspection and higher throughput/spec would be good."
"You shouldn't have to use the ASDM to help manage the client."
"We were also not too thrilled when Cisco announced that in the upcoming new-gen ASA, iOS was not going to be supported, or if you install them, they will not be able to be managed through the Sourcefire. However, it seems like Cisco is moving away from the ASA iOS to the Sourcefire FireSIGHT firmware for the ASA. We haven't had a chance to test it out."
"The license system is also good but it's not very impressive. It's a very regular licensing system. They call it a smart license which means that your device will connect to the internet. This is a little bit of a headache for some customers. It doesn't make the customer happy because most of the customers prefer not to connect their firewall or system to the internet."
"On firewall features, Fortinet is better. Cisco needs to become more competitive and add more features or meet Fortinet's offering."
"They need a user-friendly interface that we could easily configure."
"The user interface isn't as good as it could be. They should work to improve it. It would make it easier for customer management if it was easier to use."
"Support is great, however, it can always be improved."
"VPN setup could be improved."
"In Sophos, the user portal is not user-friendly."
"Sophos XGS changes every two years, so we must update our knowledge. We can only test it with real requirements or problems to find scalability and reliability. We can't find these in normal testing. We can see reviews based on Gartner reports, but sometimes, we really feel problems. It can create many issues, even compatibility problems with fiber modules. Only system integrators or installers find these problems."
"They should customers who are facing issues with their product reviews; they found bots in it. If they can do their proper research and use the user analysis and testing, that would greatly help the clients."
"There are some issues with conversion and user roles when upgrading to Cyberoam."
"All the security features could be better."
"Their marketing strategy is quite low, and they need to enhance engagement with partners."
 

Pricing and Cost Advice

"While Fortinet FortiGate has a higher price point compared to Sophos XG, its user-friendly interface justifies the cost."
"It has been two years. I don't remember the actual price, but it was affordable. We buy the boxes and then use the license for three years."
"The license for Fortinet FortiGate is affordable in my country."
"It is an inexpensive solution."
"The pricing for the product is alright."
"If the price of the license in Fortinet FortiGate was less expensive it would be better."
"Its price is normal. If I compare it with other vendors, such as Palo Alto, it's normal. Palo Alto is expensive."
"For medium and enterprise organizations, FortiGate is more affordable."
"It's more expensive than Fortinet and Juniper. The price is high compared to other vendors. In general, for the license, it's not that expensive."
"The price is comparable."
"With the bundling mode with Duo licensing, it's now better. It's better to have one simplified global licensing mode, and this is what Cisco has done with bundling. The next-generation firewalls include a set of features such as filtering, emails, and IPS. This combination offers the best way for customers to manage their operating expenses."
"It is affordable. The hardware is not that expensive anymore. It is a matter of licensing these days."
"We paid about $7,000 for the Cisco firewall, plus another small Cisco router and the lead switch. It was under the combined license. It's a final agreement."
"I rate the product's price a seven on a scale of one to ten, where one is expensive, and ten is cheap."
"I bought a license for three years and it was really affordable."
"The program is very expensive."
"The pricing for Sophos XGS is reasonable."
"Sophos XGS is a very expensive solution."
"Sophos XGS is priced lower than some of its competitors, such as Fortinet"
"We paid around 17,000 pounds for a three-year package."
"I can't recall the exact amount that was paid. It was likely around $12,000 or less - around $4,000 a year."
"The licensing is reasonable. Comparing the cost of Sophos XGS with that of Fortinet or Palto Alto firewalls, for instance, it's not that expensive. However, the overall cost depends on the hardware you're using in addition to the licensing cost."
"There are additional costs involved apart from the licenses."
"Sophos XGS costs around $75,000 for fifty units."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Comms Service Provider
7%
Manufacturing Company
6%
Educational Organization
42%
Computer Software Company
13%
Manufacturing Company
4%
Government
4%
Computer Software Company
16%
Manufacturing Company
9%
Comms Service Provider
8%
Educational Organization
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
What do you like most about Sophos XGS?
The policies are the greatest feature. They allow us to configure granular control over our network traffic.
What is your experience regarding pricing and costs for Sophos XGS?
The pricing is justified, and the solution is considered budget-friendly compared to other vendors.
What needs improvement with Sophos XGS?
Hardware stability needs improvement. I have experienced multiple hardware complaints, particularly during firmware u...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Information Not Available
Find out what your peers are saying about Cisco Secure Firewall vs. Sophos XGS and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.