Try our new research platform with insights from 80,000+ expert users

Cisco Secure Firewall vs Sophos XGS comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
318
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Cisco Secure Firewall
Ranking in Firewalls
7th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
409
Ranking in other categories
Cisco Security Portfolio (4th)
Sophos XGS
Ranking in Firewalls
13th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
83
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.1%, up from 17.7% compared to the previous year. The mindshare of Cisco Secure Firewall is 5.8%, up from 5.5% compared to the previous year. The mindshare of Sophos XGS is 2.4%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Maharajan S - PeerSpot reviewer
Enhances security with precise access control but has integration challenges
Overall, I would rate the product six out of ten. Because of the support and cost, I moved away from Cisco, but otherwise, it is a good product. Recommendation depends on the requirement. If lacking a proper team and being dependent on the OEM and partner, Cisco is not suitable. However, if the team is qualified with Cisco-certified people and the requirement is a big network, it can be considered. In today's hybrid work world, having an expanded gateway is more typical than having a single one. Thus, Cisco is unlikely to be recommended for a hybrid requirement unless in-house skills align. Otherwise, depending on partners and Cisco, it can be a risk. I rate the overall solution six out of ten.
Jaffar Ali - PeerSpot reviewer
Has provided stability, security, ease of management, and better reporting options
People use Sophos XGS because the overall channel support is very good, so they don't face issues. Additionally, it is competitive in pricing against Fortinet in some cases, especially when considering high availability, email subscriptions, and gateways Sophos XGS has provided stability,…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of this solution is the analytics."
"The solution is very user friendly. The user interface in particular is quite nice."
"The VPN is the most valuable feature."
"The security fabric is excellent."
"The most useful functionality of Fortinet FortiGate is the user interface, multiple engines, and their cloud with the latest integrations. Additionally, the Security Fabric tool is very good."
"Good performance, stability, and virtual domain ability."
"Their proxy-based inspection is responsive and secure."
"Fortinet FortiGate meets all the security demands of my industry. It covers endpoint security, including web interface, DNS security, and ELP. I'm currently using the latest version. The features that have most improved our network security are Web Control, filtering, application control, IDS, IPS policies, and Deep SSL inspection."
"Cisco Firepower NGFW is really easy to use right now to determine when my file requires a shift from primary to secondary status, and it can be done with automation. Earlier we used to do this with patching."
"The ASA has seen significant improvement due to the IPS."
"I like the user interface because the navigation is very easy, straightforward on your left side pane you have all the sites that you need to browse. Unlike any other firewalls, it's pretty straightforward."
"Unfortunately in Cisco, only the hardware was good."
"I'm a big fan of SecureX, Cisco's platform for tying together all the different security tools. It has a lot of flexibility and even a lot of third-party or non-Cisco integration. I feel like that's a really valuable tool."
"The most important feature is the VPN connection."
"The most valuable feature must be AnyConnect. We have quite a few customers who use it. It is easy to use and the stablest thing that we have. We have experienced some issues on all our VPN clients, but AnyConnect has been the stablest one."
"It is scalable and stable."
"The most valuable feature of Sophos is the VPN solution. I also value their threat management, IPS IDS features and login features with single sign-on."
"In this solution, the most valuable feature is that it's a security device. Maintaining security is very valuable for us. The other feature that we did not find in other products is that it works well with thin client environments."
"The solution is stable."
"Sophos XGS' most valuable features are protection and intrusion prevention detection."
"The features that I find most effective in enhancing network security include EDR and XDR."
"Web filtering and intrusion detection are essential features. As system integrators, we also like the dashboard because it's easier to configure all the features."
"The most valuable feature of Sophos XGS is its ease of use."
"Sophos XGS's best features are its VPN and ATPR1 cert protection."
 

Cons

"They should offer special pricing to premium partners and customers."
"The ease of use could be improved."
"Fortinet FortiGate could improve by adding enhancements to FortiMail, FortiSOAR, and FortiDeceptor."
"I would like to see a more intuitive dashboard."
"The process of configuring firewall rules appears excessively complex."
"Technical support needs to be improved."
"FortiGate support could do some improvements on their IPv6 configuration. Right now it's still in the very early stage for utilizing in an enterprise level network environment."
"The initial setup is complex."
"It has poor performance."
"Managing various product integrations, such as Umbrella, is challenging."
"It integrates with other security products from Cisco, but sometimes, there can be glitches or errors."
"I'm not very familiar with the largest Firepower models, but competitors like Palo Alto seem to have a more capable engine to do, for instance, TLS/SSL decryption. As I understand, Firepower doesn't let you export the decrypted traffic so that, for instance, the security department can look at the traffic or inspect traffic. It's all in the box. I've heard rumors that this is something Cisco is working on, but it isn't yet available."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"It needs to provide the next-generation firewall features that other vendors provide, like data analytics, telemetry, and deep packet inspection."
"When comparing the graphical interface of this solution to other vendors it is more difficult to configure. There is a higher learning curve for administrators in this solution."
"The only con that I have really seen with it is the reporting structure. FirePOWER is good. It has been a great help because, before that, it was not good at all."
"Support could be improved."
"Deployment could be easier."
"It has recently started to suddenly block and crash."
"The solution could improve by using fewer hardware resources compared to other products like Palo Alto, which has better performance."
"All the security features could be better."
"I rate Sophos' support five out of 10. It's sometimes difficult to contact them, and finding a solution is not easy."
"The solution could improve inspection processes and troubleshooting for VPNs because this area is very weak."
"Having previously worked with the Astaro Security Gateway platform (now called Sophos UTM), I can attest that the configuration and dashboard for this older platform was easier to manage than that of both Sophos XG and XGS. If it were up to me, I would prefer to go back to the older SG dashboard."
 

Pricing and Cost Advice

"It was worth the money overall. It's good value."
"We find the most valuable aspect of this solution is the price. It is affordable, and cheaper than other firewalls."
"The license is yearly. We pay for the top end. It's called 360."
"Each feature costs money, so it is important to study your needs."
"The price of FortiGate is reasonable as I plan to buy new switches. The initial gadgets are already booted, and the pricing seems normal on the market. As for additional costs, I haven't subscribed to many extra features, so I'm only using what I need. Last year, I renewed the support for three years, which can sometimes be expensive but depends on the security benefits and how it helps us."
"I would rate the pricing a five out of ten"
"The price for the Fortinet FortiGate is reasonable. Secure SD-WAN is free of charge. If you have their firewall, it's free of charge. It's very tempting."
"The price of the license and warranty can be better because it is very expensive."
"With the bundling mode with Duo licensing, it's now better. It's better to have one simplified global licensing mode, and this is what Cisco has done with bundling. The next-generation firewalls include a set of features such as filtering, emails, and IPS. This combination offers the best way for customers to manage their operating expenses."
"I like its licensing because you buy the license once, and it is yours. We don't have to go for a subscription. So, I liked how they licensed Cisco ASA. Our clients are also very satisfied with its licensing model."
"The pricing is fair."
"I wish there was an easier way to license the product in closed environments. I have worked in a number of closed environments, then it is a lot of head scratching. I know that we could put servers in these networks and that would help with the licensing. I have never been in a situation where we connected multiple networks, i.e., having an external network as well as an internal network, as those kinds of solutions are not always the best. I think licensing is always a headache for everyone, and I don't know if there is a simple solution."
"All our requirements which we need performed by the firewall (e.g. VPN, URL white-listing, or IP based white-listing, etc.) have separate licenses and costs."
"The solution’s pricing could be lower."
"Licensing is quite difficult to get your head around. My biggest challenge is to understand the details, the inner relations. Luckily, to some extent, we have enterprise agreements, but licensing for me is a real black box."
"Their pricing is very aggressive and good. Even a small company can afford it. I am happy with its pricing. Its licensing is on a yearly basis."
"The cost of Sophos XGS is based on per unit, per appliance, and capacity."
"A central firewall on the cloud with a cluster might be 70,000 to 80,000 euros for a three-year license."
"We must purchase separate web server licenses, as they are not included in the regular device license. I would rate the product an eight out of ten in terms of price. It's relatively affordable."
"The licensing cost is in the normal range and is not very costly."
"Sophos XGS costs around $6,000 for a basic license."
"I live in Bolivia and the price of Sophos XGS is high. However, they have adjusted their price a little over the past while but the price could still be less expensive to be affordable."
"We paid around 17,000 pounds for a three-year package."
"It is roughly around $4,000."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Comms Service Provider
7%
Manufacturing Company
6%
Educational Organization
42%
Computer Software Company
13%
Manufacturing Company
4%
Government
4%
Computer Software Company
16%
Manufacturing Company
9%
Comms Service Provider
8%
Educational Organization
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
What do you like most about Sophos XGS?
The policies are the greatest feature. They allow us to configure granular control over our network traffic.
What is your experience regarding pricing and costs for Sophos XGS?
The pricing is justified, and the solution is considered budget-friendly compared to other vendors.
What needs improvement with Sophos XGS?
Hardware stability needs improvement. I have experienced multiple hardware complaints, particularly during firmware u...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Information Not Available
Find out what your peers are saying about Cisco Secure Firewall vs. Sophos XGS and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.