Try our new research platform with insights from 80,000+ expert users

Sangfor NGAF vs Sophos XG comparison

Sangfor and Sophos are both solutions in the Firewalls category. Sangfor is ranked #19 with an average rating of 7.9, while Sophos is ranked #4 with an average rating of 8.3. Sangfor holds a 1.3% mindshare in Firewalls, compared to Sophos’s 11.5% mindshare. Additionally, 90% of Sangfor users are willing to recommend the solution, compared to 92% of Sophos users who would recommend it.
Sponsored
Fortinet FortiGate
Read 327 Fortinet FortiGate reviews
  • 78,842 Views
  • 58,697 Comparison Views
90% willing to recommend
Sangfor NGAF
Read 36 Sangfor NGAF reviews
  • 5,463 Views
  • 3,135 Comparison Views
90% willing to recommend
Sophos XG
Read 202 Sophos XG reviews
  • 38,435 Views
  • 30,908 Comparison Views
92% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Apr 6, 2025

Sophos XG and Sangfor NGAF compete in the network security category. Sangfor NGAF may have the upper hand with its competitive cost and integration capabilities, especially appealing to small businesses.

Features: Sophos XG offers a web management portal, integration with Sophos Endpoint Protection, and synchronized security, enabling comprehensive threat management. Its VPN features and ease of deployment enhance its usability. Sangfor NGAF stands out with powerful application control, offering user-defined application restrictions and intrusion detection systems, which are essential for robust network protection. Its feature-rich offerings combined with competitive pricing make it attractive to users seeking extensive security configurations.

Room for Improvement: Sophos XG could enhance hardware performance, provide more granular traffic control, and integrate advanced features without separate consoles. Stability in updates, scalability, and technical support responsiveness can also improve. Sangfor NGAF needs a streamlined interface, better reporting and logging, improved integration, and expanded SD-WAN features.

Ease of Deployment and Customer Service: Sophos XG supports on-premises, public, and hybrid cloud deployments, with commendable but slow technical support. Sangfor NGAF offers on-premises and some hybrid deployments, recognized for excellent customer support through tailored solutions offered by its partners.

Pricing and ROI: Sophos XG is mid-range priced for small and medium businesses, providing good ROI through features like two-factor authentication. Sangfor NGAF is cost-effective, appealing to smaller organizations with its budget-friendly licensing and comprehensive service offerings.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Sangfor NGAF vs. Sophos XG Report (Updated: April 2025).
Buyer's Guide
Sangfor NGAF vs. Sophos XG
April 2025
Download the complete report
Helped 847,862 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
327
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Sangfor NGAF
Ranking in Firewalls
19th
Average Rating
8.0
Reviews Sentiment
6.5
Number of Reviews
36
Ranking in other categories
No ranking in other categories
Sophos XG
Ranking in Firewalls
4th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
202
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.1%, up from 17.7% compared to the previous year. The mindshare of Sangfor NGAF is 1.3%, up from 0.8% compared to the previous year. The mindshare of Sophos XG is 11.5%, up from 9.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Read full review
Zaid Farooqui - PeerSpot reviewer
Enhanced threat detection with integrated security features and good support
We are using application firewalling, WAF, and SD-WAN. The capabilities are mostly within the box. For example, you will get web application firewall WAF as part and parcel of this. SD-WAN is also bundled. It integrates with their SIEM and SOAR solutions very nicely. Lastly, the pricing point is very cost-efficient as well.
Read full review
SherifFouad - PeerSpot reviewer
Gives us customizable policies, modifiable templates, and customized rules for single users
The major problem that I am facing, and I know that others are facing as well, is with the HTTPS classic, in general, or any classic that works on Secure Socket Layers. Let's say I set up a rule to block users from accessing YouTube or Facebook. The rule will only block the HTTP traffic, which is non-secure traffic. But most websites right now, most of the reputable web services providers, for extra security for their own web servers and for the user's security, provide a connection over Secure Socket Layer. The problem comes when you are trying to block, or allow, similar traffic that uses HTTPS. You have to create a certificate and import it into the users' web browsers, whatever they are using. Now, this is not a problem when you're dealing with users stationed and fixed in a specific site or location. They are using desktops, they will never take the desktops and go home with them, nor will they ever take the desktops and travel to another country, or another site with it. The problem occurs when you're dealing with roaming users who use laptops and have to move between different sites that have different types of policies applied to them. You have to import all sorts of certificates from each site into their browser. Doing so will most probably conflict with something else that is totally irrelevant and cause a problem. A way around this is if you are using authentication with Active Directory. But most of the time, especially if you're operating in a remote site with a very slow internet connection, if it's available in the first place, authentication with Active Directory is impossible. So it needs an easier way to apply HTTPS filters, without importing certificates into users' browsers and without the need for using an Active Directory. There must be a way around it. There are workarounds. But with applied workarounds, it will work out once, it won't work out properly 10 other times. That is my only request. Also, since Sophos took over Cyberoam, the online technical library and support library have become super messy. To get a piece of information is becoming a nightmare. They need to reorganize the online technical support and technical library. The easiest way to overcome this is to look at how the Cyberoam online technical library was structured and to build the Sophos technical library the same way. It is messy, totally unorganized, time-wasting. Instead of getting what you want in five minutes it takes half an hour.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Some of the key features of the solution is that it has good reporting, you can receive many details from the connection, for example, clients and website information."
"I find the ease of configuring specific policies to be the most valuable feature of the Fortinet FortiGate firewall."
"This solution made it very easy to manage our bandwidth."
"The solution is extremely reliable."
"Fortinet offers the latest versions to cater to the needs of enterprises."
"I'm looking forward to FortiGate's dashboard features, insights, application oversight, and monitoring, which could help us significantly."
"The SD-WAN is the most valuable feature."
"Customers are more inclined towards FortiGate because of application control, web filtering, and anti-spam features. The support from the FortiGate team is good, and price-wise, it is affordable."
More Fortinet FortiGate pros
"Sangfor NGAF specializes in ransomware detection and helps to protect our network from ransomware threats and malware."
"I think the tool has the feature to detect and kill ransomware in three seconds."
"SSL VPN is the best feature."
"We've found the technical support to be helpful."
"Sangfor's tech features and technologies are more powerful than those of the other solution providers in terms of security. They also have big solutions in terms of cybersecurity."
"Sangfor NGAF's standout feature is its powerful application control, enabling precise restrictions on mobile user access to approved applications."
"The most valuable feature of Sangfor NGAF is its integration."
"Sangfor NGAF works accordingly with our customers. The solution has good performance, easy to use, and integrates well with the endpoints."
More Sangfor NGAF pros
"Sophos XG has allowed us to implement all kinds of firewall rules and manage bandwidth efficiently."
"Good security and a good interface."
"In my experience, the solution was easy to use, has lots of features, and is easy to configure."
"I have found the feature allowing you to manage everything from a centralized location beneficial."
"Sophos offers great disk encryption, anti protection, and the interface is very user-friendly."
"The interface is user-friendly and the product is easy to configure."
"It is stable, flexible, and easy to use. It has got a web management portal that can be accessed from anywhere."
"Everything is consolidated into a single box, offering comprehensive functionality, including Wi-Fi access and other features."
More Sophos XG pros
 

Cons

"It should come integrated or have its own type of network monitor tool in a module. There should just be one package, and you are good to go."
"The support structure needs to be improved because every time we contact them, there is a delay in the response."
"Their software support needs improvement. I would prefer to have better support for bug fixes. Sometimes, we open a ticket, and it is very difficult to get a solution. Specifically, we are not at all happy with their support for load balancing."
"My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."
"There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision."
"Fortinet FortiGate is not very easy to use. The navigation could be improved to make it easier to use."
"Tunnel flapping was one of the major things I had seen wherein your internet link remains but your VPN tunnel is down. However, since I got a fix from the TAC team, I have not noticed it, but the customer complained a few times that they couldn't access the internet because of this problem."
"They could improve the response time and quality of support."
More Fortinet FortiGate cons
"Sangfor NGAF could improve by refining its application control policies, especially in addressing challenges with certain types of applications."
"The solution has too many bugs and these slow down the implementation."
"An area for improvement would be the number of ports defined on the box. In the next release, I would like them to develop their provisioning stage of enrolling end devices."
"The web interface needs to be improved, making it more user-friendly."
"Scalability for any network device is not very easy in terms of vertical scalability."
"The setup phase is quite complex."
"The firewall system needs gradual improvements because there are more threats and challenges every day."
"They need to improve their research team and they need to study their data to analyze it and build the product."
More Sangfor NGAF cons
"The interface could be simplified and diagnostic system graphs improved."
"Scalability it is a bit limited. We did a sizing exercise before the purchase. But that was just to fit our current needs. There was no room for having an option to upgrade the device. The only option that we have if we are grow in the near future, is to go for another model with higher specs, which is actually more expensive. In other words it doesn't have that modularity ."
"I would like to have a more efficient login process."
"We recently did an upgrade on the Sophos XG firmware and we were surprised that after the upgrade, the automatic switch actually we were using did not work anymore."
"We are facing some problems on this firmware version, version 18, that require improvement. We want to improve the email security because it doesn't give proper security with the data protection. Also, our clients are facing some problems where most of the sites which they're accessing are getting blocked. I want to improve those sites, that email security, and the data protection on the Firmware version 18."
"The manuals or guides we are given are too simple. When we are implementing the product, it is difficult for us as we don't have more detailed information."
"Their updates can be faster and more regular."
"I would like to have more artificial intelligence in the web monitoring service that comes with it. It should alert us when particular events happen. It has already got some of that. I know that it is more of a service, and Sophos is already looking at it. It is called SIEM."
More Sophos XG cons
 

Pricing and Cost Advice

"It is more affordable than Check Point and Palo Alto. Another thing is that all the features and the OS remain the same irrespective of the size of the device. Pricing-wise, Fortinet typically provides one-year support with the firewall appliance. There is also an option for three years which is how their licensing works."
"Fortinet FortiGate is expensive."
"The price of Fortinet FortiGate is the lowest in the market."
"They need to be competitive with other solutions."
"Price-wise, it's at a good price point for our market."
"If the customer is looking for SD-WAN, it comes free with FortiGate."
"It has a competitive price."
"No comment."
More Fortinet FortiGate pricing and cost advice
"The price could be more competitive."
"-"
"The pricing is reasonable."
"I rate the product price as one on a scale of one to ten, where one is low price and ten is high price."
"The price is unmatcheable."
"It is one of the cheapest tools in the market."
"It costs about 8 to 10 thousand dollars per year for 500 users, standard licensing fees included."
"For over 2000 users, the cost is around 5000 to 6000 USD. If you want a web application firewall, you have to purchase an additional license for it."
More Sangfor NGAF pricing and cost advice
"Its price should be better. Initially, the clients have to pay for the appliance. Then, they have to pay for the software that is installed on the appliance. Depending on whether they have a one-year, two-year, or three-year license, they just have to renew the license of the software after it expires. They don't have to renew the appliance license. So, they have to pay for the appliance only once, and after that, they just renew the software license. That's all."
"The Sophos pricing, in general, is better than SonicWall, Fortinet, WatchGuard, or anybody else."
"We generally buy it for a three-year license."
"Sophos XG is not expensive for a firewall, especially when you compare it with Check Point."
"Sophos XG is a very good solution, and it's cheaper than most of the other vendors. It is really affordable."
"I use Sophos Firewall Home Edition, which is available for free."
"The product is expensive."
"We prepaid in advance to get the max discount."
More Sophos XG pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
See recommendations
847,862 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
21%
Computer Software Company
14%
Comms Service Provider
7%
Manufacturing Company
6%
Computer Software Company
13%
Manufacturing Company
10%
Financial Services Firm
8%
Educational Organization
6%
Computer Software Company
16%
Comms Service Provider
9%
Manufacturing Company
7%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
See all answers
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
See all answers
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
See all answers
What do you like most about Sangfor NGAF?
I think Sangfor NGAF is more valuable than Cisco products because of its simplicity and ease of management. If I comp...
See all answers
What is your experience regarding pricing and costs for Sangfor NGAF?
The licensing cost is quite high compared to other available firewalls in the market.
See all answers
What needs improvement with Sangfor NGAF?
The cost of licensing is very high compared to other firewalls available here. There should be improvements in hardwa...
See all answers
Which is better - Palo Alto Networks NG Firewalls or Sophos XG?
Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...
See all answers
What are the main differences in features between Sophos XG and FortiGate 80F?
Hi Arvind P , The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form Fact...
See all answers
What do you like most about Sophos XG?
IPS works smoothly.
See all answers
 

Comparisons

Netgate pfSense vs Fortinet FortiGate Logo
Netgate pfSense vs Fortinet FortiGate
Compared 13% of the time
Cisco Secure Firewall vs Fortinet FortiGate Logo
Cisco Secure Firewall vs Fortinet FortiGate
Compared 11% of the time
WatchGuard Firebox vs Fortinet FortiGate Logo
WatchGuard Firebox vs Fortinet FortiGate
Compared 5% of the time
SonicWall TZ vs Fortinet FortiGate Logo
SonicWall TZ vs Fortinet FortiGate
Compared 5% of the time
Sophos UTM vs Fortinet FortiGate Logo
Sophos UTM vs Fortinet FortiGate
Compared 2% of the time
More Fortinet FortiGate Competitors
Sophos XGS vs Sangfor NGAF Logo
Sophos XGS vs Sangfor NGAF
Compared 4% of the time
Palo Alto Networks NG Firewalls vs Sangfor NGAF Logo
Palo Alto Networks NG Firewalls vs Sangfor NGAF
Compared 4% of the time
Netgate pfSense vs Sangfor NGAF Logo
Netgate pfSense vs Sangfor NGAF
Compared 4% of the time
Fortinet FortiGate-VM vs Sangfor NGAF Logo
Fortinet FortiGate-VM vs Sangfor NGAF
Compared 3% of the time
Check Point NGFW vs Sangfor NGAF Logo
Check Point NGFW vs Sangfor NGAF
Compared 3% of the time
More Sangfor NGAF Competitors
Netgate pfSense vs Sophos XG Logo
Netgate pfSense vs Sophos XG
Compared 10% of the time
OPNsense vs Sophos XG Logo
OPNsense vs Sophos XG
Compared 8% of the time
Sophos XGS vs Sophos XG Logo
Sophos XGS vs Sophos XG
Compared 5% of the time
SonicWall TZ vs Sophos XG Logo
SonicWall TZ vs Sophos XG
Compared 5% of the time
WatchGuard Firebox vs Sophos XG Logo
WatchGuard Firebox vs Sophos XG
Compared 2% of the time
More Sophos XG Competitors
 

Product Reports

Buyer's Guide
Fortinet FortiGate
April 2025
Fortinet FortiGate reportDownload Fortinet FortiGate product report
Buyer's Guide
Sangfor NGAF
March 2025
Sangfor NGAF reportDownload Sangfor NGAF product report
Buyer's Guide
Sophos XG
March 2025
Sophos XG reportDownload Sophos XG product report
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Sangfor NGAF Firewall Platform
No data available
 

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

  • VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
  • Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
  • Advanced Firewall: Offers robust firewalling with application control and web filtering.
  • SD-WAN: Optimizes application performance and enhances bandwidth management.
  • SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

  • High-performance Security: Delivers effective threat mitigation with high availability.
  • Centralized Management: Simplifies network operations with cloud-based management tools.
  • Detailed Analytics: Provides comprehensive insights into network activity and security threats.
  • Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

Sangfor Next Generation Firewall (also known as NGAF) is a converged security solution providing protection against advanced threat, malware, viruses, ransomware and web-based attacks using integrated security features like firewall, IPS, anti-virus, anti-malware, APT, URL filtering, Cloud Sandbox, and WAF. As the world's first AI-enabled and fully integrated Next Generation Firewall & Web Application Firewall (WAF), NGAF offering the security visibility, real-time detection and response, simplified operation and maintenance and high-performance application layer security needed to operate an enterprise network in total security. Tested and proven to provide cutting-edge network security by ICSA Labs and endorsed by Gartner Inc., NGAF harnesses the power of Sangfor’s Neural-X threat intelligence and analytics platform and Engine Zero’s innovative malware detection to provide next-generation protection for today’s enterprise.

Sangfor

Sophos XG is a versatile network security solution that offers network protection, firewall management, VPN access, web filtering, and intrusion prevention, providing comprehensive security for businesses from small offices to large enterprises.

Sophos XG stands out for its Synchronized Security, easy setup, and robust templates. It manages VPN access, protects against threats, and handles load balancing and traffic monitoring. The cloud-based management, centralized dashboard, and detailed logging make it user-friendly and reliable. Integration of features like email protection, SD-WAN, and unified threat management ensures a broad spectrum of security needs are covered. However, it could benefit from improvements in network security, user portals, technical support, and more scalable SD-WAN features.

What are the key features of Sophos XG?
  • Synchronized Security: Orchestrates threat intelligence sharing between endpoints and firewall.
  • Unlimited SSL VPN Clients: Provides extensive VPN client support for secure remote access.
  • Cloud-Based Management: Facilitates remote administration with a cloud-hosted platform.
  • Intrusion Prevention: Detects and blocks potential threats in real-time.
  • Centralized Dashboard: Offers a comprehensive view of network security status.
What benefits and ROI should users look for in reviews?
  • Scalability: Easily adapts to growing business needs.
  • User-Friendliness: Simplified setup and intuitive management.
  • Effective Threat Protection: Provides robust security against a wide range of threats.
  • Comprehensive Reporting: Delivers detailed insights and analytics.
  • Cost-Effectiveness: Competitive in pricing with flexible deployment options.

Sophos XG is implemented across industries such as healthcare, education, and finance to secure sensitive data and ensure regulatory compliance. It aids in endpoint protection, application control, load balancing, and traffic monitoring essential for these industries. Enhancing network security, simplifying VPN setup, and integrating adaptive security features remain focal points for businesses.

Sophos
 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
The Ministry of Science, Technology, and Innovation (Indonesia), Lawson, Inc. (Philippines), Universiti Sultan Zainal Abidin (Indonesia), TEK Automotive (Italy), etc.
Information Not Available
Buyer's Guide
Sangfor NGAF vs. Sophos XG
April 2025
Free Report: Sangfor NGAF vs. Sophos XG
Find out what your peers are saying about Sangfor NGAF vs. Sophos XG and other solutions. Updated: April 2025.
DOWNLOAD NOW
847,862 professionals have used our research since 2012.
See our Sangfor NGAF vs. Sophos XG report.
See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.