Try our new research platform with insights from 80,000+ expert users

Sangfor NGAF vs Sophos XG comparison

Sangfor and Sophos are both solutions in the Firewalls category. Sangfor is ranked #19 with an average rating of 7.9, while Sophos is ranked #4 with an average rating of 8.3. Sangfor holds a 1.2% mindshare in Firewalls, compared to Sophos’s 11.5% mindshare. Additionally, 90% of Sangfor users are willing to recommend the solution, compared to 92% of Sophos users who would recommend it.
Sponsored
Fortinet FortiGate
Read 317 Fortinet FortiGate reviews
  • 91,507 Views
  • 67,564 Comparison Views
90% willing to recommend
Sangfor NGAF
Read 36 Sangfor NGAF reviews
  • 5,845 Views
  • 3,278 Comparison Views
90% willing to recommend
Sophos XG
Read 198 Sophos XG reviews
  • 45,691 Views
  • 35,603 Comparison Views
92% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jan 5, 2025

Sophos XG and Sangfor NGAF both compete in the next-generation firewall sector. Sophos XG holds the upper hand with its advanced capabilities and endpoint integration, while Sangfor NGAF impresses with its simplicity and cost-effectiveness.

Features: Sophos XG offers granular URL filtering, synchronized security, and strong anti-malware defense driven by dual engines. Its application filtering is excellent, with over 90 categories to ensure precise control. Sangfor NGAF provides robust intrusion detection, WAN optimization, and easy integration with user management systems. It is especially noted for its user-friendly interface and affordability.

Room for Improvement: Sophos XG should improve its technical support response times and enhance the complexity in VPN configurations and reporting capabilities. It also needs to address issues with centralized management. Sangfor NGAF would benefit from the integration of features like SD-WAN and improving its global customer support reach. Real-time reporting and deployment processes could be further refined.

Ease of Deployment and Customer Service: Sophos XG supports on-premises and hybrid cloud deployment, providing flexibility for various environments. Its documentation is comprehensive despite occasional delays in support. Sangfor NGAF offers straightforward deployment options such as hybrid and cloud, making it ideal for users with minimal technical resources. While customer service is generally responsive, there is a need for better global connections.

Pricing and ROI: Sophos XG is competitively priced with flexible licensing and bundling options, providing strong support and features to justify the total ownership cost. Sangfor NGAF is recognized for its affordability, particularly appealing in budget-conscious markets. It offers cost-effective subscription models and lower costs, making it attractive for smaller businesses. While both products demonstrate strong ROI, Sophos justifies a higher price with advanced features, whereas Sangfor is alluring for its cost-effectiveness.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Sangfor NGAF vs. Sophos XG Report (Updated: January 2025).
Buyer's Guide
Sangfor NGAF vs. Sophos XG
January 2025
Download the complete report
Helped 831,020 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
317
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Sangfor NGAF
Ranking in Firewalls
19th
Average Rating
8.0
Reviews Sentiment
6.5
Number of Reviews
36
Ranking in other categories
No ranking in other categories
Sophos XG
Ranking in Firewalls
4th
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
198
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of January 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 20.3%, up from 17.4% compared to the previous year. The mindshare of Sangfor NGAF is 1.2%, up from 0.8% compared to the previous year. The mindshare of Sophos XG is 11.5%, up from 9.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Read full review
Zaid Farooqui - PeerSpot reviewer
Enhanced threat detection with integrated security features and good support
We are using application firewalling, WAF, and SD-WAN. The capabilities are mostly within the box. For example, you will get web application firewall WAF as part and parcel of this. SD-WAN is also bundled. It integrates with their SIEM and SOAR solutions very nicely. Lastly, the pricing point is very cost-efficient as well.
Read full review
SherifFouad - PeerSpot reviewer
Gives us customizable policies, modifiable templates, and customized rules for single users
The major problem that I am facing, and I know that others are facing as well, is with the HTTPS classic, in general, or any classic that works on Secure Socket Layers. Let's say I set up a rule to block users from accessing YouTube or Facebook. The rule will only block the HTTP traffic, which is non-secure traffic. But most websites right now, most of the reputable web services providers, for extra security for their own web servers and for the user's security, provide a connection over Secure Socket Layer. The problem comes when you are trying to block, or allow, similar traffic that uses HTTPS. You have to create a certificate and import it into the users' web browsers, whatever they are using. Now, this is not a problem when you're dealing with users stationed and fixed in a specific site or location. They are using desktops, they will never take the desktops and go home with them, nor will they ever take the desktops and travel to another country, or another site with it. The problem occurs when you're dealing with roaming users who use laptops and have to move between different sites that have different types of policies applied to them. You have to import all sorts of certificates from each site into their browser. Doing so will most probably conflict with something else that is totally irrelevant and cause a problem. A way around this is if you are using authentication with Active Directory. But most of the time, especially if you're operating in a remote site with a very slow internet connection, if it's available in the first place, authentication with Active Directory is impossible. So it needs an easier way to apply HTTPS filters, without importing certificates into users' browsers and without the need for using an Active Directory. There must be a way around it. There are workarounds. But with applied workarounds, it will work out once, it won't work out properly 10 other times. That is my only request. Also, since Sophos took over Cyberoam, the online technical library and support library have become super messy. To get a piece of information is becoming a nightmare. They need to reorganize the online technical support and technical library. The easiest way to overcome this is to look at how the Cyberoam online technical library was structured and to build the Sophos technical library the same way. It is messy, totally unorganized, time-wasting. Instead of getting what you want in five minutes it takes half an hour.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is the VDOM, which allows the customer to have multiple firewalls in a single campus."
"Their interface is very easy to use, it is without bugs."
"The most valuable features are SD-WAN, application control, IPS control, and FortiSandbox."
"It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware."
"The notable features that I have found most valuable are that it includes the antivirus, and also IPS, and even SD-WAN."
"The pipe filter application is an outstanding feature."
"The payment function for applications is good."
"The tool is a nice product and easy to handle. The software's user interface is also good. You can easily implement remote access in the solution."
More Fortinet FortiGate pros
"Sangfor NGAF specializes in ransomware detection and helps to protect our network from ransomware threats and malware."
"We can utilize our own network rather than paying for a private one."
"It offers application control features."
"The level of support provided to local companies is good. They transform their application control and other settings according to that country."
"Sangfor has the best capabilities for securing connections, securing web browsers, securing servers, and general threat protection."
"The product is very fast and reliable."
"In our hospital, Sangfor NGAF works well for us in terms of ensuring confidentiality and availability, which are crucial in the healthcare industry."
"The tool's performance is good."
More Sangfor NGAF pros
"Sophos XG has helped us reduce virus and malware attacks."
"We've deployed quite a number for our users and our customers, and the feedback is quite positive in terms of management and also administration."
"Sophos XG protects our network from advanced threats."
"This solution is very user-friendly and even a non-professional can configure the policies."
"The stability of Sophos XG is very good. However, there have been some issues with other weaker models because they are limited in hardware in resources."
"Because of the pandemic, the VPN is the most valuable feature."
"One feature of Sophos XG that I found incredibly beneficial for threat prevention is its endpoint protection."
"Content blocking for websites is the most valuable aspect of the solution."
More Sophos XG pros
 

Cons

"As far as wanting more scalability or things in the network diagram, it's going to cost you."
"While FortiGate is cheaper than most other solutions, we're seeing increased license renewal costs. Most of our clients are asking for more significant discounts because the price is going up."
"Improvement is needed in the Web Filter quotas to restrict users with allocated quotas."
"Fortinet FortiGate could improve if it had a cloud-managed solution."
"The cloud features and integration could be improved."
"Fortigate's hardware capacities could be improved."
"FortiGate should have a better way of detecting and managing the system memory because otherwise if the memory is too low, a system restart is required."
"There were quite a few problems with the stability of the system."
More Fortinet FortiGate cons
"The reporting and log management could be improved."
"Lacks consistency in terms of filtering certain websites and applications."
"It has an issue with the Sangfor Cloud Platform rather than the firewall. When we run a virtual machine, the window tabs display Chinese characters."
"There is room for improvement in dependency on certain infrastructure, like the DNS dependency on the current DNS server that the company has. It should be standalone. It should not depend on any other DNS server."
"Sangfor NGAF could improve the policies and default criteria. They could be much better."
"An area for improvement would be the number of ports defined on the box. In the next release, I would like them to develop their provisioning stage of enrolling end devices."
"The solution should be able to work in a hybrid setup."
"I feel Sangfor should follow the hierarchy and close deals via resellers instead of closing it all with their own team."
More Sangfor NGAF cons
"In the next release, I would like to see improvements to simplify the interface and more policy deployments."
"Their technical support needs improvement. I've been on hold with them for hours waiting for their support."
"We recently did an upgrade on the Sophos XG firmware and we were surprised that after the upgrade, the automatic switch actually we were using did not work anymore."
"Sophos XG's user interface has some room for improvement."
"Sophos XG could improve Data Loss Prevention(DLP)."
"XG is at its end of life. People are moving to XGS."
"Sophos can improve the debugging of the WAPS function."
"Sophos XG should improve on the GDPR features involving data protection and encryption. Security regarding data protection is important."
More Sophos XG cons
 

Pricing and Cost Advice

"It's expensive, but compared to the competition it's okay."
"The Indian market is different than the European and American markets. When you compare they need to be a bit more aggressive on pricing."
"It has been two years. I don't remember the actual price, but it was affordable. We buy the boxes and then use the license for three years."
"Pricing is good. They offer a lot of things, the most important is the support. Every time you upgrade your license, you also get insurance for the equipment. If you have any problem with equipment, they send in new equipment."
"It is cost-effective, and provides a good value for your money. The pricing, and license renewal, is very reasonable for us."
"If the customer is looking for SD-WAN, it comes free with FortiGate."
"We pay for the solution annually."
"There is a subscription-based model to use Fortinet FortiGate. We pay annually for the solution along with the support. If you want to have all the updates, and security patches you will need to renew your support."
More Fortinet FortiGate pricing and cost advice
"If one is very cheap and ten is very expensive, I rate the tool's price as three out of ten."
"The price falls in the mid-range, neither exceptionally low nor high."
"Sangfor NGAF price is reasonable and there is an annual license. However, the maintenance cost can be a bit high."
"Sangfor is cheaper than competing vendors."
"For over 2000 users, the cost is around 5000 to 6000 USD. If you want a web application firewall, you have to purchase an additional license for it."
"It costs about 8 to 10 thousand dollars per year for 500 users, standard licensing fees included."
"Price-wise, I would not consider Sangfor NGAF to be a cheap product. It is an expensive firewall solution, though not as expensive as something like Palo Alto, which is costly. However, the higher price point is justifiable given the feature set the tool provides that other firewalls may not offer in a single dedicated appliance."
"In my opinion, the price of the tool is good in the Pakistani market. We can easily get discounts if needed."
More Sangfor NGAF pricing and cost advice
"The price of the solution is reasonable when comparing it to other solutions."
"The price for the firewall is reasonable."
"I've had schools running different firewalls with subscriptions and different web filters with subscriptions, and I've found that it is less expensive for smaller schools to run the Sophos XG with its unified threat management instead of multiple appliances."
"In terms of price, it is a mid-range product."
"For our company, the price was reasonable."
"The solution is priced well."
"The hardware is inexpensive but the license is expensive."
"Sophos XG is not expensive for a firewall, especially when you compare it with Check Point."
More Sophos XG pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
See recommendations
831,020 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Comms Service Provider
6%
Manufacturing Company
6%
Computer Software Company
13%
Manufacturing Company
11%
Financial Services Firm
8%
University
6%
Computer Software Company
17%
Comms Service Provider
8%
Manufacturing Company
7%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
See all answers
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
See all answers
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
See all answers
What do you like most about Sangfor NGAF?
I think Sangfor NGAF is more valuable than Cisco products because of its simplicity and ease of management. If I comp...
See all answers
What is your experience regarding pricing and costs for Sangfor NGAF?
The licensing cost is quite high compared to other available firewalls in the market.
See all answers
What needs improvement with Sangfor NGAF?
The cost of licensing is very high compared to other firewalls available here. There should be improvements in hardwa...
See all answers
Which is better - Palo Alto Networks NG Firewalls or Sophos XG?
Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...
See all answers
What are the main differences in features between Sophos XG and FortiGate 80F?
Hi Arvind P , The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form Fact...
See all answers
What Is The Biggest Difference Between Sophos UTM and Sophos XG?
The Sophos UTM is a UTM and Sophos XG is the NGFW. First, you must know about the difference between a UTM and NGFW. ...
See all answers
 

Comparisons

Netgate pfSense vs Fortinet FortiGate Logo
Netgate pfSense vs Fortinet FortiGate
Compared 13% of the time
Cisco Secure Firewall vs Fortinet FortiGate Logo
Cisco Secure Firewall vs Fortinet FortiGate
Compared 11% of the time
WatchGuard Firebox vs Fortinet FortiGate Logo
WatchGuard Firebox vs Fortinet FortiGate
Compared 5% of the time
Meraki MX vs Fortinet FortiGate Logo
Meraki MX vs Fortinet FortiGate
Compared 5% of the time
Juniper SRX Series Firewall vs Fortinet FortiGate Logo
Juniper SRX Series Firewall vs Fortinet FortiGate
Compared 2% of the time
More Fortinet FortiGate Competitors
Netgate pfSense vs Sangfor NGAF Logo
Netgate pfSense vs Sangfor NGAF
Compared 4% of the time
Palo Alto Networks NG Firewalls vs Sangfor NGAF Logo
Palo Alto Networks NG Firewalls vs Sangfor NGAF
Compared 4% of the time
Check Point NGFW vs Sangfor NGAF Logo
Check Point NGFW vs Sangfor NGAF
Compared 3% of the time
Sophos XGS vs Sangfor NGAF Logo
Sophos XGS vs Sangfor NGAF
Compared 3% of the time
Fortinet FortiGate-VM vs Sangfor NGAF Logo
Fortinet FortiGate-VM vs Sangfor NGAF
Compared 3% of the time
More Sangfor NGAF Competitors
Netgate pfSense vs Sophos XG Logo
Netgate pfSense vs Sophos XG
Compared 11% of the time
OPNsense vs Sophos XG Logo
OPNsense vs Sophos XG
Compared 8% of the time
Sophos XGS vs Sophos XG Logo
Sophos XGS vs Sophos XG
Compared 5% of the time
SonicWall TZ vs Sophos XG Logo
SonicWall TZ vs Sophos XG
Compared 4% of the time
Cisco Secure Firewall vs Sophos XG Logo
Cisco Secure Firewall vs Sophos XG
Compared 2% of the time
More Sophos XG Competitors
 

Product Reports

Buyer's Guide
Fortinet FortiGate
January 2025
Fortinet FortiGate reportDownload Fortinet FortiGate product report
Buyer's Guide
Sangfor NGAF
December 2024
Sangfor NGAF reportDownload Sangfor NGAF product report
Buyer's Guide
Sophos XG
December 2024
Sophos XG reportDownload Sophos XG product report
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Sangfor NGAF Firewall Platform
No data available
 

Learn More

Fortinet
Sangfor
Sophos
 

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

  • VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
  • Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
  • Advanced Firewall: Offers robust firewalling with application control and web filtering.
  • SD-WAN: Optimizes application performance and enhances bandwidth management.
  • SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

  • High-performance Security: Delivers effective threat mitigation with high availability.
  • Centralized Management: Simplifies network operations with cloud-based management tools.
  • Detailed Analytics: Provides comprehensive insights into network activity and security threats.
  • Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Sangfor Next Generation Firewall (also known as NGAF) is a converged security solution providing protection against advanced threat, malware, viruses, ransomware and web-based attacks using integrated security features like firewall, IPS, anti-virus, anti-malware, APT, URL filtering, Cloud Sandbox, and WAF. As the world's first AI-enabled and fully integrated Next Generation Firewall & Web Application Firewall (WAF), NGAF offering the security visibility, real-time detection and response, simplified operation and maintenance and high-performance application layer security needed to operate an enterprise network in total security. Tested and proven to provide cutting-edge network security by ICSA Labs and endorsed by Gartner Inc., NGAF harnesses the power of Sangfor’s Neural-X threat intelligence and analytics platform and Engine Zero’s innovative malware detection to provide next-generation protection for today’s enterprise.

Sophos XG is a versatile network security solution that offers network protection, firewall management, VPN access, web filtering, and intrusion prevention, providing comprehensive security for businesses from small offices to large enterprises.

Sophos XG stands out for its Synchronized Security, easy setup, and robust templates. It manages VPN access, protects against threats, and handles load balancing and traffic monitoring. The cloud-based management, centralized dashboard, and detailed logging make it user-friendly and reliable. Integration of features like email protection, SD-WAN, and unified threat management ensures a broad spectrum of security needs are covered. However, it could benefit from improvements in network security, user portals, technical support, and more scalable SD-WAN features.

What are the key features of Sophos XG?
  • Synchronized Security: Orchestrates threat intelligence sharing between endpoints and firewall.
  • Unlimited SSL VPN Clients: Provides extensive VPN client support for secure remote access.
  • Cloud-Based Management: Facilitates remote administration with a cloud-hosted platform.
  • Intrusion Prevention: Detects and blocks potential threats in real-time.
  • Centralized Dashboard: Offers a comprehensive view of network security status.
What benefits and ROI should users look for in reviews?
  • Scalability: Easily adapts to growing business needs.
  • User-Friendliness: Simplified setup and intuitive management.
  • Effective Threat Protection: Provides robust security against a wide range of threats.
  • Comprehensive Reporting: Delivers detailed insights and analytics.
  • Cost-Effectiveness: Competitive in pricing with flexible deployment options.

Sophos XG is implemented across industries such as healthcare, education, and finance to secure sensitive data and ensure regulatory compliance. It aids in endpoint protection, application control, load balancing, and traffic monitoring essential for these industries. Enhancing network security, simplifying VPN setup, and integrating adaptive security features remain focal points for businesses.

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
The Ministry of Science, Technology, and Innovation (Indonesia), Lawson, Inc. (Philippines), Universiti Sultan Zainal Abidin (Indonesia), TEK Automotive (Italy), etc.
Information Not Available
Buyer's Guide
Sangfor NGAF vs. Sophos XG
January 2025
Free Report: Sangfor NGAF vs. Sophos XG
Find out what your peers are saying about Sangfor NGAF vs. Sophos XG and other solutions. Updated: January 2025.
DOWNLOAD NOW
831,020 professionals have used our research since 2012.
See our Sangfor NGAF vs. Sophos XG report.
See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.