Try our new research platform with insights from 80,000+ expert users

SonicWall NSa vs Sophos XG comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
317
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
SonicWall NSa
Ranking in Firewalls
18th
Average Rating
7.8
Reviews Sentiment
7.3
Number of Reviews
86
Ranking in other categories
No ranking in other categories
Sophos XG
Ranking in Firewalls
4th
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
198
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of January 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 20.3%, up from 17.4% compared to the previous year. The mindshare of SonicWall NSa is 1.6%, up from 1.2% compared to the previous year. The mindshare of Sophos XG is 11.5%, up from 9.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Q&A Highlights

Girish Vijay - PeerSpot reviewer
Nov 26, 2020
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
MohammedMateen - PeerSpot reviewer
Easy to scale advanced threat protection solution with knowledgeable technical support, but has occasional bugs
An area for improvement in SonicWall NSa is that sometimes, we experience bugs when upgrading, so we have to contact their technical support to fix issues. It would be much easier if this improvement was in place: if the one-time password which is built-in, was provided as an OTP for the administrator logging into the console, so that we'll have a quicker awareness of it, rather than needing to check emails for it. Having a Telegram or WhatsApp bot integrated with the device, for example, will be very helpful for us, so we can instantly take action, without us needing to log into and check our emails, meaning we'll be able to put things right faster. This may not be possible in SonicWall NSa, but I'm also looking for any kind of controller or device for the Windows server or client, e.g. Windows 11 and Windows 10 from SonicWall NSa itself, so that a security domain or the gateway of the organization would be able to identify the latest update for a product, whether that product is installed or not. This feature would be very helpful, and it's what I'd like to see in the next release.
SherifFouad - PeerSpot reviewer
Gives us customizable policies, modifiable templates, and customized rules for single users
The major problem that I am facing, and I know that others are facing as well, is with the HTTPS classic, in general, or any classic that works on Secure Socket Layers. Let's say I set up a rule to block users from accessing YouTube or Facebook. The rule will only block the HTTP traffic, which is non-secure traffic. But most websites right now, most of the reputable web services providers, for extra security for their own web servers and for the user's security, provide a connection over Secure Socket Layer. The problem comes when you are trying to block, or allow, similar traffic that uses HTTPS. You have to create a certificate and import it into the users' web browsers, whatever they are using. Now, this is not a problem when you're dealing with users stationed and fixed in a specific site or location. They are using desktops, they will never take the desktops and go home with them, nor will they ever take the desktops and travel to another country, or another site with it. The problem occurs when you're dealing with roaming users who use laptops and have to move between different sites that have different types of policies applied to them. You have to import all sorts of certificates from each site into their browser. Doing so will most probably conflict with something else that is totally irrelevant and cause a problem. A way around this is if you are using authentication with Active Directory. But most of the time, especially if you're operating in a remote site with a very slow internet connection, if it's available in the first place, authentication with Active Directory is impossible. So it needs an easier way to apply HTTPS filters, without importing certificates into users' browsers and without the need for using an Active Directory. There must be a way around it. There are workarounds. But with applied workarounds, it will work out once, it won't work out properly 10 other times. That is my only request. Also, since Sophos took over Cyberoam, the online technical library and support library have become super messy. To get a piece of information is becoming a nightmare. They need to reorganize the online technical support and technical library. The easiest way to overcome this is to look at how the Cyberoam online technical library was structured and to build the Sophos technical library the same way. It is messy, totally unorganized, time-wasting. Instead of getting what you want in five minutes it takes half an hour.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The customization potential is quite impressive."
"The integration with Active Directory is one of the good features. Most of the customers are now looking for the Single Sign-on feature. So, being able to integrate Active Directory with the firewall is useful. It is also easy."
"Security, SD-WAN, and Streetscape are valuable features."
"We use a southern institution that's audited for IT security and the reporting that automatically comes off the unit makes it much easier to meet compliance standards and makes it easier as far as the amount of time that has to be spent to compile that information. If you get your reporting set up correctly when you initially set it up, you just select the one you want and hit print. The auditing trail on it is the best feature."
"The user interface is relatively easy. The devices are easy to deploy and figure out when you have experience with other security appliances."
"The initial setup of Fortinet FortiGate was straightforward."
"I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over."
"Good load balancing feature."
"The product is simple to manage."
"We use SonicWall NSa for authenticating MAC (media access control) ID from the PC."
"The most valuable features of this solution are the GUI pre-filtering and the ATP (advanced threat protection)."
"We can do the hosting and security all under one box. The UTM is a good feature."
"SonicWall NSA is easy to deploy, easy to maintain, and easy to configure."
"I really like the performance; there are no delays and no latency, which is a unique quality in firewalls nowadays."
"Support is usually good when it comes to helping with issues."
"Support has improved dramatically since their separation from Dell."
"This solution does everything and anything a firewall can do."
"Most of the features Sophos XG has are valuable. However, if I have two different ISP, I'm able to create an automatic switch between the two ISPs. I can do the same thing for the cloud as well. If I have two subnets coming from the cloud, I'm able to create a type of switch between both of them where if there is traffic on one and has the traffic drop, I'm able to switch to the other ISP without any problems. It's a normal feature and I get to enjoy the ability to switch between services with no issues."
"It is a scalable solution."
"The solution has good performance and is easy to use."
"This kind of strategic technology makes it much easier to remove malware and address vulnerabilities quickly."
"It's a product that is in continuous improvement and is following what the customer is asking for. They are taking inputs and designing new releases specifically according to the client and their needs."
"As a security solution, it's a very good security solution."
"The most valuable feature is the central dashboard"
 

Cons

"When we cluster the two Fortinet FortiGate boxes together we have some issues."
"The cloud management and automation capability could be improved."
"There were quite a few problems with the stability of the system."
"The renewal price and the availability could be improved."
"It would be nice if backups could more easily migrate between different models."
"One area for improvement is the performance on bandwidth demands for smaller devices, as well as better web filtering."
"The feature which gives us a lot of pain is ASIC architecture."
"Fortinet FortiGate can improve the integration with Active Directory. Additionally, I would like to have a Cloud Controller, such as they do in the Cisco Meraki solution."
"The only thing that we would want would be single-pane management, which it has, but the GMS is not very good. It's purely the management of multiple devices for multiple customers, that's the only thing that it's lacking."
"The stability is not there. The features are there, but they are not stable. They need to improve on this product because I feel that they have launched this product without much R&D."
"One area for improvement in SonicWall NSa is the GUI. It isn't easy to understand. The support for SonicWall NSa is mediocre, which is another area for improvement."
"After-sales support and hands-on training facilities are not available in my country."
"It only has a single power interface, which has limitations in terms of high availability."
"SonicWall NSa doesn't have a proxy. It also needs a quota management feature in specific scenarios where you must limit user bandwidth for a particular day."
"We have used other solutions such as pfSense and Linux native firewalls. I prefer SonicWall NSa but if you are going to use something for an enterprise you need another solution."
"The pricing for this product in India is high and the fees should be reduced."
"Having a web portal where you could make requests for the categorization of non-categorized items, would be beneficial."
"The installation could be faster and is longer than that of other solutions, lasting more than a month instead of five minutes."
"The pricing can be high unless you choose a longer contract."
"There needs to be a way that we can distinguish between educational institutions on Youtube and other Youtube videos. You can do this on Fortinet. Basically, they can block all other Youtube videos besides those that are from educational institutions. With Sophos, you either allow for all Youtube videos or none at all. They need to allow for more specification on different websites."
"One feature I would like to add is remote wipeout capability. This would be useful in cases where a user leaves the organization and fails to return their laptop. Remote wipeout would allow for the deletion of data from the device with a single command. Regarding technical support from Sophos XG, it's generally satisfactory. However, the response time could be improved. It takes around one hour to receive assistance, but reducing this to 30-45 minutes would benefit us."
"The only area that requires improvement is scalability."
"I've had experience with Sophos XG's threat intelligence features, and they provide good coverage, although I wouldn't say they're the best in the industry. The sandbox feature is available with top-tier subscriptions, allowing you to test content in a cloud sandbox. One improvement I'd suggest for Sophos XG is to make certain functionalities, like CR functionality, part of the default firewalling rather than exclusive to premium subscriptions. Enhancing DLP capabilities at the gateway level could significantly boost security for organizations."
"It would be beneficial if the platform provided more flexible support for a variety of devices."
 

Pricing and Cost Advice

"Its pricing is fine. It is on a yearly basis. Other than the licensing fee, there is no extra fee."
"There is a subscription-based model to use Fortinet FortiGate. We pay annually for the solution along with the support. If you want to have all the updates, and security patches you will need to renew your support."
"The pricing for the product is alright."
"Licensing for Fortinet FortiGate is on a yearly basis. Pricing for it is a bit high. It could be cheaper."
"It is a good product from a price perspective versus functionality."
"Price-wise, it's at a good price point for our market."
"The license is too expensive to renew. The license renewal process is also complex."
"In the Asian economy in which we operate, FortiGate is expensive."
"SonicWall still is only a dollar or Euro per gigabit. This means, of the IPsec, it's the cheapest solution."
"We are on a three-year license for the solution. The price is inexpensive compared to other solutions."
"SonicWall NSa's pricing is subscription-based and I rate it a six out of ten."
"The price of SonicWall NSa is expensive."
"SonicWall is a one-time purchase and there is no renewal license."
"SonicWall is not an expensive solution."
"The price is high. I would rate it four to five out of ten."
"Licensing fees are paid on a yearly basis, and we are happy with the pricing."
"The price of the Sophos XG is very good. There are not any licensing costs, it is a one-time purchase price."
"It is not that expensive compared to the other solutions. It is about the same price range as Fortigate, which we used previously. Licensing is on a yearly basis."
"Its price is good. All features are grouped in the same license. It is an all-in-one license, and the license price is acceptable."
"The cost could be lower especially if you want to add other features."
"It is fairly priced."
"We pay licensing fees of approximately $2,000. We have a contract for three years."
"For every firewall, you will need to pay the license for the following year. If they don't pay for the license renewal, they basically won't get the support from Sophos."
"Sophos XG is expenses."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
831,158 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Comms Service Provider
6%
Manufacturing Company
6%
Computer Software Company
15%
Educational Organization
7%
Manufacturing Company
6%
Government
6%
Computer Software Company
17%
Comms Service Provider
8%
Manufacturing Company
7%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
What do you like most about SonicWall NSa?
The product blocks access when I visit unrecognized websites.
What is your experience regarding pricing and costs for SonicWall NSa?
SonicWall is much cheaper compared to Fortinet, particularly regarding renewal and licensing costs.
What needs improvement with SonicWall NSa?
I would like more free VPN licenses. It would be beneficial if they could enhance the analytics part. It needs to be ...
Which is better - Palo Alto Networks NG Firewalls or Sophos XG?
Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...
What are the main differences in features between Sophos XG and FortiGate 80F?
Hi Arvind P , The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form Fact...
What Is The Biggest Difference Between Sophos UTM and Sophos XG?
The Sophos UTM is a UTM and Sophos XG is the NGFW. First, you must know about the difference between a UTM and NGFW. ...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
NSA 250M, NSA 2600, NSA 3600, NSA 4600, NSA 5600, Dell SonicWALL NSA
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
Orange County Rescue Mission, First Source, Michaels & Taylor, Green Clinic Health System, Aspire Chiltern Skills and Enterprise Centre, UnitedStack, Faith Lutheran College Redlands, Celtic Manor Resort, Star Kay White, Air Works, Unimat Life, NHS Yorkshire and Humber Commissioning Support (YHCS), Hutt City Council, Mato Grosso do Sul, Nspyre
Information Not Available
Find out what your peers are saying about SonicWall NSa vs. Sophos XG and other solutions. Updated: January 2025.
831,158 professionals have used our research since 2012.