Sophos XG vs Sophos XGS comparison

Sophos XG and Sophos XGS are both solutions in the Firewalls category. Sophos XG is ranked #4 with an average rating of 8.4, while Sophos XGS is ranked #14 with an average rating of 8.4. Sophos XG holds a 11.4% mindshare in Firewalls, compared to Sophos XGS’s 2.2% mindshare. Additionally, 92% of Sophos XG users are willing to recommend the solution, compared to 94% of Sophos XGS users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jan 5, 2025

Sophos XG and Sophos XGS compete in the network security and firewall category. Sophos XGS holds the upper hand due to its advanced processor capabilities and improved network visibility.

Features: Sophos XG offers 90+ URL categories, two anti-malware engines, and flexible rule configurations. Sophos XGS excels in enhanced processor capabilities, improved application control, and seamless integration with endpoint security.

Room for Improvement: Sophos XG needs better link load balancing, firewall policy presentation, and HTTPS filtering without certificates. Sophos XGS should improve Active Directory integration and SD-WAN functionality, along with enhanced VPN capabilities and better documentation.

Ease of Deployment and Customer Service: Both Sophos XG and XGS provide versatile deployment options, with XG known for its straightforward setup. Sophos XG faces criticism for slow technical support, whereas XGS benefits from a recent improvement in support structure.

Pricing and ROI: Sophos XG is a mid-range product with flexible licensing, offering good ROI for small to medium enterprises. In contrast, Sophos XGS is more expensive but justifies its cost with advanced features and integration, providing satisfactory ROI for those seeking high-level threat protection.

To learn more, read our detailed Sophos XG vs. Sophos XGS Report (Updated: March 2025).

Buyer's Guide

Sophos XG vs. Sophos XGS

March 2025

Download the complete report

Helped 842,296 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Mindshare comparison

As of March 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 20.8%, up from 17.8% compared to the previous year. The mindshare of Sophos XG is 11.4%, up from 9.1% compared to the previous year. The mindshare of Sophos XGS is 2.2%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewalls

Featured Reviews

EhabAli

Sr. Cybersecurity Solutions Architect at BMB

Efficient, user-friendly, and affordable

In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.

Read full review

SherifFouad

ICT Manager at a mining and metals company with 1,001-5,000 employees

Gives us customizable policies, modifiable templates, and customized rules for single users

The major problem that I am facing, and I know that others are facing as well, is with the HTTPS classic, in general, or any classic that works on Secure Socket Layers. Let's say I set up a rule to block users from accessing YouTube or Facebook. The rule will only block the HTTP traffic, which is non-secure traffic. But most websites right now, most of the reputable web services providers, for extra security for their own web servers and for the user's security, provide a connection over Secure Socket Layer. The problem comes when you are trying to block, or allow, similar traffic that uses HTTPS. You have to create a certificate and import it into the users' web browsers, whatever they are using. Now, this is not a problem when you're dealing with users stationed and fixed in a specific site or location. They are using desktops, they will never take the desktops and go home with them, nor will they ever take the desktops and travel to another country, or another site with it. The problem occurs when you're dealing with roaming users who use laptops and have to move between different sites that have different types of policies applied to them. You have to import all sorts of certificates from each site into their browser. Doing so will most probably conflict with something else that is totally irrelevant and cause a problem. A way around this is if you are using authentication with Active Directory. But most of the time, especially if you're operating in a remote site with a very slow internet connection, if it's available in the first place, authentication with Active Directory is impossible. So it needs an easier way to apply HTTPS filters, without importing certificates into users' browsers and without the need for using an Active Directory. There must be a way around it. There are workarounds. But with applied workarounds, it will work out once, it won't work out properly 10 other times. That is my only request. Also, since Sophos took over Cyberoam, the online technical library and support library have become super messy. To get a piece of information is becoming a nightmare. They need to reorganize the online technical support and technical library. The easiest way to overcome this is to look at how the Cyberoam online technical library was structured and to build the Sophos technical library the same way. It is messy, totally unorganized, time-wasting. Instead of getting what you want in five minutes it takes half an hour.

Read full review

Jaffar Ali

Director Technical Services at TechnoBIZ

Has provided stability, security, ease of management, and better reporting options

People use Sophos XGS because the overall channel support is very good, so they don't face issues. Additionally, it is competitive in pricing against Fortinet in some cases, especially when considering high availability, email subscriptions, and gateways Sophos XGS has provided stability,…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It's very easy to set up, it's very easy to make policies and, for an organization, that means you don't need IT expert in firewalls. You just need to have somebody who knows a little bit of IT, and that's it. With other products, you need someone with a "Masters" degree in firewalls."

"The most valuable feature of Fortinet FortiGate is load balancing. It can provide central management and VPNA. Additionally, it has enhanced our security environment."

"Good performance, stability, and virtual domain ability."

"The simplicity of the configuration and the stability of the product are most valuable. The VPN concentrator is very useful."

"Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution."

"The solution is very user-friendly."

"The most valuable features are the policies, filtering, and configuration."

"It's very fast and easy to configure."

More Fortinet FortiGate pros

"There are many valuable features."

"Sophos firewalls are scalable. They are pretty strong in security. So, when they provide any kind of firewall, they provide all the features such as anti-spam, antivirus, etc."

"We've deployed quite a number for our users and our customers, and the feedback is quite positive in terms of management and also administration."

"The most valuable feature of Sophos XG is the VBM."

"The most valuable feature of this solution is that the license offers everything."

"Sophos began with a basic version and evolved into something more efficient in terms of performance."

"One feature of Sophos XG that I found incredibly beneficial for threat prevention is its endpoint protection."

"The solution is more cost-effective than FortiGate, Cisco and Palo Alto, which have very expensive licenses."

More Sophos XG pros

"Sophos XGS that's a good firewall. If you use the endpoint, then you have what Sophos calls synchronized security. That will mean that if one of the endpoints is affected, it will be automatically set in isolation."

"Sophos has a centralized management system where I can manage and control all the Sophos firewalls at the same time."

"The UI for Sophos is very simple."

"The centralized security is very good."

"The solution is stable and reliable."

"Sophos XGS has very good reporting capabilities and effective IPS signatures based on the latest versions."

"The threat intelligence capabilities of the tool are good."

"The product was easy for us to install."

More Sophos XGS pros

Cons

"We would like to see better pricing."

"The UTM filtering needs improvement."

"The solution is very expensive."

"The command line is complicated, and the interface could be better."

"Fortinet FortiGate needs to improve the logging and reporting. Additionally, the next-generation application's policies should be improved. When they were released they had bugs."

"Fortigate's hardware capacities could be improved."

"We would like to see a better training platform implemented."

"It should provide better visibility over the network and more information in the form of reports for the end users. Its installation should also be easier."

More Fortinet FortiGate cons

"It is performing well. However, the only challenges that we are facing are the effectiveness with blocking the proxy and tuneling applications, aside from proxy and similar applications. So the application filter on the product is not really performing 100%. Every now and then there are some updates that are happening on such applications, and it takes time until it gets the appropriate updates and becomes capable of capturing such applications and blocking them. A new feature I would really like to see would be some sort of an enhanced application filter with greater efficiency when it comes to the applications that can bypass firewall policies. These applications are really a nightmare. Once they are on the network and not detected, or the appliance is not really successful in capturing them and unblocking them, the bandwidth gets wasted all the time."

"Its user interface is a little bit slow."

"The support engineers of the product are not very tech-savvy, making it an area where improvements are required."

"In the product, the area revolving around SD-WAN has certain shortcomings where improvements are required."

"Sophos XG does not have the ability to disconnect a user."

"It is already secure but it could be better in terms of other breaches that may occur."

"It would be great if the user can have a portal to check on activities related to their account."

"They should expand their DDoS feature. It's basic. They need to enhance it."

More Sophos XG cons

"I would like to see them in third-party evaluation reports like Gartner, Magic Quadrant, or Forrester to make it easier for us to show our customers that Sophos is a leader in the market."

"The VPN capability needs some improvement in Sophos XGS."

"The solution could have a bit more functionality."

"There are some bugs relating to the product that allow VPN users to bypass the firewall."

"In previous versions, NAT rules were easier to create. After version 18.5, creating a NAT rule has become more complex, requiring the creation of a separate policy and an additional component."

"Sophos XGS could improve the automation system. It could be better if there was some level of automation, attacks automation, meaning if this happens, then it automatically executes a particular process."

"The price of Sophos XGS could improve, it is high."

"They should customers who are facing issues with their product reviews; they found bots in it. If they can do their proper research and use the user analysis and testing, that would greatly help the clients."

More Sophos XGS cons

Pricing and Cost Advice

"It has a competitive price."

"No comment."

"We saved a bundle by not needing all the past appliances from an NGFW."

"The pricing is fair."

"This is not a cheap solution but it isn't expensive, either. It's a good solution for the right price."

"We have the full version of Fortinet FortiGate and we are on a three-year contract with a commitment of five years."

"Before choosing a piece of equipment you have to take into account the cost-benefit offered by each one. Sometimes it is not worth paying a very cheap price to have a minimum level of security."

"Pricing is lower than Cisco."

More Fortinet FortiGate pricing and cost advice

"A Sophos XG license costs approximately $45,000"

"We paid for our licensing for three years, upfront, and there are no costs in addition to the standard fees."

"Sophos XG is a very good solution, and it's cheaper than most of the other vendors. It is really affordable."

"Licensing fees are paid on a yearly basis."

"The price of the solution is reasonable when compared to the market."

"The price of Sophos XG is reasonable."

"Currently, we have a contract for three years. It would be good if its price is reduced before we renew the contract. We will buy the equipment if it is cheaper."

"We have our license for three years."

More Sophos XG pricing and cost advice

"Once you pay for the Sophos XGS hardware there is no license required. There are additional costs if you want the support. We have purchased support for three years."

"The pricing for Sophos XGS is reasonable."

"XGS' price could be lower, though it's moderately priced in the market."

"A central firewall on the cloud with a cluster might be 70,000 to 80,000 euros for a three-year license."

"We paid around 17,000 pounds for a three-year package."

"I pay close to $10,000 per year, which I find to be expensive compared to the other similar solution or equivalent solutions."

"I live in Bolivia and the price of Sophos XGS is high. However, they have adjusted their price a little over the past while but the price could still be less expensive to be affordable."

"The price of Sophos XGS depends on the type of license. However, the licensing cost is approximately 60 percent of the total cost."

More Sophos XGS pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

842,296 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

22%

Computer Software Company

14%

Comms Service Provider

Manufacturing Company

Computer Software Company

16%

Comms Service Provider

Manufacturing Company

Financial Services Firm

Computer Software Company

16%

Manufacturing Company

Comms Service Provider

Educational Organization

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

Which is better - Palo Alto Networks NG Firewalls or Sophos XG?

Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...

See all answers

What are the main differences in features between Sophos XG and FortiGate 80F?

Hi Arvind P , The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form Fact...

See all answers

What do you like most about Sophos XG?

IPS works smoothly.

See all answers

What do you like most about Sophos XGS?

The policies are the greatest feature. They allow us to configure granular control over our network traffic.

See all answers

What is your experience regarding pricing and costs for Sophos XGS?

The pricing is justified, and the solution is considered budget-friendly compared to other vendors.

See all answers

What needs improvement with Sophos XGS?

Hardware stability needs improvement. I have experienced multiple hardware complaints, particularly during firmware u...

See all answers

Comparisons

Netgate pfSense vs Fortinet FortiGate

Compared 13% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 11% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

Meraki MX vs Fortinet FortiGate

Compared 5% of the time

SonicWall TZ vs Fortinet FortiGate

Compared 5% of the time

More Fortinet FortiGate Competitors

Netgate pfSense vs Sophos XG

Compared 10% of the time

OPNsense vs Sophos XG

Compared 8% of the time

SonicWall TZ vs Sophos XG

Compared 4% of the time

Palo Alto Networks NG Firewalls vs Sophos XG

Compared 3% of the time

Meraki MX vs Sophos XG

Compared 3% of the time

More Sophos XG Competitors

OPNsense vs Sophos XGS

Compared 16% of the time

Netgate pfSense vs Sophos XGS

Compared 7% of the time

Check Point NGFW vs Sophos XGS

Compared 6% of the time

Palo Alto Networks NG Firewalls vs Sophos XGS

Compared 6% of the time

WatchGuard Firebox vs Sophos XGS

Compared 5% of the time

More Sophos XGS Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

March 2025

Download Fortinet FortiGate product report

Buyer's Guide

Sophos XG

March 2025

Download Sophos XG product report

Buyer's Guide

Sophos XGS

March 2025

Download Sophos XGS product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

No data available

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

Sophos XG is a versatile network security solution that offers network protection, firewall management, VPN access, web filtering, and intrusion prevention, providing comprehensive security for businesses from small offices to large enterprises.

Sophos XG stands out for its Synchronized Security, easy setup, and robust templates. It manages VPN access, protects against threats, and handles load balancing and traffic monitoring. The cloud-based management, centralized dashboard, and detailed logging make it user-friendly and reliable. Integration of features like email protection, SD-WAN, and unified threat management ensures a broad spectrum of security needs are covered. However, it could benefit from improvements in network security, user portals, technical support, and more scalable SD-WAN features.

What are the key features of Sophos XG?

Synchronized Security: Orchestrates threat intelligence sharing between endpoints and firewall.
Unlimited SSL VPN Clients: Provides extensive VPN client support for secure remote access.
Cloud-Based Management: Facilitates remote administration with a cloud-hosted platform.
Intrusion Prevention: Detects and blocks potential threats in real-time.
Centralized Dashboard: Offers a comprehensive view of network security status.

What benefits and ROI should users look for in reviews?

Scalability: Easily adapts to growing business needs.
User-Friendliness: Simplified setup and intuitive management.
Effective Threat Protection: Provides robust security against a wide range of threats.
Comprehensive Reporting: Delivers detailed insights and analytics.
Cost-Effectiveness: Competitive in pricing with flexible deployment options.

Sophos XG is implemented across industries such as healthcare, education, and finance to secure sensitive data and ensure regulatory compliance. It aids in endpoint protection, application control, load balancing, and traffic monitoring essential for these industries. Enhancing network security, simplifying VPN setup, and integrating adaptive security features remain focal points for businesses.

Sophos

Sophos XGS is a comprehensive network security solution designed to protect organizations from advanced threats. It combines next-generation firewall capabilities with advanced threat protection, web filtering, and application control.

XGS has powerful deep learning technology and can detect and block even the most sophisticated malware and ransomware attacks. It also offers granular control over web access, allowing organizations to enforce policies and prevent access to malicious or inappropriate websites. Additionally, XGS provides application control features, enabling organizations to manage and prioritize network traffic based on specific applications or user groups.

With its intuitive management interface and centralized reporting, XGS offers easy deployment and monitoring of network security.

Sophos

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

Information Not Available

Buyer's Guide

Sophos XG vs. Sophos XGS

March 2025

Free Report: Sophos XG vs. Sophos XGS

Find out what your peers are saying about Sophos XG vs. Sophos XGS and other solutions. Updated: March 2025.

DOWNLOAD NOW

842,296 professionals have used our research since 2012.

See our Sophos XG vs. Sophos XGS report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.