Try our new research platform with insights from 80,000+ expert users

Sophos XG vs Stormshield Network Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
318
Ranking in other categories
Firewalls (2nd), Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Sophos XG
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
201
Ranking in other categories
Firewalls (4th)
Stormshield Network Security
Average Rating
7.8
Reviews Sentiment
6.0
Number of Reviews
17
Ranking in other categories
Unified Threat Management (UTM) (12th)
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
SherifFouad - PeerSpot reviewer
Gives us customizable policies, modifiable templates, and customized rules for single users
The major problem that I am facing, and I know that others are facing as well, is with the HTTPS classic, in general, or any classic that works on Secure Socket Layers. Let's say I set up a rule to block users from accessing YouTube or Facebook. The rule will only block the HTTP traffic, which is non-secure traffic. But most websites right now, most of the reputable web services providers, for extra security for their own web servers and for the user's security, provide a connection over Secure Socket Layer. The problem comes when you are trying to block, or allow, similar traffic that uses HTTPS. You have to create a certificate and import it into the users' web browsers, whatever they are using. Now, this is not a problem when you're dealing with users stationed and fixed in a specific site or location. They are using desktops, they will never take the desktops and go home with them, nor will they ever take the desktops and travel to another country, or another site with it. The problem occurs when you're dealing with roaming users who use laptops and have to move between different sites that have different types of policies applied to them. You have to import all sorts of certificates from each site into their browser. Doing so will most probably conflict with something else that is totally irrelevant and cause a problem. A way around this is if you are using authentication with Active Directory. But most of the time, especially if you're operating in a remote site with a very slow internet connection, if it's available in the first place, authentication with Active Directory is impossible. So it needs an easier way to apply HTTPS filters, without importing certificates into users' browsers and without the need for using an Active Directory. There must be a way around it. There are workarounds. But with applied workarounds, it will work out once, it won't work out properly 10 other times. That is my only request. Also, since Sophos took over Cyberoam, the online technical library and support library have become super messy. To get a piece of information is becoming a nightmare. They need to reorganize the online technical support and technical library. The easiest way to overcome this is to look at how the Cyberoam online technical library was structured and to build the Sophos technical library the same way. It is messy, totally unorganized, time-wasting. Instead of getting what you want in five minutes it takes half an hour.
Ben_Ben - PeerSpot reviewer
The intrusion detection system helps our organization by automatically detecting and responding to potential threats
The tool's most valuable feature is its dashboard, which helps you manage different aspects of a single page. The intrusion detection system helps our organization by automatically detecting and responding to potential threats. It operates similarly to Darktrace, which detects and responds automatically based on the security rules you apply. Initially, you configure everything to block, and then you can whitelist specific items as needed.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Initial setup is straightforward. There weren't too many issues with setting it up. It takes one hour or so."
"It's very easy to configure."
"It works very well. It has a lot of different functionalities. Its cost is also fine for our customers."
"We use the FortiGate Sandbox to detect zero-day vulnerabilities, such as anomalies or malware, that are unknown and have not yet been discovered."
"It is user friendly, and has all the features you need."
"The features that prevent internet connections, the filtering are the most valuable because we did not have any internet protection before."
"The most valuable features of Fortinet FortiGate are the different types of profiling. It has been the most effective for me. The WAF and the antivirus profile are the most effective in network protection."
"Our project needs to link two sides through the internet. One of these was in Cairo and the other in another city. We used FortiGate as the integrating solution between the two locations, i.e. the Fortinet 30E & 100E."
"The performance of Sophos XG is generally good and it is stable."
"Overall the solution works well."
"So far, I'm happy that they have recently added a firewall role, so I feel a little more comfortable with the security. The threat management is good."
"We can configure rules with the user, traffic, etc., making it a very versatile solution for our network."
"The most valuable features of Sophos XG for our use cases are its firewall capabilities, its ability to connect to wide area and local networks, and its VPN functionality."
"This kind of strategic technology makes it much easier to remove malware and address vulnerabilities quickly."
"Customer service and support for Sophos XG is excellent, and I would rate it as a ten."
"The most valuable feature is the VPN aspect."
"I like how you can configure the rules. There is the task for the rules and a task for the network configuration. It also provides SMD filtering, and it can be integrated with the active directory for the users, their mission, and the VPN configuration. We are here in Sudan, and Stormshield didn't work in Sudan for more than a decade. Stormshield is a very strong firewall and very easy to configure and maintain. I am just working with the firewall solution, and we don't have any other solutions like endpoint solutions or something like that."
"I can see what traffic is going on. I can easily block any programs from attacks."
"The tool's most valuable feature is its dashboard, which helps you manage different aspects of a single page. The intrusion detection system helps our organization by automatically detecting and responding to potential threats. It operates similarly to Darktrace, which detects and responds automatically based on the security rules you apply. Initially, you configure everything to block, and then you can whitelist specific items as needed."
"Our organization's main concern is stability, and this is a stable solution."
"This solution is quick and easy to configure."
"The tool's most valuable feature is its dashboard, which helps you manage different aspects of a single page."
"A very robust product."
"I like that it works fine. Stormshield is a very good solution."
 

Cons

"The renewal price and the availability could be improved."
"The updates Fortinet provides are sometimes unstable."
"They've become quite expensive."
"Fortinet Fortigate could benefit by simplifying some of their processes."
"The feature which gives us a lot of pain is ASIC architecture."
"The configuration part was challenging, especially converting configurations from another OEM to FortiGate."
"There can be more security in hybrid implementations. When a customer has a hybrid environment where some parts are in the cloud, we need a consistent security solution for such scenarios."
"Fortinet FortiGate could improve the user interface. There should be more functionality and options through the GUI."
"The solution’s reporting could be improved."
"The reaction time of the GUI is terrible when compared to other manufacturers."
"The solution could improve by making the graphical interface better and increasing the performance."
"I used to work with Fortinet, and sometimes I see that the SD-WAN feature could be better because it's much easier in Fortinet."
"The number of ports, especially on the entry-level appliances, should be increased."
"When it comes to improvements that the vendor can make, we see that the cloud integration for managing all the firewalls is essentially a replacement of the on-prem version we had and is not sufficiently mature."
"In Sophos XG, the throughput for larger networks is an area of concern where improvements are required."
"Sophos XG's user interface has some room for improvement."
"A more user-friendly interface would be helpful."
"With Stormshield, there are difficulties joining things, and it can be complex depending on the architecture."
"Improvement is needed in terms of the technical support of the manufacturer."
"Stormshield Network Security is quite expensive."
"The product must improve its pricing."
"Not all the fields are activated yet and we were informed that it will take at least one month."
"The biggest issue was their support department was not able to help us, then everything stops. This is a no-go area for me."
"The SD card could be more secure."
 

Pricing and Cost Advice

"The price of Fortinet FortiGate is the lowest in the market."
"The price for the Fortinet FortiGate is reasonable. Secure SD-WAN is free of charge. If you have their firewall, it's free of charge. It's very tempting."
"Here in Brazil, we're going through difficult economic times and the tax on the dollar is high. All the solutions from minor competitors are growing in the market. The prices have come more competitive."
"The price could be lower."
"It is expensive. You need to pay for the subscription every year, which is very expensive. The subscription includes technical support and hardware exchange in case of failure."
"I think that the pricing is fair."
"​We saved a bundle by not needing all the past appliances from an NGFW.​"
"Their licensing costs are annual. The UTM feature license along with their support is called FortiCare. We include that as a part of the annual maintenance cost. Palo Alto or Juniper also have an annual subscription charge for UTM. Price, of course, can always be more competitive, but it is not the most expensive product. The price-performance ratio is quite high for FortiGate."
"There is a license required for this solution that is priced well and all the features are included."
"I use Sophos Firewall Home Edition, which is available for free."
"For our company, the price was reasonable."
"It's a suitable price and license."
"The price for the firewall is reasonable."
"There is a license required to use this solution and my customers pay for it annually."
"For every firewall, you will need to pay the license for the following year. If they don't pay for the license renewal, they basically won't get the support from Sophos."
"We have a three-year license."
"The price of this solution and the price of support are ok."
"We bought a three-year license, and we renew it whenever it expires. The price could be better. It's always very expensive."
"For mid-sized companies, they sell their appliances for good prices."
"The SN200 series costs between $500 USD and $600 USD per year, whereas the SN700 series costs approximately $1,000 annually."
"I think the price is good."
"We chose Stormshield for its price, as the Azure firewall was too expensive."
"The pricing could be better."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Comms Service Provider
7%
Manufacturing Company
6%
Computer Software Company
16%
Comms Service Provider
9%
Manufacturing Company
7%
Financial Services Firm
6%
Computer Software Company
22%
Comms Service Provider
16%
Government
9%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Which is better - Palo Alto Networks NG Firewalls or Sophos XG?
Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...
What are the main differences in features between Sophos XG and FortiGate 80F?
Hi Arvind P , The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form Fact...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
No data available
NETASQ Firewalls
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
Information Not Available
ACESUR group, Ministry of Education Oman, Anios Laboratories, Zain, DLM Location
Find out what your peers are saying about Sophos XG vs. Stormshield Network Security and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.