Try our new research platform with insights from 80,000+ expert users

Sophos XG vs Stormshield Network Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
318
Ranking in other categories
Firewalls (2nd), Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Sophos XG
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
201
Ranking in other categories
Firewalls (4th)
Stormshield Network Security
Average Rating
7.8
Reviews Sentiment
6.0
Number of Reviews
17
Ranking in other categories
Unified Threat Management (UTM) (12th)
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
SherifFouad - PeerSpot reviewer
Gives us customizable policies, modifiable templates, and customized rules for single users
The major problem that I am facing, and I know that others are facing as well, is with the HTTPS classic, in general, or any classic that works on Secure Socket Layers. Let's say I set up a rule to block users from accessing YouTube or Facebook. The rule will only block the HTTP traffic, which is non-secure traffic. But most websites right now, most of the reputable web services providers, for extra security for their own web servers and for the user's security, provide a connection over Secure Socket Layer. The problem comes when you are trying to block, or allow, similar traffic that uses HTTPS. You have to create a certificate and import it into the users' web browsers, whatever they are using. Now, this is not a problem when you're dealing with users stationed and fixed in a specific site or location. They are using desktops, they will never take the desktops and go home with them, nor will they ever take the desktops and travel to another country, or another site with it. The problem occurs when you're dealing with roaming users who use laptops and have to move between different sites that have different types of policies applied to them. You have to import all sorts of certificates from each site into their browser. Doing so will most probably conflict with something else that is totally irrelevant and cause a problem. A way around this is if you are using authentication with Active Directory. But most of the time, especially if you're operating in a remote site with a very slow internet connection, if it's available in the first place, authentication with Active Directory is impossible. So it needs an easier way to apply HTTPS filters, without importing certificates into users' browsers and without the need for using an Active Directory. There must be a way around it. There are workarounds. But with applied workarounds, it will work out once, it won't work out properly 10 other times. That is my only request. Also, since Sophos took over Cyberoam, the online technical library and support library have become super messy. To get a piece of information is becoming a nightmare. They need to reorganize the online technical support and technical library. The easiest way to overcome this is to look at how the Cyberoam online technical library was structured and to build the Sophos technical library the same way. It is messy, totally unorganized, time-wasting. Instead of getting what you want in five minutes it takes half an hour.
Ben_Ben - PeerSpot reviewer
The intrusion detection system helps our organization by automatically detecting and responding to potential threats
The tool's most valuable feature is its dashboard, which helps you manage different aspects of a single page. The intrusion detection system helps our organization by automatically detecting and responding to potential threats. It operates similarly to Darktrace, which detects and responds automatically based on the security rules you apply. Initially, you configure everything to block, and then you can whitelist specific items as needed.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Anti-Spam web content filterinG."
"The reporting and monitoring are very good."
"There is an easy process for configuring it, and it is straightforward to implement the device from scratch."
"We have found it to be very reliable and that's why our teams and various users in our company use it as our main firewall every day."
"Fortinet FortiGate is easy to use. Anyone can easily maintain it."
"The integration with Active Directory is one of the good features. Most of the customers are now looking for the Single Sign-on feature. So, being able to integrate Active Directory with the firewall is useful. It is also easy."
"It is simple to manage, and there are a lot of functionalities in the same box."
"The virtual firewall feature is the most valuable. We have around 1,500 firewalls. We did not buy individual hardware, and the virtual firewalls made sense because we don't have to keep on buying the hardware. FortiGate is easier to use as compared to Checkpoint devices. It is user friendly and has a good UI. You don't need much expertise to work on this firewall. You don't need to worry much about DCLA, commands, and things like that."
"It is easy to implement."
"The solution's technical support is good."
"The product offers many great features."
"The installation is easy. There is a wizard that can be used for a single connection making it simple and if you have multiple connections you can configure it manually."
"Customer service and support for Sophos XG is excellent, and I would rate it as a ten."
"Sophos XG's most effective features for threat detection and management are its UTM components, which are useful for malware prevention and intrusion detection."
"We created and configured a VPN for connecting our remote sites and also to make it more secure and reliable. We also like its two-factor authentication features."
"Web publishing is important, as well as the importance of the antivirus patch."
"The tool's most valuable feature is its dashboard, which helps you manage different aspects of a single page."
"I like that it works fine. Stormshield is a very good solution."
"Our organization's main concern is stability, and this is a stable solution."
"The solution has improved my organization because I can see what traffic is happening and I can use it to block and prevent attacks."
"Easily manageable in a variety of environments."
"It's an easy, straightforward management platform to use."
"Ease of use is the best feature of the product."
"The tool's most valuable feature is its dashboard, which helps you manage different aspects of a single page. The intrusion detection system helps our organization by automatically detecting and responding to potential threats. It operates similarly to Darktrace, which detects and responds automatically based on the security rules you apply. Initially, you configure everything to block, and then you can whitelist specific items as needed."
 

Cons

"Scalability is one of the disadvantages. When it comes to scalability, you have to actually change the box. If you want to upgrade it, you need to actually change the existing box and probably you take the system off to other sites."
"It could use more templates for third-party site-to-site VPN setups other than FortiGate and Cisco."
"The process of configuring firewall rules appears excessively complex."
"Some of the filtering is not robust, you can escape it with a VPN. Some of the users bypass some of the filters. It catches some but it also misses some, that area could be improved. It's functioning reasonably but there's room for improvement in that area."
"We were not able to build a full-mesh VPN; however, I am not sure if this was the fault of Fortinet FortiGate."
"Palo Alto has a feature called WildFire Analysis that is unavailable in FortiGate. WildFire is better than a sandbox because it can address zero-day threats and vulnerabilities. It can immediately identify zero-day threats from the cloud."
"We have an issue with hotel guest vouchers."
"Fortinet FortiGate could improve by having more capabilities for troubleshooting VPN connections. For example, I do get some feedback about the current status, but I could use some history and logging of important events. The information is logged in our Syslog server, but I could use that information from the device. If they could provide a GUI to have some more insight on what's going with my VPN would be useful."
"There should be web caching to improve bandwidth utilization. It should have a very good caching feature. That's because we are in a very poor continent, and the connectivity cost is very high. We have low bandwidth, and the intensive usage of bandwidth is not easy here in Africa. If they improve services for web caching, it would be better."
"The firewall could be made more robust, particularly by simplifying two-factor authentication."
"I'd like to see better reporting. While the logs are great, the reports are not."
"The main problem with Sophos XG today is that it doesn't have a feature where you actually know the quality of an international link, which would allow us to we know if the link is operational or not. We need more information. It's losing packets on the network. It's high latency. So, we need more information to know if the link is really bad or really good, and today, we will only know if it's working and this just isn't enough."
"The reports could improve, they do not seem complete and more information could be added."
"I would like to have more artificial intelligence in the web monitoring service that comes with it. It should alert us when particular events happen. It has already got some of that. I know that it is more of a service, and Sophos is already looking at it. It is called SIEM."
"It would be great if the user can have a portal to check on activities related to their account."
"The management console could be improved and the solution lacks good technical support."
"The SD card could be more secure."
"Stormshield Network Security is quite expensive."
"Improvement is needed in terms of the technical support of the manufacturer."
"The biggest issue was their support department was not able to help us, then everything stops. This is a no-go area for me."
"It could be better if it were more user-friendly. It's too complicated for us to use it. The price could be better as well."
"The filtering configuration could be better. We have some difficulties with the filtering configuration and the filter extension. It's not that easy. It's not that straightforward. In the next release, I would like to see a reporting system. Stormshield doesn't have any tutorials on how to do the configuration and things like that. They just have documentation on the website. If you want to configure, for example, Cisco or Fortinet, you can find tutorials on YouTube. They show you how to configure the features, and so on. In Stormshield, there is nothing on social media or the internet on how to configure different things. The lack of documentation or the lack of material makes it difficult for others to adopt this solution."
"A more user-friendly interface would be helpful."
"This solution has a big problem with web filtering and it needs to be improved."
 

Pricing and Cost Advice

"Fortinet has more device options that are affordable for small businesses than Palo Alto, and its enterprise-level models are also cheaper. Palo Alto also has a separate license for VPN connections and SD-WAN, but FortiGate offers these features standard."
"It is affordable. Palo Alto is much more expensive than Fortinet."
"The cost of Fortinet FortiGate is competitive and not expensive compared to other enterprise- grade solutions. On average, the license cost per year is around seventy percent of the firewall's purchase price."
"The support subscription for the solution is annual. You are paying for support and there are two levels of support, professional and advanced."
"Fortinet FortiGate is expensive."
"While Fortinet FortiGate has a higher price point compared to Sophos XG, its user-friendly interface justifies the cost."
"Its pricing is competitive with other solutions."
"Fortinet bundles FortiGate with other products and because of this, the price is a little expensive to some SMB enterprises."
"Sophos XG isn't expensive compared to Check Point."
"The pricing is flexible. Sophos looks at a country's economy and offers flexible pricing. This is how they have managed to penetrate the market."
"The price is less expensive compared to others."
"There is a license required for this solution that is priced well and all the features are included."
"Annual standard licensing fee."
"Sophos XG is a very good solution, and it's cheaper than most of the other vendors. It is really affordable."
"Its price is fair. It is cheaper and way better than others."
"The price is reasonable."
"The price of this solution and the price of support are ok."
"I think the price is good."
"The pricing could be better."
"We bought a three-year license, and we renew it whenever it expires. The price could be better. It's always very expensive."
"We chose Stormshield for its price, as the Azure firewall was too expensive."
"The SN200 series costs between $500 USD and $600 USD per year, whereas the SN700 series costs approximately $1,000 annually."
"For mid-sized companies, they sell their appliances for good prices."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Comms Service Provider
7%
Manufacturing Company
6%
Computer Software Company
16%
Comms Service Provider
9%
Manufacturing Company
7%
Financial Services Firm
6%
Computer Software Company
22%
Comms Service Provider
16%
Government
9%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Which is better - Palo Alto Networks NG Firewalls or Sophos XG?
Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...
What are the main differences in features between Sophos XG and FortiGate 80F?
Hi Arvind P , The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form Fact...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
No data available
NETASQ Firewalls
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
Information Not Available
ACESUR group, Ministry of Education Oman, Anios Laboratories, Zain, DLM Location
Find out what your peers are saying about Sophos XG vs. Stormshield Network Security and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.