Sophos XG vs Stormshield Network Security comparison

Sophos and Stormshield are both solutions in the Firewalls category. Additionally, 92% of Sophos users are willing to recommend the solution, compared to 85% of Stormshield users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Sophos XG and Stormshield Network Security based on real PeerSpot user reviews.

Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Sophos XG vs. Stormshield Network Security Report (Updated: March 2025).

Buyer's Guide

Sophos XG vs. Stormshield Network Security

March 2025

Download the complete report

Helped 841,004 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Featured Reviews

EhabAli

Sr. Cybersecurity Solutions Architect at BMB

Efficient, user-friendly, and affordable

In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.

Read full review

SherifFouad

ICT Manager at a mining and metals company with 1,001-5,000 employees

Gives us customizable policies, modifiable templates, and customized rules for single users

The major problem that I am facing, and I know that others are facing as well, is with the HTTPS classic, in general, or any classic that works on Secure Socket Layers. Let's say I set up a rule to block users from accessing YouTube or Facebook. The rule will only block the HTTP traffic, which is non-secure traffic. But most websites right now, most of the reputable web services providers, for extra security for their own web servers and for the user's security, provide a connection over Secure Socket Layer. The problem comes when you are trying to block, or allow, similar traffic that uses HTTPS. You have to create a certificate and import it into the users' web browsers, whatever they are using. Now, this is not a problem when you're dealing with users stationed and fixed in a specific site or location. They are using desktops, they will never take the desktops and go home with them, nor will they ever take the desktops and travel to another country, or another site with it. The problem occurs when you're dealing with roaming users who use laptops and have to move between different sites that have different types of policies applied to them. You have to import all sorts of certificates from each site into their browser. Doing so will most probably conflict with something else that is totally irrelevant and cause a problem. A way around this is if you are using authentication with Active Directory. But most of the time, especially if you're operating in a remote site with a very slow internet connection, if it's available in the first place, authentication with Active Directory is impossible. So it needs an easier way to apply HTTPS filters, without importing certificates into users' browsers and without the need for using an Active Directory. There must be a way around it. There are workarounds. But with applied workarounds, it will work out once, it won't work out properly 10 other times. That is my only request. Also, since Sophos took over Cyberoam, the online technical library and support library have become super messy. To get a piece of information is becoming a nightmare. They need to reorganize the online technical support and technical library. The easiest way to overcome this is to look at how the Cyberoam online technical library was structured and to build the Sophos technical library the same way. It is messy, totally unorganized, time-wasting. Instead of getting what you want in five minutes it takes half an hour.

Read full review

Ben_Ben

Network Engineer at ACS

The intrusion detection system helps our organization by automatically detecting and responding to potential threats

The tool's most valuable feature is its dashboard, which helps you manage different aspects of a single page. The intrusion detection system helps our organization by automatically detecting and responding to potential threats. It operates similarly to Darktrace, which detects and responds automatically based on the security rules you apply. Initially, you configure everything to block, and then you can whitelist specific items as needed.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough."

"I'm pretty happy with its reliability. It is also very scalable."

"It's super reliable. I don't think I've ever had a reliability issue with it."

"Provides good firewall security and has great VPN features."

"Fortinet FortiGate meets all the security demands of my industry. It covers endpoint security, including web interface, DNS security, and ELP. I'm currently using the latest version. The features that have most improved our network security are Web Control, filtering, application control, IDS, IPS policies, and Deep SSL inspection."

"The most valuable feature of this solution is Quota."

"FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features."

"The threat prevention is the solution's most valuable aspect."

More Fortinet FortiGate pros

"The features that I have found most valuable are first the Web Filter and the Web Application Firewall SD-Wan on Version 18. Additionally, RED Tunnels allows a Sophos vital to speak to another Sophos vital in headquarters."

"Sophos is a comrehensive solution which allows me to configure all the attendant products, such as Sophos' firewall, Endpoint and Encryption features."

"We found the initial setup to be straightforward."

"We recommend Sophos XG as a priority as it is much more reliable and has efficient technical assistance."

"This is a very stable solution."

"The VPN is easy and has good logging, monitoring and notifications."

"The most valuable feature, according to the setup we have at our work place here, is the flexibility of the system or the firmware that's running the appliance. It's so flexible, performing multiple rules with different configurations. According to the set up here, we need to implement several firewalls with different access levels, because we have a variety of users. For this requirement, it's very flexible and very easy to use."

"SD-WAN features should be added."

More Sophos XG pros

"It's an easy, straightforward management platform to use."

"This solution is quick and easy to configure."

"The tool's most valuable feature is its dashboard, which helps you manage different aspects of a single page."

"I can see what traffic is going on. I can easily block any programs from attacks."

"I like how you can configure the rules. There is the task for the rules and a task for the network configuration. It also provides SMD filtering, and it can be integrated with the active directory for the users, their mission, and the VPN configuration. We are here in Sudan, and Stormshield didn't work in Sudan for more than a decade. Stormshield is a very strong firewall and very easy to configure and maintain. I am just working with the firewall solution, and we don't have any other solutions like endpoint solutions or something like that."

"Easily manageable in a variety of environments."

"The most valuable features are the IPS, the firewall function, and the price."

"A very robust product."

More Stormshield Network Security pros

Cons

"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files."

"There are a lot of bugs I have found in the solution and it is difficult to upgrade. These areas need improvement."

"I would like Fortinet to add more automation to FortiGate."

"I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE."

"I need user-behavior analytics, to find threat scenarios from inside the organization, insider attacks. That would be very helpful for us. In addition, I would like next-generation features for small and medium businesses. These businesses require UTM, all in one product. Fortinet must include it."

"The solution lacks multi-language support."

"There are just some services that aren't available. For example, the Ethernet or point-to-point protocols. They could add these services to their product offering - especially services for ISPs."

"Fortinet FortiGate should improve the VPN tokens."

More Fortinet FortiGate cons

"They made some changes to the firmware update sometime last year, which moved some of the policies from where they were before. Some of the policies, such as NAS policies, were separated, which made it a bit hard for people to trace the policies they had configured."

"It is performing well. However, the only challenges that we are facing are the effectiveness with blocking the proxy and tuneling applications, aside from proxy and similar applications. So the application filter on the product is not really performing 100%. Every now and then there are some updates that are happening on such applications, and it takes time until it gets the appropriate updates and becomes capable of capturing such applications and blocking them. A new feature I would really like to see would be some sort of an enhanced application filter with greater efficiency when it comes to the applications that can bypass firewall policies. These applications are really a nightmare. Once they are on the network and not detected, or the appliance is not really successful in capturing them and unblocking them, the bandwidth gets wasted all the time."

"We are not very happy with the customer support they provide — it's quite slow."

"One feature I would like to add is remote wipeout capability. This would be useful in cases where a user leaves the organization and fails to return their laptop. Remote wipeout would allow for the deletion of data from the device with a single command. Regarding technical support from Sophos XG, it's generally satisfactory. However, the response time could be improved. It takes around one hour to receive assistance, but reducing this to 30-45 minutes would benefit us."

"The areas needing improvement are support and configuration."

"Let's say I set up a rule to block users from accessing YouTube or Facebook. The rule will only block the HTTP traffic, which is non-secure traffic... The problem comes when you are trying to block, or allow, similar traffic that uses HTTPS. You have to create a certificate and import it into the users' web browsers, whatever they are using... The problem occurs when you're dealing with roaming users who use laptops and have to move between different sites that have different types of policies applied to them. You have to import all sorts of certificates from each site into their browser. Doing so will most probably conflict with something else that is totally irrelevant and cause a problem."

"The cloud support needs to be improved."

"This solution could be improved with more effective bandwidth. I found that when I enable DDoS detection for our clients, bandwidth is reduced. If DDoS detection is disabled, the bandwidth will be high, but it isn't secure. We recommend that customers enable DDoS detection, but if they need high bandwidth, we recommend Palo Alto and FortiGate instead of Sophos."

More Sophos XG cons

"The SD card could be more secure."

"The biggest issue was their support department was not able to help us, then everything stops. This is a no-go area for me."

"Improvement is needed in terms of the technical support of the manufacturer."

"The filtering configuration could be better. We have some difficulties with the filtering configuration and the filter extension. It's not that easy. It's not that straightforward. In the next release, I would like to see a reporting system. Stormshield doesn't have any tutorials on how to do the configuration and things like that. They just have documentation on the website. If you want to configure, for example, Cisco or Fortinet, you can find tutorials on YouTube. They show you how to configure the features, and so on. In Stormshield, there is nothing on social media or the internet on how to configure different things. The lack of documentation or the lack of material makes it difficult for others to adopt this solution."

"Stormshield Network Security is quite expensive."

"This solution has a big problem with web filtering and it needs to be improved."

"It could be better if it were more user-friendly. It's too complicated for us to use it. The price could be better as well."

"A more user-friendly interface would be helpful."

More Stormshield Network Security cons

Pricing and Cost Advice

"The price of Fortinet FortiGate could improve, it is expensive."

"The price depends on the size of the company. From the beginning, you just want to know the internet bandwidths, speed, and the number of users to be able to offer the right product and model. They have a lot of products in FortiGate according to the size of the company, like 200D and 300D."

"It is an inexpensive solution."

"The solution requires a license annually, it is not a user license, you can have as many users as your want. I must renew the license regularly per device."

"This is not a cheap solution but it isn't expensive, either. It's a good solution for the right price."

"It is too expensive for us. My organization is very small, and we have a total of ten users. We have three internal users and seven external users. The FortiGate 100D series is too expensive for renewing the licenses."

"The price of Fortinet FortiGate is reasonable."

"The price is okay."

More Fortinet FortiGate pricing and cost advice

"The price is less expensive compared to others."

"Annual standard licensing fee."

"It is not that expensive compared to the other solutions. It is about the same price range as Fortigate, which we used previously. Licensing is on a yearly basis."

"The price of Sophos in PTR is significantly higher compared to Fortinet."

"The price is in the mid-range and it is very good for small to medium-sized businesses."

"We have a three-year license."

"The hardware is inexpensive but the license is expensive."

"When compared to other products, Sophos licensing is very affordable."

More Sophos XG pricing and cost advice

"I think the price is good."

"For mid-sized companies, they sell their appliances for good prices."

"We bought a three-year license, and we renew it whenever it expires. The price could be better. It's always very expensive."

"The SN200 series costs between $500 USD and $600 USD per year, whereas the SN700 series costs approximately $1,000 annually."

"We chose Stormshield for its price, as the Azure firewall was too expensive."

"The pricing could be better."

"The price of this solution and the price of support are ok."

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

841,004 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

22%

Computer Software Company

14%

Comms Service Provider

Manufacturing Company

Computer Software Company

16%

Comms Service Provider

Manufacturing Company

Financial Services Firm

Computer Software Company

23%

Comms Service Provider

15%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

Which is better - Palo Alto Networks NG Firewalls or Sophos XG?

Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...

See all answers

What are the main differences in features between Sophos XG and FortiGate 80F?

Hi Arvind P , The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form Fact...

See all answers

What do you like most about Sophos XG?

IPS works smoothly.

See all answers

What do you like most about Stormshield Network Security?

Ease of use is the best feature of the product.

See all answers

What is your experience regarding pricing and costs for Stormshield Network Security?

We pay for the quality we receive.

See all answers

What needs improvement with Stormshield Network Security?

The product must improve its pricing.

See all answers

Comparisons

Netgate pfSense vs Fortinet FortiGate

Compared 14% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 11% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

Meraki MX vs Fortinet FortiGate

Compared 5% of the time

SonicWall TZ vs Fortinet FortiGate

Compared 5% of the time

More Fortinet FortiGate Competitors

Netgate pfSense vs Sophos XG

Compared 11% of the time

OPNsense vs Sophos XG

Compared 8% of the time

Sophos XGS vs Sophos XG

Compared 6% of the time

SonicWall TZ vs Sophos XG

Compared 4% of the time

Palo Alto Networks NG Firewalls vs Sophos XG

Compared 3% of the time

More Sophos XG Competitors

Netgate pfSense vs Stormshield Network Security

Compared 21% of the time

OPNsense vs Stormshield Network Security

Compared 7% of the time

Palo Alto Networks NG Firewalls vs Stormshield Network Security

Compared 6% of the time

WatchGuard Firebox vs Stormshield Network Security

Compared 6% of the time

Cisco Secure Firewall vs Stormshield Network Security

Compared 4% of the time

More Stormshield Network Security Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

March 2025

Download Fortinet FortiGate product report

Buyer's Guide

Sophos XG

February 2025

Download Sophos XG product report

Buyer's Guide

Stormshield Network Security

February 2025

Download Stormshield Network Security product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

No data available

NETASQ Firewalls

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

Sophos XG is a versatile network security solution that offers network protection, firewall management, VPN access, web filtering, and intrusion prevention, providing comprehensive security for businesses from small offices to large enterprises.

Sophos XG stands out for its Synchronized Security, easy setup, and robust templates. It manages VPN access, protects against threats, and handles load balancing and traffic monitoring. The cloud-based management, centralized dashboard, and detailed logging make it user-friendly and reliable. Integration of features like email protection, SD-WAN, and unified threat management ensures a broad spectrum of security needs are covered. However, it could benefit from improvements in network security, user portals, technical support, and more scalable SD-WAN features.

What are the key features of Sophos XG?

Synchronized Security: Orchestrates threat intelligence sharing between endpoints and firewall.
Unlimited SSL VPN Clients: Provides extensive VPN client support for secure remote access.
Cloud-Based Management: Facilitates remote administration with a cloud-hosted platform.
Intrusion Prevention: Detects and blocks potential threats in real-time.
Centralized Dashboard: Offers a comprehensive view of network security status.

What benefits and ROI should users look for in reviews?

Scalability: Easily adapts to growing business needs.
User-Friendliness: Simplified setup and intuitive management.
Effective Threat Protection: Provides robust security against a wide range of threats.
Comprehensive Reporting: Delivers detailed insights and analytics.
Cost-Effectiveness: Competitive in pricing with flexible deployment options.

Sophos XG is implemented across industries such as healthcare, education, and finance to secure sensitive data and ensure regulatory compliance. It aids in endpoint protection, application control, load balancing, and traffic monitoring essential for these industries. Enhancing network security, simplifying VPN setup, and integrating adaptive security features remain focal points for businesses.

Sophos

NETASQ's integrated intrusion prevention engine uses protocol conformity analysis, application filtering and antivirus analysis to inspect authorized traffic flows and strengthen application security. NETASQ enables you to establish and configure user-based security policies, giving you greater control over which network resources each user is authorized to access.

Stormshield

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

Information Not Available

ACESUR group, Ministry of Education Oman, Anios Laboratories, Zain, DLM Location

Buyer's Guide

Sophos XG vs. Stormshield Network Security

March 2025

Free Report: Sophos XG vs. Stormshield Network Security

Find out what your peers are saying about Sophos XG vs. Stormshield Network Security and other solutions. Updated: March 2025.

DOWNLOAD NOW

841,004 professionals have used our research since 2012.

See our Sophos XG vs. Stormshield Network Security report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.