Try our new research platform with insights from 80,000+ expert users

Sophos XGS vs WatchGuard Firebox comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
318
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Sophos XGS
Ranking in Firewalls
13th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
82
Ranking in other categories
No ranking in other categories
WatchGuard Firebox
Ranking in Firewalls
12th
Average Rating
8.4
Reviews Sentiment
7.5
Number of Reviews
86
Ranking in other categories
Unified Threat Management (UTM) (3rd)
 

Mindshare comparison

As of April 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.1%, up from 17.7% compared to the previous year. The mindshare of Sophos XGS is 2.4%, up from 1.0% compared to the previous year. The mindshare of WatchGuard Firebox is 3.0%, up from 2.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Jaffar Ali - PeerSpot reviewer
Has provided stability, security, ease of management, and better reporting options
People use Sophos XGS because the overall channel support is very good, so they don't face issues. Additionally, it is competitive in pricing against Fortinet in some cases, especially when considering high availability, email subscriptions, and gateways Sophos XGS has provided stability,…
CarlosArdila - PeerSpot reviewer
Serves as the main firewall for customers' premises and data centers
The initial setup is straightforward. You can deploy it on-premises or using the cloud. If you configure the device to connect to the cloud, you can deploy the Firebox based on templates. You can add a template for a specific client and deploy it for a particular use case. For example, if you're setting it up for a restaurant or a cafe, you can have templates tailored for those businesses. This significantly reduces deployment time, especially if you have several customers of the same type of business. One person is enough for the solution's deployment, but it will run in less than an hour. A network security engineer meets with clients to gather configuration requirements. He prepares a configuration template before the implementation. When he arrives at the site, he turns on the device, applies the template, tests everything, and then migrates the settings from the existing router or firewall to the Firebox.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Its user interface is good, and it is always working fine."
"FortiGate Secure SD-WAN includes best-of-breed next-generation firewall (NGFW) security, SD-WAN, advanced routing, and WAN optimization capabilities, delivering a security-driven networking WAN edge transformation in a unified offering."
"It's user-friendly and easy to operate."
"I appreciate FortiGate's flexibility, which allows for centralized management through FortiManager."
"The most valuable feature of this solution is the analytics."
"It is useful for protecting and segregating the internal networks from the internet. Most of our customers also use the FortiGate client to connect to their offices by using the VPN client, and of course, they usually activate the antivirus, deep inspection, and intrusion prevention services. They are also using it for web filtering and implementing various policies dealing with forwardings, NAT, etc."
"What's most important is the ease of use."
"Fortinet FortiGate meets all the security demands of my industry. It covers endpoint security, including web interface, DNS security, and ELP. I'm currently using the latest version. The features that have most improved our network security are Web Control, filtering, application control, IDS, IPS policies, and Deep SSL inspection."
"It offers an easy initial implementation."
"Sophos has a centralized management system where I can manage and control all the Sophos firewalls at the same time."
"Sophos XGS is profound as a firewall and security product."
"It's user-friendly and quite easy to configure. It's easy to communicate with the Sophos support team."
"Setup was straightforward. One person is enough for deployment."
"There are good KCL rules and policies as well as NATing rules."
"The most valuable feature of Sophos is the VPN solution. I also value their threat management, IPS IDS features and login features with single sign-on."
"The product was easy for us to install."
"The ease of use is most valuable. You can quickly train someone who hasn't seen a firewall in life. You can get people up to speed, and in a few months, they are able to manage this product very easily. It is a very user-friendly, scalable, and stable product. Its price is also spot-on."
"The most effective and helpful features of WatchGuard Firebox, especially when purchased with the full suite of applications, are its bundled applications and subscriptions for comprehensive protection against various threats."
"Their support is excellent, and the stability is very good."
"The main reason we went with it was the security protocols. They were more robust on this device."
"It's hard to pick one feature over another. But if I had to pick one, the UTM would be the most valuable because of the notification. I get notified via email if there is any type of threat detection or alert, telling me something is wrong."
"I like the High Availability features of the newest ones I'm using because they allow a firewall to fail and still be up and running."
"The solution simplifies my business. Normally, for administration, we are using NetApp System Manager on Window since it's easy to create new policies. In a short amount of time, you can create new policies based on new requirements. For example, in the last few months, many requirements changed due to the coronavirus, adding the use of new services, like Office 365, and eLearning tools, like Zoom."
"Their centralized console simplifies management for organizations with multiple Fireboxes."
 

Cons

"You do need some IT knowledge in order to effectively work with the solution."
"Scalability is one of the disadvantages. When it comes to scalability, you have to actually change the box. If you want to upgrade it, you need to actually change the existing box and probably you take the system off to other sites."
"Due to its higher cost, Fortinet FortiGate can lead to increased operational expenses."
"Application management can be improved."
"Its price could be better."
"I think that the infrastructure for the VPN could be improved. The way that it is bundled also made it difficult to use and sell as it is too expensive."
"There are some problems that support cannot give you a logical reason as to why it happened. For example, I had a case where I was dealing with a WhatsApp application that was giving issues. Technical support gave more than one reason it could be giving issues, but none of them solved the problem. Eventually I solved the problem, but it was far from the solutions that support had given."
"I don't really have anything negative to say as far as Fortinet firewalls are concerned. If anything, they can support a user a little bit better. They can stop being so time-sensitive about how much time the support call has taken, and they can help you do it yourself."
"It has recently started to suddenly block and crash."
"Level one technical support is not good at all and needs to be improved."
"Sophos should work on its marketing strategy as it seems to lag behind Fortinet."
"The configurations can be a bit complex."
"The customer service response time can be improved."
"Deployment could be easier."
"Support is great, however, it can always be improved."
"Sophos XGS's response to zero-day attacks could be improved."
"The way Secure Sign-On authentication is happening needs to be improved. When the Secure Sign-On portal is turned on, anybody who comes into the campus, whether he or she is a staff member or a guest, has to go past the initial portal. One of the shortcomings is the username. It shouldn't allow permutations or combinations with upper or lower cases. For example, when there is a username abc, it shouldn't allow ABC or Abc. It should not allow the same username, but currently, two separate people can go in. Therefore, its authentication or validation should be improved, and the case sensitiveness should be picked up. If I have restricted someone to two devices, they shouldn't be able to use different combinations of the same username and get into the third or fourth device. It shouldn't allow different combinations of alphabets to be used to log in."
"Sometimes I would like to copy a rule set from one box to another box in a direct way. This is a feature that is not present at the moment in WatchGuard."
"We would like to see granular notification settings and more advanced filtering in traffic monitoring."
"I haven’t dug deeply into the reporting features yet or if they are working well. However, I have generated several reports and there was too much unnecessary information, in comparison with the reporting features in the Sophos firewall. Sophos' reporting is more readable and easier to configure."
"This solution needs the option to add an external hard drive."
"What could use some significant improvement in WatchGuard Firebox would be its interface and policy management. An additional feature I'd like to see in the next release of WatchGuard Firebox is the ability to modify an existing policy instead of having to recreate a policy when changes are necessary. At the moment, there's no possibility to modify the policy. You have to delete the policy and recreate it."
"The reporting is a little on the weak side. I would like to see a better reporting set and easier drill-down options."
"The drawbacks are just sometimes not having the technical information that we need in order to easily make connections with all of our Internet-based clients."
 

Pricing and Cost Advice

"The price of FortiGate support is too expensive."
"The pricing is justified. It's a little pricey, but what you pay for is what you get."
"Compared to other firewall products, it's a little cheaper in terms of pricing."
"The price is highly competitive when compared to other brands that offer similar functionality."
"As far as I'm aware, in our case, it's just a yearly pricing arrangement with no additional licensing costs."
"It's a very full-featured and it's priced well solution."
"Fortinet FortiGate's price can be reduced."
"It is cost-effective, and provides a good value for your money. The pricing, and license renewal, is very reasonable for us."
"Sophos XGS is competitively priced."
"The price of Sophos XGS is average compared to other offers from other OEMs."
"Sophos XGS is priced lower than some of its competitors, such as Fortinet"
"Once you pay for the Sophos XGS hardware there is no license required. There are additional costs if you want the support. We have purchased support for three years."
"Sophos XGS costs around $75,000 for fifty units."
"I live in Bolivia and the price of Sophos XGS is high. However, they have adjusted their price a little over the past while but the price could still be less expensive to be affordable."
"It is roughly around $4,000."
"It's highly effective and well-suited for medium and small companies. The pricing is attractive, and our customers find it suitable for regular license renewals."
"The subscription that was purchased is for three years, but it is usually for one year at a time."
"Despite the fact that there is always room for improvement, the current pricing of the solution is still lower compared to its competitors."
"We are utilizing an MSP licensing model and are content with the minimal amount spent on the devices rather than committing to long-term licensing."
"I spent $600 or $800 on this product and I'm paying a couple of hundred dollars a year in a subscription service to keep the lights on, on it... It works out to $100 or $200 a year if you buy several years at once. It's fair."
"The solution is not expensive and customers pay for a yearly license."
"The licensing can be a one-time purchase unless you need the extra services for example twenty-four seven support."
"WatchGuard had a very competitive price. It was only 10 to 20 percent more than a single instance device but with that extra cost it provided a second load balancing device... unlike other brands whose method of hardware and software licensing would have doubled our cost."
"I think the tool is quite competitive compared to the other brands."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
842,767 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Comms Service Provider
7%
Manufacturing Company
6%
Computer Software Company
16%
Manufacturing Company
9%
Comms Service Provider
8%
Educational Organization
6%
Computer Software Company
17%
Comms Service Provider
11%
Hospitality Company
6%
Educational Organization
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
What do you like most about Sophos XGS?
The policies are the greatest feature. They allow us to configure granular control over our network traffic.
What is your experience regarding pricing and costs for Sophos XGS?
The pricing is justified, and the solution is considered budget-friendly compared to other vendors.
What needs improvement with Sophos XGS?
Hardware stability needs improvement. I have experienced multiple hardware complaints, particularly during firmware u...
What is your primary use case for WatchGuard Firebox?
We are providing our services to all WatchGuard customers in the region.
What is your primary use case for WatchGuard Firebox?
We just use it as a secondary WiFi device. We're a small office and we needed to set up a WiFi device for a few of ou...
What is your primary use case for WatchGuard Firebox?
We're a hospital and we use it for developing our incoming and outgoing policies, and we also use it for VPN.
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
No data available
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
Information Not Available
Ellips, Diecutstickers.com, Clarke Energy, NCR, Wrest Park, Homeslice Pizza, Fortessa Tableware Solutions, The Phoenix Residence
Find out what your peers are saying about Sophos XGS vs. WatchGuard Firebox and other solutions. Updated: March 2025.
842,767 professionals have used our research since 2012.