Try our new research platform with insights from 80,000+ expert users
PeerSpot user
Senior Technical Consultant with 51-200 employees
MSP
Sophos UTM vs. Fortinet FortiGate

I have used both Sophos and Fortinet products in production and I have found the Sophos UTM appliances (hardware and virtual) to be a better fit most of the time -- with a few caveats which I will touch on below. In both instances, the transition from TMG will be mostly straightforward. The main hang-ups will be with the VIP/load balancing and SSL. For some reason that completely escapes me, both of these vendors make getting valid certificates onto their boxes unnecessarily difficult -- the Fortinet appliances more so than the Sophos UTM appliances. At one point a Fortinet engineer had to write an entire manual on how to get an SSL certificate uploaded successfully on the 4.x firmware.

Sophos: The one feature that is missing (and this makes some amount of sense) from the Sophos appliance is BITS caching for updates. Other than that, Sophos offers a full replacement for TMG on UTM9. The XG platform also offers a replacement for the TMG; however, some of the rumblings about upcoming releases suggests that Sophos is going to give XG the Apple iOS treatment and "streamline" the interface...potentially cutting out/hiding some functionality. On the effectiveness of the NGFW, Sophos is mostly good but has a few issues blocking all pieces of an application. For instance, we had to build custom blocking rules for OpenVPN (the vpn was being used to bypass the content filter) because the default Application Control wasn't effectively blocking the application.

Fortinet: If it wasn't for Fortinet's terrible tech support we would still be deploying Fortigates exclusively. So perhaps that answers your last question right upfront. FortiWeb is not absolutely required for what you are proposing; however, the FortiWeb does make the transition from TMG much easier as the FortiWeb is purpose-built to do what you are requiring. Related, the AD-integration used with Fortinet is one of the strongest implementations we have used: The SSO agents ability to poll data from the DCs without an agent allows the use of SSO with non-Windows machines that are bound to AD, which we have used extensively at both educational institutions and shops running CentOS. Transitioning to Fortinet is relatively simple: The UI makes a lot more sense than it did in the old 4.x releases, the firewall rules are straight-forward, and the reverse proxy settings are well-documented.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user326337 - PeerSpot reviewer
it_user326337Customer Success Manager at PeerSpot
Real User

Mark, how has your experience with Firewall security been since this past January?

See all 5 comments
RobertMaalouf - PeerSpot reviewer
Network and Security Specialist at Tetracom S.A.L
Real User
It blocks malware and other unauthorized apps
Pros and Cons
  • "Installing Sophos UTM is straightforward. The deployment itself doesn't take long, but you have to spend some time planning and waiting for the hardware to be delivered."
  • "Sophos customer support could use some improvement."

What is our primary use case?

We use Sophos UTM for multi-site VPN, quarantine, sandboxing, and IPF. It blocks malware and other unauthorized apps. 

For how long have I used the solution?

I've been using Sophos UTM for more than four years.

What do I think about the stability of the solution?

Sophos UTM is stable and ready for customization. 

What do I think about the scalability of the solution?

Sophos UTM is scalable. We have around 100 users, including engineers, managers, and computer scientists. We plan to increase our usage in the future. 

How are customer service and support?

Sophos customer support could use some improvement. 

Which solution did I use previously and why did I switch?

We were using something else, but we switched to Sophos because it's politically neutral. 

How was the initial setup?

Installing Sophos UTM is straightforward. The deployment itself doesn't take long, but you have to spend some time planning and waiting for the hardware to be delivered. 

What's my experience with pricing, setup cost, and licensing?

Sophos UTM should be more open-source and reduce its license cost. 

What other advice do I have?

I rate Sophos UTM 10 out of 10. If you're considering Sophos UTM, I would say go for it. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Sophos UTM
November 2024
Learn what your peers think about Sophos UTM. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.
System Analyst at Abbey Mortgage Bank
Real User
Good protection, scalable, easy to setup, and it has good local vendor support
Pros and Cons
  • "The most valuable feature is ransomware protection."
  • "I think that additional metrics features are needed to be able to monitor other areas or to monitor as much as you can, at a fine-grain resolution."

What is our primary use case?

I use this solution for my severs.

How has it helped my organization?

At some point in time, it seemed to be ravaging organizations around us and we couldn't definitely outrightly isolate ourselves from it. While we were attacked, I want to believe that it was solely because there was that in addition to the fact that there are triggers. 

We also know very well that Sophos is proactive in monitoring and protecting against malware and brute-force attacks.

It's one of the things that it is quite good for.

What is most valuable?

The most valuable feature is ransomware protection. It is known for ransomware protection.

In terms of additional features, I'm still getting to understand more about how it works.

What needs improvement?

I'm still exploring the features and I haven't used them in totality. 

I think that additional metrics features are needed to be able to monitor other areas or to monitor as much as you can, at a fine-grain resolution. This would be good. Somewhat similar to what Darktrace can do. 

Proactively understand and using AI intelligence to monitor and see activities that are away from the norm and then proactively see how they can either isolate the quarantine system and inject it back into the system upon validation.

They could explore most of the products in Symantec's and Fresh Services and run from the same file to see what additional feature one is offering.

I would also like it if they could work on the price because it is expensive.

For how long have I used the solution?

I have been using Sophos UTM for approximately three years.

What do I think about the stability of the solution?

I understand that it's had a couple of releases too frequently but I want to believe that it's relatively stable. 

I still believe that in terms of stability, Symantec is better, so this can be improved.

What do I think about the scalability of the solution?

Sophos UTM is quite scalable.

How are customer service and technical support?

I haven't had any reason to contact support directly because I have MacBytes, which happens to be a local vendor that we have been using. It's been pretty good. 

They are very good at supporting us technically when the need arises.  

Which solution did I use previously and why did I switch?

I am currently using Symantec for my own workstations and I use Sophos for my server Endpoint protection.

How was the initial setup?

The initial setup is relatively straightforward.

What's my experience with pricing, setup cost, and licensing?

The prices can be better, they could make it a lot cheaper.

What other advice do I have?

You are on the right track with Sophos UTM, but you should keep up with the trends as they become available.

I would rate Sophos UTM a nine out of ten.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
Network Security Engineer at a tech services company with 1-10 employees
Real User
Top 10
A solution that provides both easy maintenance and configuration for its users
Pros and Cons
  • "It is a stable product... I rate the solution's technical support a nine out of ten...The initial setup is quite easy because they have all the information on their website."
  • "In short, the UI and UX are the areas of improvement in Sophos UTM and similar solutions compared to Palo Alto."

What is our primary use case?

Regarding the use cases, the solution was deployed for a production client, which was a hardware production company.

What is most valuable?

The features that I have found most valuable in Sophos UTM are its scalability and feasibility, as well as the quality of its customer service, followed by the ease of maintenance and configuration of the product itself.

What needs improvement?

Palo Alto has a different market because of their dashboard, overall looks, and other features. They are costly, but their services are quite good. And they offer a different platform compared to their competitors. Their device operates differently from others. While Palo Alto and Sophos have similar features, they operate on different platforms, providing a superior user experience compared to existing devices. In short, the UI and UX are the areas of improvement in Sophos UTM and similar solutions compared to Palo Alto.

For how long have I used the solution?

I have experience with Sophos UTM for nearly two years. Recently, I deployed two Sophos solutions, one with HA and one on a primary device. The deployment process for one of the companies was done last month.

What do I think about the stability of the solution?

It is a stable product.

What do I think about the scalability of the solution?

It is a scalable product. So it is easy to scale it up.

How are customer service and support?

The solution's customer service is good. I rate the solution's technical support a nine out of ten.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is quite easy because they have all the information on their website. Customer service is available anytime, especially when you set to start the device's configuration.

Since I was just a part of the initial configuration after deployment, I don't know the steps in the deployment process.

What's my experience with pricing, setup cost, and licensing?

Both the technical and cost aspects are feasible since it is possible to obtain and use the device as a PnP solution. Considering cost and technical aspects, I rate the solution a ten out of ten.

What other advice do I have?

Even if I compare Sophos UTM with other solutions, I don't think any pros or cons stick out since our clients are okay with the solution, and there has been no complaint regarding Sophos UTM.

My advice to others planning to use the solution is that it is quite easy. You can simply refer to the solution's blog or YouTube videos and install the solution. It's also quite easy to configure it. So, if you purchase it by yourself, you can configure it and use it on your particular network.

I love working with Palo Alto. So, I would like to give it a ten out of ten. Also, Palo Alto has a different market. So, I would always give a nine out of ten for other solutions. Overall, I rate the solution a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
PeerSpot user
AlaaMady - PeerSpot reviewer
System Administrator at a insurance company with 51-200 employees
Real User
A useable solution for small businesses who are willing to rely on cloud-based, centralized management of the software
Pros and Cons
  • "The initial setup was easy."
  • "I would like this solution to support ICAP. Also, they no longer support on-premises management, and are forcing clients to use centralized management via the cloud, which I don't agree with."

What is our primary use case?

We use it as an internet firewall, and as our web application firewall.

How has it helped my organization?

I don't believe it has improved our organization; I don't actually like the product because of the features it is missing.

What needs improvement?

I would like this solution to support ICAP. Also, they no longer support on-premises management, and are forcing clients to use centralized management via the cloud, which I don't agree with.

For how long have I used the solution?

We have been using this solution for seven years.

What do I think about the stability of the solution?

We don't find this to be fully stable; we have had to restart the firewall on a few occasions.

How are customer service and support?

The customer support is not very good. They are quite slow, and there are delays in response to an issue being raised.

How would you rate customer service and support?

Negative

How was the initial setup?

The initial setup was easy.

What about the implementation team?

The implementation was carried out in-house, and the deployment took around eight hours to complete.

What's my experience with pricing, setup cost, and licensing?

There was an up-front charge of around $70,000, to purchase the hub and license.  Beyond the initial cost, licenses are charged for annually, but they are good value for the service we receive.

What other advice do I have?

I would only recommend this product to small businesses. I would rate this solution as a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Owner at Perspectiva company
Real User
Provides great security with an excellent firewall
Pros and Cons
  • "Has great security features and does a good job of protecting the network."
  • "The interface configuration could be improved."

What is our primary use case?

I use the solution in my home premises to protect my internal network. I am a customer of Sophos. 

What is most valuable?

Sophos has great security features and does a good job of protecting my network. The firewall feature is very, very good. 

What needs improvement?

I think the interface configuration could be improved. It's very complex for now. They need to provide more videos and have more documentation. I think that's missing at the moment. By chance, I found something on a video that wasn't in the documentation and it was a lifesaver. I upgraded my hardware from 100 megabytes to 1,000 megabytes and had many problems. I had to start from scratch and get someone to help me with it.

For how long have I used the solution?

I've been using this solution for seven years. 

What do I think about the stability of the solution?

The solution is stable. 

How are customer service and support?

I only use the community support.

How was the initial setup?

The initial setup is very, very difficult. When I installed the new Sophos and tried to restore the backups, the restore process did not work. I tried more than 20 times, and in the end, implemented a fresh install which required a lot of work. It was too difficult. It took me a long couple of days. It's worth checking the YouTube videos, they really saved me. 

What's my experience with pricing, setup cost, and licensing?

I'm using the free version. 

What other advice do I have?

I rate this solution eight out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
CEO & Co-Founder at Advisor Consulting Group
Real User
Application Control should be able to be managed with users; however, we now have a protected, standardized network.

How has it helped my organization?

Our datacenter cloud services such as email, and web services for internal and external use, had to be protected with different systems and the web services where left really unprotected, since we used an standard IPS/IDS to protect ourselves from web attacks (from the outside) which nowadays are really sophisticated. Also, we had to employ many work hours to have a protected, standardized network. With Sophos EndPoint and Sophos UTM, we simplified and also protected our network at the same time, with less work force.

What is most valuable?

The web filter and the ATP (Advanced Threat Protection) are great and easy to manage, and the integrated WAF (Web Application Firewall) allows the administrator to seamlessly protect HTTP/S services without having to pay thousands of dollars. The just introduced Sandstorm system for protection, is awesome as well.

What needs improvement?

Sophos UTM has many improvements that I would suggest, but the main one is for the Application Control to be managed with users as well, and with timeframes (schedules) for the administrator to allow certain apps outside an specific timeframe, or vice versa.

What do I think about the stability of the solution?

No issues encountered.

What do I think about the scalability of the solution?

The scalability is awesome as when you need the network protection systems to grow immediately, you just activate and license the exact same box, and configure it in cluster mode for Active-Active mode in Cluster/High Availability.

How are customer service and technical support?

This is where Sophos vendor outclasses every other vendor. They have grown so much throughout the last four to five years, but they have grown as well in their capability to attend support cases. We've had some really advanced cases, and we have never been forgotten or left behind.

Which solution did I use previously and why did I switch?

We used a commercial product, Untangle, with our own brand called Rhino Box. Untangle did not invest in the development of features as we expected, such as the adoption of IPSec VPNs (they had it but very limited), and IPv6. This was what made us do research for our SMB/Enterprise market offering. We tried out Sophos UTM (recently purchased as Astaro UTM) and it was really easy to deploy and came with Sophos Support, which is awesome.

How was the initial setup?

The initial setup is straightforward. Sophos brand is well known in the market for being a unique and powerful tool that is simple to deploy and manage. This is what makes it different from any other vendors. The Sophos UTM, comes with a deployment "Wizard for Dummies" since it show the wizard at the initial setup, and in less than three minutes, you can have your box up and running. Also for Policies deployment, you are clicks away to customize your security settings.

What about the implementation team?

We always deploy by ourselves, so that way we can test how the customer will see the initial implementation. Our main advice, is to read the manual, and follow the wizards that comes with each tool. Also, it is strongly recommended to have a professional firm contracted for the initial setup, and support, as we are, to can design, and help with any kind of implementation issues.

What was our ROI?

The ROI is in 12-16 months, since with this kind of tool, we deliver the best of breed protection, and increment the focus of the end user, in being productive.

What's my experience with pricing, setup cost, and licensing?

I recommend you get the three year licenses, since Sophos offers three years for the price of two. I would also recommend that you acquire any Sophos Licensing with Professional Services added, that way, you'll have the best experience possible.

What other advice do I have?

They have supported our business venture since 2010, and will do for many years. We have studied closely the different product portfolio, and each one of them, are carefully developed.

Disclosure: My company has a business relationship with this vendor other than being a customer: We have been a Gold Partner since 2010.
PeerSpot user
CIO at Quartesian, LLC
MSP
It provides a solid firewall, but they could improve on the support
Pros and Cons
  • "It helped to connect our satellite offices to the main Amazon infrastructure in a circular way."
  • "We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work."
  • "They could definitely improve on the support, especially in other countries."

What is our primary use case?

We are using as a firewall product.

How has it helped my organization?

It helped to connect our satellite offices to the main Amazon infrastructure in a circular way.

What is most valuable?

It provides a solid firewall.

What needs improvement?

We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work. 

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It's pretty stable. For our usage, it has been pretty good.

What do I think about the scalability of the solution?

We are a small company with a small infrastructure. For our infrastructure, it is perfectly solid. I don't have experience using it on a larger scale.

How is customer service and technical support?

They could definitely improve on the support, especially in other countries. Right now, it is just average. For example, we have a team in India. When they face issues, they have to go to Australia or talk to somebody in the US to receive support. They should be more responsive and have more local offices.

What about the implementation team?

AWS has been pretty good. It is well integrated and pretty user-friendly. Initially, we experienced issues with the configuration because Sophos provided us a CloudFormation template, which caused us some back and forth. By now, the process may have improved.

What's my experience with pricing, setup cost, and licensing?

Purchasing it through the AWS Marketplace went smoothly. We did not have any issues and the pricing was decent.

We decided to purchase through the AWS Marketplace because of the integration with the AWS infrastructure, firing it up and configuring it was very seamless.

Which other solutions did I evaluate?

We originally considered Barracuda and another solution.

We chose Sophos because we thought that it provided superior service. Also, they have a long history in the market, and I received a recommendation from one of my consultants.

What other advice do I have?

I would recommend to take a look a product, as it is a good product apart from the improvements that I mentioned. We are very happy with the product so far.

It is used as a standalone. We don't integrate it with other systems.

We are using the AWS version of this product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Sophos UTM Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free Sophos UTM Report and get advice and tips from experienced pros sharing their opinions.