We performed a comparison between Cisco Secure Firewall and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. The only major difference between the two is that some users of Cisco Secure Firewall consider the deployment to be somewhat complex.
"The pricing is great and very reasonable."
"The features that we have found most valuable are the SSL VPN and the User Portal."
"It's very good and very stable for businesses. It works very well."
"The initial installation is very straightforward."
"The most valuable features of Fortinet FortiGate are the rules and quality of service."
"It performs very well."
"The product offers very good security."
"The next-generation firewall is great."
"It is a very stable product. I've not had any issues with it. It is a super product, and I won't need to change it anytime soon."
"Cisco's engineer helped us with a lot of scripting to see what existed. Previously, we didn't have a proper policy. In fact, we didn't have any policy because we didn't have any firewall for the data center, so generating a policy was a big challenge. Cisco's engineer helped us to do some scripting and find out what kind of policy we can have and organize those policies. That was nice."
"For us, the most valuable features are the IPX and the Sourcefire Defense Center module. That gives us visibility into the traffic coming in and going out, and gives us the heads-up if there is a potential outbreak or potential malicious user who is trying to access the site. It also helps us see traffic generated by an end device trying to reach out to the world."
"The remote VPN and IPsec VPN or site-to-site VPN features are valuable. The clustering feature is also valuable. We have two ISP links. Whenever there is a failover, users don't even get to know. The transition is very smooth, and the users don't notice any latency. So, remote VPN, site-to-site VPN, and failover are three very powerful features of Cisco ASA."
"The most important feature is its categorization because on the site and social media you are unified in the way they are there."
"We can easily track unauthorized users and see where traffic is going."
"Since the product is stable, we do not have to spend additional money to buy other firewalls. Once deployed, we can use the product for a long time. Thus, it is cost effective."
"It's very scalable. You can go to different models of the ASAs and they scale up to as big as you want to go."
"Sophos XG's price is right, and it's easy to manage. It's a good fit for our current needs at the moment."
"The web application firewall reverse proxy is very good."
"Sophos XG is easy to use."
"The feature that we find most valuable is the VPN, which ensures that people working remotely have a secure connection."
"The most valuable feature is web filtering."
"Content filtering and intrusion prevention are most valuable. Our customers are fully satisfied with the performance of Sophos. It has all the features that they require in a firewall."
"Most of the features Sophos XG has are valuable. However, if I have two different ISP, I'm able to create an automatic switch between the two ISPs. I can do the same thing for the cloud as well. If I have two subnets coming from the cloud, I'm able to create a type of switch between both of them where if there is traffic on one and has the traffic drop, I'm able to switch to the other ISP without any problems. It's a normal feature and I get to enjoy the ability to switch between services with no issues."
"Reporting is the most valuable feature."
"Fortinet FortiGate could improve by having more storage in the hardware for log data."
"With the addition of some features, it is possible that FortiGate can be used in all verticals."
"It should be more stable. There should be full integration within Fortinet products themselves as well as with other third-party products. Especially when you're not dealing with SIEM and the correlation of the security box, we want Fortinet to be able to share that information with as many other products as it can."
"They've become quite expensive."
"Its price could be better."
"Maybe they could make some features more accessible, such as a way to translate directions between two networks that share the same subnets."
"I would like to see improvements in the product's application rules."
"This product needs to have an analysis feature, rather than having the analysis done through the integration of a different product."
"In terms of what could be improved, I would say the UTM part should be more integrated for one price, because if you buy ASA from Cisco, you need to buy another contract service from Cisco as a filter for the dictionary of attacks. In Fortinet, you buy a firewall and you have it all."
"The throughput highlighted on the datasheet (10Gbps) should be reviewed. This throughput is only for a UDP running environment, which you will never find in the real world. Rather consider a multiprotocol throughput."
"Integration aspects and traffic shaping need improvement."
"It could also use a reporting dashboard."
"Cisco suffers from some integration issues with other products... There is a problem with the Cisco Catalyst Switches in terms of assembling bursts and having them interact properly with the Cisco Firepower."
"There are always vulnerabilities that come up and there was one in early 2018 but this was patched with software updates."
"Cisco missed the mark with all the configuration steps. They are a pain and, when doing them, it looks as if we're using a very old technology — yet the technology itself is not old, it's very good. But the front-end configuration is very tough."
"FMC could be improved because management with FMC is quite difficult compared to using Firepower web-based management."
"It would be helpful if the solution offered some tutorial videos to help new users learn the system quickly."
"They need to allow their solution to integrate with other products and not just other Sophos solutions."
"The VPN has been a persistent problem for us. It's not straightforward to configure."
"The two main areas where this product needs improvement are routing and reporting."
"They should include fiber ports on smaller product models and the tools should be improved for scalability."
"Having a web portal where you could make requests for the categorization of non-categorized items, would be beneficial."
"Sophos can definitely improve with the interoperability between solutions."
"Better instructions should be provided as part of the technical support so that we can understand the functionalities. This will help us to troubleshoot faster."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Cisco Secure Firewall is rated 8.2, while Sophos XG is rated 8.2. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and SonicWall NSa. See our Cisco Secure Firewall vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
My preference is the Sophos XGS, particularly when you team it up with the Sophos Endpoint Protection client and configure it for synchronized security.
Both can be managed through Sophos Central and are available at a decent price for the power they offer the SMB.
I recommend Sophos XGS firewall. It will offer the best solution for malware protection.
Also, I recomend Sophos CIXA with XDR (Sophos Endpoint), so you can use Syncronized Security.