Try our new research platform with insights from 80,000+ expert users

Check Point NGFW vs Sophos XG comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jul 9, 2023
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Number of Reviews
314
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Check Point NGFW
Ranking in Firewalls
5th
Average Rating
8.8
Number of Reviews
300
Ranking in other categories
Unified Threat Management (UTM) (1st)
Sophos XG
Ranking in Firewalls
6th
Average Rating
8.2
Number of Reviews
194
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of September 2024, in the Firewalls category, the mindshare of Fortinet FortiGate is 18.4%, up from 16.7% compared to the previous year. The mindshare of Check Point NGFW is 3.2%, down from 3.4% compared to the previous year. The mindshare of Sophos XG is 10.3%, up from 8.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

AV
May 10, 2023
Feature-rich, affordable, and has good performance
It is deployed on-premises. Our customers prefer to deploy not only Fortinet devices but all security devices on-premises. They rarely use cloud licenses. Some customers only buy it from us, and for some customers, we also set it up. Its setup is easy for us, but not every company wants to use our service for setting it up because of the cost. They prefer to install it themselves. In some cases, it could be hard for them. In terms of the implementation strategy, we first try to understand what problem a customer wants to solve by using FortiGate. We collect a lot of information about a customer's network, such as protocols and devices being used. We try to prepare this device in our local lab. We preload the device and send it to the customer, and then we finalize the installation in the customer's building. We have very technical staff, and we do not have difficulties with installations. We have had situations where customers do not have much experience with it, and then we recommend them to go for certain features such as IPS, antivirus, etc. The deployment duration depends on the size of the environment, but generally, it does not take more than one or two months.
Mohan Janarthanan - PeerSpot reviewer
Aug 6, 2024
Real-time prevention is there to protect against zero-day malware
Next Generation Firewall, along with Threat Emulation and Threat Extraction, is what I use. Real-time prevention is there to protect against zero-day malware and Check Point Sandbox. And then, the CPU-based emulation is a better feature than any technologies not having that. Check Point has a CPU-based emulation. Normally, Fortinet and others, they do it differently. But these people work on a technology called CPU-based emulation. This CPU-based emulation is a unique CPU-level technology that catches malware before it has an opportunity to deploy or evade detection. They call it SandBlast. Check Point SandBlast Threat Emulation. That is a great feature, which they are using. It controls attempts to bypass OS security controls also. And then it avoids deep security. I use our Check Point firewall for all the NATing of my applications. I use it for external traffic monitoring where my Internet links are connected, and I use it as a gateway.
BO
Dec 4, 2023
Crucial for safeguarding data, enforcing user access controls, and ensuring secure communication
I use Sophos XG for network security and VPN policies. It is crucial for safeguarding data, enforcing user access controls, and ensuring secure communication. The firewall features, like application control and intrusion prevention, provide a strong defense against cyber threats. With centralized…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features are the enterprise modeling and the simple interface."
"The scalability is good in Fortinet FortiGate."
"The most valuable feature of this solution is the analytics."
"Its performance in fulfilling our requirements has been satisfactory."
"Whenever we raise a complaint with FortiGate, their response and resolution times are minimal."
"The product is very stable, easy to troubleshoot, and configure, so it has reduced the time it takes for support."
"Customers are more inclined towards FortiGate because of application control, web filtering, and anti-spam features. The support from the FortiGate team is good, and price-wise, it is affordable."
"The most important feature, normally for small business customers, is link load balancing."
"The IPS is frequently updated so the rules are always new and in place."
"Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention. Apart from that, there is central management through which we can integrate all the firewalls and support them. It makes it easy to manage all the firewalls."
"We can decipher the activity of each connection and see what is inside it."
"Check Point is very administrator-friendly and the SmartDashboard is easy to use."
"The scalability is very good."
"The thing I like about this product is its capability of auto NAT and auto zone detection."
"The application control and URL filtering features are valuable since they allow very granular control of what is coming in and out of a network."
"The failover from one device to the other has been seamless and we find that we do not lose ongoing SIP calls or Teams chats."
"The most valuable feature is web filtering."
"The most valuable feature of this solution is that the license offers everything."
"We have found that the simplicity of the XG 210 is its most valuable feature."
"I rate Sophos support 10 out of 10. When my device was freezing, I contacted them, and sent me a replacement. It only took a couple of days for Sophos to ship the device to Kenya. I didn't have a redundant device, so it was urgent."
"Sophos offers great disk encryption, anti protection, and the interface is very user-friendly."
"Sophos XG has cybersecurity. It integrates with the antivirus software."
"I like the firewall, inbound, and outbound modules the most. The VPN feature also works well. It is very easy to configure rules in Sophos XG. We have got local service here in Zimbabwe from Sophos, which is something that I like a lot. We have got good local support, and they come on-site when we have any challenges. Sophos provides a lot of good training all around Zimbabwe. They are quite dominant here, similar to other solutions like Fortinet or WatchGuard."
"It is easy to implement."
 

Cons

"Fortinet currently has many products bundled with FortiGate including the basic firewall and load balancer, and I think that that they need to have separate product portfolios for each of these specialized services."
"Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why."
"Cisco Meraki products are rising very quickly in the cloud and the connected era. Meraki products offer much better ROI, upgradability, and manageability."
"One issue that I have had is that sometimes I need to monitor the traffic, so I need to filter it according to the user and which user is using it the most. I experience a bottleneck most of the time, particularly at the peak time when the number of contracts and users are at maximum."
"The support from Fortinet FortiGate could improve. They are not easily accessible when we need them. They could improve their response time."
"It should provide better visibility over the network and more information in the form of reports for the end users. Its installation should also be easier."
"The logs need to be better. They need to be more visible and easier to access."
"I would like some automated custom reporting."
"They just need to improve the technical support and professional services in India."
"Although there is a lot of automation and pattern that can be classified automatically, the IPS systems are sometimes a little bit complicated, and doing the fine-tuning in over 20,000 patterns is hard to do."
"We'd like an option that can convert other vendors' NGFW configurations to supported Check Point NGFW config for ease of migration."
"The API support is good. However, Check Point needs to focus on more prepared scripts for some tiresome actions."
"Integration with a third-party authentication mechanism is tricky and needs to be planned well."
"There's a significant area for improvement when it comes to pricing."
"The VPN part was actually one of the most complex parts for us. It was not easy for us to switch from Cisco, because of one particular part of the integration: connecting the Check Point device to an Entrust server. Entrust is a solution that provides two-factor authentication. We got around it by using another server, a solution called RADIUS."
"They have few predefined reports and it would be nice to increase them since the logs are excellent."
"Its price should be improved. It should be cheaper."
"The number of ports, especially on the entry-level appliances, should be increased."
"The only area that requires improvement is scalability."
"The security of Sophos XG could be improved."
"Our clients use Karios, and while it integrates well with it, the integration could be improved."
"We are facing some technical issues with Sophos XG right now. We have already escalated this issue with the Sophos technical support. They seem to be working on it. We are satisfied with the technical support. They reply quickly to our queries, but sometimes take time upgrading their systems."
"Scalability could be improved. It could be better."
"The interface could be simplified and diagnostic system graphs improved."
 

Pricing and Cost Advice

"If the price of the license in Fortinet FortiGate was less expensive it would be better."
"It scales well if you know what to buy from a physical box standpoint. They seem to offer something for every level."
"The price of FortiGate is good."
"The price could be lower."
"Setup cost may be not so low, as you expect, because it depends on different factors, but TCO for 5 years may pleasantly surprise you."
"The price of FortiGate support is too expensive."
"They are very competitive, but we like to have the factory warranty taken care of."
"FortiGate's pricing falls within the mid-range when compared to other leading firewall solutions."
"I have done licensing and contracts for multiple firewalls. The license and contract configuration is completely fine, but if it is possible to make them cost a bit less, then this would be better."
"Check Point NGFW can be expensive compared to other competitors, but the price matches the functionality and efficiency of the solution."
"The pricing is a bit high, but obviously it gives you advanced features. If you want to buy the best thing on the market, you have to pay extra money."
"Pricing is a little high compared to competitive firewalls, but it is easy to go through the licensing steps."
"Check Point NGFW is expensive."
"Cisco pushes clients to purchase their hardware, and this is not the case with Check Point. This helps to easily manage costs."
"I think that the pricing is different for every organization."
"I rate the solution's pricing an eight out of ten. It costs around 100,000-200,000 dollars per month. Besides standard licensing fees, we paid extra for enterprise-level premium support. There were also onboarding costs factored in. These additional costs made it more expensive overall. The total cost was around 100,000 dollars, which was challenging for our budget. Check Point was also pricey, not much different from Palo Alto Networks. However, we decided switching to Check Point was better because it offered more capabilities for a similar price."
"There is a license required to use this solution and my customers pay for it annually."
"Licensing fees are paid monthly."
"It is very expensive."
"When you compare with Barracuda, Sophos is quite a bit cheaper."
"I don't think that it is expensive when you compare it with other solutions available on the market."
"I paid for a license for the solution for three years costing approximately $11,000. Additionally, I received the Web Appliance fee for paying for the full licencing."
"The solution is not expensive since one pays as he goes."
"I use Sophos Firewall Home Edition, which is available for free."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
801,314 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
15%
Manufacturing Company
6%
Comms Service Provider
5%
Educational Organization
55%
Computer Software Company
8%
Financial Services Firm
5%
Government
4%
Computer Software Company
18%
Comms Service Provider
7%
Manufacturing Company
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
How does Check Point NGFW compare with Fortinet Fortigate?
I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such). -Ch...
Which would you recommend - Azure Firewall or Check Point NGFW?
Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall ...
What do you like most about Check Point NGFW?
Check Point NGFW provides essential security, featuring no-obligation access for secure connections, strong intrusion...
Which is better - Palo Alto Networks NG Firewalls or Sophos XG?
Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...
What are the main differences in features between Sophos XG and FortiGate 80F?
Hi Arvind P , The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form Fact...
What Is The Biggest Difference Between Sophos UTM and Sophos XG?
The Sophos UTM is a UTM and Sophos XG is the NGFW. First, you must know about the difference between a UTM and NGFW. ...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
Check Point NG Firewall, Check Point Next Generation Firewall
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
Control Southern, Optimal Media
Information Not Available
Find out what your peers are saying about Check Point NGFW vs. Sophos XG and other solutions. Updated: September 2024.
801,314 professionals have used our research since 2012.