We changed our name from IT Central Station: Here's why

Check Point NGFW vs Sophos XG comparison

Cancel
You must select at least 2 products to compare!
Check Point NGFW Logo
18,039 views|12,642 comparisons
Sophos XG Logo
44,070 views|36,313 comparisons
Featured Review
Find out what your peers are saying about Check Point NGFW vs. Sophos XG and other solutions. Updated: January 2022.
566,121 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The solution offers very easy configurations.""The implementation is pretty straightforward.""The most valuable features of this solution are the integrations and IPS throughput.""The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard.""I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete.""If configured, Firepower provides us with application visibility and control.""You do not have to do everything through a command line which makes it a lot easier to apply rules.""The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."

More Cisco Firepower NGFW Firewall Pros →

"The most valuable feature of the firewall is the packet inspection. That is an amazing feature from Check Point.""I think that the most valuable feature is the prevention of known and zero-day threats because they are constantly trying to access your company and compromise its data.""Policy configuration has been consistent over the years, so there is not much of a learning curve as upgrades are released.""The best feature is the ability to increase the capacity of the solution by exactly what you add, not losing anything for High Availability.""By deploying Check Point, it has made it easier to manage everything from a single interface. The management dashboard and policies are on its single pane of glass.""The activation of additional features is very easy and well documented.""Even though Check Point NGFW provides a set of security features that enforce protection on the network, the most valuable aspect is also the most used feature: the plain and simple firewall component. This is the core of the product and works to a great extent without the need for all other available bells and whistles.""The management platform and the dashboard, the graphical user interface, is one of the best, if not the best, in the business. It's the most intuitive and it's really user-friendly in day-to-day operations."

More Check Point NGFW Pros →

"Sophos XG protects our network from advanced threats.""The solution is a next generation firewall and we have gotten good customer feedback.""We created and configured a VPN for connecting our remote sites and also to make it more secure and reliable. We also like its two-factor authentication features.""It's a product that is in continuous improvement and is following what the customer is asking for. They are taking inputs and designing new releases specifically according to the client and their needs.""We've had good experiences with technical support.""The most valuable is the synchronized security between Sophos XG and Sophos endpoint because it provides a lot of visibility about unknown applications. The endpoint shares the information of unknown applications, and you can learn about those applications and create policies to allow or block those applications.""Dashboard is easy to use and the reporting offers a lot of detail.""There are many valuable features."

More Sophos XG Pros →

Cons
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility.""The performance should be improved.""FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively.""My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement.""They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me.""The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore.""I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device.""Cisco Firepower NGFW Firewall can be more secure."

More Cisco Firepower NGFW Firewall Cons →

"The price of this product could be improved.""When we hit a bug, the support team recommends some hotfix, and if we upgrade to that, we have to uninstall it before we apply some newer jumbo hotfix.""One of the main features that need improvement is the rule filter export.""Identity Awareness has been a massive source of problems for our deployment and the ability to debug it has been lacking.""The software licensing model is too complicated with all the various tiers of SKUs (i.e. per software blade). They need to simplify this for easier purchasing and renewing.""The only reasons we are looking at other solutions are price and integration.""The antivirus feature is a little bit weak and should be improved.""We find the GUI to be wrong and the CLI doesn't always show all of the connections."

More Check Point NGFW Cons →

"I would prefer if Sophos XG were cheaper. A lower price would benefit me as a system provider for the end customer. The cost of the license and renewal for all the software and devices is somewhat high.""The pricing can be high unless you choose a longer contract.""I think that the main area for improvement is the quality assurance of the updates.""I am using the Azure Active Directory in my company and it was complicated to integrate this solution with Azure.""I do prefer when updates come out a bit quicker.""Recently, I've had a problem with updating things.""Their tech support is not great.""There are issues with electricity with this solution."

More Sophos XG Cons →

Pricing and Cost Advice
  • "Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
  • "There are additional implementation and validation costs."
  • "Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
  • "This product requires licenses for advanced features including Snort, IPS, and malware detection."
  • "This product is expensive."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The price of Firepower is not bad compared to other products."
  • "The solution was chosen because of its price compared to other similar solutions."
  • More Cisco Firepower NGFW Firewall Pricing and Cost Advice →

  • "Maybe the pricing is a bit high but you get the durability and the duration."
  • "Licensing issues may be confusing at times."
  • "It is quite an expensive product, although security is a top priority."
  • "This product is not cheap and there are additional costs that depend on what model or package that you buy."
  • "Palo Alto is somehow not as good as Check Point, budget-wise and performance-wise. Palo Alto is more costly than Check Point."
  • "Comparatively, Check Point pricing is a little high. However, if you have that budget, I would recommend anybody to go with Check Point."
  • "The pricing and licensing are expensive. If you compare it with Fortinet, then it is cheaper on a yearly basis. However, Check Point is the most expensive firewall right now in terms of licenses and its appliance. My recommendation is if you want a long-term investment, then you should use an open server. If you use an open server, then the latency is really low. If you pay for a full appliance, it's more expensive."
  • "Use the basic sizing tool to do the correct sizing so you don't waste too much money, because it's not a very cheap solution when compared to other vendors."
  • More Check Point NGFW Pricing and Cost Advice →

  • "The Sophos pricing, in general, is better than SonicWall, Fortinet, WatchGuard, or anybody else."
  • "We paid for our licensing for three years, upfront, and there are no costs in addition to the standard fees."
  • "The price is cheaper than that of some competing vendors."
  • "The pricing is flexible. Sophos looks at a country's economy and offers flexible pricing. This is how they have managed to penetrate the market."
  • "It's approximately $6,000 for each device."
  • "It is not expensive, it's a reasonable price,"
  • "The issue of a recurring license is a hassle because every year, we have to subscribe."
  • "It is not very expensive."
  • More Sophos XG Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    566,121 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer: 
    The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
    Top Answer: 
    It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer: 
    I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such)… more »
    Top Answer: 
    Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall… more »
    Top Answer: 
    The central management console has helped with segregation, where planned interventions with management consoles do not… more »
    Top Answer: 
    Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat… more »
    Top Answer: 
    Hi Arvind P ,  The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form… more »
    Top Answer: 
    Sophos UTM is no longer being developed, according to our reseller. All the development effort is going into XG. So XG… more »
    Comparisons
    Also Known As
    Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
    Check Point NG Firewall, Check Point Next Generation Firewall
    Learn More
    Overview

    Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
    small/branch offices to high performance data centers and service providers. Available in a wide
    range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
    defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
    Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
    features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
    volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
    for increased performance, high availability configurations, and more.
    Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
    deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
    the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
    can deliver micro-segmentation to protect east-west network traffic.
    Cisco firewalls provide consistent security policies, enforcement, and protection across all your
    environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
    delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
    SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
    greater simplicity, visibility, and efficiency.
    Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

    Offered via the Check Point Infinity architecture, Check Point’s NGFW includes 23 Firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance. Learn More about Next Generation Firewall and What is Firewall?

    Sophos XG Firewall is next gen firewall that is optimized for today’s business, delivering all the protection and insights you need in a single, powerful appliance that’s easy to manage.

    Offer
    Learn more about Cisco Firepower NGFW Firewall
    Learn more about Check Point NGFW
    Learn more about Sophos XG
    Sample Customers
    Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
    Control Southern, Optimal Media
    Information Not Available
    Top Industries
    REVIEWERS
    Comms Service Provider22%
    Financial Services Firm16%
    Government8%
    Non Profit8%
    VISITORS READING REVIEWS
    Comms Service Provider33%
    Computer Software Company21%
    Government7%
    Manufacturing Company4%
    REVIEWERS
    Financial Services Firm27%
    Computer Software Company14%
    Comms Service Provider8%
    Retailer6%
    VISITORS READING REVIEWS
    Comms Service Provider33%
    Computer Software Company23%
    Government6%
    Financial Services Firm6%
    REVIEWERS
    Manufacturing Company11%
    Financial Services Firm11%
    Healthcare Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Comms Service Provider40%
    Computer Software Company18%
    Government7%
    Media Company4%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise28%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise66%
    REVIEWERS
    Small Business24%
    Midsize Enterprise19%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise24%
    Large Enterprise56%
    REVIEWERS
    Small Business63%
    Midsize Enterprise24%
    Large Enterprise13%
    VISITORS READING REVIEWS
    Small Business50%
    Midsize Enterprise24%
    Large Enterprise26%
    Find out what your peers are saying about Check Point NGFW vs. Sophos XG and other solutions. Updated: January 2022.
    566,121 professionals have used our research since 2012.

    Check Point NGFW is ranked 2nd in Firewalls with 162 reviews while Sophos XG is ranked 5th in Firewalls with 130 reviews. Check Point NGFW is rated 8.8, while Sophos XG is rated 8.2. The top reviewer of Check Point NGFW writes "Central architecture means we can see an end-to-end picture of attacks". On the other hand, the top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". Check Point NGFW is most compared with Fortinet FortiGate, Azure Firewall, Palo Alto Networks NG Firewalls, Meraki MX and Cisco ASA Firewall, whereas Sophos XG is most compared with Fortinet FortiGate, pfSense, Meraki MX, Palo Alto Networks NG Firewalls and SonicWall NSa. See our Check Point NGFW vs. Sophos XG report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.