We performed a comparison between Cisco Secure Firewall and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The stability of the solution is excellent, as it is with other Fortinet products."
"Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough."
"The signature database and zero-day detection are Fortinet FortiGate's most valuable features."
"The features that we have found most valuable are the SSL VPN and the User Portal."
"The solution is stable."
"The inspection and web security features are most valuable."
"The most valuable feature is the VDOM, which allows the customer to have multiple firewalls in a single campus."
"Whenever I need something, Fortinet improves and updates the software for me."
"The most valuable features of this solution are the integrations and IPS throughput."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"Protecting our landscape in general and being able to see logging when things aren't going as set out in policies are valuable features. Our security department is keen on seeing the logging."
"The most valuable feature would be ASDM. The ability to go in, visualize and see the world base in a clear and consistent manner is very powerful."
"It's very stable and mature."
"Signature-based detection; user-defined signatures with regular expressions; integrated URL and content filtering; custom URL categories filtering."
"We have been using a 5520 for seven years in our datacenter and we are satisfied by this version."
"Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be."
"The most valuable feature is ransomware protection."
"Sophos UTM's best feature is synchronized security."
"Sophos integrates seamlessly, and we don't even feel it is running in the background."
"Scaling out cannot be easier, as there are many migration paths."
"It meets our compliance needs in an elastic computer environment."
"Sophos is a unified solution. We have anti-virus protection, firewall rules, knotting, and DACC all in one box."
"UTM 9 brings along IPSec as well as iPhone and iPad support. This seems small but it’s useful."
"The stability of Sophos UTM is very good. The solution has been stable since Sophos took over Cyberoam which was the original company providing this solution."
"It's my understanding that more of the current generation features could be brought in. There could be more integration with EDRs, for example."
"I don't like that anything more than very basic reporting is not included."
"Fortinet FortiGate can improve by integrating the web application firewall and the DDoS protection part of the solution. Having a WAF feature, web application firewall, and proxy together would be a good benefit."
"Their software support needs improvement. I would prefer to have better support for bug fixes. Sometimes, we open a ticket, and it is very difficult to get a solution. Specifically, we are not at all happy with their support for load balancing."
"The sniffing packets or packet captures, can be simplified and improved because it's a little confusing."
"Fortigate's hardware capacities could be improved."
"The feature which gives us a lot of pain is ASIC architecture."
"The solution could have licensing fees reduced in the future."
"The Cisco Secure Firewall could benefit from enhancements in its API, documentation, and automation tools."
"Most users do not have awareness of this product's functionality and features. Cisco should do something to make them aware of them. That would be quite excellent and useful to organizations that are still using legacy data-center-security products."
"If they want to add better features to the current Cisco ASA, they can start by increasing the encryption. That is the only thing they need to improve."
"REST API stability needs improvement in order for customizing resource allocation available to the user rather than just being there transparently. This way users can customize REST API and tailor it to their needs."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"You have to know the ASA command line very well because not all operations are available in the graphical interface"
"It's lacking one feature: VPN. Also, the 2100 Series lacks a DDoS feature. If they could add that to those platforms, that would be good."
"It is confusing to have two management interfaces, e.g., ASDM and Firepower Management Center."
"It's stable, but the reaction time of the GUI is terrible."
"The technical support only communicates via email. I would prefer to communicate directly with someone."
"We would like to have unique viewable IDs for rules and in the packet filter logfile, for easier debugging of old log files."
"In Sophos UTM there is always a problem with the routing tables. If you want to see the routing table, you have to use the UI. You can't do it via a web browser. The routing table is better in Fortinet."
"Sophos UTM could be simplified, and they can improve on the many other features, like SD-WAN and load balancing. Sophos UTM is missing a few features that their competitors have. For example, if you have multiple branches you would like to connect, the load balancing features aren't available on multilink. If we create a VPM for multiple LAN links, we cannot load balance the traffic."
"The memory and processing were problematic. The interface could be better."
"There needs to be some improvement in the IPsec VPN. There is implementation only support. I have version one. I'd be most interested in having IP version two from the protocol."
"There were a lot of features and functionality in Sophos SG UTM but nothing was state of the art in terms of technology. You did not get the latest functions. It was very monolithic as it was based on an old Linux PuTTY system."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Cisco Secure Firewall is rated 8.2, while Sophos UTM is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and SonicWall NSa, whereas Sophos UTM is most compared with Netgate pfSense, Sophos XG, OPNsense, Palo Alto Networks NG Firewalls and Untangle NG Firewall. See our Cisco Secure Firewall vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.