We changed our name from IT Central Station: Here's why

Fortinet FortiGate vs Sophos UTM comparison

Cancel
You must select at least 2 products to compare!
Fortinet FortiGate Logo
160,462 views|121,922 comparisons
Sophos UTM Logo
34,132 views|27,641 comparisons
Comparison Summary
Question: What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
Answer: In my opinion and as a result of years of experience: - Both are great firewalls with excellent performance and a useful integration witch Active directory and LDAP - Fortinet is easier to manage and have a nice way to configure routes but some times have throughput troubles as an example: in 2 years we need to make around 4 reboots in a 3 firewall deploy - Sophos has a lot of nice firewall features (i mean without a license), some features like routes and VPN use to be a little difficult to configure but we never need to reboot any FW.
Featured Review
Find out what your peers are saying about Fortinet FortiGate vs. Sophos UTM and other solutions. Updated: April 2020.
563,780 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government.""I like the firewall features, Snort, and the Intrusion Prevention System (IPS).""The most valuable feature is the access control list (ACL).""The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands.""When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well.""It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective.""We have not had to deal with stability issues.""It's got the capabilities of amassing a lot of throughput with remote access and VPNs."

More Cisco Firepower NGFW Firewall Pros →

"What's most important is the ease of use.""Some of the valuable features are the firewall, IPS, web filter, and gateway capabilities. Additionally, it is easy to use and flexible.""This is an easy solution to deploy.""It is a safe product.""The most important feature, normally for small business customers, is link load balancing.""It's user-friendly and easy to operate.""The payment function for applications is good.""The solution has very good threat and content filtering switches."

More Fortinet FortiGate Pros →

"The most valuable feature is ransomware protection.""So far, the solution has been problem-free.""The initial setup is pretty easy.""Sophos UTM is the simplest of these products to setup.""The cost of the solution is very reasonable.""It is easy to manage.""The three most important features for us are web protection, web server protection, and network protection.""It's a stable solution."

More Sophos UTM Pros →

Cons
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve.""This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI).""I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here.""The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough.""The performance should be improved.""The initial setup can be a bit complex for those unfamiliar with the solution.""Cisco Firepower NGFW Firewall can be more secure.""I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."

More Cisco Firepower NGFW Firewall Cons →

"The pricing could be a bit better, especially when you consider how they have the most basic offering priced.""Fortinet doesn't provide multiple virtual firewalls which would facilitate end users and customers.""The solution could have licensing fees reduced in the future.""We had a minor problem where there was a major system upgrade on the hardware platfrom and the Mac client was not available as soon as it might have been. The PC client was available immediately, but we had to wait a month or so, before there was a mac client. I was slightly irritated that it was not ready on time, but it was eventually resolved.""The initial setup and configuration are not intuitive and require training.""The solution could be more evenly structured.""The sniffing packets or packet captures, can be simplified and improved because it's a little confusing.""The solution could be more user friendly."

More Fortinet FortiGate Cons →

"I think that additional metrics features are needed to be able to monitor other areas or to monitor as much as you can, at a fine-grain resolution.""The integration capabilities could be better.""Anti-phishing functionality should be improved.""It's stable, but the reaction time of the GUI is terrible.""Sophos UTM sometimes falls short in high-availability environments. They used to launch firmware that didn't work very well in a high-availability environment.""Updates come out agonizingly slowly, a trickle.""The logs are not clear, which means that you need an additional piece of software in order to read them clearly.""Sophos should improve its ability to check something like bandwidth consumption for users or something more real-time."

More Sophos UTM Cons →

Pricing and Cost Advice
  • "Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
  • "There are additional implementation and validation costs."
  • "Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
  • "This product requires licenses for advanced features including Snort, IPS, and malware detection."
  • "This product is expensive."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The price of Firepower is not bad compared to other products."
  • "The solution was chosen because of its price compared to other similar solutions."
  • More Cisco Firepower NGFW Firewall Pricing and Cost Advice →

  • "Fortinet is the least expensive solution."
  • "It's very affordable."
  • "Setup cost may be not so low, as you expect, because it depends on different factors, but TCO for 5 years may pleasantly surprise you."
  • "The Indian market is different than the European and American markets. When you compare they need to be a bit more aggressive on pricing."
  • "I think that the pricing is fair."
  • "For our organization, the licensing costs are approximately $7,000 per year."
  • "It's an expensive solution."
  • "The price is okay."
  • More Fortinet FortiGate Pricing and Cost Advice →

  • "It is the cheapest product available. It's good if you have a low budget."
  • "We pay for the service on a yearly basis. The last time we paid was in June, for a year. At the time, it was about $20,000."
  • "Our licensing fees are paid on a monthly basis."
  • "It's reasonably priced."
  • "This product is free for home users. The more expensive products have better performance."
  • "I think the pricing of Sophos is very fair."
  • "It is necessary to pay for a licence to use the solution, but it is not very expensive."
  • "The appliance should be purchased and there is a fee for the license."
  • More Sophos UTM Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    563,780 professionals have used our research since 2012.
    Answers from the Community
    Sajjad Ahmad
    author avatarAlessandro Turchi
    User

    I would have no doubt in recommending Fortinet. I do not know the Sophos UTM product specifically but in general, in companies, we have had unpleasant experiences with Sophos with customers. They typically declare performance values ​​that are overestimated in the field.

    author avatarNarendra Singh
    Real User

    We replaced Fortinet with Sophos as our public-facing UTM in 2017 & since then the ride has been extremely rough. I would not recommend Sophos for any mission-critical environment.

    author avatarMohsinoddi Mohammed
    Consultant

    Fortinet is easy to manage and it include secure SDWAN as well including many features with easy to configure.

    author avatarManjil Bhetwal
    Real User

    Both firewalls are easy to deploy. But the issue you will encounter when performing troubleshooting. You will not get flexibility in troubleshooting through Cli in Sophos whereas, in FortiGate, we have much more control. Besides if you are deploying a firewall on a large scale where visibility, control, performance as well as the flexibility is important it is better to go with Fortinet rather than Sophos.

    author avatarRichard Benfatto
    User

    I would also like to elaborate on the reporting part in FortiCloud. There is no need to pay any extras. Every box connects to ForticCoud service, and if you want reports to be greater than 7 days (meaning to be kept longer than that in their memory system) then you have to pay. In the meantime, by default Forticloud will send daily emails with reports and once a week you will get 4 to 5 reports, with lots of granular information. These reports are all in PDF with color graphics. In reality, I would be happy to send you some of the reports as in words typed herein would be more than a book. The FortiGate appliance also comes with 10 endpoint security (Forticlient) licences. So you can put this endpoint protection software to servers or clients. It also has a two-factor authentication license included. With these boxes, you can also create VDOM (Virtual Domains, totally separate).

    They can afford that as the hardware, as I mentioned before (ASIC) has the power to do that. In 3 years I have had 1 spam message entering my mail server, is that telling you something??? In my first reply, I did tell you that where I work now they purchase Sophos. Well, when the antivirus is set the CPU gets up to 90%. My Fortigate CPU is 0% and peaks during attacks. And I have had quite a few. They were attempting to break into the mail server. More than 2 million attempts in less than 2 hours. Have a look at NSS Labs site. FortiGate is a Rolls Royce, you cannot compare.

    Here in Australia, where I work now, the decision was to go with Sophos, ONLY ON PRICE. Yes, great brains. Now they regret that big time. FortiGate is a much more powerful device, especially when it comes to being able to handle the traffic. Most of the models handle throughput via ASIC (Application Specific Integrated Circuit) which is nothing more and less than a customer semiconductor. So, this is handled via hardware. It may be initially more difficult to implement. Now, what does "difficult" mean? To me when there is an unknown, difficult comes up till you learn. So if you make a decision on price and because "it is the easiest" to install.

    I would not touch Sophos. Simple as that.

    author avatarSherifSafwat
    Real User

    Sophos UTM is better by far. but it is more expensive

    author avatarNawaaz Toonah
    Real User

    Done many installations of both Sophos and FortiGate, Sophos is the easiest to install and best in terms of features.
    Reporting is free in Sophos while we need an extra subscription for FortiGate. Deep packet inspection, intrusion prevention advanced threat protection, web filtering, app control and email protection are key features of Sophos. Browsing is made safe with phishing protection and new functionality of ransomware protection. Sophos support is brilliant and community website from Sophos answers to all your questions and ease deployment.

    author avatarRonald Rosenbaum
    Real User

    I can’t really comment on FortiGate. We’ve been working with Sophos for years and like it’s integration with their endpoint.

    Questions from the Community
    Top Answer: 
    When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer: 
    The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
    Top Answer: 
    It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer: 
    As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Top Answer: 
    In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it… more »
    Top Answer: 
    I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such)… more »
    Top Answer: 
    Sophos UTM is no longer being developed, according to our reseller. All the development effort is going into XG. So XG… more »
    Top Answer: 
    The intrusion prevention is great, and I like dual virus scanning on the network layer because we scan it through Avira… more »
    Top Answer: 
    The pricing is reasonable. Of course, the customer would always like it to be lower, however, the quality to price ratio… more »
    Comparisons
    Also Known As
    Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    Astaro
    Learn More
    Overview

    Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
    small/branch offices to high performance data centers and service providers. Available in a wide
    range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
    defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
    Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
    features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
    volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
    for increased performance, high availability configurations, and more.
    Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
    deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
    the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
    can deliver micro-segmentation to protect east-west network traffic.
    Cisco firewalls provide consistent security policies, enforcement, and protection across all your
    environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
    delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
    SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
    greater simplicity, visibility, and efficiency.
    Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

    The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

    The global network of highly skilled researchers and analysts, protecting businesses from known and emerging malware - viruses, rootkits and spyware.
    Offer
    Learn more about Cisco Firepower NGFW Firewall
    Learn more about Fortinet FortiGate
    Learn more about Sophos UTM
    Sample Customers
    Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
    Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
    One Housing Group
    Top Industries
    REVIEWERS
    Comms Service Provider22%
    Financial Services Firm16%
    Non Profit8%
    Government8%
    VISITORS READING REVIEWS
    Comms Service Provider33%
    Computer Software Company21%
    Government7%
    Manufacturing Company4%
    REVIEWERS
    Comms Service Provider14%
    Computer Software Company10%
    Financial Services Firm9%
    Manufacturing Company6%
    VISITORS READING REVIEWS
    Comms Service Provider37%
    Computer Software Company20%
    Government5%
    Educational Organization4%
    REVIEWERS
    Manufacturing Company13%
    Financial Services Firm13%
    Government10%
    Comms Service Provider6%
    VISITORS READING REVIEWS
    Comms Service Provider38%
    Computer Software Company18%
    Government8%
    Media Company4%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise28%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise66%
    REVIEWERS
    Small Business48%
    Midsize Enterprise24%
    Large Enterprise27%
    VISITORS READING REVIEWS
    Small Business35%
    Midsize Enterprise24%
    Large Enterprise40%
    REVIEWERS
    Small Business61%
    Midsize Enterprise23%
    Large Enterprise16%
    VISITORS READING REVIEWS
    Small Business39%
    Midsize Enterprise42%
    Large Enterprise19%
    Find out what your peers are saying about Fortinet FortiGate vs. Sophos UTM and other solutions. Updated: April 2020.
    563,780 professionals have used our research since 2012.

    Fortinet FortiGate is ranked 1st in Firewalls with 98 reviews while Sophos UTM is ranked 2nd in Unified Threat Management (UTM) with 24 reviews. Fortinet FortiGate is rated 8.4, while Sophos UTM is rated 8.6. The top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". On the other hand, the top reviewer of Sophos UTM writes "Great web and email filtering with reasonable pricing". Fortinet FortiGate is most compared with Cisco ASA Firewall, pfSense, Check Point NGFW, Meraki MX and Juniper SRX, whereas Sophos UTM is most compared with pfSense, Sophos XG, Untangle NG Firewall, OPNsense and Kerio Control. See our Fortinet FortiGate vs. Sophos UTM report.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.