We performed a comparison between Fortinet FortiGate and Sophos UTM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Fortinet FortiGate and Sophos UTM had a similar user rating regarding ease of deployment, service and support, and ROI. If pricing is a factor, Sophos UTM is a more cost-effective solution based on user reviews. In terms of features, Fortinet FortiGate users felt the interface was complex, and the reporting feature needed improvements. In contrast, Sophos UTM users felt the solution needed to do a better job at covering mobile devices.
"It's quite comfortable to handle the FortiGate firewall."
"UTM/NGFW features and FortiCloud for logs and backups are awesome."
"We use a lot of function on the IPS and it works well for us."
"The web tutor and automatic rules by schedule are good features."
"The stability of the solution is excellent, as it is with other Fortinet products."
"From the firewall perspective, the rules and policies are very sufficient and easy to use."
"The most valuable features of Fortinet FortiGate are the ability to work in proxy mode, which other solutions, such as Palo Alto cannot. There are some features that are better that come at no extra license or subscriptions cost, such as basic SD-WAN. The DLT is useful, other solutions have the same feature too, such as Palo Alto."
"The most valuable feature is the ease of configuration."
"Sophos SG UTM had all the basic functionality that you needed. It is user-friendly and easy to manage for any integrator."
"The initial setup is pretty straightforward."
"The most valuable features of Sophos UTM are the ease of use, it is very user-friendly. You can understand what they implement in the new firmware, and it's easy to manage the firewalls."
"Sophos is a unified solution. We have anti-virus protection, firewall rules, knotting, and DACC all in one box."
"I would recommend UTM over XG because it's easier to manage."
"What I like about the solution is the ease of use."
"The most valuable feature is ransomware protection."
"Sophos has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewall from one place."
"Its reporting capabilities can be improved. It should have some out-of-the-box reporting capabilities and some degree of customization. The basic reporting that it currently has is not sufficient to create more usable reports. It needs some sort of out-of-the-box reporting. They try to make customers purchase FortiAnalyzer for this kind of reporting, which is an additional cost. Other firewall vendors, such as SonicWall and Sophos, provide this sort of reporting without any additional cost."
"We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs."
"Fortigate's hardware capacities could be improved."
"A couple of things I've seen that need improvement, especially in terms of a hard coding. The driver-level active moment really is out-of-the-box and we have to have contact the customer support and sometimes it is difficult to resolve."
"Fortinet should focus on enhancing the capabilities of FortiGate by consolidating its various products, such as FortiGate Cloud, FortiManager, and FortiAnalyzer."
"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files."
"Performance and technical support are the main issues with this solution."
"The performance and speed are aspects of the solution that could always be improved upon."
"The only time we face a problem or issues is when we place a ticket. We have found that response is very slow."
"Email spam filtering only works if you have an on-prem Exchange server. It doesn't interface with Office 365 like the XG model. That would be one feature that they could improve. They're not going to do it because they're trying to push us all to XG."
"There needs to be some improvement in the IPsec VPN. There is implementation only support. I have version one. I'd be most interested in having IP version two from the protocol."
"Sophos UTM could improve the way the configuration has to be done. I have to do the configuration through the command line interface but if it could be done through the graphical user interface it would be much better."
"The ease of use could be a bit better."
"The solution needs better integration with captive portals and XGs."
"Sophos should be more user-friendly, have more dashboards, and an easier implementation."
"It does have built-in policies, which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them."
Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Fortinet FortiGate is rated 8.4, while Sophos UTM is rated 8.4. The top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Netgate pfSense, Meraki MX and Check Point NGFW, whereas Sophos UTM is most compared with Netgate pfSense, Sophos XG, OPNsense, Palo Alto Networks NG Firewalls and Cisco Secure Firewall. See our Fortinet FortiGate vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I would have no doubt in recommending Fortinet. I do not know the Sophos UTM product specifically but in general, in companies, we have had unpleasant experiences with Sophos with customers. They typically declare performance values that are overestimated in the field.
We replaced Fortinet with Sophos as our public-facing UTM in 2017 & since then the ride has been extremely rough. I would not recommend Sophos for any mission-critical environment.
Fortinet is easy to manage and it include secure SDWAN as well including many features with easy to configure.
Both firewalls are easy to deploy. But the issue you will encounter when performing troubleshooting. You will not get flexibility in troubleshooting through Cli in Sophos whereas, in FortiGate, we have much more control. Besides if you are deploying a firewall on a large scale where visibility, control, performance as well as the flexibility is important it is better to go with Fortinet rather than Sophos.
I would also like to elaborate on the reporting part in FortiCloud. There is no need to pay any extras. Every box connects to ForticCoud service, and if you want reports to be greater than 7 days (meaning to be kept longer than that in their memory system) then you have to pay. In the meantime, by default Forticloud will send daily emails with reports and once a week you will get 4 to 5 reports, with lots of granular information. These reports are all in PDF with color graphics. In reality, I would be happy to send you some of the reports as in words typed herein would be more than a book. The FortiGate appliance also comes with 10 endpoint security (Forticlient) licences. So you can put this endpoint protection software to servers or clients. It also has a two-factor authentication license included. With these boxes, you can also create VDOM (Virtual Domains, totally separate).
They can afford that as the hardware, as I mentioned before (ASIC) has the power to do that. In 3 years I have had 1 spam message entering my mail server, is that telling you something??? In my first reply, I did tell you that where I work now they purchase Sophos. Well, when the antivirus is set the CPU gets up to 90%. My Fortigate CPU is 0% and peaks during attacks. And I have had quite a few. They were attempting to break into the mail server. More than 2 million attempts in less than 2 hours. Have a look at NSS Labs site. FortiGate is a Rolls Royce, you cannot compare.
Here in Australia, where I work now, the decision was to go with Sophos, ONLY ON PRICE. Yes, great brains. Now they regret that big time. FortiGate is a much more powerful device, especially when it comes to being able to handle the traffic. Most of the models handle throughput via ASIC (Application Specific Integrated Circuit) which is nothing more and less than a customer semiconductor. So, this is handled via hardware. It may be initially more difficult to implement. Now, what does "difficult" mean? To me when there is an unknown, difficult comes up till you learn. So if you make a decision on price and because "it is the easiest" to install.
I would not touch Sophos. Simple as that.
Sophos UTM is better by far. but it is more expensive
Done many installations of both Sophos and FortiGate, Sophos is the easiest to install and best in terms of features.
Reporting is free in Sophos while we need an extra subscription for FortiGate. Deep packet inspection, intrusion prevention advanced threat protection, web filtering, app control and email protection are key features of Sophos. Browsing is made safe with phishing protection and new functionality of ransomware protection. Sophos support is brilliant and community website from Sophos answers to all your questions and ease deployment.
I can’t really comment on FortiGate. We’ve been working with Sophos for years and like it’s integration with their endpoint.