We performed a comparison between Fortinet FortiGate and Sophos UTM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Fortinet FortiGate and Sophos UTM had a similar user rating regarding ease of deployment, service and support, and ROI. If pricing is a factor, Sophos UTM is a more cost-effective solution based on user reviews. In terms of features, Fortinet FortiGate users felt the interface was complex, and the reporting feature needed improvements. In contrast, Sophos UTM users felt the solution needed to do a better job at covering mobile devices.
"Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"The most valuable feature would be ASDM. The ability to go in, visualize and see the world base in a clear and consistent manner is very powerful."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"The feature set is fine and is rarely a problem."
"A good intrusion prevention system and filtering."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"The solution is very easy to understand. It's not overly complex."
"I like Fortinet FortiGate's antispam filter, SPN, and clustering features."
"Anti-Spam web content filterinG."
"The product is easy to use and is stable. The SV1 functionality is a benefit."
"We were looking for the VPN feature and controlling the inflow and outflow of all the traffic within the site and across the sites. We are also using it for the VPN and VLANs."
"I like several features that this product has, such as antivirus and internet navigation inspection. It is also simple to use."
"The most valuable feature is the web filter."
"Fortinet FortiGate is stable. It's used across all the countries, this is the way most multinationals run their system."
"Sophos UTM provides security for our network here and access through a VPN connection for our remote users. It also offers the flexibility to create different tools for accessibility."
"The stability, overall, is excellent. I haven't had a problem in the last two years."
"The stability of Sophos UTM is very good. The solution has been stable since Sophos took over Cyberoam which was the original company providing this solution."
"The three most important features for us are web protection, web server protection, and network protection."
"Sophos SG UTM had all the basic functionality that you needed. It is user-friendly and easy to manage for any integrator."
"The cost of the solution is very reasonable."
"Sophos UTM is very user-friendly and has good integration with other solutions."
"The initial setup is pretty easy."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"The maturity needs to be better."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"We had some issues in the beginning while setting it up, but after doing the firmware update, it is working fine."
"There is a lot of improvement needed with SSL-VPN."
"It's my understanding that more of the current generation features could be brought in. There could be more integration with EDRs, for example."
"There aren't really any negative aspects to discuss."
"Performance and technical support are the main issues with this solution."
"Fortinet FortiGate is not very easy to use. The navigation could be improved to make it easier to use."
"Fortinet FortiGate could improve by having more capabilities for troubleshooting VPN connections. For example, I do get some feedback about the current status, but I could use some history and logging of important events. The information is logged in our Syslog server, but I could use that information from the device. If they could provide a GUI to have some more insight on what's going with my VPN would be useful."
"You do need some IT knowledge in order to effectively work with the solution."
"The interface configuration could be improved."
"The solution needs to do better at covering mobile devices, although they may have an integrated solution for that purpose."
"Sophos should improve its ability to check something like bandwidth consumption for users or something more real-time."
"We'd like to see them offer their services on mobile devices like tablets. I'm not sure if that's an option or not."
"Monitoring and reporting are areas that need improvement."
"Updates come out agonizingly slowly, a trickle."
"The integration capabilities could be better."
"When we call support, we get put on hold for a long time."
Cisco Firepower Next-Generation Firewall (NGFW) is a firewall that provides capabilities beyond those of a standard firewall and delivers comprehensive, unified policy management of firewall functions, application control, threat prevention, and advanced malware protection from the network to the endpoint.
Cisco NGFW Firewalls include advanced threat defense capabilities to meet diverse needs, from small offices to high-performance data centers and service providers, and are deployed in leading private and public clouds. Available in a wide range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Cisco NGFW firewalls are also available with clustering for increased performance, high availability configurations, and more.
Key Features of Cisco NGFW Firewalls
Reviews from Real Users
Cisco NGFW stands out among its competitors for a number of reasons. Two major ones are its extensive discovery abilities that enable you to constantly see what is happening on your network and take action when necessary, and the high level of protection it provides.
Mike B., a director of IT security at a wellness & fitness company, writes, "It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
Zhulien K., the lead network security engineer at TechnoCore LTD, notes, " The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy. Again, with that being said, I cannot shy away from giving kudos to all of the other features such as AVC (Application Visibility and Control), SSL Decryption, Identity policy, Correlation policy, REST API, and more. All of the features that are incorporated in the Cisco Firepower NGFW are awesome and easy to configure if you know what you are doing. Things almost always work, unless you hit a bug, which is fixed with a simple software update. "
Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.
Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.
Benefits of Fortinet FortiGate
Some of the benefits of using Fortinet FortiGate include:
Reviews from Real Users
Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.
PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”
PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”
Sophos UTM is a unified threat management platform designed to protect your businesses from known and emerging malware including viruses, rootkits and spyware. The solution provides a complete network security package with everything your organization needs in a single modular appliance.
Sophos UTM Features
Sophos UTM has many valuable key features. Some of the most useful ones include:
Sophos UTM Benefits
There are many benefits to implementing Sophos UTM. Some of the biggest advantages the solution offers include:
Reviews from Real Users
Below are some reviews and helpful feedback written by PeerSpot users currently using the Sophos UTM solution.
PeerSpot user Dana B., Network Administrator at a manufacturing company, says “The web and email filtering are the two biggest and most valuable aspects of the solution for us. The solution overall has just been a good, cost-effective solution for us. The solution offers a lot of functionality. The solution scales well. We've found the technical support to be helpful. The stability and performance are quite good.”
A Technical Director at a security firm mentions, "Sophos SG UTM had all the basic functionality that you needed. It is user-friendly and easy to manage for any integrator."
Marek M., Senior Network Engineer at a computer software company, comments, “Sophos UTM is the simplest of these products to set up. If you follow the instructions using the wizard, which is just a few steps, then you will have a firewall to protect you and your customer.”
A Software Sales Manager at a tech services company explains, “The overall visibility of the console is what I find most valuable, plus it's very user-friendly. It can be integrated with other solutions such as SOAR, SIEM, etc., even when you have an existing firewall. I really like that the console can be integrated. You'll see everything on the same window, and the single window feature of the machine is so good. These are the features I really like.”
James D., IT Manager at Manual Workers Union, states, “The fact that it's on the cloud means we don't have to administer it on our network or deal with a physical machine, which saves us money. The solution has many great features. From the console, we can start different scannings on different machines. We enjoy the centralized reporting part of it. The initial setup is simple. We enjoy its general stability. The solution can scale. So far, the solution has been problem-free.”
Fortinet FortiGate is ranked 1st in Firewalls with 166 reviews while Sophos UTM is ranked 2nd in Unified Threat Management (UTM) with 32 reviews. Fortinet FortiGate is rated 8.4, while Sophos UTM is rated 8.4. The top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". On the other hand, the top reviewer of Sophos UTM writes "Great web and email filtering with reasonable pricing". Fortinet FortiGate is most compared with pfSense, Cisco ASA Firewall, Sophos XG, Check Point NGFW and Palo Alto Networks WildFire, whereas Sophos UTM is most compared with pfSense, Untangle NG Firewall, Sophos XG, OPNsense and Palo Alto Networks NG Firewalls. See our Fortinet FortiGate vs. Sophos UTM report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.