We performed a comparison between GajShield Next Generation Firewall and Sophos XG based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"You can also put everything into a nice, neat, little package, as far as configuration goes. I was formerly a command-line guy with the ASA, and I was a little nervous about dealing with a GUI interface versus a command line, but after I did my first deployment, I got a lot more comfortable with doing it GUI based."
"The features I've found most valuable are the packet captures and packet traces because they help me debug connections. I like the logs because they help me see what's going on."
"Firepower has reduced our firewall operational costs by about 25 percent."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well."
"The most valuable feature would be ASDM. The ability to go in, visualize and see the world base in a clear and consistent manner is very powerful."
"Provides good integrations and reporting."
"GajShield has improved our mobile device-based connectivity."
"Each user has the ability to manage the solution."
"As a security solution, it's a very good security solution."
"The VPN features and its capabilities are great."
"There are many features. VPN, firewalling, and intrusion detection are the main features that are most useful for us at this time."
"Good security and a good interface."
"The most valuable feature is the VPN aspect."
"The stability of Sophos XG is very good. However, there have been some issues with other weaker models because they are limited in hardware in resources."
"The VPN access for users is also a great thing, especially nowadays when working from home."
"The performance should be improved."
"Cisco makes horrible UIs, so the interface is something that should be improved."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"Cisco Firepower NGFW Firewall can be more secure."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"Report generation is an area that should be improved."
"Cisco Firepower is not completely integrated with Active Directory. We are trying to use Active Directory to restrict users by using some security groups that are not integrated within the Cisco Firepower module. This is the main issue that we are facing."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"The firewall configuration and administration screens could use some improvement."
"When upgrading the firewalls, the process could be easier."
"I would like to see in future releases a tool to scan for malicious packets and give the location of where they are coming from."
"The number of ports, especially on the entry-level appliances, should be increased."
"Sophos XG should improve on the GDPR features involving data protection and encryption. Security regarding data protection is important."
"Integration with Active Directory is not reliable."
"We are not very happy with the customer support they provide — it's quite slow."
"There are issues with electricity with this solution."
"I would like to have better SSL decryption and HTTP decryption. There should be filtering of SSL and HTTP traffic. Sophos XG consumes a lot of endpoint resources. It consumes a lot of RAM and CPU resources, and they should look into this."
Cisco Firepower Next-Generation Firewall (NGFW) is a firewall that provides capabilities beyond those of a standard firewall and delivers comprehensive, unified policy management of firewall functions, application control, threat prevention, and advanced malware protection from the network to the endpoint.
Cisco NGFW Firewalls include advanced threat defense capabilities to meet diverse needs, from small offices to high-performance data centers and service providers, and are deployed in leading private and public clouds. Available in a wide range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Cisco NGFW firewalls are also available with clustering for increased performance, high availability configurations, and more.
Key Features of Cisco NGFW Firewalls
Reviews from Real Users
Cisco NGFW stands out among its competitors for a number of reasons. Two major ones are its extensive discovery abilities that enable you to constantly see what is happening on your network and take action when necessary, and the high level of protection it provides.
Mike B., a director of IT security at a wellness & fitness company, writes, "It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
Zhulien K., the lead network security engineer at TechnoCore LTD, notes, " The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy. Again, with that being said, I cannot shy away from giving kudos to all of the other features such as AVC (Application Visibility and Control), SSL Decryption, Identity policy, Correlation policy, REST API, and more. All of the features that are incorporated in the Cisco Firepower NGFW are awesome and easy to configure if you know what you are doing. Things almost always work, unless you hit a bug, which is fixed with a simple software update. "
Traditional firewalls commonly serve as the boundary between the Internet and an organization's network. They offer protection based on controlling specific protocols and ports, and restricting traffic to and from specific IP addresses. These days however, most attacks are web-based, easily passing through http (port 80) and https (port 443). Most firewalls are unable to identify malicious applications or traffic passing through these common ports. Next Generation firewall must evolve to effectively defend against these threats.
Customers get, complete and Proactive security with GajShield Next Generation Appliances. GajShield has inbuild default security policy to deny all out bound traffic from local LAN to the internet. It reacts quickly to attacks with intelligent packet filtering that sets policies and hardens customer network defenses dynamically. GajShield has inbuild default security policy to deny all out bound traffic from local LAN to the internet. In today's organization, application, employees, vendors, clients, and security threats fight for the same network resources. It has become difficult for small to medium enterprises to manage their infrastructure as they are unable to distinguish between good traffic v/s bad traffic. Threats or various productive applications have become smarter as they camouflage data transfer using standard internet ports. Current day security products have failed to distinguish and manage such malicious traffic.
Sophos XG Firewall is a complete firewall solution that provides all the real-time security and insights you need to protect your network from ransomware and advanced threats. Sophos XG Firewall provides visibility into suspicious users, unknown and unwanted apps, encrypted traffic, and other threats. With its advanced artificial intelligence capabilities, Sophos XG Firewall immediately identifies potential risks and intrusions on web servers and networks.
Sophos XG Firewall Features
Sophos XG Firewall offers a wide range of security features, including:
Reviews from Real Users
Sophos XG Firewall stands out among its competitors, among other reasons, for its intrusion detection capabilities, its user-friendly management platform, and in general, for being a complete and robust firewall solution.
Niranjan P., a network & system support engineer, writes, “Sophos is a comprehensive solution which allows me to configure all the attendant products, such as Sophos's firewall, endpoint, and encryption features. A nice feature of Sophos is that it offers in sync and heartbeat security. When my clients have a perimeter involving Sophos firewall and endpoints with Sophos Endpoint, they can communicate with each other.”
Antonio D., sales manager at INFOSEC, notes, “The product has a console that is based in the cloud for all their products. In this console, they have email security, firewall security, endpoint security, et cetera. All of the products on offer in the console are very useful for us. The solution is stable. The solution works well for enterprises and large-scale organizations.”
Antony M., ICT/HMIS supervisor at a healthcare company, writes, “The VPN feature is the most valuable. It has come in handy during this period when people are working from home. The filtering feature is also valuable because you can easily filter the sites that you don't want to visit. You can also set timely surfing quotas”
GajShield Next Generation Firewall is ranked 32nd in Firewalls with 1 review while Sophos XG is ranked 6th in Firewalls with 141 reviews. GajShield Next Generation Firewall is rated 8.0, while Sophos XG is rated 8.0. The top reviewer of GajShield Next Generation Firewall writes "Identifies and protects against email borne threats". On the other hand, the top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". GajShield Next Generation Firewall is most compared with Fortinet FortiGate, OPNsense, Fortinet FortiGate-VM, Sophos Cyberoam UTM and Sophos UTM, whereas Sophos XG is most compared with Fortinet FortiGate, pfSense, OPNsense, Palo Alto Networks NG Firewalls and SonicWall NSa.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.