Menlo Secure vs Sophos XGS comparison

Menlo Security and Sophos are both solutions in the Firewalls category. Menlo Security is ranked #52, while Sophos is ranked #12 with an average rating of 8.5. Menlo Security holds a 0.1% mindshare in Firewalls, compared to Sophos’s 2.5% mindshare. Additionally, 100% of Menlo Security users are willing to recommend the solution, compared to 94% of Sophos users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 16, 2024

Menlo Secure and Sophos XGS are competitive products in the cybersecurity field. Menlo Secure has an edge regarding support and ease of deployment, while Sophos XGS excels in feature set, making it worth its price despite higher costs.

Features: Menlo Secure is praised for its web isolation capabilities and seamless integration. Users mention its comprehensive protection without impacting performance. It also has efficient performance. On the other hand, Sophos XGS stands out with advanced threat protection, firewall management, and integration with other Sophos products. It provides granular control and robust reporting features.

Room for Improvement: Menlo Secure users mention needing better reporting tools and enhanced email security capabilities. Suggested improvements include more detailed analytics and faster threat detection updates. Sophos XGS users recommend enhancing its reporting detail and reducing the complexity of configurations. Some also wish for better customer support response times.

Ease of Deployment and Customer Service: Menlo Secure is noted for its straightforward deployment process and reliable customer support. Users mention the minimal learning curve. Sophos XGS has a steeper learning curve due to its complex configuration options, but provides robust support once set up.

Pricing and ROI: Menlo Secure is considered cost-effective with a good ROI. Users find setup costs reasonable and value for money high. Sophos XGS, while pricier, is justified by its comprehensive features and strong security capabilities, leading to a satisfying ROI.

To learn more, read our detailed Menlo Secure vs. Sophos XGS Report (Updated: April 2025).

Buyer's Guide

Menlo Secure vs. Sophos XGS

April 2025

Download the complete report

Helped 850,236 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Mindshare comparison

As of May 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.4%, up from 17.7% compared to the previous year. The mindshare of Menlo Secure is 0.1%, up from 0.0% compared to the previous year. The mindshare of Sophos XGS is 2.5%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewalls

Featured Reviews

EhabAli

Sr. Cybersecurity Solutions Architect at BMB

Efficient, user-friendly, and affordable

In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.

Read full review

Olivier DALOY

Group Information Systems Security Director - CISO at Faurecia

Secures users wherever they are and enable us to inspect SSL traffic, but we encountered too many issues

The solution should have no impact but it does have a bit of impact on end-users. For example, we encountered some issues in the downloads that took longer than they did without using Menlo. That is clearly not transparent for users. We expected not to have any latency when downloading anything from the internet with Menlo compared to without Menlo. We are now transitioning to another solution. The main reason for that is that managing all of the exceptions and troubleshooting all of the issues our users have had connecting to the internet has become too significant in terms of workload, compared to what we hope we will have with another solution. In other words, we hope to get the same level of protection, while reducing the number of visible bugs, issues, latencies, impacts on performance, et cetera, that we have today with Menlo. We already solved most of them, but we still have too many such instances of issues with Menlo, even though it is protecting us for sure. The weak point of the solution is that it has consumed far too much of my team's time, taking them away from operations and projects and design. It took far too much time to implement it and get rid of all of the live issues that we encountered when our users started using the solution. The good point is that I'm sure it is protecting us and it's probably protecting us more than any other solution, which is something I appreciate a lot as a CISO. But on the other hand, the number of issues reported by the users, and the amount of time that has been necessary for either my team or the infrastructure team to spend diagnosing, troubleshooting, and fixing the issues that we had with the solution was too much. And that doesn't include the need to still use our previous solution, Blue Coat, that we have kept active so that whatever is not compatible or doesn't work with Menlo, can be handled by that other solution. It is far too demanding in terms of effort and workload and even cost, at the end of the day. That is why we decided to transition to another solution. If we had known in the beginning that we would not be able to get rid of Blue Coat, we probably would not have chosen Menlo because we were planning to replace Blue Coat with something that was at least able to do the same and more. We discovered that it was able to do more but it was not able to replace it, which is an issue. It is not only a matter of cost but is also a matter of not being able to reduce the number of partners that you have to deal with. In addition, they could enhance the ability to troubleshoot. Whenever a connection going through Menlo fails for any reason, being able to troubleshoot what the configuration of Menlo should be to allow it through would help, as would knowing what level of additional risk we would be taking with that configuration.

Read full review

Nassif Kaleny

IT Manager at Bavaria Egypt S.A.E.

Dynamic web and mail filtering contribute to improved security measures

The reporting system is very poor. I cannot trace any traffic to our site if it feels some threats. It just tells me that there is something during a certain time but does not provide information about the type of threats or how to get rid of them. This needs improvement.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The features that prevent internet connections, the filtering are the most valuable because we did not have any internet protection before."

"My clients appreciate it for its features. It is easy to install and manage, and it offers all-around protection, including web filtering, content filtering, IPS, and IDS."

"It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working."

"I have found Fortinet FortiGate to be scalable."

"Offers good security and filtering."

"Reliability is the best feature. We faced some issues when we were setting it up, but the service, portal, and administration are good."

"Its stability is the most valuable."

"The multi-tenancy feature is most valuable. It integrates very well with FortiManager and FortiAnalyzer."

More Fortinet FortiGate pros

"The fact that it is a cloud proxy solution is another feature we like. For example, if you acquire a new company, you can use it to protect that new company without the need to install anything physically on their networks."

"It has reduced security events to follow up on. While it is not 100%, there has been probably a 90% or more reduction. We were getting hit left, right, and center constantly from people browsing the Internet and hitting bad websites. It was not just bad websites that were stood up to be malicious, but good sites that were compromised."

"Accessing the internet with a proxy from anywhere is the most valuable feature. It ensures that users are only able to browse legitimate websites. If they happen to go to a legitimate website with a malicious payload, the isolation feature will take care of that."

"For us, the primary goal is protection on the web, and that's extremely important. We're not using any of the other services at this time. The web part is key to the success of the organization. It gives us the ability to protect. It can isolate. It opens the session in an isolated format so that the code isn't running locally. It is running over in the Menlo environment, not in ours. It is not running on the local computer, whereas if you were to go to a normal website, it would run Java or something else on the local machine and potentially execute the malicious code locally. So, it does give us that level of protection."

"Sophos XGS' most valuable features are protection and intrusion prevention detection."

"All the features are valuable, in my opinion, but for us the most important features are the network security, application control, and web server protection. Sophos Sandstorm is another good feature off the top of my head."

"The features that I find most effective in enhancing network security include EDR and XDR."

"XGS' most valuable feature is ransomware protection."

"The solution is scalable."

"It offers an easy initial implementation."

"It provides good protection services."

"The most valuable feature of Sophos XGS is its ease of use."

More Sophos XGS pros

Cons

"In the balance between links feature normally you can just choose one option to balance. It would be better for the solution to have more than one option, preferably three."

"There's always something new that can be added or fixed."

"While FortiGate is cheaper than most other solutions, we're seeing increased license renewal costs. Most of our clients are asking for more significant discounts because the price is going up."

"It claims it does DLP, but the degree and level of controls are very basic."

"The security of Fortinet FortiGate could improve."

"Fortinet FortiGate could improve if it had a cloud-managed solution."

"We had a minor problem where there was a major system upgrade on the hardware platfrom and the Mac client was not available as soon as it might have been. The PC client was available immediately, but we had to wait a month or so, before there was a mac client. I was slightly irritated that it was not ready on time, but it was eventually resolved."

"The solution could be more secure and stable."

More Fortinet FortiGate cons

"The user monitoring could still be improved."

"We are now transitioning to another solution. The main reason for that is that managing all of the exceptions and troubleshooting all of the issues our users have had connecting to the internet has become too significant in terms of workload, compared to what we hope we will have with another solution."

"In the best of all worlds, we wouldn't have to make any exceptions. However, that is a big ask because a lot of that depends on how websites are constructed. For example, there are some very complex, application-oriented sites that we end up making exceptions for. It is really not that big an issue for us to make the exceptions. We feel like we are doing that without a huge impact on our security posture, but we do have to make some exceptions for complex sites, e.g., mostly SaaS-type sites and applications."

"Currently, I don't have a good way to see which of my rules are being used in the access control lists. I have numerous entries, but are they all still needed? A report that would show me my list of who is allowed and whether we're actually using it would be useful because I can then go clean up my list. It would be easier to manage. We would eliminate the vulnerability of unused services."

"There is no option for right-clicking on any feature after logging into the firewall. I am unable to open a feature in a new tab. In FortiGate, I can do it; in Sophos, I cannot."

"In future releases, this solution could have more graphical elements on the dashboard to make it easier to understand."

"When it comes to different interfaces there is some speed issue that can be improved in Sophos XGS."

"Sophos XGS could improve the automation system. It could be better if there was some level of automation, attacks automation, meaning if this happens, then it automatically executes a particular process."

"Support is great, however, it can always be improved."

"Sophos XGS could improve by having better integration with Active Directory."

"They should customers who are facing issues with their product reviews; they found bots in it. If they can do their proper research and use the user analysis and testing, that would greatly help the clients."

"The solution could be easier to manage and configure."

More Sophos XGS cons

Pricing and Cost Advice

"The cost of Fortinet FortiGate is competitive and not expensive compared to other enterprise- grade solutions. On average, the license cost per year is around seventy percent of the firewall's purchase price."

"We just pay a flat monthly fee to the vendor for the support."

"Fortinet FortiGate is reasonably priced."

"Its licenses cost the same for different subscription plans."

"The price of the license and warranty can be better because it is very expensive."

"The price of FortiGate is good."

"Our licensing costs are on a yearly basis."

"When you look at these end security systems and firewalls, these firewalls even five years ago were $50,000 or perhaps $25,000 to implement in some types of customer sites. Now we're talking about tools that are $1,000. In this case, it might have been $500 or something like that."

More Fortinet FortiGate pricing and cost advice

"It is appropriately priced for what they're doing for us. Considering the protection provided, I feel their pricing is spot-on."

"The solution is expensive. It's more expensive than the solution I previously used. Compared with the other cloud-based solutions, it's very competitive."

"We save a ton of money and time. Previously, the numerous hits that we were receiving from our security tools, prior to implementing them, had to all be chased down, dispositioned, and endpoints had to be reimaged. It was just a ton of effort to do all that. That is where the savings from time and money come in."

"Sophos XGS is a cost-effective solution."

"Sophos XGS is a very expensive solution."

"Sophos XGS is competitively priced."

"The cost of Sophos XGS is based on per unit, per appliance, and capacity."

"Sophos XGS's pricing is very affordable."

"XGS' price could be lower, though it's moderately priced in the market."

"We must purchase separate web server licenses, as they are not included in the regular device license. I would rate the product an eight out of ten in terms of price. It's relatively affordable."

"I pay close to $10,000 per year, which I find to be expensive compared to the other similar solution or equivalent solutions."

More Sophos XGS pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

850,236 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

20%

Computer Software Company

14%

Comms Service Provider

Manufacturing Company

Computer Software Company

19%

Financial Services Firm

14%

Manufacturing Company

Healthcare Company

Computer Software Company

14%

Manufacturing Company

Comms Service Provider

Educational Organization

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

Ask a question

Earn 20 points

What do you like most about Sophos XGS?

The policies are the greatest feature. They allow us to configure granular control over our network traffic.

See all answers

What is your experience regarding pricing and costs for Sophos XGS?

Sophos XGS was reasonably priced initially, but the license cost has significantly increased in the last few years.

See all answers

What needs improvement with Sophos XGS?

The reporting system is very poor. I cannot trace any traffic to our site if it feels some threats. It just tells me ...

See all answers

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 22% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 13% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 11% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

SonicWall TZ vs Fortinet FortiGate

Compared 5% of the time

More Fortinet FortiGate Competitors

Cisco Umbrella vs Menlo Secure

Compared 22% of the time

Prisma Access by Palo Alto Networks vs Menlo Secure

Compared 16% of the time

Prisma Access Browser vs Menlo Secure

Compared 14% of the time

Symantec Endpoint Security vs Menlo Secure

Compared 13% of the time

Zscaler Internet Access vs Menlo Secure

Compared 11% of the time

More Menlo Secure Competitors

Sophos XG vs Sophos XGS

Compared 21% of the time

OPNsense vs Sophos XGS

Compared 17% of the time

Netgate pfSense vs Sophos XGS

Compared 8% of the time

Palo Alto Networks NG Firewalls vs Sophos XGS

Compared 7% of the time

Check Point NGFW vs Sophos XGS

Compared 6% of the time

More Sophos XGS Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

May 2025

Download Fortinet FortiGate product report

Buyer's Guide

Menlo Secure

April 2025

Download Menlo Secure product report

Buyer's Guide

Sophos XGS

April 2025

Download Sophos XGS product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

Menlo Security Web Security, Menlo Web Security

No data available

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

Menlo Security Secure Application Access

Menlo Security Secure Application Access makes zero trust access easy, giving users secure connectivity to private applications, including web and legacy applications. At the core of Secure Application Access is the Menlo Secure Cloud Browser, which fetches, secures and delivers the content for users.

In addition to providing simple-to-deploy, clientless ZTA, Secure Application Access and the Menlo Secure Cloud Browser protect applications from attacks such as session hijacking, cookie manipulation, and other tactics that employ protocol manipulation.

Secure Application Access protects applications from Internet threats and provides granular controls for added protection of the application and associated data. These security controls include Read-only/Read-write, Upload/download, Copy/paste, AV scanning, Sandboxing, and Data Loss Prevention.

Last Mile Data Protection

Menlo Last-Mile Data Protection identifies and prevents sensitive data from leaving your company by meticulously inspecting all file uploads and user input across browsing sessions. Leveraging the Secure Cloud Browser, users are protected from the internet and you can protect your organization from data loss with comprehensive traffic monitoring and controls. This approach addresses the growing concerns surrounding data leakage in the age of AI tools like ChatGPT.

By identifying sensitive data through file types, regular expressions, or predefined libraries, Menlo Last-Mile Data Protection empowers security teams to regulate data input into AI platforms and prevent unauthorized uploads. This capability provides crucial protection for intellectual property, PII, and other confidential information.

The solution leverages the Menlo Cloud Security Platform's visibility and control over traffic to reliably detect and prevent data leaks originating from both browser submission forms and non-browser traffic. With the ability to inspect encrypted web traffic, Menlo Last-Mile Data Protection enforces DLP policies consistently across all users and devices, ensuring comprehensive data protection.

Menlo Security

Sophos XGS is a comprehensive network security solution designed to protect organizations from advanced threats. It combines next-generation firewall capabilities with advanced threat protection, web filtering, and application control.

XGS has powerful deep learning technology and can detect and block even the most sophisticated malware and ransomware attacks. It also offers granular control over web access, allowing organizations to enforce policies and prevent access to malicious or inappropriate websites. Additionally, XGS provides application control features, enabling organizations to manage and prioritize network traffic based on specific applications or user groups.

With its intuitive management interface and centralized reporting, XGS offers easy deployment and monitoring of network security.

Sophos

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

Information Not Available

Buyer's Guide

Menlo Secure vs. Sophos XGS

April 2025

Free Report: Menlo Secure vs. Sophos XGS

Find out what your peers are saying about Menlo Secure vs. Sophos XGS and other solutions. Updated: April 2025.

DOWNLOAD NOW

850,236 professionals have used our research since 2012.

See our Menlo Secure vs. Sophos XGS report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.