Try our new research platform with insights from 80,000+ expert users

Palo Alto Networks NG Firewalls vs Sophos XG comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.4
Fortinet FortiGate offers cost-efficient security, enhancing performance and network stability, while significantly reducing operational costs and incidents.
Sentiment score
7.6
Palo Alto Networks NG Firewalls offer strong ROI by enhancing security, reducing costs, and enabling efficient management for digital transformation.
Sentiment score
7.1
Sophos XG enhances cybersecurity, reduces costs, streamlines management, and offers significant ROI with improved security and efficiency.
Clients are now comfortable and not wasting productive hours on IT support.
We have experienced a positive return on investment by utilizing Fortinet's products.
There's definitely an ROI. Having a centralized way of managing and applying policies across the entire organization always helps.
Their user-friendly interface and Panorama central management, which provides a comprehensive overview, make them an ideal investment.
The solution helped reduce downtime, which is crucial in time-sensitive industries like manufacturing.
The graphical interface of Sophos XG simplifies configurations, saving time in support and troubleshooting compared to the Linux-based solution I previously used.
It's good, but I would still say it's higher by about 10-15 percent compared to other market products with similar configurations.
Having a Unified Threat Management system like Sophos XG has helped us spend less on network security, thus providing a good return on investment by managing our income effectively.
 

Customer Service

Sentiment score
7.0
Fortinet FortiGate support receives mixed reviews, praised for higher-level assistance but criticized for inconsistent technical support responsiveness.
Sentiment score
7.6
User reviews for Palo Alto Networks NG Firewalls support vary, highlighting responsiveness issues, regional inconsistencies, and communication challenges.
Sentiment score
6.3
Sophos XG customer service is praised for professionalism but criticized for slow responses and inconsistent support quality.
He explained that it required a command line configuration, as it couldn't be done through the graphical user interface.
I would rate their support for FortiGate a nine out of ten.
They offer very accurate solutions.
Their response time is within one hour.
They offer fast and competent assistance.
They provide fast response and rapid remediation of problems.
Users are reluctant to open support cases and would rather reinstall an appliance themselves than go through the support process.
I would rate the technical support a nine out of ten.
Microsoft's protection has received positive feedback and strong on-site support from both customers and partners.
 

Scalability Issues

Sentiment score
7.3
Fortinet FortiGate is scalable for enterprises, but expansion may require budget planning and careful pre-planning for integration.
Sentiment score
7.3
Palo Alto Networks NG Firewalls offer scalable options, but hardware upgrades, clustering limitations, and costs may challenge smaller organizations.
Sentiment score
7.2
Sophos XG offers scalability for small to medium enterprises but may require careful sizing and upgrading for growth.
They scale up really well from smaller models like the FortiGate 40 and 50 to bigger sites with the FortiGate 100 for more throughput - up to enterprise datacenters.
The variation comes in terms of the interfaces and throughputs, but from a security perspective, you get the same benefit, irrespective of whether you have an entry-level unit or an enterprise.
You can choose a cheaper model if you only have 20-30 users, but you will need to spend more money for a FortiGate solution that covers 5,000.
Cloud deployments benefit from auto-scaling, allowing for automatic adjustments to firewall capacity based on demand.
It is important to assess the infrastructure size before choosing a model.
Palo Alto Networks NG Firewalls are scalable and reliable.
You can scale up to multiple firewalls with centralized management.
You can't upgrade memory or storage on a specific model, which limits scalability.
The scalability of the solution is limited to three nodes and may not be sufficient for extensive scaling.
 

Stability Issues

Sentiment score
7.9
Fortinet FortiGate is reliable and stable, despite occasional issues under high traffic; model selection impacts performance.
Sentiment score
8.4
Palo Alto Networks NG Firewalls are praised for high stability, outperforming competitors, with minor issues linked to external factors.
Sentiment score
8.0
Sophos XG offers strong stability with frequent updates, despite some bugs in firmware, and is highly rated by users.
Improper handling of these can lead to a memory surge, a well-known bug that can cause the entire system to freeze.
It is less stable than Palo Alto Networks and Check Point firewalls because there are lots of bugs in the latest firmware.
We have not had any problems with the operating systems or maintenance of subscriptions.
With appropriately configured policies, these firewalls can provide robust network security.
After the upgrade, we are experiencing performance issues.
I have not experienced any outages or issues.
I would rate the stability of Sophos XG a ten out of ten.
Sophos XG is very stable, even when serving as a DHCP server.
Sophos XG is resource-greedy, affecting performance even on newer computers.
 

Room For Improvement

Fortinet FortiGate needs improved UI stability, integration, performance, VPN functionality, support, and simplified policy management due to high costs.
Palo Alto Networks NG Firewalls require improvements in reporting, integration, pricing, ease of use, and machine learning capabilities.
Sophos XG needs improvements in reporting, VPN setup, interface usability, support response, SD-WAN, application filtering, integration, and update stability.
If I have put 10 GBPS of throughput on a firewall and I enable all of these features available, such as IPS or UTM functionalities, the throughput comes down to 1 GBPS.
By providing an integrated solution, users would have access to all features and functionalities within a single window, eliminating the need to navigate through multiple windows.
Investing in a solution that can accommodate such growth would be more cost-effective than repeatedly purchasing new hardware.
When performance degrades due to full packet inspection, the solution should be to increase the computing power within the same firewall, not to recommend upgrading to a larger, more expensive model.
Further integration into a unified system could improve usability.
Palo Alto Networks NG Firewalls lack built-in multi-factor authentication, requiring the purchase of a third-party tool to implement this essential security feature.
The solution should have the ability to be up to date with the most recent threats.
This suggests a vulnerability that needs addressing to ensure administrators can update patches without losing access.
Business cannot stop just because of issues with support.
 

Setup Cost

Fortinet FortiGate is praised for its cost-effectiveness and flexible licensing, especially benefiting small to medium-sized businesses.
Palo Alto Networks NG Firewalls are costly, but users find their security and performance worth the investment despite high expenses.
Sophos XG offers competitive pricing and cost-effective licenses, appealing to SMEs with discounts and affordable support options.
Secure SD-WAN is free of charge.
The most expensive part is the renewal of the license subscription.
FortiGate is priced lower than Palo Alto.
Palo Alto Networks NG Firewalls are expensive.
Palo Alto Networks NG Firewalls come at a premium, exceeding the cost of most competitors by 45 percent.
Colleagues looking for the cheapest and fastest firewall can still use Palo Alto Networks NG Firewalls because they are affordable.
I would rate the pricing a ten out of ten as high.
The licensing cost in the final currency amount, is 163,080, with three years of support.
I rate the pricing a ten out of ten.
 

Valuable Features

Fortinet FortiGate is a reliable, user-friendly security solution known for robust features, easy configuration, and competitive pricing.
Palo Alto Networks NG Firewalls provide advanced threat prevention, application visibility, and seamless management with robust security features and performance.
Sophos XG offers robust security features, user-friendly management, and affordability, making it ideal for diverse security demands.
The firewall, IPS, and VPN functions are the most valuable features.
FortiGate provides solid protection against viruses, malware, and other threats.
Within the same dashboard, you get to see the security profiles, the type of traffic that's passing through, the top applications that are being consumed, etc.
The most valuable features of Palo Alto Networks NG Firewalls are DNS sync calls, enabled security features, and Wildfire.
Threat Vault allows us access to a comprehensive threat database, enabling us to get detailed information on threats and how to mitigate them.
The most valuable feature of Palo Alto Networks NG Firewalls is Cortex Data Lake.
This unique technology provides efficient branch connectivity without the need to invest in additional firewalls for each branch.
I particularly like the visibility it provides into network traffic, allowing us to identify and address issues efficiently.
The firewall feature of Sophos XG has been the most effective for threat prevention.
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
330
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Palo Alto Networks NG Firew...
Ranking in Firewalls
6th
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
192
Ranking in other categories
No ranking in other categories
Sophos XG
Ranking in Firewalls
4th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
207
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of May 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.4%, up from 17.7% compared to the previous year. The mindshare of Palo Alto Networks NG Firewalls is 3.4%, up from 3.1% compared to the previous year. The mindshare of Sophos XG is 11.5%, up from 9.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Q&A Highlights

NC
Nov 17, 2021
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
AmjadKhan1 - PeerSpot reviewer
Provides inline protection with a unified view and anti-spyware capabilities
I would rate Palo Alto Networks NG Firewalls ten out of ten because it is the best. Our disaster recovery site utilizes Palo Alto Networks Next-Generation Firewalls. We are also in the process of upgrading the firewalls at our 365 sites in Pakistan to Palo Alto Networks firewalls. While budget firewalls may advertise comparable features, they often fall short of effectively detecting viruses, threats, and ransomware. In contrast, Palo Alto Networks NG Firewalls, combined with Cortex XDR, provide comprehensive threat intelligence and detection capabilities, ensuring superior security coverage. I recommend conducting a proof of concept before selecting a firewall. This will allow you to evaluate different options and determine which best suits your needs. While Palo Alto offers robust firewall solutions, it's essential to compare them with other vendors to ensure you make an informed decision.
Mohamad Charara - PeerSpot reviewer
Security features improve protection while integration and resource management require enhancements
Sophos XG ( /products/sophos-xg-reviews ) is not easy to navigate and to use, and the integration capabilities are lacking. It cannot integrate properly with solutions like Darktrace ( /products/darktrace-reviews ). The VPN client on mobiles, especially Android phones, has issues. It is resource-greedy, causing performance problems even on new computers. Improvements are needed in resource management and integration with other security solutions.
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
849,686 professionals have used our research since 2012.
 

Answers from the Community

NC
Nov 17, 2021
Nov 17, 2021
Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat signatures and updates. I also appreciate that I can just import addresses and URL objects from the external server. Palo Alto has a dedicated management interface, which makes it easy to manage the device and handle the initial configuration. It has fantastic throughput and its co...
See 2 answers
CL
Oct 19, 2021
As a Sophos specialist, I can tell you that XG Firewall will cover all that you'll need with a more affordable way.Sophos XG firewall will not disappoint you with its performance, resources or features.
Janet Staver - PeerSpot reviewer
Nov 17, 2021
Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat signatures and updates. I also appreciate that I can just import addresses and URL objects from the external server. Palo Alto has a dedicated management interface, which makes it easy to manage the device and handle the initial configuration. It has fantastic throughput and its connection speed is pretty fair, even when dealing with a high traffic load. With Palo Alto I can configure and manage with REST API integration. And Palo Alto provides deep visibility into your network activity via Application and Command Control. Although Palo Alto has great things going for it, there are a few things I dislike about it. For example, when the CPU is 100%, the GUI can take a very long time to respond. Booting time is also time-consuming, and committing the configuration takes more time than I would like it to. Like Palo Alto, Sophos XG is quick and easy to configure. It is compact in size, and therefore does not weigh a lot either. Similar to Palo Alto as well, it can handle heavy traffic and has a solid performance. A good thing about Sophos XG is that it supports IPsec connection with multiple vendor firewalls. However, I am not impressed with the CLI which is not so useful, and I don’t like that there is no option to import bulk address objects. Conclusion: Palo Alto Networks NG Firewalls and Sophos XG are both good products. However, Palo Alto has certain features I really like and that’s why I chose it. For me, Palo Alto’s dynamic address group option is a big advantage because it is a huge time saver instead of having to create address groups manually. Another biggie for me was its DNS Sinkhole feature because it is something I rely on a lot and it is very effective in blocking C2 command control traffic.
 

Top Industries

By visitors reading reviews
Educational Organization
21%
Computer Software Company
14%
Comms Service Provider
7%
Manufacturing Company
6%
Computer Software Company
15%
Financial Services Firm
9%
Manufacturing Company
9%
Government
7%
Computer Software Company
16%
Comms Service Provider
9%
Manufacturing Company
7%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
What is a better choice, Azure Firewall or Palo Alto Networks NG Firewalls?
Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure Firew...
Features comparison between Palo Alto and Fortinet firewalls
In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...
Which is better - Palo Alto Networks NG Firewalls or Sophos XG?
Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...
What are the main differences in features between Sophos XG and FortiGate 80F?
Hi Arvind P , The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form Fact...
What is your experience regarding pricing and costs for Sophos XG?
I consider the pricing reasonable; it depends on the model and license type, like one-year, two-year, or five-year li...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments
Information Not Available
Find out what your peers are saying about Palo Alto Networks NG Firewalls vs. Sophos XG and other solutions. Updated: April 2025.
849,686 professionals have used our research since 2012.