Nov 26, 2020
Both have some unique features and per my experience with both the vendors, Sophos has more features, functionalities, and support. For more info, drop me an email to pranavjyoti@outlook.com
SonicWall NSa and Sophos XG are strong competitors in the network security appliance category. SonicWall NSa offers superior packet capture and VPN capabilities while Sophos XG is preferred for its synchronized security with comprehensive integration.
Features: SonicWall NSa supports site-to-site VPNs and employs deep packet inspection for extensive application control and effective content filtering. Its ability to capture and upload packet data to an FTP server facilitates detailed troubleshooting. Sophos XG emphasizes synchronized security with a unified console for managing both firewall and endpoints. This solution offers robust application filters and deep integration with Sophos products, enhancing network visibility and threat response capability.
Room for Improvement: SonicWall NSa could improve its reporting, logging capabilities, and user interface, and address stability during upgrades. It also faces challenges with cloud dependency for content filtering and VPN functionality. Sophos XG's user interface complexity and setup challenges for advanced features like SD-WAN are areas needing refinement. Additionally, its support response times sometimes lag during complex configurations, affecting troubleshooting efficiency.
Ease of Deployment and Customer Service: Both SonicWall NSa and Sophos XG are typically deployed on-premise with available hybrid cloud options. SonicWall is recognized for good technical support despite occasional delays in escalation. Sophos XG's customer service, while usually dependable, can suffer from support effectiveness delays when dealing with intricate configurations. SonicWall benefits from a heritage of strong support, but Sophos needs improvement in responsiveness and setup guidance.
Pricing and ROI: SonicWall NSa's pricing, considered reasonable with security service bundles, can increase with additional VPN licenses. Its competitive pricing strategy yields good ROI, thanks to its comprehensive functionality. Sophos XG is aggressively priced, more competitive than peers like SonicWall. It offers flexible licensing for tailored deployments, being cost-effective across different business sizes. Although both provide clear ROI, their pricing structures differ, with SonicWall favoring ongoing licenses and Sophos offering bundled services.
Clients are now comfortable and not wasting productive hours on IT support.
The automation part is giving us a cost benefit and speed; we can react faster.
It's a very useful tool to mitigate and protect your enterprise.
We had budgeted about thirty lakhs, but after negotiating with SonicWall NSa, we saved almost ten lakh rupees in a year.
The graphical interface of Sophos XG simplifies configurations, saving time in support and troubleshooting compared to the Linux-based solution I previously used.
We purchased endpoint security for the first time last year, and even without endpoint security, it provides comprehensive security.
It's good, but I would still say it's higher by about 10-15 percent compared to other market products with similar configurations.
The quick resolution of issues with Fortinet FortiGate is due to the support of the company and the fact that the equipment is easy to work with.
I would rate the technical support for Fortinet FortiGate a ten out of ten.
As a solution provider, when I encounter problems, I connect directly with Fortinet support, and they provide solutions within a very short time.
SonicWall support is always available to help us on an immediate basis.
The support from SonicWall was excellent.
SonicWall support is very helpful and responsive.
I rate the technical support a ten out of ten.
Their team was quick to diagnose and resolve the problem by exchanging the equipment within two weeks.
When my customers raise a ticket, a customer representative calls them immediately to address their queries.
They scale up really well from smaller models like the FortiGate 40 and 50 to bigger sites with the FortiGate 100 for more throughput - up to enterprise datacenters.
The variation comes in terms of the interfaces and throughputs, but from a security perspective, you get the same benefit, irrespective of whether you have an entry-level unit or an enterprise.
We determine sizing based on multiple factors: number of users, available links, traffic types, server count, services in use, and whether services will be published.
I would rate its scalability around eight out of ten, meaning there are no issues, and it is pretty easy to scale.
Regarding scalability, it's important to ascertain the customer's future requirements, as firewalls need to be sized according to their expected scalability, such as moving from 500 users today to more in the coming years.
SonicWall NSa is very supportive and capable of handling everything from smaller organizations to big enterprise-level organizations on a model-wise or configuration-wise basis.
You can scale up to multiple firewalls with centralized management.
You can't upgrade memory or storage on a specific model, which limits scalability.
I rate the scalability a nine out of ten.
We're experiencing 99.999% availability consistently.
I would rate the stability of Fortinet FortiGate a ten out of ten.
Currently, we are experiencing a general outage of one of the main internet service providers of the Dominican Republic, and we have not been impacted in our operations because with SD-WAN, we have another internet service provider and we are working with the second WAN connection without any disruption.
Configuration changes have been made that have reduced that latency.
The stability of SonicWall NSA is quite good.
Sophos XG is very stable, even when serving as a DHCP server.
Sophos XG is resource-greedy, affecting performance even on newer computers.
It's on 24/7 and has consistently been reliable over the years.
These sessions should be around five to ten minutes long, allowing users and partners to quickly grasp the information without disrupting their daily tasks.
The solution should be able to implement machine learning and analytics of all the logs for threat detection and protection.
It would be better for customers to get immediate replacements even with a standard subscription.
More details in the analytical tools offered would be appreciated since it is not yet mature.
At those times, the CPU spikes considerably, and due to that, the firewall response becomes slow.
There are some aspects of the dashboard configuration or customization that could be improved.
The solution should have the ability to be up to date with the most recent threats.
This suggests a vulnerability that needs addressing to ensure administrators can update patches without losing access.
Business cannot stop just because of issues with support.
Last year, I renewed the support for three years, which can sometimes be expensive but depends on the security benefits and how it helps us.
It offers cost savings as it is generally cheaper than the competition.
It is about 20% cheaper.
SonicWall is much cheaper compared to Fortinet, particularly regarding renewal and licensing costs.
I would rate the price of the product as seven out of ten.
I rate the pricing a ten out of ten.
Currently, it costs about four million shillings in Kenya.
The cost depends on the package you are in, such as full threat management or basic.
These features help reduce our downtime, manage the ISPs, and deploy SLAs for all the website traffic.
The most valuable feature of FortiGate is FortiView which provides proactive monitoring.
We got a firewall and gave an SSL VPN to my client to connect to their servers, after which, such kind of activities involving ransomware attacks stopped.
Real-time deep memory inspection is very helpful and has had a positive impact on our security posture.
SonicWall NSA's most valuable features are its SD-WAN and a system RTBI that blocks all attacks.
We were the only organization that remained secure with a zero infection rate.
The firewall feature of Sophos XG has been the most effective for threat prevention.
Integration with endpoint security products ensures seamless traffic flow and rule enforcement, even when endpoints are not directly connected to the firewall.
Visibility features are included in XDR. This provides information on user impact, potential threats on specific machines, source and destination IPs, setup firewall details, and unique identifiers for each machine.
| Product | Market Share (%) |
|---|---|
| Fortinet FortiGate | 18.7% |
| Sophos XG | 8.4% |
| SonicWall NSa | 1.7% |
| Other | 71.2% |
| Company Size | Count |
|---|---|
| Small Business | 357 |
| Midsize Enterprise | 133 |
| Large Enterprise | 188 |
| Company Size | Count |
|---|---|
| Small Business | 54 |
| Midsize Enterprise | 22 |
| Large Enterprise | 24 |
| Company Size | Count |
|---|---|
| Small Business | 141 |
| Midsize Enterprise | 52 |
| Large Enterprise | 35 |
Fortinet FortiGate is a versatile network security tool offering features like VPN, firewall, web filtering, intrusion prevention, and scalability. It is known for its performance and integration with other Fortinet products, making it a preferred choice for robust cybersecurity.
Fortinet FortiGate stands out as a comprehensive cybersecurity solution with strong performance and ease of configuration. It delivers unified threat management, integrating features such as dynamic routing, SD-WAN support, and centralized management. Despite its strengths, improvements in the web interface's stability, pricing structures, and reporting capabilities are needed. Users seek better integration with third-party tools and automation advancements to enhance the experience further. These enhancements, alongside improvements in bandwidth management and the reduction of licensing costs, are points of interest for users looking to capitalize on FortiGate's extensive capabilities.
What are Fortinet FortiGate's key features?Fortinet FortiGate is widely implemented across industries as a primary firewall system for securing internet gateways and safeguarding data centers. It supports businesses in achieving SD-WAN integration and enhances cybersecurity by providing essential features like antivirus, web filtering, and application control. Enterprises utilize FortiGate for securing remote connections and ensuring compliance with security standards, making it adaptable for different network sizes and industries.
SonicWall NSa dispenses advanced threat protection using a high-performance security platform. The NSa series implements intuitive deep learning technologies in the SonicWall Capture Cloud Platform to dispatch the automated real-time threat detection and deterrence enterprise organizations need today. SonicWall Network Security appliance (NSa) series is best for mid-sized organizations to distributed enterprises and data centers.
SonicWall NSa series next-generation firewalls (NFGWS) combine two very robust security ideologies to deliver advanced threat protection to keep users’ networks safe. Boosting SonicWall’s multi-engine advanced threat protection (ATP) is their Real-time Deep Memory Inspection (RTDMI™). The RTDMI intuitively identifies and stops aggressive zero-day threats and vicious malware by investigating memory directly. This real-time process allows SonicWall RTDMI to be accurate, lessen false positives and discover and alleviate malicious threats and attacks. SonicWall’s single-pass Reassembly-Free Deep Packet Inspection (RFDPI) will audit every byte of each and every packet by investigating both outbound and inbound traffic on the firewall. By combining the SonicWall Capture Cloud Platform along with on-box offerings such as intrusion prevention, web/URL filtering, and anti-malware, the NSa series is able to block the most malicious and dangerous threats at the gateway.
Additionally, SonicWall firewalls supply absolute protection by executing complete inspection and decryption of SSH and TLS/SSL encryption connections - no matter the port or protocol. The firewall takes a deep dive into each and every packet (the header and data) routing out any anomalies, zero-day intrusions, threats, and protocol non-compliance. Users can also define unique criteria specific to their organization to ensure their networks remain safe. This aggressive deep packet inspection is able to identify and block malicious attacks, stop dangerous malware downloads, prevent the spread of infections, and defeat command and control (C&C) communications and data exfiltration. Protocols involving inclusion and exclusion allow users complete control to decide, based on specific governance policies, organizational policies, or government or legal compliance, which traffic is to be investigated for decryption or inspection.
SonicWall Nsa offers enterprise organizations the network control and fluid flexibility they desire using an intrusion prevention system (IPS), VPN, real-time visualization, and other advanced powerful security features, making it a popular firewall solution in today's marketplace.
Reviews from Real Users
“The features that I have found most valuable are the firewalling, which is very good, and the GUI which is very intuitive. It is easy to use and provides great security.” - Network Engineer at a maritime company
“What's valuable in SonicWall NSa is the ATP (advanced threat protection). It can protect users from malicious links. SonicWall NSa also has a Sandboxing service that is very helpful for us, especially when end users accidentally click on malicious links. Another valuable feature of this solution is that it is very useful for site-to-site VPN connectivity issues. SonicWall NSa has very good hardware. I also love that SonicWall has very good technical support, who are very knowledgeable, provide good suggestions, and they're easy to reach.” - Mohammed M., Network Administrator at Transgulf Readymix
Sophos XG provides robust security capabilities, offering features like web filtering, VPN, and user-friendly management. Its intuitive setup and policy adjustments enhance security while synchronized endpoint protection ensures comprehensive defense.
Sophos XG is a network security solution with web and application filtering, VPN features, and a management interface that simplifies configuration. It offers email protection, threat prevention, and reporting capabilities, all contributing to a comprehensive defense strategy. Synchronized security with endpoints enhances protection, and advanced threat protection with efficient bandwidth management supports secure remote work environments. However, users suggest improvements in log interfaces for real-time actions and better email protection. Enhancements in link load balancing, RAM, VPN stability, and central management are needed. HTTPS filtering, certificate management, technical support, and scalability of the SD-WAN feature can see advances.
What are the key features of Sophos XG?In industries such as healthcare, education, and financial services, Sophos XG acts as a mainline defense for network security, VPN connectivity, and web filtering. It supports secure remote access, intrusion prevention, antivirus scanning, and secure web gateways integrated with endpoint systems, tailoring its extensive security capabilities to meet specific industry requirements.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
