We changed our name from IT Central Station: Here's why

Sophos XG vs WatchGuard Firebox comparison

Cancel
You must select at least 2 products to compare!
Sophos XG Logo
44,070 views|36,313 comparisons
WatchGuard Firebox Logo
20,076 views|16,809 comparisons
Featured Review
Find out what your peers are saying about Sophos XG vs. WatchGuard Firebox and other solutions. Updated: March 2020.
564,997 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The solution offers very easy configurations.""The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control.""Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening.""It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective.""The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy.""It's got the capabilities of amassing a lot of throughput with remote access and VPNs.""It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS.""One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."

More Cisco Firepower NGFW Firewall Pros →

"The most valuable feature is web filtering.""Overall the solution works well.""The solution has very good security features, is easy to use for administrators and users, and has informative reports.""It is stable, flexible, and easy to use. It has got a web management portal that can be accessed from anywhere.""The simplicity of the setup is the most valuable feature.""They really work scalability into the solution at the outset.""I have found configuring the ports to be easier in Sophos XG compared to the other devices.""The most valuable features are its nice interfaces and configuration. The endpoint is also very good."

More Sophos XG Pros →

"It saves us time in the respect that we now have the template built for it so we can get in and get it done. We've had much less problem supporting Voice over IP technologies from different companies. Because our client base has grown over the years, we're probably saving 20 to 30 man-hours a month now that we've got this on a good stable level.""The most valuable features are the VPN and web blocker security.""There are many fantastic features.""The set up of the VPN is pretty straightforward. Being able to build VPNs on the fly for certain users, if need be, is also valuable.""Their support is excellent, and the stability is very good.""Policy VPN, site-to-site VPN, traffic monitoring, anti-spam filters, and all other advanced features are valuable.""It also provides us with layered security. It has onboard virus scanning features that allow it to scan before something gets to the host. It will also stop a person from going to a site that is known to be bad.""The security that is used for defending from the attacks is very good."

More WatchGuard Firebox Pros →

Cons
"The price and SD-WAN capabilities are the areas that need improvement.""My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement.""The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved.""Deploying configurations takes longer than it should.""An area of improvement for this solution is the console visualization.""The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore.""When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance.""The solution could offer better control that would allow the ability to restrictions certain features from a website."

More Cisco Firepower NGFW Firewall Cons →

"The VPN is in need of improvement.""This solution could be improved with more effective bandwidth. I found that when I enable DDoS detection for our clients, bandwidth is reduced. If DDoS detection is disabled, the bandwidth will be high, but it isn't secure. We recommend that customers enable DDoS detection, but if they need high bandwidth, we recommend Palo Alto and FortiGate instead of Sophos.""The VPN features can be improved. Due to covid-19, we have a lot of employees that work from home and we need better VPN capabilities.""There have been some issues when upgrading. For some reason, parts of the configuration become unconfigured, I then have to reconfigure it. I should not need to keep reconfiguring it after upgrades.""The support service level agreement in regard to the amount of time needed to upgrade things is too low. It should be higher.""XG is at its end of life. People are moving to XGS.""I would like to see in future releases a tool to scan for malicious packets and give the location of where they are coming from.""They can lower its price. It is very expensive. We are looking for a less expensive solution depending on our budget. They can also improve it in terms of firewall protection."

More Sophos XG Cons →

"Some of the configuration options are somewhat confusing.""The solution can improve by adding a feature to tag a MAC address of a computer system in the policy and more IP configuration settings.""Once you start getting into proxy actions and setting up: "Okay, cool. Once this rule gets triggered, what actions have to happen?" I do know a few people who use WatchGuard and they still have to get assistance when they look at that. So I would file that as a con for WatchGuard. Proxy actions can be a little bit complicated.""Sometimes I would like to copy a rule set from one box to another box in a direct way. This is a feature that is not present at the moment in WatchGuard.""I would like to see the devices made more flexible by adding modules to increase the ports that we can use.""If they could make the traffic monitoring easier that would be great. I don't use it that frequently, but I would like to see some improvements in the ease of use of that component, so it makes more sense. I know it's a technical component so there's going to be some difficulty trying to make that easier.""There are a couple of things I wished that it would do, but I can't think of those off the top of my head.""This is a great product and offers great protection but they don't hear the customers' needs. They don't make improvements as per the customers' requests."

More WatchGuard Firebox Cons →

Pricing and Cost Advice
  • "Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
  • "There are additional implementation and validation costs."
  • "Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
  • "This product requires licenses for advanced features including Snort, IPS, and malware detection."
  • "This product is expensive."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The price of Firepower is not bad compared to other products."
  • "The solution was chosen because of its price compared to other similar solutions."
  • More Cisco Firepower NGFW Firewall Pricing and Cost Advice →

  • "The Sophos pricing, in general, is better than SonicWall, Fortinet, WatchGuard, or anybody else."
  • "We paid for our licensing for three years, upfront, and there are no costs in addition to the standard fees."
  • "The price is cheaper than that of some competing vendors."
  • "The pricing is flexible. Sophos looks at a country's economy and offers flexible pricing. This is how they have managed to penetrate the market."
  • "It's approximately $6,000 for each device."
  • "It is not expensive, it's a reasonable price,"
  • "The issue of a recurring license is a hassle because every year, we have to subscribe."
  • "It is not very expensive."
  • More Sophos XG Pricing and Cost Advice →

  • "We don't have any other costs other than the licensing stuff."
  • "I usually tell people that it's really affordable as well, particularly compared to Cisco."
  • "The pricing of WatchGuard is probably a little higher than the SonicWall, but it makes up for it in dependability. It's worth it to me, especially since it's not much higher. For just a little bit higher price you get the dependability of the firewall with the WatchGuard brand."
  • "The pricing was in line with everyone else; maybe slightly higher."
  • "I think the larger firewall packages are much better because a normal firewall is not enough for these times. You need IPS, APT, and all the security features of a firewall that you can buy."
  • "WatchGuard had a very competitive price. It was only 10 to 20 percent more than a single instance device but with that extra cost it provided a second load balancing device... unlike other brands whose method of hardware and software licensing would have doubled our cost."
  • "They license it. When we buy it, we buy it with a three-year license. That's the most cost-effective way to do it. So, if you're going to buy it, then buy it with the three-year licensing."
  • "I spent $600 or $800 on this product and I'm paying a couple of hundred dollars a year in a subscription service to keep the lights on, on it... It works out to $100 or $200 a year if you buy several years at once. It's fair."
  • More WatchGuard Firebox Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    564,997 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer: 
    The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
    Top Answer: 
    It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer: 
    Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat… more »
    Top Answer: 
    Hi Arvind P ,  The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form… more »
    Top Answer: 
    Sophos UTM is no longer being developed, according to our reseller. All the development effort is going into XG. So XG… more »
    Top Answer: 
    We are providing our services to all WatchGuard customers in the region. 
    Top Answer: 
    We just use it as a secondary WiFi device. We're a small office and we needed to set up a WiFi device for a few of our… more »
    Top Answer: 
    We're a hospital and we use it for developing our incoming and outgoing policies, and we also use it for VPN.
    Comparisons
    Also Known As
    Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
    Learn More
    Overview

    Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
    small/branch offices to high performance data centers and service providers. Available in a wide
    range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
    defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
    Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
    features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
    volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
    for increased performance, high availability configurations, and more.
    Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
    deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
    the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
    can deliver micro-segmentation to protect east-west network traffic.
    Cisco firewalls provide consistent security policies, enforcement, and protection across all your
    environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
    delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
    SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
    greater simplicity, visibility, and efficiency.
    Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

    Sophos XG Firewall is next gen firewall that is optimized for today’s business, delivering all the protection and insights you need in a single, powerful appliance that’s easy to manage.

    WatchGuard's approach to network security focuses on bringing best-in-class, enterprise-grade security to any organization, regardless of size or technical expertise. Ideal for SMBs and distributed enterprise organizations, our award-winning Unified Threat Management (UTM) appliances are designed from the ground up to focus on ease of deployment, use, and ongoing management, in addition to providing the strongest security possible.

    Offer
    Learn more about Cisco Firepower NGFW Firewall
    Learn more about Sophos XG
    Learn more about WatchGuard Firebox
    Sample Customers
    Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
    Information Not Available
    Ellips, Diecutstickers.com, Clarke Energy, NCR, Wrest Park, Homeslice Pizza, Fortessa Tableware Solutions, The Phoenix Residence
    Top Industries
    REVIEWERS
    Comms Service Provider22%
    Financial Services Firm16%
    Manufacturing Company8%
    Non Profit8%
    VISITORS READING REVIEWS
    Comms Service Provider33%
    Computer Software Company21%
    Government7%
    Manufacturing Company4%
    REVIEWERS
    Manufacturing Company11%
    Financial Services Firm11%
    Healthcare Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Comms Service Provider40%
    Computer Software Company18%
    Government7%
    Media Company4%
    REVIEWERS
    Manufacturing Company17%
    Construction Company14%
    Healthcare Company8%
    University6%
    VISITORS READING REVIEWS
    Comms Service Provider35%
    Computer Software Company17%
    Government6%
    Wholesaler/Distributor4%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise28%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise65%
    REVIEWERS
    Small Business63%
    Midsize Enterprise24%
    Large Enterprise13%
    VISITORS READING REVIEWS
    Small Business50%
    Midsize Enterprise23%
    Large Enterprise27%
    REVIEWERS
    Small Business65%
    Midsize Enterprise24%
    Large Enterprise11%
    VISITORS READING REVIEWS
    Small Business85%
    Midsize Enterprise3%
    Large Enterprise13%
    Find out what your peers are saying about Sophos XG vs. WatchGuard Firebox and other solutions. Updated: March 2020.
    564,997 professionals have used our research since 2012.

    Sophos XG is ranked 5th in Firewalls with 130 reviews while WatchGuard Firebox is ranked 3rd in Unified Threat Management (UTM) with 28 reviews. Sophos XG is rated 8.2, while WatchGuard Firebox is rated 8.6. The top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". On the other hand, the top reviewer of WatchGuard Firebox writes "Competent, basic front-end; the ports that I have assigned appear to be unattainable to outsiders". Sophos XG is most compared with Fortinet FortiGate, pfSense, Meraki MX, Palo Alto Networks NG Firewalls and SonicWall NSa, whereas WatchGuard Firebox is most compared with Fortinet FortiGate, pfSense, SonicWall NSa, Cisco ASA Firewall and Azure Firewall. See our Sophos XG vs. WatchGuard Firebox report.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.