Sophos XG vs WatchGuard Firebox comparison


Comparison Buyer's Guide

Executive SummaryUpdated on Apr 10, 2022

Categories and Ranking

Fortinet FortiGate
Ranking in Firewalls
Average Rating
Number of Reviews
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (2nd), WAN Edge (1st)
Sophos XG
Ranking in Firewalls
Average Rating
Number of Reviews
Ranking in other categories
No ranking in other categories
WatchGuard Firebox
Ranking in Firewalls
Average Rating
Number of Reviews
Ranking in other categories
Unified Threat Management (UTM) (4th)

Mindshare comparison

As of June 2024, in the Firewalls category, the mindshare of Fortinet FortiGate is 22.6%, up from 20.2% compared to the previous year. The mindshare of Sophos XG is 14.3%, up from 9.9% compared to the previous year. The mindshare of WatchGuard Firebox is 4.1%, up from 3.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Unique Categories:
Software Defined WAN (SD-WAN) Solutions
WAN Edge
No other categories found
Unified Threat Management (UTM)

Q&A Highlights

it_user1397058 - PeerSpot reviewer
Jan 04, 2021

Featured Reviews

Nov 30, 2023
Helps reduce our cybersecurity risks, enhances security, and performs well
FortiGate helped us meet our ISO requirements. In the time we have been using FortiGate, we have not had any security breaches. FortiGate has reduced the risk of cyberattacks that can disrupt our production. Since implementing FortiGate we have not dealt with any such attacks. I'm unsure whether centralized FortiGate management enhances efficiency, but our experience with it has been exceptional. We haven't encountered any issues, and the operational aspects have been seamless. Additionally, there was no downtime, which is crucial for our operations. Our Fortinet security fabric has enhanced security across our industrial control system. By safeguarding our production environment and ensuring the security of VPN access granted to individuals, we have achieved comprehensive data protection. We have not experienced any incidents that would have occurred if our firewall was inadequate. FortiGate does a lot of research, and the product is regularly updated, especially in the ransomware area. I know of a couple of other companies around us that had some ransomware incidents, but we never have. From that perspective, FortiGate has helped mature our approach to cybersecurity a lot.
May 23, 2019
Offers a high level of visibility of what's happening on your network or on your client machines
There was a big issue with the Cyberoam and with the SG units as well, i.e. the previous Sophos UTM model. With Sophos XG, you get the chance to block what sites operate on SSL or that operate with HTTPS, without the need of extracting and distributing a certificate. On older Cyberoam and Sophos SG old versions, if you wanted to block something like YouTube or Facebook or any other websites that operate with HTTPS, you had to extract the certificate. Then you had to export that certificate. Then you had to re-import that certificate in all the user browsers. The only problem was if you needed to use an active directory where those certificates would be automatically thrown into the user browsers once they logged in to the domain. For a scenario like mine where you don't have a group policy, it is a disaster and ends up with you setting the rules to block certain websites with HTTPS on the firewall, even while they are not being blocked so that the user will still have access to them. This problem is now 100% sorted out with Sophos XG. Now you can actually block whatever you want, whether it's using HTTPS or HTTP keys from the firewall without the need for extracting certificates. That's a major improvement. That problem with the HTTPS settings was a huge issue. I know other people must be enjoying that it's sorted out now. It was a serious and major issue for Sophos. The only issue that Sophos XG now needs to improve is the product's reporting capabilities.
Ronald Lewis - PeerSpot reviewer
Feb 7, 2023
Useful VPNs, effective web filtering, and cost effective
The VPN aspect of the WatchGuard Firebox is an area that could potentially benefit from improvement. We encountered difficulties while attempting to integrate Windows 11 laptops into the system, which resulted in unreliable connections. After some research, we discovered that this was primarily due to compatibility issues with Windows 11 and required a patch. However, it was still a challenge as it seemed that even when we tried to keep the laptops on Windows 10, they still exhibited the same issues as Windows 11 machines. Despite WatchGuard attributing the problem to Microsoft, we were eventually able to find a solution and all the machines are now functioning seamlessly. The solution comes with a web interface that facilitates configurations, but it doesn't have the same level of functionality as the installed client or system manager. The web UI could be further improved. In a future release, the detection of ransomware would be helpful. Ransomware is our biggest fear.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:


"The most valuable feature is the bundled subscription, which is IPS, TV and web filtering."
"FortiGate improved our security. It's one of the best hardware firewalls."
"The technical support is great."
"It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working."
"The initial setup is straightforward."
"It's an easy solution to set up."
"The most valuable feature of this solution is the analytics."
"The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors."
"The valuable features of this solution are the VPN, load balancer, and the QoS for splitting the ISP band."
"I like the fact that it can self remove malware and do updates on the cloud via Sophos Central."
"As a security solution, it's a very good security solution."
"Dashboard is easy to use and the reporting offers a lot of detail."
"The solution's most valuable feature stems from its ability to protect our organization's web servers."
"The initial setup is pretty easy."
"Valuable features include: the ease of setting up the VPN connection; the fact they have the cloud management option, so I can manage the firewall on a cloud platform from anywhere I am; the user interface is very user-friendly, so it's very easy for the administrator to make any policy changes."
"Content filtering and intrusion prevention are most valuable. Our customers are fully satisfied with the performance of Sophos. It has all the features that they require in a firewall."
"Easy to change the model if you need more performance, with good cohesion in the whole lineup of devices."
"The ports that I have assigned appear to be unattainable to outside 'mal-actors,' unless they have an address registered on the internet that this thing is expecting. That's a layer of security."
"It is a scalable solution."
"Among the most valuable features is the ease of use — love the interface — of both the web interface and of the WatchGuard System Manager."
"The most valuable feature is the GUI, especially the real-time bandwidth usage report. Also, its integration with WiFi access points is nice."
"Management and visibility are the most valuable features."
"As a whole, it has a very low requirement for ongoing interaction. It's very self-sufficient. If properly patched, it has very high reliability. The total cost of ownership once deployed is very low."
"​Efficient to setup, run, and maintain. Saving man hours and cost in the process."


"It is very expensive, and their support is not very good. I hope that their technical support will be better in the future."
"There are some cloud-based features that could be much more flexible than they currently are."
"I would like to see improvements in the product's application rules."
"Backup can be improved."
"Currently, without the additional reporting module, we only have access to basic reporting."
"Fortinet FortiGate should improve the VPN tokens."
"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files.​"
"I would like to see better pricing in the next release, as well as a simplification of the installation."
"It would be beneficial if the platform provided more flexible support for a variety of devices."
"Sophos XG could improve the policies, they are a bit confusing when creating them. There are many options that make it confusing and it could be simplified."
"I would like the update process to be easier, to update the firmware of the boxes. I think it's much better automatically than having to do it manually: Download the file, do network discovery. I they can make the update process much more automatic that would help."
"Its price should be improved. It should be cheaper."
"Areas for improvement would be the access points and the on-premise version, which is very bad."
"Sophos XG could improve by being more stable and for it to be able to be used for large enterprises."
"LAN inbound and outbound traffic requires more control."
"Lacks improved throughput performance in a box."
"Reporting is something you've got to set up separately. It's one of those things that you've got to put some time into. One of the options is to set up a local report server, which is what I did. It's not great. It's okay... Some of the stuff is a little complicated to get up and running. Once you do, it becomes very user-friendly and easy to work with, but I find there are some implementation headaches with some of their stuff."
"We would like to see granular notification settings and more advanced filtering in traffic monitoring."
"In terms of what could be improved, I would say their web blocker feature. It is still quite a confusing setup, especially when you want to filter out a particular category for granularity. For example, you do not want to filter Facebook but you do want to filter Facebook games only. It can be done, but the process to do it is very confusing."
"The level of support from WatchGuard is not as good."
"It would be wonderful if the WatchGuard team develops nice products for threat intelligence."
"The data loss protection works well, but it could be easier to configure. The complexity of data loss protection makes it a more difficult feature to fully leverage. Better integration with third-party, two-factor authentication would be advantageous."
"I don't think I can get a full-blown DNS client from it. I've been trying to have DNS services. It has forwarding, but I don't get the services of a full DNS client. My main difficulty with it is that I can't run a complete service. I need NTP. I need DNS. I need DHCP for my domain, but I only get forwarding. As far as I can tell, I don't get caching and the kinds of reporting and registration needed to host a DNS for a domain. I have to have a separate solution for that."
"I believe there is a need for additional measures to connect mobile devices securely to the Firebox router."

Pricing and Cost Advice

"I would say that all things considered, the pricing is pretty good."
"You need to pay a license for this solution. Our licensing is now done in our subsidiary."
"The price range is quite acceptable and normal."
"Licensing is usually on a three-year period."
"Its pricing is competitive with other solutions."
"Its price could be better."
"The pricing for the product is alright."
"Pricing for this product is comparatively lower than other products. It's an affordable solution, but when expanding the number of users, they'll ask you to replace the model, so that's an added cost."
"Its price is good. All features are grouped in the same license. It is an all-in-one license, and the license price is acceptable."
"The Palo Alto solution is expensive and the FortiGate is less expensive than Palo Alto. The Sophos XG would be priced in the middle of the two."
"The price is good for the moment."
"Licensing fees are paid on a yearly basis."
"Support costs are approximately 50 percent."
"We bought the three-year license, and there are no additional costs."
"We pay licensing fees of approximately $2,000. We have a contract for three years."
"My customers pay a license for one or three years to use Sophos XG."
"It's an affordable tool"
"We paid $4000 in AUD for WatchGuard Firebox per year. There were no additional costs."
"We are utilizing an MSP licensing model and are content with the minimal amount spent on the devices rather than committing to long-term licensing."
"The pricing was in line with everyone else; maybe slightly higher."
"Firebox is priced reasonably."
"The subscription that was purchased is for three years, but it is usually for one year at a time."
"The pricing of WatchGuard is probably a little higher than the SonicWall, but it makes up for it in dependability. It's worth it to me, especially since it's not much higher. For just a little bit higher price you get the dependability of the firewall with the WatchGuard brand."
"The licensing can be a one-time purchase unless you need the extra services for example twenty-four seven support."
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
789,728 professionals have used our research since 2012.

Top Industries

By visitors reading reviews
Educational Organization
Computer Software Company
Comms Service Provider
Manufacturing Company
Computer Software Company
Comms Service Provider
Manufacturing Company
Computer Software Company
Comms Service Provider

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Which is better - Palo Alto Networks NG Firewalls or Sophos XG?
Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...
What are the main differences in features between Sophos XG and FortiGate 80F?
Hi Arvind P , The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form Fact...
What Is The Biggest Difference Between Sophos UTM and Sophos XG?
The Sophos UTM is a UTM and Sophos XG is the NGFW. First, you must know about the difference between a UTM and NGFW. ...
What is your primary use case for WatchGuard Firebox?
We are providing our services to all WatchGuard customers in the region.
What is your primary use case for WatchGuard Firebox?
We just use it as a secondary WiFi device. We're a small office and we needed to set up a WiFi device for a few of ou...
What is your primary use case for WatchGuard Firebox?
We're a hospital and we use it for developing our incoming and outgoing policies, and we also use it for VPN.

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
No data available
No data available



Sample Customers

1. Amazon Web Services 2. Microsoft 3. IBM 4. Cisco 5. Dell 6. HP 7. Oracle 8. Verizon 9. AT&T 10. T-Mobile 11. Sprint 12. Vodafone 13. Orange 14. BT Group 15. Telstra 16. Deutsche Telekom 17. Comcast 18. Time Warner Cable 19. CenturyLink 20. NTT Communications 21. Tata Communications 22. SoftBank 23. China Mobile 24. Singtel 25. Telus 26. Rogers Communications 27. Bell Canada 28. Telkom Indonesia 29. Telkom South Africa 30. Telmex 31. Telia Company 32. Telkom Kenya
Information Not Available
Ellips,, Clarke Energy, NCR, Wrest Park, Homeslice Pizza, Fortessa Tableware Solutions, The Phoenix Residence
Find out what your peers are saying about Sophos XG vs. WatchGuard Firebox and other solutions. Updated: May 2024.
789,728 professionals have used our research since 2012.