"The solution offers very easy configurations."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"The most valuable feature is web filtering."
"Overall the solution works well."
"The solution has very good security features, is easy to use for administrators and users, and has informative reports."
"It is stable, flexible, and easy to use. It has got a web management portal that can be accessed from anywhere."
"The simplicity of the setup is the most valuable feature."
"They really work scalability into the solution at the outset."
"I have found configuring the ports to be easier in Sophos XG compared to the other devices."
"The most valuable features are its nice interfaces and configuration. The endpoint is also very good."
"It saves us time in the respect that we now have the template built for it so we can get in and get it done. We've had much less problem supporting Voice over IP technologies from different companies. Because our client base has grown over the years, we're probably saving 20 to 30 man-hours a month now that we've got this on a good stable level."
"The most valuable features are the VPN and web blocker security."
"There are many fantastic features."
"The set up of the VPN is pretty straightforward. Being able to build VPNs on the fly for certain users, if need be, is also valuable."
"Their support is excellent, and the stability is very good."
"Policy VPN, site-to-site VPN, traffic monitoring, anti-spam filters, and all other advanced features are valuable."
"It also provides us with layered security. It has onboard virus scanning features that allow it to scan before something gets to the host. It will also stop a person from going to a site that is known to be bad."
"The security that is used for defending from the attacks is very good."
"The price and SD-WAN capabilities are the areas that need improvement."
"My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"Deploying configurations takes longer than it should."
"An area of improvement for this solution is the console visualization."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"The VPN is in need of improvement."
"This solution could be improved with more effective bandwidth. I found that when I enable DDoS detection for our clients, bandwidth is reduced. If DDoS detection is disabled, the bandwidth will be high, but it isn't secure. We recommend that customers enable DDoS detection, but if they need high bandwidth, we recommend Palo Alto and FortiGate instead of Sophos."
"The VPN features can be improved. Due to covid-19, we have a lot of employees that work from home and we need better VPN capabilities."
"There have been some issues when upgrading. For some reason, parts of the configuration become unconfigured, I then have to reconfigure it. I should not need to keep reconfiguring it after upgrades."
"The support service level agreement in regard to the amount of time needed to upgrade things is too low. It should be higher."
"XG is at its end of life. People are moving to XGS."
"I would like to see in future releases a tool to scan for malicious packets and give the location of where they are coming from."
"They can lower its price. It is very expensive. We are looking for a less expensive solution depending on our budget. They can also improve it in terms of firewall protection."
"Some of the configuration options are somewhat confusing."
"The solution can improve by adding a feature to tag a MAC address of a computer system in the policy and more IP configuration settings."
"Once you start getting into proxy actions and setting up: "Okay, cool. Once this rule gets triggered, what actions have to happen?" I do know a few people who use WatchGuard and they still have to get assistance when they look at that. So I would file that as a con for WatchGuard. Proxy actions can be a little bit complicated."
"Sometimes I would like to copy a rule set from one box to another box in a direct way. This is a feature that is not present at the moment in WatchGuard."
"I would like to see the devices made more flexible by adding modules to increase the ports that we can use."
"If they could make the traffic monitoring easier that would be great. I don't use it that frequently, but I would like to see some improvements in the ease of use of that component, so it makes more sense. I know it's a technical component so there's going to be some difficulty trying to make that easier."
"There are a couple of things I wished that it would do, but I can't think of those off the top of my head."
"This is a great product and offers great protection but they don't hear the customers' needs. They don't make improvements as per the customers' requests."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Sophos XG Firewall is next gen firewall that is optimized for today’s business, delivering all the protection and insights you need in a single, powerful appliance that’s easy to manage.
WatchGuard's approach to network security focuses on bringing best-in-class, enterprise-grade security to any organization, regardless of size or technical expertise. Ideal for SMBs and distributed enterprise organizations, our award-winning Unified Threat Management (UTM) appliances are designed from the ground up to focus on ease of deployment, use, and ongoing management, in addition to providing the strongest security possible.
Sophos XG is ranked 5th in Firewalls with 130 reviews while WatchGuard Firebox is ranked 3rd in Unified Threat Management (UTM) with 28 reviews. Sophos XG is rated 8.2, while WatchGuard Firebox is rated 8.6. The top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". On the other hand, the top reviewer of WatchGuard Firebox writes "Competent, basic front-end; the ports that I have assigned appear to be unattainable to outsiders". Sophos XG is most compared with Fortinet FortiGate, pfSense, Meraki MX, Palo Alto Networks NG Firewalls and SonicWall NSa, whereas WatchGuard Firebox is most compared with Fortinet FortiGate, pfSense, SonicWall NSa, Cisco ASA Firewall and Azure Firewall. See our Sophos XG vs. WatchGuard Firebox report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.