IT Central Station is now PeerSpot: Here's why

What is the biggest difference between Sophos XG and FortiGate?

AndrewOkamar - PeerSpot reviewer
Network & Endpoint Security Consultant at a tech company with 1-10 employees

I have experience working with small to large enterprise network design and architecture, server administration, and cybersecurity research and analysis.

I am currently evaluating Sophos XG and FortiGate. What are the biggest differences between the two? Which would you recommend? 

Thanks! I appreciate the help.

PeerSpot user
1313 Answers

MohamedSamir1 - PeerSpot reviewer

My current UTM is FortiGate 1200D and I have finished a POC for Sophos XG450 trying to deduct the cost of the license renewal of the UTM

There is big difference between FortiGate and Sophos. There are some features of FortiGate that Sophos doesn’t provide, and the visibility of network, internet lines, and devices is very poor with Sophos but it’s excellent with FortiGate. Also, the "Traffic Shaping" for bandwidth doesn’t work correctly at all with Sophos but works perfectly with FortiGate.

I strongly don't recommend at all to replace FortiGate with Sophos. Maybe Sophos would be good for a kind of customers who hasn't used UTM appliance before.

it_user1096875 - PeerSpot reviewer

I do not know more about Sophos but I would like to highlight some FortiGate features:

- Number of IP-sec and SSL VPN user clients. (Minimum 100 with lowest Model FG30E)
- Fortisandbox and Forticloud Free with some good features for managing firewalls from FortiCloud.
- FortiTocken (Dual Authentication) - Two Token Free with every FortiGate device.
- FortiAP (Guest Network without Any L2 and L3 Switch over Wi-Fi and you can also manage FortiAP using FortiCloud too.)
- Secure SD-wan, not only useful for multiple WAN but also useful for MPLS and VPN connectivity fail-over between multiple locations.
- More application list and inbuilt SLA for SD-Wan.
- Web-filter is common in All UTM but google domain-specific feature in FortiGate is awesome.
- Internet-Service-Database list is also very helpful and an advanced feature.
- The Fortiswitch controller is also a good feature.

Abdul  Faheem - PeerSpot reviewer
Real User

For comparison purpose i.e. Sophos XG 310 & Fortinet FortiGate FG-200E, to my understanding, Fortinet appliance has an upper hand if you are looking for IPSec or VPN Tunnelling and FortiGate has the capability for High Availability configuration options i.e. Active/Active, Active/Passive and clustering.

Also Note Sophos XG 310 has a higher firewall throughput as 28Gbps. Fortinet FG 200E has multi Ethernet fixed port, but only 2 WAN interface while Sophos XG 310 can add up to 8 WAN ports.

Sabyasachi Sen - PeerSpot reviewer
Real User

I have extensively used Sophos (previously Cyberoam) and FortiGate also. The biggest differences are as below:

1. For FortiGate, it is required to use a Fortinet wifi access point only.
2. In case of expiry of the license in FortiGate, the entire service goes kaput except basic firewall services. The other UTM only updates and support ceases to work.
3. Every 5 - 7 years FortiGate changes its model and the old device becomes trash.
4. Any changes in the policies will need to wait for total version changes and you need to wait till then

Because of the above reasons, presently we are trying our hands with WiJungle UTM. However, the bottleneck is Fortinet WiFi access points which are denied to work in tandem with any UTM other than FortiGate.

We have around 700 Fortinet WiFi access points and it is ridiculous that going away from FortiGate costs a fortune.

Manoj Dusadh - PeerSpot reviewer

In one sentence, the biggest difference between Sophos and FortiGate is the “RED” option in Sophos XG.

Mohamed Y Ahmed - PeerSpot reviewer
Top 5LeaderboardReseller

The main points between both are Sophos hardware in all of its models except the smallest one, XG 86, have SSD hard desk. It has a total security solution especially when you get the benefits of synchronized security with its Endpoint interceptX as it is amazing when it works with the XG firewall. You can also have benefits if you got the encryption solution and the Wireless.

The reporting on the XG firewall is an amazing feature that does not exist on one box with Fortinet.

The DLP solution on the XG firewall is impressive.

Fortinet in performance is better than Sophos.

For the small and medium businesses, I recommend XG firewall but for large data centers, I recommend Fortinet.

I hope it is informative, please feel free to contact me with any further queries.

Francesco Capolupo - PeerSpot reviewer

I evaluated both and in the end, I decided to go with Sophos. It has a good application filter & Web filter, WAF is included, report integrated, has a VPN of any kind, and synchronized security with the endpoint.

RicardoGranados - PeerSpot reviewer
Real User

Both devices have the same architecture (UTM), but FortiGate has more granularity in networking security, it´s more friendly for management, and it has more performance. In the Gartner and NSS Lab reports, FortiGate has a better ranking.

Yasser Sharaf - PeerSpot reviewer

FortiGate is more advanced and stable than Sophos-XG with the below extra features:

1- SD-WAN.

2- Load Balance.

3- SLA Tracking.

4- Multiple VDOMs.

5- Tech Support

Mohamed Rashwan - PeerSpot reviewer
Real User

Sophos reporting is better than FortiGate but if we're talking about the analysis and performance with a level of security Fortigate is the best.

David Boim - PeerSpot reviewer

If you are a smaller company, Sophos XG has the best value. FortiGate is better for larger companies. However, there are better alternatives in the market. Palo Alto technology is one of the best in the market and is one of the most expensive. CISCO is also making inroads.

Buyer's Guide
Fortinet FortiGate vs. Sophos XG
July 2022
Find out what your peers are saying about Fortinet FortiGate vs. Sophos XG and other solutions. Updated: July 2022.
622,358 professionals have used our research since 2012.