2021-06-18T19:45:00Z

Which firewall is better and why: Sophos XG 210 or Fortinet FortiGate 100E?

ET
  • 7
  • 392
PeerSpot user
9

9 Answers

Luis Apodaca - PeerSpot reviewer
User
Top 5
2021-06-22T12:34:25Z
Jun 22, 2021

I personally used Sophos UTM 9, and it´s great, it can support all your needs without a problem, the only concern is to find the correct physical server for deployment. Also, it can be purchased in a stand-alone box. I totally suggest the appliance for a UTM version or a XG Firewall

I never used FortiGate but a lot of people do and they are fine with the choice. So, I think it's a matter of the budget.

Product comparison that may be of interest to you
DI
Real User
2021-06-22T10:07:56Z
Jun 22, 2021

Hi,


This really gets to two things:


- how fast your internet access is and how much are you planning to grow in the next few years? 


- are you planning to do the TLS inspection?


Do proper sizing with partners. Pay attention to XGS2100 which is a new platform by Sophos. 


Avoid this "✓ Include port forwarding for local service publishing" since both units have some kind of WAF, it is better to do it with WAF. Sophos WAF has more features than Fortigate integrated WAF. 


✓ Monitoring and reporting --> what kind of reporting are you looking at?


✓ Malware and viruses inspection --> XG can be combined with InterceptX, this is good protection. Been running it for years. 


Also, pay attention to support from Fortinet and Sophos. Fortinet has version 7.0 out and it is probably full of bugs as they tend to do the last couple of years but Sophos is the same here. They are rushing with features out so make sure partners confirm stable versions for you. 


Don't bother with 100E, go after 100F or 101F since it is a new box from Fortinet. 

RB
User
2021-06-24T08:22:03Z
Jun 24, 2021

Today I have deployed a small FGT40F with OS 7 build 006. This is replacing a 3 years old FGT30E. In both cases even under heavy attack, memory in the FGT30E would jump to 77% and CPU would reach the 90%. I would then block those addresses and CPU would go down to 1 %. Again this shows again and again how the hardware is so incredible due to what I have written below.


Now the OS7 and F40F, memory seats at 55% and CPU 1 %. I have full IPS, SPAM, and any other policy you could imagine.


Do that in Sophos and you will need the computer that NSA has in USA. Sorry, it is just the truth and nothing but the truth.


When you have the chance to see what OS7 info to the administrator has to offer the user, you will see what I say.

RB
User
2021-06-23T06:08:01Z
Jun 23, 2021

I can see answers with the word "budget", What is cheap may end expensive. CAREFUL.


Fortinet is a clever company who had put ASIC (Application Specific Integrated Circuits). They use silicon, chips, so they are not only fast but can guarantee throughput. I have since instanced of Sophos where the CPU runs at 90% and struggles.


So, think how can you guarantee traffic with IPS, VPN and many other simultaneous tasks.


 But it is your decision.


Good luck. I personally would not touch Sophos at all.

JL
Consultant
2021-06-22T22:33:34Z
Jun 22, 2021

The XG210 is a little slow if you turn on all the security.  Unlike the old SG firewalls, the XG firewalls tend to get bogged down.  I have an XG230 and it worked well.  As for Fortigates; they also work very well but they are more expensive.  Both of them meets most all of your requirements depending on the packages you opt for.  I am now running a Fortigate 301E and it is faster than the XG230 and I can do all the inspection I want at 1Gbps whereas the Sophos struggled.    I would not go for the Fortigate 100.  I would go with a slightly higher performance system, and the E series is fine but the F series is a newer breed.  


In my opinion, the Fortigate line is a little more robust and it is more intuitive to manage.  That said, they are both quality firewalls.  

PY
User
2021-06-22T21:08:40Z
Jun 22, 2021

The Fortinet FortiGate appliance is recommended,  we have in the past used Sophos and found that certain malware gets through rendering it very unreliable. Fortinet has a great reputation and you should not just select Sophos base on pricing alone as you will have more than a 100 VPN users, you can't have a bad inconsistent box which will break your network.


Find out what your peers are saying about Fortinet FortiGate vs. Sophos XG and other solutions. Updated: November 2023.
745,775 professionals have used our research since 2012.
AA
Real User
2021-06-25T12:25:03Z
Jun 25, 2021

Sophos XG210 dusts Fortinet fortigate 100E in every department far more than you can ever imagine. SSD storage and throughputs Sophos is dope.

NF
Real User
Top 10
2021-06-24T07:21:50Z
Jun 24, 2021

I can only agree with the previous speakers. Both systems are good and differ in details.


Apart from the budget, topics such as scalability and which systems (SIEM/SOC) the components are connected to are important.


And then there is the saying that we all know: Who buys cheap buys twice.


Best Regards


Norman

AA
Real User
2021-06-22T12:46:53Z
Jun 22, 2021

Sophos XG210 fills these needs adequately. Give it a go.

Fortinet FortiGate vs. Sophos XG comparison
We performed a comparison between Fortinet FortiGate and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below. Ease of Deployment: Users of both Fortinet FortiGate and Sophos XG agreed that deployment was quick and straightforward. Features: Reviewers of Fortinet FortiGate felt the software has excellent stability, great features, and an excellent firewall and VPN solution. Sophos XG is regarded as...
Download Fortinet FortiGate vs. Sophos XG comparison ReportRead more

Related Q&As

Firewalls experts

Adriamcam - PeerSpot reviewer
Diana Alvarado - PeerSpot reviewer
Jonathan Ramos G. - PeerSpot reviewer
Sachin Vinay - PeerSpot reviewer
Nadeem Syed - PeerSpot reviewer
Hugo Alexis Espinoza Naranjo - PeerSpot reviewer
Nagendra Nekkala - PeerSpot reviewer
Edwin Solano Salmeron - PeerSpot reviewer