We performed a comparison between Meraki MX and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Sophos XG received better user ratings. Although the two solutions are comparable in most areas, Meraki MX lacks a lot of features in comparison with Sophos XG.
"The most valuable features of Fortinet FortiGate are the different types of profiling. It has been the most effective for me. The WAF and the antivirus profile are the most effective in network protection."
"The simplicity of the configuration and the stability of the product are most valuable. The VPN concentrator is very useful."
"The pricing is great and very reasonable."
"The ease of setting the solution up is a valuable aspect for us."
"Easy to use support and licensing portal as well as activation process."
"The most valuable feature is the SSL VPN, as it allows us to connect and it separates this product from other firewalls."
"The features that prevent internet connections, the filtering are the most valuable because we did not have any internet protection before."
"The most valuable features are that it is very simple to configure and to manage."
"It is very fast to implement."
"In general, Meraki MX is easy to work with."
"The most valuable feature is that we didn't have any problems with Meraki MX."
"The simplicity of configuration is the most valuable feature of the solution."
"It is easy to manage, which is one of the most important things for us. It is also flexible, stable, and scalable."
"It is a robust SD-WAN solution."
"The solution is good for load balancing."
"It has a helpful feature for database troubleshooting issues."
"The product’s most valuable feature is the user management system."
"It is very easy to configure and straightforward. The firewall rules are straightforward. It works great out of the box. It has been working as advertised, and I haven't had any issues with it."
"SD-WAN features should be added."
"The most valuable features are its nice interfaces and configuration. The endpoint is also very good."
"The most valuable feature of this solution is flexibility."
"it's user-friendly, not complex."
"Sophos XG's price is right, and it's easy to manage. It's a good fit for our current needs at the moment."
"Some of the most valuable features are filtering and application control. The DDoS detection also shows traffic jamming and traffic shaping."
"Fortinet FortiGate can improve by integrating the web application firewall and the DDoS protection part of the solution. Having a WAF feature, web application firewall, and proxy together would be a good benefit."
"We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs."
"The integration with third-party tools may be something that they should work on."
"In the future, I would like to see improvements made to cloud-based management."
"The support system could be improved."
"To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution."
"I would like Fortinet to add more automation to FortiGate."
"My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."
"I do not have the kind of feature I need for SSL decryption in Meraki MX. It would be great to see the SSL decryption feature in Meraki MX."
"What I would like to see in the next version is to have more interfaces for WAN links."
"Could possibly use deeper configurations."
"You can only have one tunnel in the whole infrastructure — one tunnel with one device."
"We have been having a problem with the VPN. When the energy goes down and is back again, the VPN link doesn't get established. We have to manually turn off the modems and other pieces of equipment and manually establish the VPN. It has been around one month since we have been having this problem, and we don't have enough support from Meraki to solve the problem."
"From the improvement perspective, we need more monitoring capabilities. We want to have full-based access visibility, such as, what is happening when something is trying to reach and it is denying. We cannot see some parts of it. The integration of active directory with this product is not very fruitful. It has some bugs or lacks in the functionality of active directory integration. We are unable to identify where exactly and whether it has really applied our policy."
"The client-side VPN is weak. The product could be improved with deployment templates."
"The problem is that the two licenses do not currently integrate. We have to create separate companies and do an interconnection."
"It would be beneficial if the platform provided more flexible support for a variety of devices."
"Sophos XG's user interface has some room for improvement."
"The MTR feature needs enhancing."
"In the Firewall, the Intrusion Prevention System can be improved."
"Some of the firewall rules are complicated for us to understand, they should be simplified."
"Data traffic analysis could be better. I think Fortinet products like FortiAnalyzer are very effective in analyzing data traffic. I think it's better than Sophos. It could also be more stable."
"In feature releases of the solution, I would like there to be an increase in the detection capability."
"The product's user interface has certain shortcomings where improvements are required."
Meraki MX is ranked 2nd in Unified Threat Management (UTM) with 57 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Meraki MX is rated 8.2, while Sophos XG is rated 8.2. The top reviewer of Meraki MX writes "Cost-effective, simplified, easy to manage, and reliable with advanced security features and granular visibility". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Meraki MX is most compared with Palo Alto Networks NG Firewalls, Cisco Secure Firewall, SonicWall TZ, Netgate pfSense and SonicWall NSa, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and Sophos UTM. See our Meraki MX vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Meraki is designed for zero deployments and no in-house firewall specialist personnel. Best to secure Networks like remote offices, branches or home offices. Also to protect Internet Access (your computer accesses the internet).
Sophos is more of a professional firewall, not only protecting internet access but also providing security for publishing services like web servers, data centers, central services. They will need a specialist to install and support them. Therefore offer much more sophisticated protection features.
So, you can't really compare these solutions as they are targeting different markets.
Meraki MX is a small business product and lacks a lot of features compared to Sophos XG/XGS.
- IPsec IKEv2 does not work (it is in the menu, but does not work and can only be enabled by meraki support)
- no SSLVPN or IPsec VPN client. AnyConnect can only be tested with beta firmware.
Cisco Client VPN (L2TP) is a total joke - not sure for who it is meant for?
- no user based firewall rules (for VPN)
- no firewall rule grouping
- no masquerade option for DNAT (sometimes it is very useful if I can do a DNAT with masquerade to another subnet)
- no VLAN tagging support on WAN port (would be usable for IPTV - solvable if WAN is bypassed through a managed switch)
- no multiple IP support on WAN port (Sophos has alias support on every interface, which means that multiple IP addresses can be added on the same LAN or WAN port)
- no LAG or LACP support (would be usable to connect aggregation switch to firewall to bypass more traffic through the MX)
- no DAC cable support for SFP port (why I do have to use optical cable to connect aswitch?)
- no custom IPS policies - only on/off button
- no e-mail protection option (Sophos has it with extra license)
- no web server protection (Sophos has it with extra license)
- no sandstorm option (most firewalls have it with extra license)
- hardware may probably too weak compared to the user count
- no BGP, OSPF routing
- no multiple VPN user groups and LDAP servers
Cisco mx64, for example, has 2 WANs, is very practical and simple for the two services, has a balancing for two internet services and bandwidth control (by groups and users).