We performed a comparison between Meraki MX and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Sophos XG received better user ratings. Although the two solutions are comparable in most areas, Meraki MX lacks a lot of features in comparison with Sophos XG.
"It's user-friendly and easy to operate."
"The solution is easy to configure and maintain remotely."
"We are a visual effects company, and there have been a number of high profile security issues in our industry. This has brought us to a higher standard of security, which our clients are very keen on these days."
"Some of the valuable features are the firewall, IPS, web filter, and gateway capabilities. Additionally, it is easy to use and flexible."
"The inspection and web security features are most valuable."
"SSL-VPN is very useful for us and has been very reliable."
"It is useful for protecting and segregating the internal networks from the internet. Most of our customers also use the FortiGate client to connect to their offices by using the VPN client, and of course, they usually activate the antivirus, deep inspection, and intrusion prevention services. They are also using it for web filtering and implementing various policies dealing with forwardings, NAT, etc."
"It is quite easy to handle."
"The security level of our organization has changed by using Meraki MX Firewalls. We didn't have the UTM before, but now we have sandboxing, tray scanning, attack preventions and monitorization. Our security level has improved."
"Ease of management is the best thing about the solution."
"I am happy with the technical support for the solution. I rate the technical support a ten out of ten."
"It is very fast to implement."
"Easy to deploy with a simple configuration."
"Both the scalability and the scalability are great with Meraki MX."
"The most valuable feature is that we didn't have any problems with Meraki MX."
"Point-to-point VPNs can dynamically follow IP changes with no need for static IPs."
"It's a good security tool and it aligns with the rest of our security stack."
"I particularly like the visibility it provides into network traffic, allowing us to identify and address issues efficiently."
"The performance of Sophos XG is generally good and it is stable."
"The most valuable features are the reporting, dashboards, and graphical user interface. It gives a good overall picture of what is happening over the network."
"One feature of Sophos XG that I found incredibly beneficial for threat prevention is its endpoint protection."
"Sophos XG is very useful, it does many things."
"I like the dashboard, the interface, the management console, and the remote login."
"Using Sophos endpoint and the firewall, synchronized security is easy."
"Price, of course, can always be more competitive or better."
"My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."
"I would prefer to have more detailed logs within the FortiGate products themselves rather than relying on a separate tool."
"Fortinet currently has many products bundled with FortiGate including the basic firewall and load balancer, and I think that that they need to have separate product portfolios for each of these specialized services."
"WAN load-balancing could be a lot better at detecting when a link is poor or inconsistent, and not just flat out dead."
"The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. When I have used the Sophos solution it is a complete solution, in Fortinet FortiGate you have to use additional tools to have the features needed."
"It needs to improve its ISP load balancing."
"The scalability could be better."
"Pricing is an area where the solution lacks since it is an expensive tool."
"The product could incorporate tools like ThousandEyes into the system so we can see things directly."
"We can’t access GUI management and CLI opening features when the Internet is unavailable."
"Load balancing options and ability to manage a couple of Internet connections."
"We could have more reporting options and the ability to send alarms to the administrator."
"It can be hard to get a hold of the solution’s technical support team."
"MX can only be managed via a web interface, but I'm accustomed to using a CLI or a graphical interface. I would also like to see more reporting features. It doesn't provide enough information for me to know precisely about some clients."
"In general, the SD-WAN feature needs to be improved. The load sharing and load balancing of the traffic should be improved. I have had some problems with these features in the past."
"They should include fiber ports on smaller product models and the tools should be improved for scalability."
"Their support is fairly good, and they come back to me. I've had an issue once or twice where I couldn't understand what the support person was saying because those calls were probably routed to India. They were a bit difficult to understand, but it is generally not an issue."
"The response time could stand improvement."
"Its price should be improved. Its features are pretty okay, but the price is the area where we have to fight more. They should do something about the price structure."
"We are not very happy with the customer support they provide — it's quite slow."
"Sometimes when you roll out a new firmware, you find that the rules you already have in place are broken, so it's difficult to migrate to a new firmware. That's the only downside I've experienced in Sophos."
"It could offer a DNS Filter for blocking botnet networks."
"When I call, I have to wait at least one to two hours to reach them."
Meraki MX is ranked 2nd in Unified Threat Management (UTM) with 58 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Meraki MX is rated 8.2, while Sophos XG is rated 8.2. The top reviewer of Meraki MX writes "Cost-effective, simplified, easy to manage, and reliable with advanced security features and granular visibility". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Meraki MX is most compared with Palo Alto Networks NG Firewalls, Cisco Secure Firewall, SonicWall TZ, Netgate pfSense and SonicWall NSa, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and Sophos UTM. See our Meraki MX vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Meraki is designed for zero deployments and no in-house firewall specialist personnel. Best to secure Networks like remote offices, branches or home offices. Also to protect Internet Access (your computer accesses the internet).
Sophos is more of a professional firewall, not only protecting internet access but also providing security for publishing services like web servers, data centers, central services. They will need a specialist to install and support them. Therefore offer much more sophisticated protection features.
So, you can't really compare these solutions as they are targeting different markets.
Meraki MX is a small business product and lacks a lot of features compared to Sophos XG/XGS.
- IPsec IKEv2 does not work (it is in the menu, but does not work and can only be enabled by meraki support)
- no SSLVPN or IPsec VPN client. AnyConnect can only be tested with beta firmware.
Cisco Client VPN (L2TP) is a total joke - not sure for who it is meant for?
- no user based firewall rules (for VPN)
- no firewall rule grouping
- no masquerade option for DNAT (sometimes it is very useful if I can do a DNAT with masquerade to another subnet)
- no VLAN tagging support on WAN port (would be usable for IPTV - solvable if WAN is bypassed through a managed switch)
- no multiple IP support on WAN port (Sophos has alias support on every interface, which means that multiple IP addresses can be added on the same LAN or WAN port)
- no LAG or LACP support (would be usable to connect aggregation switch to firewall to bypass more traffic through the MX)
- no DAC cable support for SFP port (why I do have to use optical cable to connect aswitch?)
- no custom IPS policies - only on/off button
- no e-mail protection option (Sophos has it with extra license)
- no web server protection (Sophos has it with extra license)
- no sandstorm option (most firewalls have it with extra license)
- hardware may probably too weak compared to the user count
- no BGP, OSPF routing
- no multiple VPN user groups and LDAP servers
Cisco mx64, for example, has 2 WANs, is very practical and simple for the two services, has a balancing for two internet services and bandwidth control (by groups and users).