We performed a comparison between Check Point NGFW and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Unified Threat Management (UTM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The signature database and zero-day detection are Fortinet FortiGate's most valuable features."
"We purchased Fortinet because of the pricing, its functionality, because it met our requirements, and the total cost of ownership over five years was quite reasonable. In the market, Fortinet is rated quite well."
"Customers want to load balance more than eight lines or six internet lines. FortiGate is the only solution that can accomplish this."
"User-friendly and affordable security solution that's recommended for SMB customers. This solution has good technical support."
"The most valuable feature of Fortinet FortiGate is URL filtering."
"Advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless and simple integration into a large network."
"You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it."
"I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over."
"In a single bundle we have the all solutions we need - like application/URL filtering, and threat emulation/extraction."
"Its usability is the best for me. As compared to Palo Alto, Juniper, or Cisco firewalls, Check Point firewall has the best user interface for management, reading logs, looking for some objects, and looking for policies."
"Many problems have been solved with these firewalls and we've largely been very satisfied."
"There are also additional features, compared to a Layer 4 or Layer 3 firewall, such as AV signatures and devices, which are very helpful for securing the company's network."
"The ease of configuring VPNs can be very useful especially for companies with lots of remote locations."
"The product is flexible."
"The IPS is frequently updated so the rules are always new and in place."
"There are several ways to implement it."
"The three most important features for us are web protection, web server protection, and network protection."
"Efficient and effective - it's easy to separate rules."
"We use Sophos UTM as our main firewall with all its features included. Mainly, it controls all of our network perimeter security: firewall, IDS/IPS, and web application firewall (including VoIP)."
"Good basic firewall functions with advanced firewall scanning."
"The most valuable features of this solution are the firewall application and application control."
"It has made our organization more secure, because we are using a VPN. We are not accessing services directly. It allows us to segregate some of the traffic for individuals which may be more of a developer role rather than an operational role needing access to developer resources, but not necessarily production operational resources."
"It improved bandwidth utilization and provided link load balancing features for internet and intranet lease lines."
"The initial setup was easy."
"The updates Fortinet provides are sometimes unstable."
"From a reporting perspective, there's room for improvement. They're providing FortiAnalyzer through which one can get some enhancements, but the visibility and reporting still need slight improvement."
"The stability of Fortinet FortiGate could improve."
"The routing capability on the FortiGate devices has room for improvement."
"My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."
"If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement."
"They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI."
"In the balance between links feature normally you can just choose one option to balance. It would be better for the solution to have more than one option, preferably three."
"SmartEvent Settings and Policy GUI, and the rest of external apps should be improved."
"The area it needs improvement is the SandBlast Agent. It receives a file, or if it detects a Zero-day attack, it takes the file and analyzes it, either on-premise or in the Check Point Cloud, and then it reports back whether the file is secure or non-secure, or is unknown. That particular area definitely needs a bit more improvement, because there is a delay... where it needs improvement is where [SandBlast is] an appliance-based solution rather than a software or cloud-based solution."
"It would be nice if there is a mobile-friendly console for our techs."
"Check Point products have many places that need to be improved, but they are constantly upgrading."
"I would highlight the need for enhancements in technical support services."
"Potential improvements could be made around simplifying VPN functionality and configuration."
"There is a strong demand for security services that can be effortlessly integrated which would ensure that security measures can seamlessly adapt to the cloud infrastructure."
"I would like there to be a way to run packets that capture more easily in the GUI environment. Right now, if we want to read packet captures, we have to do so from the command line."
"There needs to be some improvement in the IPsec VPN. There is implementation only support. I have version one. I'd be most interested in having IP version two from the protocol."
"Sophos UTM sometimes falls short in high-availability environments. They used to launch firmware that didn't work very well in a high-availability environment."
"Support for IKEv2 is needed in this solution."
"An area for improvement in Sophos UTM is load balancing because my company cannot use it currently. If Sophos could release a new configuration for the load balancing feature to work for my company, that would be great."
"The reporting could be a lot better."
"VPN needs IKEv2, but it’s in the roadmap. Also, all new, cool features will only come to the new Sophos XG Firewall."
"Stay away from the wireless models, since you cannot put them in HA. They start to give you some weird issues once you start getting into multiple SSIDs and networks."
"It's stable, but the reaction time of the GUI is terrible."
Check Point NGFW doesn't meet the minimum requirements to be ranked in Unified Threat Management (UTM) with 277 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Check Point NGFW is rated 8.8, while Sophos UTM is rated 8.4. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Azure Firewall, whereas Sophos UTM is most compared with Netgate pfSense, Sophos XG, OPNsense, Palo Alto Networks NG Firewalls and Cisco Secure Firewall. See our Check Point NGFW vs. Sophos UTM report.
See our list of best Unified Threat Management (UTM) vendors and best Firewalls vendors.
We monitor all Unified Threat Management (UTM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.