We performed a comparison between Meraki MX and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Sophos XG received better user ratings. Although the two solutions are comparable in most areas, Meraki MX lacks a lot of features in comparison with Sophos XG.
"Fortinet FortiGate's most valuable features are ease of use, flexibility, and most of the configuration we can be done using the GUI. When we compare Fortinet FortiGate with other solutions the firewall policy are very easy to understand."
"The VPN is the most valuable feature."
"The initial setup is straightforward."
"Anti-Spam web content filterinG."
"The most valuable feature is the FortiManager for centralized management."
"Fortinet FortiGate is easy to use."
"The initial setup of Fortinet FortiGate was straightforward."
"The features that I have found most valuable are the SD-WAN and their IP4 policy."
"Easy to administer and saves time when you have many smaller locations that you have to manage."
"A strong, reliable solution for small companies with little or no dedicated IT department."
"We switched to Meraki because it lets you see what's happening in your LAN and WAN in a graphic and web environment."
"Deployment takes no more than one working day."
"I use Meraki in my POCs and with my customers as well."
"In a week, we can make new policy and view what all our users did."
"Meraki MX offers advanced filtration options, plus it behaves like a router and a firewall at the same time."
"Its ease of configuration and management is very useful for us and for other companies that don't have an onsite IT person. It is easy to configure and easy to manage. It is easy to configure the VPN with the Auto VPN feature."
"The performance is good."
"The most valuable is the synchronized security between Sophos XG and Sophos endpoint because it provides a lot of visibility about unknown applications. The endpoint shares the information of unknown applications, and you can learn about those applications and create policies to allow or block those applications."
"The stability of Sophos XG is very good. However, there have been some issues with other weaker models because they are limited in hardware in resources."
"I like how you can integrate with other endpoints and Intercept X in one central management platform. I think it's a perfect solution. Sophos will manage everything in one container. You can manage many firewalls or endpoints within one panel."
"A valuable feature involves the solution's manageability."
"Sophos is a comrehensive solution which allows me to configure all the attendant products, such as Sophos' firewall, Endpoint and Encryption features."
"I like the tunneling part which we are using for the VOIP. We have various other sites where we connect via tunneling. The tunneling part is very fast and easy to implement."
"The solution is scalable."
"The logging details need to be improved."
"From a reporting perspective, there's room for improvement. They're providing FortiAnalyzer through which one can get some enhancements, but the visibility and reporting still need slight improvement."
"We would like to see better pricing."
"Fortinet FortiGate needs to improve the logging and reporting. Additionally, the next-generation application's policies should be improved. When they were released they had bugs."
"There are SD-WAN network monitoring, SD-WAN features, Industrial Databases, Internet of Things, Detection, etc., however, we do have not licenses for those features. We thought that if you bought a product, you should have all of the features it offers. Why should you need to make so many extra purchases to enable features? They should have one price for the entire offering."
"The firewall engine is not so strong as of now, in my opinion... My second concern is that, while they have Zero-day vulnerability and anti-malware features, the threat engine needs to be strengthened, its efficiency can be increased."
"Pricing for it is a bit high. It could be cheaper."
"You do need some IT knowledge in order to effectively work with the solution."
"Management can be improved in Meraki MX."
"It would be nice to get detailed logging information without third-party software."
"The whole Cisco Meraki range requires easier access for cameras. For a security center, it would be helpful to have easier access to cameras through the portal. Its licensing cost could also be better."
"It can be hard to get a hold of the solution’s technical support team."
"Meraki has some hidden features and information that is only privy to their engineers. If that information became available to us, then it would improve our ease of management, and we would be able to make certain adjustments instead of having to go to them."
"They're very complacent and I find the rule set to be a little arcane."
"You cannot use switching behaviors as you see on the Meraki switch."
"From the improvement perspective, we need more monitoring capabilities. We want to have full-based access visibility, such as, what is happening when something is trying to reach and it is denying. We cannot see some parts of it. The integration of active directory with this product is not very fruitful. It has some bugs or lacks in the functionality of active directory integration. We are unable to identify where exactly and whether it has really applied our policy."
"They made some changes to the firmware update sometime last year, which moved some of the policies from where they were before. Some of the policies, such as NAS policies, were separated, which made it a bit hard for people to trace the policies they had configured."
"Data traffic analysis could be better. I think Fortinet products like FortiAnalyzer are very effective in analyzing data traffic. I think it's better than Sophos. It could also be more stable."
"We recently did an upgrade on the Sophos XG firmware and we were surprised that after the upgrade, the automatic switch actually we were using did not work anymore."
"For the standard end user, self-based training is necessary. When you get into the Sophos XG firewall and try to start creating NAT rules, it can be a little cumbersome for a novice. It's pretty easy once you know how to do it, but it will be hard for anybody who doesn't have experience."
"Recently, I've had a problem with updating things."
"The first area that needs to be improved is customer support."
"Sophos needs improvements made to the console, such as host entry or defining rules directly from it."
"The product's technical support services could be better."
Meraki MX is ranked 2nd in Unified Threat Management (UTM) with 58 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Meraki MX is rated 8.2, while Sophos XG is rated 8.2. The top reviewer of Meraki MX writes "Cost-effective, simplified, easy to manage, and reliable with advanced security features and granular visibility". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Meraki MX is most compared with Palo Alto Networks NG Firewalls, Cisco Secure Firewall, SonicWall TZ, Netgate pfSense and SonicWall NSa, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, SonicWall TZ and Sophos UTM. See our Meraki MX vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Meraki is designed for zero deployments and no in-house firewall specialist personnel. Best to secure Networks like remote offices, branches or home offices. Also to protect Internet Access (your computer accesses the internet).
Sophos is more of a professional firewall, not only protecting internet access but also providing security for publishing services like web servers, data centers, central services. They will need a specialist to install and support them. Therefore offer much more sophisticated protection features.
So, you can't really compare these solutions as they are targeting different markets.
Meraki MX is a small business product and lacks a lot of features compared to Sophos XG/XGS.
- IPsec IKEv2 does not work (it is in the menu, but does not work and can only be enabled by meraki support)
- no SSLVPN or IPsec VPN client. AnyConnect can only be tested with beta firmware.
Cisco Client VPN (L2TP) is a total joke - not sure for who it is meant for?
- no user based firewall rules (for VPN)
- no firewall rule grouping
- no masquerade option for DNAT (sometimes it is very useful if I can do a DNAT with masquerade to another subnet)
- no VLAN tagging support on WAN port (would be usable for IPTV - solvable if WAN is bypassed through a managed switch)
- no multiple IP support on WAN port (Sophos has alias support on every interface, which means that multiple IP addresses can be added on the same LAN or WAN port)
- no LAG or LACP support (would be usable to connect aggregation switch to firewall to bypass more traffic through the MX)
- no DAC cable support for SFP port (why I do have to use optical cable to connect aswitch?)
- no custom IPS policies - only on/off button
- no e-mail protection option (Sophos has it with extra license)
- no web server protection (Sophos has it with extra license)
- no sandstorm option (most firewalls have it with extra license)
- hardware may probably too weak compared to the user count
- no BGP, OSPF routing
- no multiple VPN user groups and LDAP servers
Cisco mx64, for example, has 2 WANs, is very practical and simple for the two services, has a balancing for two internet services and bandwidth control (by groups and users).