We just raised a $30M Series A: Read our story

Compare Palo Alto Networks VM-Series vs. Sophos UTM

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Palo Alto Networks VM-Series vs. Sophos UTM and other solutions. Updated: March 2020.
552,136 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports.""I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete.""I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection.""Provides good integrations and reporting.""Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity.""It's got the capabilities of amassing a lot of throughput with remote access and VPNs.""When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well.""The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."

More Cisco Firepower NGFW Firewall Pros »

"The interface with Panorama makes it very easy to use.""Using Palo Alto Networks Panorama, we were able to deploy a single point of management and visualization of the firewall infrastructure in cloud, on-premise and integrated with Azure to automate scale up. Its security features, i.e. anti-malware, threat prevention, URL Filtering, VPN, and antivirus are the most valuable. The ID-User integrated with AD and 2FA features are also very useful to provide secure access to servers and some users in the company. ""It has excellent scalability.""The most valuable feature is that you can control your traffic flowing out and coming it, allowing you to apply malware and threat protection, as well as vulnerability checks.""The VM series has an advantage over the physical version because we are able to change the sources that the machine has, such as the amount of available RAM.""The most valuable feature is the Posture Assessment.""The feature that I have found the most useful is that it meets all our requirements technically.""The most valuable feature is that you can launch it in a very short time. You don't have to wait for the hardware to arrive and get it staged and installed. From that perspective, it is easy to launch. It is also scalable."

More Palo Alto Networks VM-Series Pros »

"Sophos UTM is the simplest of these products to setup.""Efficient and effective - it's easy to separate rules.""It is easy to manage.""Sophos is a unified solution. We have anti-virus protection, firewall rules, knotting, and DACC all in one box.""Technical support is very responsive.""The most valuable feature is the price. I've been requesting prices all over these years between different solutions like Fortinet, Palo Alto, and Check Point and Sophos has been the cheapest and the best of all of them that I have tried. I have been working with Fortinet, it's a fact that the price is surprisingly better.""The most valuable feature is ransomware protection.""It's a stable solution."

More Sophos UTM Pros »

Cons
"The price and SD-WAN capabilities are the areas that need improvement.""Report generation is an area that should be improved.""Cisco makes horrible UIs, so the interface is something that should be improved.""The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved.""FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it.""The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team.""When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance.""This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."

More Cisco Firepower NGFW Firewall Cons »

"I would like to have automatic daily reporting, such as how many users have connected via SSL VPN.""The user interface could use some improvement.""The solution needs to have more easily searchable details or documentation about it online, so it's easier to Google if you have queries.""At the beginning of the implementation, we had some difficulties with the scripts, but Palo Alto Networks support together with a local partner finally fixed it.""They made only a halfhearted attempt to put in DLP (Data Loss Prevention).""The disadvantage with Palo Alto is that they don't have a cloud-based solution that includes a secure web gateway.""The implementation should be simplified.""It'll help if Palo Alto Networks provided better documentation."

More Palo Alto Networks VM-Series Cons »

"It would be nice if it had basic features, such as DLP (Data Loss Prevention).""There needs to be some improvement in the IPsec VPN. There is implementation only support. I have version one. I'd be most interested in having IP version two from the protocol.""The classification segregation of applications lacks sufficient definition.""Sophos should improve its ability to check something like bandwidth consumption for users or something more real-time.""It's stable, but the reaction time of the GUI is terrible.""The integration capabilities could be better.""The solution needs to do better at covering mobile devices, although they may have an integrated solution for that purpose.""Monitoring and reporting are areas that need improvement."

More Sophos UTM Cons »

Pricing and Cost Advice
"The price is comparable.""Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed.""The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case.""There are additional implementation and validation costs.""For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive.""I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way.""The solution was chosen because of its price compared to other similar solutions.""Its pricing is good and competitive. There is a maintenance cost. It includes SecureX that makes it cost-effective as compared to the other solutions where you have to pay for XDR and SOAR capabilities."

More Cisco Firepower NGFW Firewall Pricing and Cost Advice »

"The VM series is licensed annually.""The cost of this product varies from customer to customer and the relationship with IBM, including how many offerings from IBM are already being used.""It is not the cheapest on the market. The total cost for two firewall instances is $75,000. This includes licenses, deployment fees, and support for two years.""Because I work for a university and the URL is for the institution, it's a free license for us.""Palo Alto can be as much as two times the price of competing products that have twice the capabilities.""The price of this solution is very high for some parts of Africa, which makes it a challenge."

More Palo Alto Networks VM-Series Pricing and Cost Advice »

"This product is free for home users. The more expensive products have better performance.""The solution is very low cost compared to competitors. You have a good firewall, a lot of functions for less than the price of some omni firewall competitors.""It's reasonably priced.""Our licensing fees are paid on a monthly basis.""The prices can be better, they could make it a lot cheaper.""It is the cheapest product available. It's good if you have a low budget.""We pay for the service on a yearly basis. The last time we paid was in June, for a year. At the time, it was about $20,000.""The appliance should be purchased and there is a fee for the license."

More Sophos UTM Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
552,136 professionals have used our research since 2012.
Questions from the Community
Top Answer:  When you compare these firewalls you can identify them with different features, advantages, practices and… more »
Top Answer:  The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
Top Answer: It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
Top Answer: In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it… more »
Top Answer: Both products are very stable and easily scalable. The setup of Azure Firewall is easy and very user-friendly and the… more »
Top Answer: The initial setup was straightforward.
Top Answer: In my opinion and as a result of years of experience: - Both are great firewalls with excellent performance and a… more »
Top Answer: Sophos UTM is no longer being developed, according to our reseller. All the development effort is going into XG. So XG… more »
Top Answer: With Sophos, we have not had any incidents this year. The security provided has been good. It has proven to be okay for… more »
Comparisons
Also Known As
Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
Astaro
Learn More
Overview

Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

The VM-Series is a virtualized form factor of our next-generation firewall that can be deployed in a range of private and public cloud computing environments based on technologies from VMware, Amazon Web Services, Microsoft, Citrix and KVM.

The VM-Series natively analyzes all traffic in a single pass to determine the application identity, the content within, and the user identity. These core elements of your business can then be used as integral components of your security policy, enabling you to improve your security efficacy through a positive control model and reduce your incident response time though complete visibility into applications across all ports.

In both private and public cloud environments, the VM-Series can be deployed as a perimeter gateway, an IPsec VPN termination point, and a segmentation gateway, protecting your workloads with application enablement and threat prevention policies.

The global network of highly skilled researchers and analysts, protecting businesses from known and emerging malware - viruses, rootkits and spyware.
Offer
Learn more about Cisco Firepower NGFW Firewall
Learn more about Palo Alto Networks VM-Series
Learn more about Sophos UTM
Sample Customers
Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
Warren Rogers Associates
One Housing Group
Top Industries
REVIEWERS
Comms Service Provider22%
Financial Services Firm16%
Manufacturing Company8%
Non Profit8%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company21%
Government7%
Manufacturing Company4%
REVIEWERS
Financial Services Firm23%
Government15%
Manufacturing Company15%
Healthcare Company8%
VISITORS READING REVIEWS
Computer Software Company30%
Comms Service Provider19%
Financial Services Firm5%
Government5%
REVIEWERS
Financial Services Firm13%
Manufacturing Company13%
Government10%
Insurance Company6%
VISITORS READING REVIEWS
Comms Service Provider38%
Computer Software Company18%
Government7%
Media Company4%
Company Size
REVIEWERS
Small Business43%
Midsize Enterprise28%
Large Enterprise29%
VISITORS READING REVIEWS
Small Business21%
Midsize Enterprise13%
Large Enterprise66%
REVIEWERS
Small Business38%
Midsize Enterprise31%
Large Enterprise31%
REVIEWERS
Small Business60%
Midsize Enterprise23%
Large Enterprise17%
VISITORS READING REVIEWS
Small Business43%
Midsize Enterprise36%
Large Enterprise20%
Find out what your peers are saying about Palo Alto Networks VM-Series vs. Sophos UTM and other solutions. Updated: March 2020.
552,136 professionals have used our research since 2012.

Palo Alto Networks VM-Series is ranked 11th in Firewalls with 16 reviews while Sophos UTM is ranked 2nd in Unified Threat Management (UTM) with 20 reviews. Palo Alto Networks VM-Series is rated 8.6, while Sophos UTM is rated 8.4. The top reviewer of Palo Alto Networks VM-Series writes "An excellent solution for the right situations and businesses". On the other hand, the top reviewer of Sophos UTM writes "Great web and email filtering with reasonable pricing". Palo Alto Networks VM-Series is most compared with Azure Firewall, Fortinet FortiGate, Cisco ASA Firewall, Juniper SRX and CyberArk Privileged Access Manager, whereas Sophos UTM is most compared with Fortinet FortiGate, pfSense, Sophos XG, Untangle NG Firewall and Palo Alto Networks NG Firewalls. See our Palo Alto Networks VM-Series vs. Sophos UTM report.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.