Solved: So I have to chime in here, I

Sheraz.Salim · ‎11-27-2015

We are running a cisco 5510 and looking to upgrade it. Recently a company sale person came and give us a pitch for sophos 650 and wanted to sell us. I being using cisco product for long time and find them reliable and like the command line from switches, to routers, and to asa etc.

they said sophos is

Function Performance

Firewall Throughput 60 GBPS

IPS Throughput 16 GBPS

AV Throughput 5 GBPS

Concurrent connections 20,000,000

I want my managment to go for ASA firepower or cisco x series with IPS and other features. but what i understand is sophos is a small to mid level as cisco asa are for large engrprise. kindly could you please suggest sticking with cisco asa (new asa model) will be a good choise or going forward with sophos. I like cisco command line and working in cisco network for last 4 year any vaule input will be higly appriciated.

please do not forget to rate.

nspasov · ‎12-10-2015

Sorry for the delayed reply but I was actually busy with last minute CCIE studying :)

So, I reviewed the links and my original opinion still stands :)

- If you look at the NSS labs Brach Detection Report Sophos is nowhere to be found while Cisco is pretty high up

- If you look at the latest Gartner Enterprise Firewall report Sophos is pretty low while Cisco is pretty high up

- If you look at the latest IPS Garnter report you will see the same

Another cool thing about Cisco is this support forum. If you have an issue you have TAC but also Google :) If you Google a Cisco related problem you get hundreds of pages of answers. If you do the same for Sophos you would be lucky if you get 1 or 2.

I hope this helps! Good luck!

View solution in original post

nspasov · ‎11-27-2015

Hi there, I work for a very large technology reseller and here is what my thoughts are:

- Do you care about the reports that Gartner and NSS Labs post? If you do, then you can eliniate Sophos immediately :)

- Most of my customers go with: 1-Cisco, 2-Palo Alto, 3-Fortinet

- If you are familiar with Cisco and you are mostly a Cisco network then I would recommend you stick what you know vs what you don't know. In my previous job I was tasked to put the fastest network possible so we ended up with Cisco Routers, Arista Switches and Linux Firewalls. Yes, it was fast but troubleshooting it was a nightmare :)

- Cisco fell asleep behind the wheel and really fell behind the competition when it comes to Firewalls/IPS, etc. However, with the purchase of Sourcefire, they really got themselves back to the top. The Sourcefire solution is simply amazing, especially the FireSIGHT management console. If you have not played with it, I would recommend asking your Cisco team to give you a demo.

- With all of that being said, Cisco has Firewall solutions starting with the 5506-X for So-Ho that would support 100Mb+ of throughput and go all of the way up with clustered 5585-X and standalone Sourcefire appliances for multi-ten gig of throughput. The link below can give you some more info to help you decide which model would fit best in your environment:

http://www.cisco.com/c/en/us/products/security/asa-firepower-services/models-comparison.html

I would also recommend either reaching out to a Cisco partner reseller or Cisco directly to help you out with this.

Let me know if you have anymore questions. I hope this was helpful!

Thank you for rating helpful posts!

Sheraz.Salim · ‎11-28-2015

Hi Neno

i do agree with you what you said what you think of these

https://www.sophos.com/en-us/press-office/press-releases/2015/06/sc-magazine-excellence-awards.aspx SC Awards 2015 Eurpore

https://sophos.files.wordpress.com/2015/06/pc-pro-magazine-sophos-sg-series-utm-review.pdf PC PRO A-List

https://www.sophos.com/en-us/medialibrary/Gated%20Assets/white%20papers/miercomutmperformancetestingreport.pdf?la=en Miercom Performance Verified

http://www.gartner.com/technology/reprints.do?id=1-2M0PNVL&ct=150827&st=sb Gartner

please do not forget to rate.

nspasov · ‎11-30-2015

None of the links are working for me...they all bring be to a login page. Can you please repost them? Use the "Link Option" button when you post them.

Sheraz.Salim · ‎11-30-2015

https://www.sophos.com/en-us/press-office/press-releases/2015/06/sc-magazine-excellence-awards.aspx SC Awards 2015 Eurpore

https://sophos.files.wordpress.com/2015/06/pc-pro-magazine-sophos-sg-series-utm-review.pdf PC PRO A-List

https://www.sophos.com/en-us/medialibrary/Gated%20Assets/white%20papers/miercomutmperformancetestingreport.pdf?la=en Miercom Performance Verified

http://www.gartner.com/technology/reprints.do?id=1-2M0PNVL&ct=150827&st=sb Gartner

please do not forget to rate.

nspasov · ‎12-10-2015

Sorry for the delayed reply but I was actually busy with last minute CCIE studying :)

So, I reviewed the links and my original opinion still stands :)

- If you look at the NSS labs Brach Detection Report Sophos is nowhere to be found while Cisco is pretty high up

- If you look at the latest Gartner Enterprise Firewall report Sophos is pretty low while Cisco is pretty high up

- If you look at the latest IPS Garnter report you will see the same

Another cool thing about Cisco is this support forum. If you have an issue you have TAC but also Google :) If you Google a Cisco related problem you get hundreds of pages of answers. If you do the same for Sophos you would be lucky if you get 1 or 2.

I hope this helps! Good luck!

Sheraz.Salim · ‎12-14-2015

Thank you for you feedback.

please do not forget to rate.

nspasov · ‎12-14-2015

No problem! Glad I could help!

mjones · ‎03-22-2018

I used to deploy alot of PIX the ASA and then UTMs came out and now I deploy alot of UTMs.. Cisco dropped the ball on the firewall market years ago and they are trying to come back with the purchase of Snort and now you have the ASA with Firepower. To be honest its probably not bad because Snort is the Defacto IDS/IPS solution for the market but Sophos has them beat on features and performance hands down if you are looking for a simple solution. Cisco has really good VPN architectures like EasyVPN that Supports failover but the same things can be accomplished using simple methods that Cisco failed to support in VPN earliy one Like DNS host names. Thats right DNS hostnames for my VPN Tunnel endpoints not supported on ASA. But they are in Sophos so I dont need EasyVPN because I can just use a DNS Failover Service on a GTM and now I have regional redundancy for my VPNs. I think ASA with Firepower is a good solution but if you don't need Contextual Firewalls then why deal with the complexity when you can just have a Firewall with lots of feature consolidation and an easy to use web interface. Did I mention the management Platform is FREE

I think Sophos is a good alternative to checkpoint and Checkpoint is the best Enterprise Firewall solution you can use in a big environment if you can afford it.

Matthew Ritchie · ‎09-26-2016

So I have to chime in here, I know this post is 10 months old, but revisit this. Cisco WAS the best, but if your dealing with customers with 1 to 20,000 endpoints, mobile devices, SSL VPNS, Site-to-Site VPNs, your best bet is to utilize Sophos SG UTMS, nothing from Cisco compares in terms of

- Ease of Use

- Ease of Management

- Ease of Troubleshooting

- Reporting

- Integration with Active Directory

- Deployment Options (Cloud: Azure, AWS; Hyper-V, VMware, or Dedicated Hardware)

And understand, I AM A CISCO GUY, I love their switched infrastructure solutions, their Wireless solutions are top notch, but their Firewalls/UTMS are absolutely not up to the level they should be compared to everyone else out there. Sophos is a much better option if you don't want to be googling cisco commands all day. And to take what the "Answerer" said about, Google an issue about Cisco and you have forum after forum of information, versus 1 or 2 with Sophos. If you really think about it, that's because, administrator upon administrator loses their mind and their hair trying to configure and troubleshoot Cisco-based issues versus Sophos UTMs, very few issues, if any, that aren't fixed by an extremely easy firmware rollback or update. God help you with Cisco rollbacks, or firmware upgrades, you are in a place you could easily brick a Cisco box doing upgrades. I have stopped selling Cisco security appliances for gateway service, they don't fit the bill with any of their offerings in small business or medium. NOW...that is not to say that a 1941 or 2921 wouldn't be a great backbone router, but don't use them for services at the head end like Intrusion Prevention, APTs, Antivirus, Antimalware, Antispam, Encryption, Web Filtering or VPNs....JUST DONT! Use Sophos SG UTMs running UTM9.x or higher.

Switching - CISCO

Wireless - I like Sophos, but Cisco still has that market done well.

Firewalls/UTMS - ONLY Sophos

Backbone Routing - Cisco works well for this.

Site-to-Site - Sophos RED or addtl Sophos SG UTM9.x units

Cisco cant argue any of this, because they even use Sophos scanning engine in their security products, so your getting a second rate device right off the bat with Cisco, just go to the source for the original solution, Sophos.

roman.kyrianov · ‎10-17-2016

Hi,

Actuallty I don't think it is possible to define something as good if there are so many pages with problems.

Cisco is cool, but for sure makes allways too complicate.

ASA vs Sophos