Not sure this question makes total sense in a general way. You can have a general "feature parity" that fails spectacularly because of one noe-quite-there feature. For example, XG still does not have IPv6 PD, though if you have a static IPv6 for the XG it works fine. So there might be a sort of "parity" but if you have an ISP that gives you your IPv6 via PD, the XG won't work for you.
Similarly, the UTM has historically. had a more polished and user-friendly interface, but I've read about some things lately where it's apparently not superior. But then, does UI count or do you mean operational features (IPv6 PD, SD-WAN rules including QoS) or performance (XGS acceleration), or something else? There are probably some features of XG that would be worth putting up with downgrades in other areas from UTM... for some use cases.
Personally, I'm a happy XG user who never used UTM, and have only used XG since 18.0 or so, and it's had a fairly good development momentum now that working with the Fastpath acceleration (XGS hardware) is behind them. I'm sure the preparation for the new mechanism bottlenecked a lot of other feature work during the pre-18.5 era.
Thanks Wayne. We are a UTM customer that's been advised to move to XG/XGS instead of renewing our UTM license in 2023. So i'm wondering what features XG does not have that UTM does. So far I found that XG does not support forward proxy, which we are using, but that's probably not a show-stopper. Also logging seems to better in UTM, logs are kept until the disk fills up, but XG only seems to keep the logs for 24 hours.
SFOS supports logging for Logviewer and an external Log module. Logviewer is a database on the firewall - (from my perspective the better approach to live log on UTM). Logviewer saved data based on the available storage. But its not a Reporting tool. If you want reporting - SFOS saves reporting on the firewall itself and can do it in Central as well. In Central you can build your own reports. It is free for 7 Days log retention.
Forward Proxy - SFOS does support a WAF, if you mean this by using a forward proxy.
7 days of logs: then you need to log to Sophos Central or local syslog at your side. Some logs on XG will cycle out after some hours already.
I liked to search through the old logs on UTM - was helpful in some situations. Building reports in Central may take some time to build until they contain what you need.
I really miss admin usability from UTM in XG SFOS. all has been written here and there - but most of the features will not come into SFOS. Cleaning up rules and hosts is still a pain in SFOS. Search function has been added for rules but it will not help you to find a host in VPN profiles as an example.
Based on the recent changes, there is a feature in place to archive more logs, if you need logs. But again: Logs are not Reports. There is a different use case behind both.
