One more thing: The Fortinet FortiGate 100E and Sophos XG 210 cannot inspect HTTPS traffic via their baseline firewalls. Fortinet requires either AV or IPS service. In the case of Sophos, decryption requires AV to be enabled.
In tthis case I suggest products of WatchGuard Technologies - Firebox M370 plus TDR Service. See "Unified Threat Management Comparative Throughput Performance" by Miercom (www.miercom.com)
