We performed a comparison between Check Point NGFW and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The main difference between these two products is that Check Point users feel that the tool’s VPN is hard to integrate. In addition, Check Point does not have an open-source version like pfSense does.
"Anti-Spam web content filterinG."
"Virtual Domains (VDOMs) are a feature that we found valuable."
"The next-gen features, the unified threat management capabilities are something that just about everybody is interested in at this point."
"With FortiClient, you can easily connect when you are home, check out what you want to do, and connect to your network when you are not at work. You can switch on servers and you can check what is wrong."
"I like that they have given me a solution at a fair price."
"I like Fortinet's cloud management. It allows me to manage all my devices in different branches for three cloud accounts. Even though I use on-prem devices, I can manage everything on the cloud."
"The solution is extremely reliable."
"The solution has very good threat and content filtering switches."
"The QoS blade is very good for controlling traffic such as Windows patches, mail traffic and other stuff."
"It creates granular security policies based on users or groups to identify, block or limit the usage of web applications."
"There is a lot of legacy traffic from other vendors that has been migrated to Check Point which has resulted in a lot of stability in our environment."
"The solution is easy to administer thanks to its dashboards. The monitoring is really useful."
"The console or the single interface on the blades is most valuable."
"I like the Next-Generation Firewall."
"The Anti-Spoofing has the ability to monitor the interfaces. Suppose any spoofed IP addresses are coming from an external interface, it won't allow them. It will drop that traffic. You have two options with the Anti-Spoofing: prevent or detect. If any kind of spoof traffic is coming through the external interface, we can prevent that."
"HTTP forwarding is something I haven't seen elsewhere."
"Its features rival many of the high cost solutions out there."
"It works. I put pfSense in, and it works. I can't think of any trouble I ever had with it. It runs on heat-sensitive appliances. They don't need a fan, so they don't overheat. It is affordable, fast, and very high-speed. It is built on BSD Unix, and it pretty much runs on any Intel processor."
"pfSense helped us during COVID-19 because we used OpenVPN to connect from home."
"I have found pfSense to be stable."
"The solution has good customization abilities and plenty of features."
"Easy to deploy and easy to use."
"The initial setup was straightforward, therefore I wanted to continue using the product."
"What I found most valuable is the cost of the platform, the flexibility of the platform, and the fact that the ongoing fees are not there as they are with the competitor. Some people may think you're taking a risk with using Opensource. I think it just provides the end user, specifically for us small, medium business providers of services, the flexibility we need at the right cost to provide them a higher end, almost enterprise type service."
"I would like to see better pricing in the next release, as well as a simplification of the installation."
"Some of the software stability could improve."
"It's my understanding that more of the current generation features could be brought in. There could be more integration with EDRs, for example."
"I have to say that the initial setup was complex. The deployment took a few days to get set up. Initially, we were using an IPVanish. We switched to this tool since we thought it would be easier. But it turns out it wasn't easier to set up and run."
"Their software support needs improvement. I would prefer to have better support for bug fixes. Sometimes, we open a ticket, and it is very difficult to get a solution. Specifically, we are not at all happy with their support for load balancing."
"To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution."
"The solution can have more features in a single box that can be multi-applied to integrate everything."
"The firewall engine is not so strong as of now, in my opinion... My second concern is that, while they have Zero-day vulnerability and anti-malware features, the threat engine needs to be strengthened, its efficiency can be increased."
"The source package is a bit more expensive than its competitors."
"The complexity involved in the solution's initial setup phase and deployment process is an area of concern where improvement is required."
"Check Point could do better to include acceleration technologies like SD-WAN in an integrated or embedded way to provide these new features that Check Point never had and is of great importance in the market."
"They have few predefined reports and it would be nice to increase them since the logs are excellent."
"The tool is somewhat more expensive than its competitors."
"One of the main features that need improvement is the rule filter export."
"The main thing for a normal operations guy who is creating tools and firewalls, it is quite difficult to manage. It requires an expert level of knowledge in Check Point products to manage these scalable platform appliances and the virtual firewall that comes with it. We have to educate our guys and give them training on a regular basis to work on these products."
"Currently, some prices are very expensive."
"The product must provide integration with other solutions."
"I believe improving integration with various antivirus vendors could be beneficial."
"I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
"They could improve their commercial stance and be more agile when it comes to the commercial pricing of enterprise deals."
"Network monitoring and device inventory could use some improvements. I'm using SpiceWorks for this because it never really worked in pfSense."
"I tried pfSense, and it has a big issue with file system consistency, and this is what drove me to OPNsense. The file system stability is quite a big issue for us. We have a lot of outages related to power issues, and OPNsense is much more stable on this side."
"We have not had any problems with it, and we also do not have a need for any new features. If anything, its reporting can be better. Sophos has better reporting than pfSense. Sophos has more detailed information. pfSense is not as detailed. It is summarized."
Check Point NGFW is ranked 5th in Firewalls with 277 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Check Point NGFW is rated 8.8, while Netgate pfSense is rated 8.6. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Azure Firewall and OPNsense, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and Meraki MX. See our Check Point NGFW vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.