We performed a comparison between Check Point NGFW and OPNsense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Check Point NGFW is highly regarded for its extensive security functions, centralized control, and ability to virtualize. OPNsense is appreciated for its ability to scale, provide guest access, offer user-friendly dashboards, and provide a free version for users. Check Point NGFW needs enhancements in integration, hardware upgrades, cost, stability, load balancing, technical support, and reporting capabilities. OPNsense, on the other hand, requires improvements in its interface, bandwidth management, multi-provider internet protection, integration with Azure, a timeline for new features and updates, IPS solution, reporting capabilities, SSL inspection, and learning curve.
Service and Support: The service for Check Point NGFW has varying feedback, with certain customers appreciating its assistance and quick response, while others believe there is room for improvement. OPNsense boasts an exceptional community support network, although a few users encounter challenges in directly accessing support.
Ease of Deployment: The setup process for Check Point NGFW can be complex and challenging, especially for those who are unfamiliar with the product. It requires expertise and experience for certain configurations and migrations. The initial setup of OPNsense is described as straightforward and easy, even for clients without IT experience. It can be completed within a few hours, with slight variations depending on individual circumstances.
Pricing: The cost of setting up Check Point NGFW is deemed to be expensive, whereas OPNsense falls into the moderate range. Check Point provides flexible licensing choices, although some individuals find the procedure complex. OPNsense is a license-free open-source solution. In addition to the basic expenses, OPNsense requires additional costs for hardware, installation, and training.
ROI: Check Point NGFW provides cost savings, simplicity, and reliable security enforcement, resulting in a favorable return on investment. OPNsense achieves a return on investment in less than three months and eliminates recurring fees.
Comparison Results: Check Point NGFW is the preferred choice over OPNsense. Users appreciate its comprehensive security features, centralized management, and virtualization capabilities. It is known for its stability, ease of use, and scalability. Check Point NGFW is considered worth the price due to its superior security and reliability.
"The scalability is good in Fortinet FortiGate."
"Fortinet FortiGate protects against internet-based threats, both internal and external. It is scalable, stable, easy to use, and easy to install."
"Overall security features and performance routing is good."
"The integration with Active Directory is one of the good features. Most of the customers are now looking for the Single Sign-on feature. So, being able to integrate Active Directory with the firewall is useful. It is also easy."
"Reliability is the best feature. We faced some issues when we were setting it up, but the service, portal, and administration are good."
"We've found the solution to be pretty stable."
"The next-generation firewall is great."
"We are a visual effects company, and there have been a number of high profile security issues in our industry. This has brought us to a higher standard of security, which our clients are very keen on these days."
"It offers a range of models to enhance network security and it can be customized to secure endpoint client machines or user devices by deploying features like malware detection, antivirus, and mail security blades."
"It has allowed us to grow in a safe way and in accordance with our particular needs."
"The rules are very easy to deploy and can be optimized pretty quickly."
"Check Point's rule management helped us simplify access control. At one point, we had more than 1,000 access control policies, and it was challenging to manage them all. We cut it down to 300 policies using Check Point's management features, and we are still working on reducing this further to achieve the best way to manage policies. Its logging and monitoring enable us to trace and investigate suspicious traffic."
"One of the benefits that we have realized from using this product is that the user interface makes it easier to operate, compared to using the CLI."
"The central management console has helped with segregation, where planned interventions with management consoles do not have any impact on production or critical business traffic."
"Only allows authorized connections and prevents vulnerabilities in a network."
"The firewall and IPS are the most valuable features of the solution."
"URL blocking, Wireguard, Tail Scale, Engine Blocker, and VPN are the most valuable features for me."
"It's open source."
"The interface and the dashboard are the most valuable features of this solution."
"The initial setup is easy. It only takes 15-30 minutes to deploy."
"The solution is user-friendly and easy to configure."
"What I like the most about OPNsense is that it offers an easy-to-use dashboard for device management and control."
"The IDS and IPS features are valuable. From the usability perspective, there is a lot of good documentation. As IT professionals, we found it very easy to configure the firewall. It was easy to configure and use."
"I feel that its valuable features are that it is simple and free."
"One issue that I have had is that sometimes I need to monitor the traffic, so I need to filter it according to the user and which user is using it the most. I experience a bottleneck most of the time, particularly at the peak time when the number of contracts and users are at maximum."
"The solution is very expensive."
"I need user-behavior analytics, to find threat scenarios from inside the organization, insider attacks. That would be very helpful for us. In addition, I would like next-generation features for small and medium businesses. These businesses require UTM, all in one product. Fortinet must include it."
"The web-cache feature which was previously on the FortiGate device, but was deleted with the recent upgrade should be returned. It was a very valuable feature for us."
"Some of the features in the graphical user interface do not work, which requires that we used the command-line-interface."
"Fortinet FortiGate needs to improve the logging and reporting. Additionally, the next-generation application's policies should be improved. When they were released they had bugs."
"The logs need to be better. They need to be more visible and easier to access."
"Its reporting and pricing need improvement."
"I hope for product simplification. It would be better to use one security console, instead of many of them (for licensing and monitoring). The solution is hard for newcomers and takes much time to deep in. Also, I want a historical graph for throughput and system resources usage. Maybe it will be great to make easy step-by-step installation and configuration cookbooks as Fortinet did, and integrate the documentation within the solution."
"It could be easier to access the installation of the Hostfix for VSX solutions. The CLI commands help us understand how virtual firewalls behave in terms of processor, memory, and other aspects. More graphic visualizations of CPUSE commands would be a welcome improvement, and Check Point could expand scripts to run within the solution for multiple tasks."
"The source package is a bit more expensive than its competitors."
"The current model is predominantly hardware appliance-based, which can incur substantial costs"
"It could greatly improve our customer experience by centralizing management."
"Check Point can scale but at times we have experienced some issues."
"The Check Point TAC support has, in recent years, deteriorated."
"Heavy load causes a higher CPU to peek which causes us to need to reboot the device. Malicious activity database corrupts the directory or path and restoring it takes a lot of time."
"The IPS solution could be more reliable."
"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."
"There is room for improvement in SSL inspection."
"Its interface should be a little bit better."
"The only thing that I would like to see improved is the Insight or the NetFlow analysis part. It would be good to have the possibility to dig down on the Insight platform. Right now, we can easily do only a few analyses. If this page becomes more powerful, it surely will be a well-adopted platform."
"An area for improvement in OPNsense is the hardware, which needs to be updated more frequently. DNS blocking is another good feature I want to be added to the solution. pfSense has a peer-blocking feature that I also want to see in OPNsense."
"There should be more technical documentation."
"OPNsense showed me some problems when using it in different environments. The problem is integration with a virtual server."
Check Point NGFW is ranked 5th in Firewalls with 277 reviews while OPNsense is ranked 3rd in Firewalls with 36 reviews. Check Point NGFW is rated 8.8, while OPNsense is rated 8.4. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of OPNsense writes "Robust network security and management offering a user-friendly interface, open-source flexibility, and cost-effectiveness, with challenges regarding initial setup and the absence of official support". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Juniper SRX Series Firewall, whereas OPNsense is most compared with Netgate pfSense, Sophos XG, Untangle NG Firewall, Sophos UTM and KerioControl. See our Check Point NGFW vs. OPNsense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.