We performed a comparison between pfSense and WatchGuard Firebox based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Both products received high marks from reviewers, but WatchGuard ultimately won out in this comparison. According to reviews, WatchGuard appears to be a more secure solution.
"Layer-3 firewall and routing are the most valuable features."
"Fortigate is very scalable to serve our customers' needs. We have scaled already from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers."
"FortiGate has a very strong unified threat management system."
"The CLI and GUI do a good job of putting a lot at your fingertips."
"The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors."
"I really like the captive portal feature for our guest network. It has nice VLAN features in terms of separating our network. The anti-virus is also good."
"The signature database and zero-day detection are Fortinet FortiGate's most valuable features."
"I like that you are able to manage FortiGate from the FortiManager to create a more centralized environment."
"Sophos Intercept X is scalable. Currently, we have almost 30 people using it in our company."
"The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network."
"Is good at blocking IP addresses."
"We like the fact that the product is open-source. It's free to use. There are no costs associated with it."
"My technicians find the pfSense's web interface very useful. It is very easy to use. pfSense is very reliable and stable. We like the OpenVPN clients that can be deployed using pfSense very much."
"It is a very good solution for enterprises that need a VPN for their employees. It is the best way to provide a remote work facility to employees at a very low cost. Other solutions that I have had in the past were very expensive. Enterprises don't always have that kind of money to invest."
"It is much simpler than other solutions such as Fortinet."
"The main features of this solution are customization and ease to use."
"HostWatch makes it so I can see, in real-time, activity in the event that there is something weird happening on the network. This simplifies my job."
"The most valuable features of this solution are live logging, rule setup and maintenance, and VPN creation."
"The most valuable features are the VPN and web blocker security."
"The ports that I have assigned appear to be unattainable to outside 'mal-actors,' unless they have an address registered on the internet that this thing is expecting. That's a layer of security."
"Their centralized console simplifies management for organizations with multiple Fireboxes."
"It has everything we need in terms of functionality."
"The solution simplifies my business. Normally, for administration, we are using NetApp System Manager on Window since it's easy to create new policies. In a short amount of time, you can create new policies based on new requirements. For example, in the last few months, many requirements changed due to the coronavirus, adding the use of new services, like Office 365, and eLearning tools, like Zoom."
"I have found the DNS Watch feature for intrusion and prevention response and APT Locker most valuable to me."
"For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial."
"Fortinet should focus on enhancing the capabilities of FortiGate by consolidating its various products, such as FortiGate Cloud, FortiManager, and FortiAnalyzer."
"Due to its higher cost, Fortinet FortiGate can lead to increased operational expenses."
"The solution's framework needs to be frequently updated in order to have a stable solution."
"Improvement is needed in the Web Filter quotas to restrict users with allocated quotas."
"Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why."
"I need user-behavior analytics, to find threat scenarios from inside the organization, insider attacks. That would be very helpful for us. In addition, I would like next-generation features for small and medium businesses. These businesses require UTM, all in one product. Fortinet must include it."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"This product needs improvements with respect to reporting and auditing."
"I would like to see different graphs available in the reporting."
"The access control aspect of the product could be improved."
"Their support could be better in terms of the response time."
"It requires more attention to provide a better alternative for open source to small government or educational institutions with reduced budgets in terms of technology."
"It needs to be more secure."
"It's just not listed as FIPS compliant for where we're at now in government, which is an issue."
"User interface is a little clumsy."
"A 12-hour power outage... got our batteries."
"The pricing could be improved. It is definitely one of the more expensive products."
"Reporting is something you've got to set up separately. It's one of those things that you've got to put some time into. One of the options is to set up a local report server, which is what I did. It's not great. It's okay... Some of the stuff is a little complicated to get up and running. Once you do, it becomes very user-friendly and easy to work with, but I find there are some implementation headaches with some of their stuff."
"The solution needs to improve its accessibility."
"I would like to have a little more control over access points and the ability to see the bandwidth that is passing through a specific access point. We are not able to see that. We can see what traffic is passing through the Firebox itself, but we can't identify if it is coming from a particular access point or not."
"The scalability of the solution needs improvement."
"There is room for improvement on the education side, regarding what does what, rather than just throwing it at a person and assuming they know everything about it. A lot of times, you have to call WatchGuard support to get the solution that will work, rather than their just having it published so that you can fix the problem on your own."
"In terms of the reporting and management features — and this isn't necessarily a WatchGuard issue, this seems to be more of an industry-wide issue — you get reports, but a lot of times you don't know what you're looking at. You're so overwhelmed with the data. You're getting a lot of stuff that doesn't matter, so it takes time to parse through it, to actually get what you want to know."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while WatchGuard Firebox is ranked 13th in Firewalls with 78 reviews. Netgate pfSense is rated 8.6, while WatchGuard Firebox is rated 8.6. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of WatchGuard Firebox writes "Offers a streamlined deployment, intuitive interface and robust security features". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and SonicWall TZ, whereas WatchGuard Firebox is most compared with Sophos XG, OPNsense, SonicWall TZ, Meraki MX and Cisco Secure Firewall. See our Netgate pfSense vs. WatchGuard Firebox report.
See our list of best Firewalls vendors and best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.