We performed a comparison between Check Point NGFW and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The main difference between these two products is that Check Point users feel that the tool’s VPN is hard to integrate. In addition, Check Point does not have an open-source version like pfSense does.
"Provides good firewall security and has great VPN features."
"It's an easy solution to set up."
"The most valuable features of the solution are SD-WAN, filtering testing applications, web filtering, and the new VPN."
"A strong point of FortiGate is the graphical interface is complete and easy to use."
"The email protection and VPN features are the most valuable."
"Unified Threat Management (UTM) features."
"The web filtering facility and application control are the most valuable features from the point of view of our clients. The VPN feature is also quite popular amongst our clients. Two-factor authentication is one of the good features in Fortinet. These features are important for the current scenario of security. Security has become a necessity nowadays. With cyber-attacks becoming more common, protecting an organization's data is one of the major tasks. It is also very stable and scalable, and it is very straightforward to configure. Their technical support is also good."
"Easy to use support and licensing portal as well as activation process."
"The most valuable feature of Check Point NGFW is the unparalleled distribution of the network traffic. The central management station they have allows you to manage everything from one place."
"There are many useful features including the Office VPN, which provides us with a seamless connection for users who are working remotely."
"The tool has solid firmware with very few vulnerabilities."
"The firewall feature and DDoS Protector, when turned on, keep away attacks from the outside. They also prevent users from accessing things on the Internet that they are not supposed to access."
"Newer versions are much more stable."
"Check Point definitely has a great architecture, where you can just enable the software blades and deploy a secure service. Overall, it provides ease of deployment and ease of use."
"We do not have any problems with stability."
"By far, it's the best security solution one can adopt for their organization."
"I have found pfSense to be stable."
"The solution is very easy to use and has a very nice GUI."
"The interface is straightforward and easy to use."
"Routing, load balancing, Traffic Limiter and queues. Since this company relies on an Internet connection, having these features is a must."
"Some of the terminologies were more familiar to me than it was when I first encountered Cisco."
"We like the fact that the product is open-source. It's free to use. There are no costs associated with it."
"It is much simpler than other solutions such as Fortinet."
"The product’s documentation is good."
"There are SD-WAN network monitoring, SD-WAN features, Industrial Databases, Internet of Things, Detection, etc., however, we do have not licenses for those features. We thought that if you bought a product, you should have all of the features it offers. Why should you need to make so many extra purchases to enable features? They should have one price for the entire offering."
"For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial."
"There are mainly two areas of improvement in Fortinet FortiGate— the licensing cost and the timing of upgrading licenses for boxes."
"To some degree, it's almost a question as to why some of this stuff isn't simpler. For example, for an AP deployment, while it's integrated, the number of steps that you have to go through in order to get the AP up, seems like a lot."
"The command line is complicated, and the interface could be better."
"It needs more available central management."
"The stability of Fortinet FortiGate could improve."
"Fortinet FortiGate could improve by having a frequent ask questions(FAQ) area for people to receive quick answers to popular questions. Additionally, it would be beneficial to have an SMS notification feature. For example, if you cannot access your email you could receive an SMS message."
"Without any training, it is very hard to administrate the whole Check Point NGFW."
"Of the areas of improvement that I want to see in this product, without a doubt, one is the technical support. In this time of globalization, with so many cyberattacks and risks, the Check Point support staff take a long time to attend to incidents due to the high demand."
"Support cases have been generated several times, and it takes time for the case to be resolved."
"The only thing which I think should be improved is that training should be increased. In my position I also interview potential employees and I haven't found many people in the market, nowadays, who are familiar with the Check Point firewall. They are more familiar with Palo Alto and Cisco ASA and they are more comfortable with them."
"Initially, we faced a few challenges with firmware. Later this was addressed with jumbo hotfixes."
"The debugging of VPN tunnels is very stressful."
"Although they have it now, we don't have a license for it, and I think mobile device security should be a standard feature. I cannot control someone bringing their device to my network and what they do."
"In the future, some of the features that I would like to see would be the ability to integrate environmental solutions such as the metaverse or blockchain so that we can see them also in applications directly and on mobile devices or natively."
"The product could offer more integrated plugins."
"The VPN feature of the solution could improve by adding better functionality and providing easier configure ability."
"I'd like to find something in pfSense that is more specific to URL filtering. We have customers who would like to filter their web traffic. They would like to be able to say to their employees, "You can surf the web, but you cannot get access to Facebook or other social media," or "You can surf the web, but you're not allowed to gamble or watch porn on the web." My technicians say that doing this kind of stuff with pfSense nowadays is not easy. They can implement some filters using IP addresses but not by using the names of the domains and categories. So, we are not able to exclude some categories from the allowed traffic, such as porn, gambling, etc. To do that, we have to use another product and another web filter that uses DNS. I know that there are some third-party products that could work with pfSense, but I'd like the native pfSense solution to do that."
"It needs to be more secure."
"pfSense has some limitations in detecting site sessions. We want to control internet usage based on sites and their content, and pfSense doesn't perform this function."
"I would like to see SD1 integration into the software. That would be fantastic."
"The solution could improve by having centralized management and API support online."
"The integration should be improved."
Check Point NGFW is ranked 5th in Firewalls with 275 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Check Point NGFW is rated 8.8, while Netgate pfSense is rated 8.6. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Azure Firewall and OPNsense, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and Meraki MX. See our Check Point NGFW vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.