• Home
  • Check Point NGFW vs. Netgate pfSense

Check Point NGFW vs Netgate pfSense comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo

Fortinet FortiGate

Read 108 Fortinet FortiGate reviews
124,801 views|91,789 comparisons
Check Point Logo

Check Point NGFW

Read 110 Check Point NGFW reviews
31,579 views|19,394 comparisons
Netgate Logo

Netgate pfSense

Read 22 Netgate pfSense reviews
140,787 views|117,657 comparisons
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Check Point NGFW vs. Netgate pfSense
September 2023
Executive Summary
Updated on Jan 2, 2023

We performed a comparison between Check Point NGFW and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Check Point NGFW users say its initial setup is straightforward. While many pfSense users say that its initial setup is easy, a few disagree, saying that the setup is complex and requires a higher level of technical expertise.
  • Features: Users of both products are happy with their stability.

    Check Point users like its central management, and say it is flexible and has good security features. Some users note that its VPN tool is complex to integrate.

    pfSense reviewers say it is robust, but that its user interface could be enhanced. Several pfSense users mention that its security level should be improved.
  • Pricing: Most Check Point NGFW users feel that it is fairly priced. pfSense is open-source and free of charge.
  • Service and Support: Users of both solutions are satisfied with the service and support they receive. pfSense users, in particular, find the community support and YouTube tutorials for the product to be very extensive and helpful.
  • ROI: Users of both solutions report being satisfied with the ROI.

Comparison Results: The main difference between these two products is that Check Point users feel that the tool’s VPN is hard to integrate. In addition, Check Point does not have an open-source version like pfSense does.

To learn more, read our detailed Check Point NGFW vs. Netgate pfSense Report (Updated: September 2023).
Download the complete report
734,963 professionals have used our research since 2012.
Featured Review
Saurabh-Pal
Researched Check Point NGFW but chose Fortinet FortiGate: It's a reliable solution that's easy to install and cheaper than competitors
nickospot
It's easy to set rules and policies, which has greatly simplified cleanup and management.
Check Point has improved our organization's security posture, especially the IBAC, application control, IPS, and IDS. It's easy to set policies on... Read more →
Amandio Zumba
Free to use, flexible, and user-friendly
The product makes our business more secure. It has increased the security of our business. We are using the two solutions. The first one is from... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The inspection and web security features are most valuable.""The UTM feature is quite good. FortiAP is easy to deploy because both Fortigate and FortiAP are under the same brand. Otherwise, you need to do more work on the configuration.""Offers good security and filtering.""Reliability is the best feature. We faced some issues when we were setting it up, but the service, portal, and administration are good.""The security on offer is very good.""Whenever I need something, Fortinet improves and updates the software for me.""It's very easy to configure.""The most valuable feature of Fortinet FortiGate is URL filtering."

More Fortinet FortiGate Pros →

"Even though Check Point NGFW provides a set of security features that enforce protection on the network, the most valuable aspect is also the most used feature: the plain and simple firewall component. This is the core of the product and works to a great extent without the need for all other available bells and whistles.""Check Point offers excellent security.""We can build the new firewalls with minimum efforts.""The product is very scalable.""The solution provides better stability and some interesting features such as the ease of throughput expansion.""The solution is easy to administer thanks to its dashboards. The monitoring is really useful.""The initial setup is straightforward.""Objects search and tracker logs are useful."

More Check Point NGFW Pros →

"The initial setup is not complex.""My technicians find the pfSense's web interface very useful. It is very easy to use. pfSense is very reliable and stable. We like the OpenVPN clients that can be deployed using pfSense very much.""Sophos Intercept X is scalable. Currently, we have almost 30 people using it in our company.""The product’s documentation is good.""The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network.""The classic features such as content inspection, content protection, and the application-level firewall, are the most important.""Some of the terminologies were more familiar to me than it was when I first encountered Cisco.""pfSense allows us to spread the hours of connection and do the filtering on the pfSense site."

More Netgate pfSense Pros →

Cons
"Fortinet FortiGate could improve by having better visibility. Palo Alto has better visibility.""Scalability for Fortinet FortiGate needs to be improved. SD-WAN security for this solution also needs some improvement.""The routing capability on the FortiGate devices has room for improvement.""When we cluster the two Fortinet FortiGate boxes together we have some issues.""A sandbox would be good in order to be able to inspect the emails containing spam and be able to validate the emails that contain malware, prior to delivering to the customer.""Fortinet FortiGate is a firewall solution and once it's deployed, you can rest assured that your system is secure.""The solution could be more secure and stable.""It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features."

More Fortinet FortiGate Cons →

"The smart console is heavy.""Check Point NGFW could improve by introducing machine learning and more modeling dividing the way they manage the ports. However, they have evolved over the last year.""There is no clear way to report incorrect classification to support and a business is neither happy nor forgiving when they cannot receive mail from a crucial business partner.""Check Point can improve a little better in their technical services, especially in the Indian market.""Log queries are slow and take time to load.""The firewall should be easily deployable and scalable in any major cloud environment and enable an organization’s security team to manage all of its security settings from a single console.""While not being cheap, their pricing models are competitive. In the pricing structure, however, they need improvement.""The Check Point TAC support has, in recent years, deteriorated."

More Check Point NGFW Cons →

"Ease of use is a problem for a user who is unfamiliar with this product because, in the interface, everything has to be set manually.""The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time.""It would be great to add more to security.""The user interface can be improved to make it easier to add more features. And pfSense could be better integrated with other solutions, like antivirus.""It's just not listed as FIPS compliant for where we're at now in government, which is an issue.""The solution could be more user-friendly, and the graphical interface needs some work so that someone without an IT background can use the application. I would like the ability to manage the on-premise appliance from the cloud. When I'm not in the office, it would be great to connect to the pfSense server and administer the network remotely.""Also, the GUI is helpful, but it's not user-friendly. It's complicated. It should be more intuitive for the average user and have an excellent graphical view. Of course, the user will typically know about network administration, but it still should be easy to understand.""In terms of areas of improvement, the interface seemed like it had a lot. The GUI interface that I had gotten into was rather elaborate. I don't know if they could zero in on some markets and potentially for small, medium businesses specifically, give them a stripped-down version of the GUI for pfSense."

More Netgate pfSense Cons →

Pricing and Cost Advice
  • "I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost."
  • "It is more expensive than Sophos. Fortinet is overall more expensive than Sophos. The small range of Fortinet, such as 60F and 80F, is more expensive than the small range of Sophos. Sophos is cheaper. In addition, if you jump from 80F Series to 100F Series, the price doubles."
  • "The license is yearly. We pay for the top end. It's called 360."
  • "Here in Brazil, we're going through difficult economic times and the tax on the dollar is high. All the solutions from minor competitors are growing in the market. The prices have come more competitive."
  • "Licensing for Fortinet FortiGate is on a yearly basis. Pricing for it is a bit high. It could be cheaper."
  • "The licensing scheme of Fortinet is better than Cisco. It is more logical."
  • "The solution requires a license annually, it is not a user license, you can have as many users as your want. I must renew the license regularly per device."
  • "It was probably about $2,500 per firewall. It was all included. It included support, services, threat management software, and 24/7 FortiCare on it. Cisco products are more expensive."

    • More Fortinet FortiGate Pricing and Cost Advice →

  • "Check Point is a little more expensive than FortiGate."
  • "The solution is significantly more expensive than Fortinet, although this holds true to a lesser extent when compared with Palo Alto."
  • "When comparing the price of Check Point NGFW to other solutions it's difficult to compare because even though everything is included in the Fortinet price, there are large differences between the models. You need to go to a quite expensive Fortinet firewall to receive the same throughput and functionality as in a Check Point firewall. In the end, they are quite similar in price, Fortinet might be a bit cheaper."
  • "Scaling requires the purchase of additional licenses."
  • "I don't see that Check Point is very high, but it is geared more towards enterprises."
  • "Its cost is a little higher than other products."
  • "Check Point NGFW can be expensive compared to other competitors, but the price matches the functionality and efficiency of the solution."
  • "Before you buy, check which features you need, and if possible, I recommend signing up for at least a three-year license."

    • More Check Point NGFW Pricing and Cost Advice →

  • "Our customers must pay for an annual license."
  • "I would recommend it for a small business or a startup as a starting point. It's also good for companies that are on a tight budget."
  • "The price of pfSense is reasonable. However, there is a free version available."
  • "It is about €1,000. It is a one-time payment. I do not have a monthly or yearly subscription. I don't subscribe to any subscription because I hate cloud services. There are no additional costs."
  • "It is an open source firewall."
  • "It is very suitable in terms of the price. If a client cannot acquire a Netgate appliance, I provide a custom-made appliance, and I install the Community edition of pfSense. It is a very good and affordable solution for enterprises. Some of the clients pay monthly but usually, it is annually."
  • "We are using its Community Edition, which is free. My company is a government school, and we don't have much budget."
  • "pfSense is open-source, but the support is something that the customer pays for."

    • More Netgate pfSense Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    See Recommendations
    734,963 professionals have used our research since 2012.
    Questions from the Community
    Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Read all 3 answers   →
    What is the biggest difference between Sophos XG and FortiGate?
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Read all 13 answers   →
    What are the biggest technical differences between Sophos UTM and Fortine...
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Read all 11 answers   →
    How does Check Point NGFW compare with Fortinet Fortigate?
    Top Answer:I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such)… more »
    Read all 5 answers   →
    Which would you recommend - Azure Firewall or Check Point NGFW?
    Top Answer:Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall… more »
    Read all 2 answers   →
    What do you like most about Check Point NGFW?
    Top Answer:Its usability is the best for me. As compared to Palo Alto, Juniper, or Cisco firewalls, Check Point firewall has the… more »
    Read all 144 answers   →
    Help me find the best open source router
    Top Answer:You don't really specify what type of router you are looking for but if you are talking about a gateway router I… more »
    How do I choose between Fortinet FortiGate and pfSense?
    Top Answer:Fortinet’s Fortigate is a firewall solution we use and are very much satisfied with its performance. We find Fortigate… more »
    Read all 5 answers   →
    What is the difference between PfSense and OPNsense?
    Top Answer:Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
    Comparisons
    Also Known As
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    Check Point NG Firewall, Check Point Next Generation Firewall
    Learn More
    Fortinet
    Check Point
    Netgate
    Video Not Available
    Overview

    Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

    Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.

    Benefits of Fortinet FortiGate

    Some of the benefits of using Fortinet FortiGate include:

    • The ability to manage your firewalls from a centralized automated control console. Fortinet FortiGate’s FortiManager enables administrators to exercise control of their firewalls in a streamlined manner. Administrators have full visibility and control over their system from a single location. It utilizes automation that collects information in real time, which greatly simplifies and reduces the cost of running various types of workflows. Administrators can free up resources by automating the most basic tasks.
    • The ability to produce uniform, appropriate, and coordinated responses to threats across networks. Fortinet FortiGate’s FortiGuard feature generates system protections in near real time. This allows administrators to address threats to the system with custom-made solutions that can be uniformly enforced.
    • The ability to scale up your security to fit your changing security needs. Fortinet FortiGate’s design allows users to accelerate the transfer of data between users and escalate the number of users that are covered without compromising security of performance. This means that users can grow their networks and continue to collaborate without worrying about the system slowing down or coming under attack.

    Reviews from Real Users

    Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.

    PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”

    PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”

    Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.

    Check Point NGFW includes 23 firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance.

    Benefits of Check Point's Next Generation Firewall

    • Robust security: Check Point NGFW delivers the best possible threat prevention with SandBlast Zero Day protection. The SandBlast protection agent constantly inspects passing network traffic for exploits and vulnerabilities. Suspicious files are then emulated in a virtual sandbox in order to detect and report malicious behavior.

    • Security at hyperscale: On-demand hyperscale threat prevention performance provides cloud level expansion and resiliency on premises.

    • Unified management: Check Point's SmartConsole makes it easy to manage and configure network security environments and policies. With the SmartConsole, users can manage all the firewall gateways and access logs and install databases from one location. Unified management control across the network increases the efficiency of security operations and reduces IT costs.
    • Continuous logging: Check Point NGFW’s Threat Management feature detects vulnerabilities and logs them. Using the logged data, users can easily create and implement efficient security policies.

    • Remote access: The remote access VPN provides a seamless connection for remote users.

    Check Point NGFW is suitable for organizations of all sizes, from small businesses to larger enterprises.

    Reviews from Real Users

    Check Point NGFW stands out among its competitors for a number of reasons. Two major ones are its intrusion prevention feature as well as its centralized management, which makes it very easy to deploy firewall policies to many firewalls with one click.

    Shivani J., a network security administrator, writes, "Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention."

    G., a network administrator at Secretaría de Finanzas de Aguascalientes, writes, “Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution. The configuration of policies has allowed us to maintain control of access and users for each institution that is incorporated into our headquarters.”

    Arun J., a senior network engineer, notes, “The nicest feature is the centralized management of multiple firewalls. With the centralized management, we can easily use and operate multiple firewalls as well as create a diagram of them.”

    pfSense is a powerful and reliable network security appliance primarily used for security purposes such as firewall and VPN or traffic shaping, network management, and web filtering. It is commonly used by small businesses and managed service providers to protect their customers' networks and enable remote access through VPNs. 

    The solution is praised for its stability, user-friendly interface, scalability potential, open-source nature, free cost, easy installation, firewall capabilities, security features, flexibility, and simplicity. Overall, pfSense is a cost-effective solution for enterprises that need a VPN for their employees.

    pfSense Key Features

    pfSense has many key features and capabilities, including:

    • Strength and accuracy: pfSense is able to always follow either default or custom rules, making it a stronger firewall than some of its competitors. It also filters traffic separately, whether it’s coming from your internal network of devices or the open internet, allowing you to set different rules and policies for each.

    • Flexibility: pfSense can work both as a basic firewall and as a complete security system because it gives you the flexibility to integrate additional features as code where necessary.

    • Open-source: Because it is open-source, not only is pfSense free to use, but community members can contribute to the code to make it a better software.

    • User-friendly: Usually firewall products are not user-friendly because they often include complex settings, options, and features that require fine-tuning. pfSense’s interface is simple, direct, and easy to use.

    • WireGuard Support: Instead of building your own VPN using pfSense, or settling for a commercial VPN provider, you can directly integrate WireGuard with the pfSense firewall.

    • Speed Management and Fault Tolerance: pfSense’s multi-WAN feature allows your system to continue operating in case components fail.

    • Well-supported: pfSense regularly has security and feature updates. It also has a documentation site and a well-informed and knowledgeable support forum.

    Reviews from Real Users

    Below is some feedback from PeerSpot Users who are currently using the solution.

    Bojan O., CEO at In.sist d.o.o., says, “The classic features, such as content inspection, content protection, and the application-level firewall, are the most important."

    Another PeerSpot user, a chef at a media company, explains what he finds most valuable about pfSense: "The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is."

    T.O., a VP of Business Development at a tech services company, mentions, "What I found most valuable is the cost of the platform, the flexibility of the platform, and the fact that the ongoing fees are not there as they are with the competitor."



    Offer
    Learn more about Fortinet FortiGate
    Learn More
    Learn more about Check Point NGFW
    Learn More
    Learn more about Netgate pfSense
    Learn More
    Sample Customers
    Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
    Control Southern, Optimal Media
    Nerds On Site Inc., RKC Development Inc., Expertech, Fisher's Technology, Ncisive, Consulting, CPURX, Vaughn's Computer House Calls, Imeretech LLC, Digital Crisis, Carolina Digital Phone, Technigogo Technology Services, The Simple Solution, SwiftecITInc, Rocky Mountain Tech Team, Free Range Geeks, Alaska Computer Geeks, Lark Information Technology, Renaissance Systems Inc., Cutting Edge Computers, Caretech LLC, GoVanguard, Network Touch Ltd, P.C. Solutions.Net, Vision Voice and Data Systems LLC, Montgomery Technologies, Techforce, Concero Networks, ASONInc, CPS Electronics and Consulting, Darkwire.net LLC, IT Specialists, MBS-Net Inc., VOICE1 LLC, Advantage Networking Inc., Powerhouse Systems, Doxa Multimedia Inc., Pro Computer Service, Virtual IT Services, A&J Computers Inc., Envision IT LLC, CommunicaONE Inc., Bone Computer Inc., Amax Engineering Corporation, QPG Ltd. Co., IT 101 Inc., Perfect Cloud Solutions, Applied Technology Group Inc., The Digital Sun Group LLC, Firespring
    Top Industries
    REVIEWERS
    Comms Service Provider16%
    Computer Software Company10%
    Financial Services Firm9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Educational Organization22%
    Computer Software Company15%
    Comms Service Provider9%
    Government5%
    REVIEWERS
    Financial Services Firm24%
    Computer Software Company15%
    Comms Service Provider7%
    Government6%
    VISITORS READING REVIEWS
    Educational Organization48%
    Computer Software Company8%
    Comms Service Provider5%
    Financial Services Firm5%
    REVIEWERS
    University11%
    Marketing Services Firm9%
    Comms Service Provider9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Comms Service Provider14%
    Government9%
    Educational Organization6%
    Company Size
    REVIEWERS
    Small Business48%
    Midsize Enterprise23%
    Large Enterprise30%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise33%
    Large Enterprise41%
    REVIEWERS
    Small Business29%
    Midsize Enterprise19%
    Large Enterprise52%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise56%
    Large Enterprise30%
    REVIEWERS
    Small Business69%
    Midsize Enterprise18%
    Large Enterprise13%
    VISITORS READING REVIEWS
    Small Business32%
    Midsize Enterprise18%
    Large Enterprise50%
    Buyer's Guide
    Check Point NGFW vs. Netgate pfSense
    September 2023
    Free Report: Check Point NGFW vs. Netgate pfSense
    Find out what your peers are saying about Check Point NGFW vs. Netgate pfSense and other solutions. Updated: September 2023.
    DOWNLOAD NOW
    734,963 professionals have used our research since 2012.

    Check Point NGFW is ranked 5th in Firewalls with 110 reviews while Netgate pfSense is ranked 2nd in Firewalls with 22 reviews. Check Point NGFW is rated 9.0, while Netgate pfSense is rated 8.6. The top reviewer of Check Point NGFW writes "Scalable with seamless failover capabilities and excellent logging functionality". On the other hand, the top reviewer of Netgate pfSense writes "Feature-rich, well documented, and there is good support available online". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Cisco Secure Firewall, Azure Firewall, Sophos XG and OPNsense, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Untangle NG Firewall, Sophos UTM and Meraki MX. See our Check Point NGFW vs. Netgate pfSense report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.