We performed a comparison between Check Point NGFW and OPNsense based on real PeerSpot user reviews.Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"The remote access, VPN, and ACL features are valuable. We are using role-based access for individuals."
"I love the ASDM (Adaptive Security Device Manager) which is the management suite. It's a GUI and you're able to see everything at a glance without using the command line. There are those who love the CLI, but with ASDM it is easier to see where everything is going and where the problems are."
"ASA integrates with FirePOWER, IPS functionality, malware filtering, etc. This functionality wasn't there in the past. With its cloud architecture, Cisco can filter traffic at the engine layer. Evasive encryptions can be entered into the application, like BitTorrent or Skype. This wasn't possible to control through a traditional firewall."
"The CLI is the most valuable feature. This solution is very flexible and offers different functionality including firewalls and VPN connectivity."
"The technical support is excellent. I would rate it as 10 out of 10. When there has been an issue, we have had a good response from them."
"The ASDM (Adaptive Security Device Manager) which is the graphical user interface, works out, and Cisco keeps it current."
"I like all of the features."
"I have not had an infected machine behind the firewall since I first installed and started using NGFW."
"The solution offers very good central management, which saves time and is hassle-free."
"Check Point is awesome from a security standpoint. Based on our experience and also the experience of the other customers, it is a very stable appliance."
"We have all the features we want or need in this appliance. It's been good so far."
"The most valuable feature of Check Point NGFW is the unparalleled distribution of the network traffic. The central management station they have allows you to manage everything from one place."
"One of the most valuable features is performance improvement, wherewith ClusterXL and CoreXL, you can improve performance."
"The online documentation is complete and easy to read and understand."
"The packet inspection capabilities are great."
"The system in general is quite flexible."
"The technical support is very good."
"The IDS and IPS features are valuable. From the usability perspective, there is a lot of good documentation. As IT professionals, we found it very easy to configure the firewall. It was easy to configure and use."
"It has an open license. It works very well, and there is an update every month."
"The initial implementation process is simple."
"OPNsense is highly stable."
"We have found pretty much all the features of the solution to be valuable."
"It's more secure and more reliable."
"Licensing is complex, and I'd like it to be simplified. This is an area for improvement."
"Sometimes, it is not easy to troubleshoot. You need to know where to go. It took me quite awhile. It's like, "Okay, if it doesn't go smoothly here, then go find the documentation." Once you do it, it is not so bad. However, it is sometimes a steep learning curve on the troubleshooting part of it."
"The one thing that the ASAs don't have is a central management point. We have a lot of our environments on FTD right now. So, we are using a Firewall Management Center (FMC) to manage all those. The ASAs don't really have that, but they are easy to use if you physically go into them and manage them."
"The main problem we have is that things work okay until we upgrade the firmware, at which point, everything changes, and the net stops working."
"I would like to see the inclusion of a protocol that can be used to protect databases."
"It doesn't have Layer 7 security."
"I think they need to review their whole UI because it feels like it was created by a whole bunch of different teams of developers who didn't fully talk to each other. The net policy screen is just a mess. It should look like the firewall policy screen, and they should both act the same, but they don't. I feel like it's two different buildings or programming, who don't talk to each other, and that really annoys me."
"One of the challenges we've had with the Cisco ASA is the lack of a strong controller or central management console that is dependable and reliable all the time."
"There is room for improvement in application-based filtering, as with other firewalls available in the market today."
"The predefined reports are limited and should provide more information. Check Point should provide a greater number of defined reports and produce reports for each division of the organization."
"It would be ideal to manage everything from one central place."
"If you have a long ruleset, you may experience performance issues on the GUI, and installing rule changes on gateways can take a comparatively long time."
"Check Point can improve a little better in their technical services, especially in the Indian market."
"I have had some issues in the past with the desktop client being slow to come up for logging in, and then slow to respond to screen changes, however, overall, it really hasn't been too bad."
"The upgrade is something we would like to be improved in the future as the frequency of hotfixes is too much, and by the time we finish the one round, we already have the new version released and are required to upgrade."
"The interface can be more user-friendly in terms of design and the location of critical and commonly used icons."
"The solution could be more secure."
"The interface needs to be simplified. It is not user-friendly."
"We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much."
"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."
"The IPS solution could be more reliable."
"The logging could improve in OPNsense."
"They should improve IPEs for security in the future."
"I would like to see better SD-WAN performance."
The Cisco Secure Firewall portfolio delivers greater protections for your network against an increasingly evolving and complex set of threats. With Cisco, you’re investing in a foundation for security that is both agile and integrated- leading to the strongest security posture available today and tomorrow.
From your data center, branch offices, cloud environments, and everywhere in between, you can leverage the power of Cisco to turn your existing network infrastructure into an extension of your firewall solution, resulting in world class security controls everywhere you need them.
Investing in a Secure Firewall appliance today gives you robust protections against even the most sophisticated threats without compromising performance when inspecting encrypted traffic. Further, integrations with other Cisco and 3rd party solutions provides you with a broad and deep portfolio of security products, all working together to correlate previously disconnected events, eliminate noise, and stop threats faster.
Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.
Check Point NGFW includes 23 firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance.
Benefits of Check Point's Next Generation Firewall
Check Point NGFW is suitable for organizations of all sizes, from small businesses to larger enterprises.
Reviews from Real Users
Check Point NGFW stands out among its competitors for a number of reasons. Two major ones are its intrusion prevention feature as well as its centralized management, which makes it very easy to deploy firewall policies to many firewalls with one click.
Shivani J., a network security administrator, writes, "Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention."
G., a network administrator at Secretaría de Finanzas de Aguascalientes, writes, “Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution. The configuration of policies has allowed us to maintain control of access and users for each institution that is incorporated into our headquarters.”
Arun J., a senior network engineer, notes, “The nicest feature is the centralized management of multiple firewalls. With the centralized management, we can easily use and operate multiple firewalls as well as create a diagram of them.”
OPNsense is a user-friendly, fast-track, open-source FreeBSD-based firewall and routing platform. This software offers features that are generally available from costly commercial firewalls, with the added benefit of open and verifiable sources. The firewall provides users, developers, and organizations with an advantageous environment through transparency. The development of this project is driven by a strong focus on security and code quality.
The solution offers a variety of components, such as:
A team of professionals developed OPNsense. Other professional and experienced software architects, engineers, and developers are encouraged to join in the development of the solution to make it as successful as possible. OPNsense offers a variety of rich features with each release. Each upgrade is based on FreeBSD for continual, long-term support and utilizes a freshly advanced MVC framework based on Phalcon. OPNsense is committed to helping businesses, school networks, remote offices, hotels, and other markets in keeping their data protected.
OPNsense Core Features
OPNsense continually offers a free, complete, high-end security platform with new releases and features. With each release, OPNsense focuses on providing more unique and better security features in a timely manner. These features include:
Reviews from Real Users
OPNsense is a favorite security solution among reviewers for a number of reasons. Two of those reasons include the user-friendliness of the solution, which makes it easy to use, and its ability to easily scale.
For many, a user-friendly solution is essential. FiorindoDi A., a system administration specialist at a tech vendor, says, "The graphic user interface is very good and it is user-friendly, which makes the product easy-to-use."
Peerspot reviewers speak of the scalability of the solution. For example, an anonymous cloud and infrastructure manager at a venture capital and private equity firm reviewer notes, "OPNsense is easy to scale when running on the hardware."
Check Point NGFW is ranked 4th in Firewalls with 162 reviews while OPNsense is ranked 7th in Firewalls with 12 reviews. Check Point NGFW is rated 9.0, while OPNsense is rated 8.2. The top reviewer of Check Point NGFW writes "Centrally managed, good antivirus and attack prevention capabilities, knowledgeable support". On the other hand, the top reviewer of OPNsense writes "Unbeatable pricing and easy to configure and use, but it can be configured only through the GUI, and the integration with Azure cloud is difficult". Check Point NGFW is most compared with Fortinet FortiGate, Palo Alto Networks NG Firewalls, Azure Firewall, pfSense and Juniper SRX, whereas OPNsense is most compared with pfSense, Untangle NG Firewall, Sophos XG, Fortinet FortiGate and KerioControl. See our Check Point NGFW vs. OPNsense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.