Check Point NGFW vs OPNsense comparison


Comparison Buyer's Guide

Executive SummaryUpdated on Jul 11, 2023

Categories and Ranking

Fortinet FortiGate
Ranking in Firewalls
Average Rating
Number of Reviews
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (2nd), WAN Edge (1st)
Check Point NGFW
Ranking in Firewalls
Average Rating
Number of Reviews
Ranking in other categories
Unified Threat Management (UTM) (1st)
Ranking in Firewalls
Average Rating
Number of Reviews
Ranking in other categories
No ranking in other categories

Market share comparison

As of June 2024, in the Firewalls category, the market share of Fortinet FortiGate is 22.9% and it increased by 13.2% compared to the previous year. The market share of Check Point NGFW is 3.1% and it decreased by 19.5% compared to the previous year. The market share of OPNsense is 10.3% and it decreased by 29.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Unique Categories:
Software Defined WAN (SD-WAN) Solutions
WAN Edge
Unified Threat Management (UTM)
No other categories found

Featured Reviews

Ubeyd  Kara - PeerSpot reviewer
Apr 25, 2023
They're easy to manage and more affordable than competing solutions, but there are some stability issues
FortiGate is easy to deploy. The deployment time varies depending on the customer's network topology. How many policies does the customer require, and what kind of license do they have? FortiGate is easier than Palo Alto Networks and Check Point and takes less time. We typically start by analyzing the customer's topology and understanding their requirements, including policies, routines, etc. We implement the device once we know what the customer needs. One engineer is usually enough to deploy FortiGate in a small or medium-sized environment. An enterprise project requires a more detailed analysis of the network requirements before implementation. That can take two or three days. Once we understand the network, it may take another two or three days to configure the device and one or two days to implement it.
Kavindra Fernando - PeerSpot reviewer
May 9, 2024
Offers features like WatchTower that helps you manage the device using a mobile and stable product
I highly recommend it to users who have a lot of IoT devices. It all comes down to one simple thing: "If you have IoT devices, I highly recommend Check Point NGFW. If you don't, it's a bit complex compared to Fortinet and Sophos." But once you get the hang of it, you can quite easily configure the device. Moreover, Check Point has a certification program if you want, and you can learn with that. They also have a separate certification program that you can take, a paid certification program. I am satisfied with the documentation by Check Point. Overall, I would rate the solution a nine out of ten.
Akram Zaki Hussein - PeerSpot reviewer
Sep 22, 2023
Robust network security and management offering a user-friendly interface, open-source flexibility, and cost-effectiveness, with challenges regarding initial setup and the absence of official support
The interface is user-friendly, but there's room for improvement in terms of intuitiveness. The bundle management aspect requires additional attention to make it more intuitive, especially for inspecting high-level traffic. This is crucial, especially for larger companies where the existing features might not be the most optimal choice, given limitations like printer constraints. For high availability, it's crucial to have a method in place where a designated component oversees the entire process. Given that OPNsense plays a pivotal role as a firewall, safeguarding against various threats, having a reliable backup ensures uninterrupted protection even if unforeseen events impact the primary virtual machine. It would be beneficial if OPNsense supported additional virtualization platforms like Hyper-V from Microsoft and VMware, similar to how Kaspersky has integrated them.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:


"We use a lot of function on the IPS and it works well for us."
"It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working."
"The main benefit is the grouping of our security monitoring."
"It works very well. It has a lot of different functionalities. Its cost is also fine for our customers."
"The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors."
"Its performance in fulfilling our requirements has been satisfactory."
"We are very happy with the general bandwidth agility we have seen from one website to another website."
"The most valuable feature of Fortinet FortiGate is security. They are known for efficiency and are on the top of Gartner Quadrant reviews. Fortinet FortiGate has an easy-to-use platform with a good graphical interface. The configuration is simple and the solution provides an overall good layer of security."
"The Threat Management feature makes it very easy to detect the vulnerabilities and other factors. We can make new policy according to it. Policy creation is very simple in Check Point. Because the logs are very good in Check Point Firewall, this reduces our work with the reports that we are getting from the Threat Management. It is very convenient for us to use the reports to make new policies for security and other things."
"Check Point NGFW is easy to use, flexible and provides good performance. The security of the product is excellent, we do not have to do a lot of patching or upgrades because of vulnerabilities."
"The management platform and the dashboard, the graphical user interface, is one of the best, if not the best, in the business. It's the most intuitive and it's really user-friendly in day-to-day operations."
"The IPS protection is the most useful feature that I found from Check Point."
"The Identity-Based Inspection Control gives us the ability to leverage the organization’s Microsoft AD, LDAP, RADIUS, and Cisco pxGrid."
"We have all the features we want or need in this appliance. It's been good so far."
"I like the dashboard, redundancy, log analysis, threat prevention and ISP, and VPN."
"The ease of configuring VPNs can be very useful especially for companies with lots of remote locations."
"URL blocking, Wireguard, Tail Scale, Engine Blocker, and VPN are the most valuable features for me."
"One of the most valuable features is the network checking. Additionally, the firewall and web filtering functionalities are highly useful."
"It's more secure and more reliable."
"We have found pretty much all the features of the solution to be valuable."
"OPNsense is highly stable."
"The feature I find most valuable, is that the program helped me to realize all the requested functionality that was needed."
"The initial implementation process is simple."
"The solution has high availability."


"I use the FortiGate 60D model and realized the 300Mbps bandwidth limitation. Because it is a product that offers many services, I think it could have greater bandwidth capacity."
"Bandwidth usage in reporting could be improved for Fortinet FortiGate."
"I would prefer to have more detailed logs within the FortiGate products themselves rather than relying on a separate tool."
"When we cluster the two Fortinet FortiGate boxes together we have some issues."
"The stability could be a bit better."
"They should offer special pricing to premium partners and customers."
"I feel that the reporting needs to be improved."
"I think there could be more QoS features"
"The command line is very difficult to use, which is one of the biggest drawbacks of this solution."
"At the moment it is not easy to configure some VPN S2S in Check Point."
"The improvement could come from better monitoring of traffic data in and out of the firewall."
"The documentation could be better."
"There needs to be a Mac version of the Smart Console."
"In the future, some of the features that I would like to see would be the ability to integrate environmental solutions such as the metaverse or blockchain so that we can see them also in applications directly and on mobile devices or natively."
"I still don't have access to the reporting service."
"The frequency of the antivirus updates which we get for Check Point firewalls should increase. They should be of good quality compared to the competitive firewalls on the market. They should give us stable antivirus signatures. That is an area in which they can improve."
"The user interface could be improved, and the DNS section should be more intuitive."
"The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs."
"They should improve IPEs for security in the future."
"The ability to set the VPN IP address would be a welcome addition."
"The solution would not be suitable for anything large-scale."
"The interface of the solution is an area with shortcomings."
"The interface needs to be simplified. It is not user-friendly."
"There should be more technical documentation."

Pricing and Cost Advice

"The license of Fortinet FortiGate should be reduced."
"Work through partners for the best pricing."
"It has a competitive price."
"Licensing is usually on a three-year period."
"The pricing is very reasonable."
"Fortinet bundles FortiGate with other products and because of this, the price is a little expensive to some SMB enterprises."
"Easy to understand licensing requirements."
"Its licenses cost the same for different subscription plans."
"It falls in a moderate price range, not as inexpensive as some alternatives but not as costly as Palo Alto."
"The tool is a bit expensive."
"One of the main reasons that we went with Check Point is that they provide a good solution for a firewall but at an affordable price. As a state agency, we can't afford Cisco Firepower. It's just out of our budget to be able to pay for something where licensing and hardware are so expensive. Check Point has really met our needs for a budget-friendly solution."
"This product is not cheap and there are additional costs that depend on what model or package that you buy."
"We have to consider things, cost-wise, when we are expanding into other locations. We don't have the budget to use it in other platforms... Check Point is really costly."
"It is not a cheap solution, which is why we are looking for another one."
"Its price is reasonable. If we compare its TCO for three years, it is more reasonable than some of the other vendors such as Fortinet, Palo Alto, etc."
"They sell it in one box. In that one box, they sell Antivirus and Threat Prevention. They have everything, so we are not required to purchase additional IPS hardware for it."
"I've used the free version. My computer with two network cards at home allows me to try as many different software options as I want. I did pay for the license, but it was for the Zenarmor license, which is the packet inspection tool. They use AI for packet inspection, which integrates with OPNsense and pfSense."
"The price of OPNsense is good."
"OPNsense is open source software so at this time it is free for us to use."
"There are no licensing costs for OPNsence."
"I'm using the free version of OPNsense. I didn't check the pricing for the solution because I still need to test it before getting the approval to purchase OPNsense, and it isn't easy to get approval from the higher-ups."
"It is free."
"OPNsense is a well known open-source tool."
"We are not paying any licensing fees. OPNsense is completely free for us."
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
787,560 professionals have used our research since 2012.

Top Industries

By visitors reading reviews
Educational Organization
Computer Software Company
Comms Service Provider
Manufacturing Company
Educational Organization
Computer Software Company
Financial Services Firm
Computer Software Company
Comms Service Provider
Educational Organization

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
How does Check Point NGFW compare with Fortinet Fortigate?
I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such). -Ch...
Which would you recommend - Azure Firewall or Check Point NGFW?
Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall ...
What do you like most about Check Point NGFW?
Check Point NGFW provides essential security, featuring no-obligation access for secure connections, strong intrusion...
What is the difference between PfSense and OPNsense?
Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and cl...
What do you like most about OPNsense?
What I like the most about OPNsense is that it offers an easy-to-use dashboard for device management and control.

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
Check Point NG Firewall, Check Point Next Generation Firewall
No data available



Sample Customers

1. Amazon Web Services 2. Microsoft 3. IBM 4. Cisco 5. Dell 6. HP 7. Oracle 8. Verizon 9. AT&T 10. T-Mobile 11. Sprint 12. Vodafone 13. Orange 14. BT Group 15. Telstra 16. Deutsche Telekom 17. Comcast 18. Time Warner Cable 19. CenturyLink 20. NTT Communications 21. Tata Communications 22. SoftBank 23. China Mobile 24. Singtel 25. Telus 26. Rogers Communications 27. Bell Canada 28. Telkom Indonesia 29. Telkom South Africa 30. Telmex 31. Telia Company 32. Telkom Kenya
Control Southern, Optimal Media
1. Deciso B.V. 2. iXsystems, Inc.  3. EuroBSDCon  4. Netgate  5. Claranet  6. Voleatech  7. Open Systems AG  8. Securebit AG  9. Proxmox Server Solutions GmbH  10. AVM Computersysteme Vertriebs GmbH  Additional customers include: T-Systems International GmbH, Deutsche Telekom AG, Vodafone GmbH, 1&1 IONOS SE, OVHcloud, Hetzner Online GmbH, Strato AG, PlusServer GmbH, Host Europe GmbH, United Internet AG, 1&1 Versatel Deutschland GmbH, QSC AG, Bechtle AG, Cancom SE, Computacenter AG & Co. oHG, T-Systems Multimedia Solutions GmbH, Atos SE, Capgemini SE, Accenture plc, IBM Corporation, Hewlett Packard Enterprise Company, Cisco Systems, Inc.
Find out what your peers are saying about Check Point NGFW vs. OPNsense and other solutions. Updated: May 2024.
787,560 professionals have used our research since 2012.