• Home
  • Check Point NGFW vs. OPNsense

Check Point NGFW vs OPNsense comparison

Cancel
You must select at least 2 products to compare!
Check Point Logo

Check Point NGFW

Read 155 Check Point NGFW reviews
28,155 views|19,238 comparisons
OPNsense Logo

OPNsense

Read 14 OPNsense reviews
86,816 views|75,772 comparisons
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Check Point NGFW vs. OPNsense
March 2023
Executive Summary

We performed a comparison between Check Point NGFW and OPNsense based on real PeerSpot user reviews.

Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Check Point NGFW vs. OPNsense Report (Updated: March 2023).
Download the complete report
688,618 professionals have used our research since 2012.
Featured Review
Anonymous User
Great security with a unified dashboard and helpful intelligence reports
Check Point NGFW has helped the company in the prevention of cyber attacks that could affect operations and slow down production. The intelligence... Read more →
Eddy Ramirez
Good interface and firewall capabilities and overall easy to use
The security has improved as we can isolate the network. We can do attrition prevention via a tool that comes with the solution. We can have a VPN... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The fact that these can be separated and made in different layers provides excellent convenience for the administrators who regulate the rules.""The information stored in the logs is very descriptive and includes a lot of details.""Check Point is more expensive but easier to manage, and their presales and after-sale support are way better than Fortinet's.""It's quite a stable solution.""We found a very successful implementation of the virtual private network client, since, for some time now, everyone has been working from home.""HTTP forwarding is something I haven't seen elsewhere.""Log storage gives us insights when required.""The VPN tunnels are very effective in terms of stability and quick connection."

More Check Point NGFW Pros →

"It's more secure and more reliable.""OPNsense is highly stable.""The IDS and IPS features are valuable. From the usability perspective, there is a lot of good documentation. As IT professionals, we found it very easy to configure the firewall. It was easy to configure and use.""OPNsense could improve by making the configuration more web-based rather than shell or command-line-based.""It has an open license. It works very well, and there is an update every month.""The solution has high availability.""OPNsense is easy to scale when running on the hardware.""The system in general is quite flexible."

More OPNsense Pros →

Cons
"Check Point can improve a little better in their technical services, especially in the Indian market.""There is no email security.""The routing rules and some more network settings should be listed on the Check Point Smart Console instead of GAIA Web GUI.""Technical support could be improved.""The product or services can be improved from the cost and the pricing perspective.""Unfortunately, as is the case with many big companies, new features seem to always be more important than fixing the last little bugs that affect only a minor customer base.""The upgrading process takes too much time.""There have been a few requests/issues about the Identity Awareness feature."

More Check Point NGFW Cons →

"An area for improvement in OPNsense is the hardware, which needs to be updated more frequently. DNS blocking is another good feature I want to be added to the solution. pfSense has a peer-blocking feature that I also want to see in OPNsense.""The IPS solution could be more reliable.""The interface needs to be simplified. It is not user-friendly.""While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet.""The logging could improve in OPNsense.""We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much.""I think the most important thing is that it should be easily accessible, but currently, that doesn't seem to be the case. We need a hardware platform that's based on common standards and open computing principles, which would be like a commodity and benefit us greatly.""The reporting part could be better."

More OPNsense Cons →

Pricing and Cost Advice
  • "The licensing is straightforward; there are only three types of licenses that include NGFW, NGTP, and SNBT, so the organization can choose its license according to their requirements."
  • "The licensing includes the cost of support."
  • "They offered more features for a lower cost than competitors, and the licensing model was easy to understand."
  • "Check Point brings good value for the money and is competitive in the market."
  • "The pricing is high compared to competitors."
  • "The hardware cost is not huge, but you need to push for good pricing on software licensing and blades."
  • "Check Point is competitively priced; however, there is an additional charge for the Annual Maintenance Contract (AMC) and it is easy to understand."
  • "Licensing is pretty straightforward and is based on the blades available, such as NGFW, NGTP, and NGTX."

    • More Check Point NGFW Pricing and Cost Advice →

  • "The solution is not expensive."
  • "As an appliance, it's in the medium price range."
  • "Its pricing is unbeatable in comparison to other firewalls. You can have a small instance that could be €80 a month with the hardware underneath. Azure Firewall and FortiGate are out of the question at this price. If you are on a public cloud, you need the underlying infrastructure. Other than that, there is no additional cost. If you have it on-prem, you have to buy the server or the appliance. The hardware cost is replaced with the infrastructure cost in the cloud. You also have costs for the public IPs and underlying VMs, but that's not related to OPNsense. It would be the same for a FortiGate deployment on Azure. You need a FortiGate license, and you need the underlying infrastructure that scales up depending on your needs."
  • "It is open source and free."
  • "The price of OPNsense is good."
  • "I'm using the free version of OPNsense. I didn't check the pricing for the solution because I still need to test it before getting the approval to purchase OPNsense, and it isn't easy to get approval from the higher-ups."

    • More OPNsense Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    See Recommendations
    688,618 professionals have used our research since 2012.
    Questions from the Community
    How does Check Point NGFW compare with Fortinet Fortigate?
    Top Answer:I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such). -Check Point GUI is a bit complicated,  -Application and Web filtering are better… more »
    Read all 5 answers   →
    Which would you recommend - Azure Firewall or Check Point NGFW?
    Top Answer:Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall cloud platform, autoscaling, and the ability for users to create virtual IP… more »
    Read all 2 answers   →
    What do you like most about Check Point NGFW?
    Top Answer:The central management console has helped with segregation, where planned interventions with management consoles do not have any impact on production or critical business traffic.
    Read all 75 answers   →
    What is the difference between PfSense and OPNsense?
    Top Answer:Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and client, Open VPN and client, and PPTP client. Both also have intrusion detection and… more »
    What do you like most about OPNsense?
    Top Answer:What I like best about OPNsense is that, as a firewall, it's pretty good. I'm quite impressed with it. I had an excellent experience with OPNsense, which helped me achieve the targets I wanted.
    Read all 21 answers   →
    What is your experience regarding pricing and costs for OPNsense?
    Top Answer:I'm using the free version of OPNsense. I didn't check the pricing for the solution because I still need to test it before getting the approval to purchase OPNsense, and it isn't easy to get approval… more »
    Read all 18 answers   →
    Ranking
    4th
    out of 48 in Firewalls
    Views
    28,155
    Comparisons
    19,238
    Reviews
    160
    Average Words per Review
    571
    Rating
    8.9
    7th
    out of 48 in Firewalls
    Views
    86,816
    Comparisons
    75,772
    Reviews
    11
    Average Words per Review
    397
    Rating
    8.3
    Comparisons
    Also Known As
    Check Point NG Firewall, Check Point Next Generation Firewall
    Learn More
    Check Point
    OPNsense
    Video Not Available
    Overview

    Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.

    Check Point NGFW includes 23 firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance.

    Benefits of Check Point's Next Generation Firewall

    • Robust security: Check Point NGFW delivers the best possible threat prevention with SandBlast Zero Day protection. The SandBlast protection agent constantly inspects passing network traffic for exploits and vulnerabilities. Suspicious files are then emulated in a virtual sandbox in order to detect and report malicious behavior.

    • Security at hyperscale: On-demand hyperscale threat prevention performance provides cloud level expansion and resiliency on premises.

    • Unified management: Check Point's SmartConsole makes it easy to manage and configure network security environments and policies. With the SmartConsole, users can manage all the firewall gateways and access logs and install databases from one location. Unified management control across the network increases the efficiency of security operations and reduces IT costs.
    • Continuous logging: Check Point NGFW’s Threat Management feature detects vulnerabilities and logs them. Using the logged data, users can easily create and implement efficient security policies.

    • Remote access: The remote access VPN provides a seamless connection for remote users.

    Check Point NGFW is suitable for organizations of all sizes, from small businesses to larger enterprises.

    Reviews from Real Users

    Check Point NGFW stands out among its competitors for a number of reasons. Two major ones are its intrusion prevention feature as well as its centralized management, which makes it very easy to deploy firewall policies to many firewalls with one click.

    Shivani J., a network security administrator, writes, "Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention."

    G., a network administrator at Secretaría de Finanzas de Aguascalientes, writes, “Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution. The configuration of policies has allowed us to maintain control of access and users for each institution that is incorporated into our headquarters.”

    Arun J., a senior network engineer, notes, “The nicest feature is the centralized management of multiple firewalls. With the centralized management, we can easily use and operate multiple firewalls as well as create a diagram of them.”

    OPNsense is a user-friendly, fast-track, open-source FreeBSD-based firewall and routing platform. This software offers features that are generally available from costly commercial firewalls, with the added benefit of open and verifiable sources. The firewall provides users, developers, and organizations with an advantageous environment through transparency. The development of this project is driven by a strong focus on security and code quality.

    The solution offers a variety of components, such as:

    • Weekly security updates. These updates provide the user with the ability to reach new emerging threats in a timely manner through small increments.

    • Two major releases every year. These yearly releases are on a fixed release cycle and provide organizations with the ability to plan ahead of an upcoming upgrade.

    • A roadmap of instructions. Each major release provides a guide and a set of clear goals.

    A team of professionals developed OPNsense. Other professional and experienced software architects, engineers, and developers are encouraged to join in the development of the solution to make it as successful as possible. OPNsense offers a variety of rich features with each release. Each upgrade is based on FreeBSD for continual, long-term support and utilizes a freshly advanced MVC framework based on Phalcon. OPNsense is committed to helping businesses, school networks, remote offices, hotels, and other markets in keeping their data protected.

    OPNsense Core Features

    OPNsense continually offers a free, complete, high-end security platform with new releases and features. With each release, OPNsense focuses on providing more unique and better security features in a timely manner. These features include:

    • Captive Portal
    • Built-in reporting and monitoring tools including RRD Graphs
    • Network Flow Monitoring
    • Traffic Shaper
    • Support for Plugins
    • Granular Control Over State Table
    • Dynamic DNS
    • Two-factor authentication throughout the system
    • Netflow Exporter
    • Encrypted Configuration Backup to Google Drive
    • Forward Caching Proxy (transparent) with Blacklist Support
    • Stateful inspection firewall
    • DNS Server & DNS Forwarder
    • High Availability & Hardware Failover (with configuration synchronization & synchronized state tables)
    • DHCP Server and Relay
    • Virtual Private Network (site to site & road warrior, IPsec, OpenVPN & legacy PPTP support)
    • Intrusion Detection and Prevention
    • 802.1Q VLAN support

    Reviews from Real Users

    OPNsense is a favorite security solution among reviewers for a number of reasons. Two of those reasons include the user-friendliness of the solution, which makes it easy to use, and its ability to easily scale.

    For many, a user-friendly solution is essential. FiorindoDi A., a system administration specialist at a tech vendor, says, "The graphic user interface is very good and it is user-friendly, which makes the product easy-to-use."

    Peerspot reviewers speak of the scalability of the solution. For example, an anonymous cloud and infrastructure manager at a venture capital and private equity firm reviewer notes, "OPNsense is easy to scale when running on the hardware."

    Offer
    Learn more about Check Point NGFW
    Learn More
    Learn more about OPNsense
    Learn More
    Sample Customers
    Control Southern, Optimal Media
    CompuNet Systems GmbH,
    Top Industries
    REVIEWERS
    Financial Services Firm24%
    Computer Software Company15%
    Comms Service Provider7%
    Government7%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider13%
    Educational Organization10%
    Financial Services Firm8%
    REVIEWERS
    Comms Service Provider27%
    Financial Services Firm18%
    Logistics Company18%
    Aerospace/Defense Firm9%
    VISITORS READING REVIEWS
    Comms Service Provider20%
    Computer Software Company16%
    Government9%
    Educational Organization6%
    Company Size
    REVIEWERS
    Small Business28%
    Midsize Enterprise19%
    Large Enterprise53%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise23%
    Large Enterprise53%
    REVIEWERS
    Small Business65%
    Midsize Enterprise9%
    Large Enterprise26%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise19%
    Large Enterprise52%
    Buyer's Guide
    Check Point NGFW vs. OPNsense
    March 2023
    Free Report: Check Point NGFW vs. OPNsense
    Find out what your peers are saying about Check Point NGFW vs. OPNsense and other solutions. Updated: March 2023.
    DOWNLOAD NOW
    688,618 professionals have used our research since 2012.

    Check Point NGFW is ranked 4th in Firewalls with 155 reviews while OPNsense is ranked 7th in Firewalls with 14 reviews. Check Point NGFW is rated 8.8, while OPNsense is rated 8.4. The top reviewer of Check Point NGFW writes "Scalable with seamless failover capabilities and excellent logging functionality". On the other hand, the top reviewer of OPNsense writes "Supports high availability, good content filtering capabilities, and ability to protect against various types of malware". Check Point NGFW is most compared with Fortinet FortiGate, Palo Alto Networks NG Firewalls, Cisco Secure Firewall, Azure Firewall and Juniper SRX Series Firewall, whereas OPNsense is most compared with pfSense, Untangle NG Firewall, Sophos XG, Fortinet FortiGate and WatchGuard Firebox. See our Check Point NGFW vs. OPNsense report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.