Fortinet FortiGate vs pfSense comparison

Cancel
You must select at least 2 products to compare!
Cisco Logo
98,494 views|66,440 comparisons
Fortinet Logo
162,773 views|127,603 comparisons
Netgate Logo
118,369 views|100,663 comparisons
Comparison Buyer's Guide
Executive Summary
Updated on Apr 20, 2022

We performed a comparison between pfSense and Fortinet Fortigate based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Fortinet Fortigate users overwhelmingly agree that deployment is easy and the initial setup is straightforward. Some pfSense users say deployment is easy while others say it is rather complex.
  • Features: Reviewers of the two solutions say they both have good stability.

    Valuable features of Fortinet Fortigate include a good user interface, great templates and good web filtering, application control, and intrusion protection. Users would like to see better monitoring and reporting, and improved performance and speed.

    Valuable features of pfSense include flexibility and good documentation. Users express that the interface as well as the ease of use need to be improved.
  • Pricing: Fortinet Fortigate users share mixed opinions, with some users expressing they think the pricing is affordable and fair and some users mentioning they think it is on the more expensive side. In contrast, pfSense is open source.
  • Service and Support: Fortinet Fortigate users are satisfied with the service and support they receive. Users of pfSense say they are able to rely on community forums and discussions when necessary.
  • ROI: Users of both solutions report seeing an ROI.

Comparison Results: Based on the parameters we compared, it seems that pfSense is the more favorable solution because it is open source and also offers great features.

To learn more, read our detailed Fortinet FortiGate vs. pfSense Report (Updated: November 2022).
653,522 professionals have used our research since 2012.
Q&A Highlights
Question: How do I choose between Fortinet FortiGate and pfSense?
Answer: I will choose FortIGate. It is a complete hardware and software and integrated solution for IT security and threat management
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature would be ASDM. The ability to go in, visualize and see the world base in a clear and consistent manner is very powerful.""The initial setup was not complex.""This solution helped us to identify the key areas where we need to focus to block traffic that is malicious to our organization.""The most valuable features of this solution are advanced malware protection, IPS, and IDS.""The clusters in data centers are great.""If configured, Firepower provides us with application visibility and control.""Cisco ASA provides us with very good application visibility and control.""The command line is the same as it is on the Cisco iOS router."

More Cisco Secure Firewall Pros →

"The user interface (UI) is very, very good.""The most valuable features of Fortinet FortiGate are the ability to work in proxy mode, which other solutions, such as Palo Alto cannot. There are some features that are better that come at no extra license or subscriptions cost, such as basic SD-WAN. The DLT is useful, other solutions have the same feature too, such as Palo Alto.""The integration with Active Directory is one of the good features. Most of the customers are now looking for the Single Sign-on feature. So, being able to integrate Active Directory with the firewall is useful. It is also easy.""The solution is extremely reliable.""The most useful functionality of Fortinet FortiGate is the user interface, multiple engines, and their cloud with the latest integrations. Additionally, the Security Fabric tool is very good.""It is easy to manage, and it doesn't need much knowledge from the team. It is a stable device, and there are many features that are included out of the box.""Fortinet FortiGate has many valuable features, such as IDS, and intrusion detection. It has security features that are in part with the technologies that are available in the market.""It's user-friendly and easy to operate."

More Fortinet FortiGate Pros →

"A valuable feature is that the solution is open source.""I have found pfSense to be stable.""I'm the expert when it comes to Linux systems, however, with the pfSense, due to the web interface, the rest of the staff can actually make changes to it as required without me worrying about whether they've opened up ports incorrectly or not. The ease of use for non-expert staff is very good.""It is a very good solution for enterprises that need a VPN for their employees. It is the best way to provide a remote work facility to employees at a very low cost. Other solutions that I have had in the past were very expensive. Enterprises don't always have that kind of money to invest.""pfSense is easy to use, has user-friendly dashboards, and useful blocking features.""I especially like the VPN part. It works like a charm.""The intrusion detection feature is the most valuable. It is an open-source firewall, so there is a lot of material on it. I also find the open VPN capability very nice. It is pretty customizable. The clustering and the high availability are the two biggest things to be able to get out of a firewall.""The solution has good customization abilities and plenty of features."

More pfSense Pros →

Cons
"The price and SD-WAN capabilities are the areas that need improvement.""If the implementation was easier, it would be a lot better for us.""It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience.""The initial setup could be simplified, as it can be complex for new users.""If they want to add better features to the current Cisco ASA, they can start by increasing the encryption. That is the only thing they need to improve.""Cisco Firepower NGFW Firewall can be more secure.""It can be improved when it comes to monitoring. Today, the logs from the firewalls could be improved a bit more without integrating with other devices.""Cisco makes horrible UIs, so the interface is something that should be improved."

More Cisco Secure Firewall Cons →

"Fortinet FortiGate is a firewall solution and once it's deployed, you can rest assured that your system is secure.""FortiGate support could do some improvements on their IPv6 configuration. Right now it's still in the very early stage for utilizing in an enterprise level network environment.""The integration with third-party tools may be something that they should work on.""The solution needs to improve its integration with cybersecurity.""The solution could be more evenly structured.""Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN.""It is very expensive, and their support is not very good. I hope that their technical support will be better in the future.""Fortinet FortiGate can be integrated with different platforms. They have integrations in place, but I can't say they're 100%."

More Fortinet FortiGate Cons →

"ClamAV AntiVirus can cause some crashes. That service should be improved.""The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time.""In terms of areas of improvement, the interface seemed like it had a lot. The GUI interface that I had gotten into was rather elaborate. I don't know if they could zero in on some markets and potentially for small, medium businesses specifically, give them a stripped-down version of the GUI for pfSense.""The stability could be improved.""Also, the GUI is helpful, but it's not user-friendly. It's complicated. It should be more intuitive for the average user and have an excellent graphical view. Of course, the user will typically know about network administration, but it still should be easy to understand.""This solution is good for small businesses but it is not as stable as other competitors such as Fortinet.""The user interface can be improved to make it easier to add more features. And pfSense could be better integrated with other solutions, like antivirus.""Their support could be better in terms of the response time."

More pfSense Cons →

Pricing and Cost Advice
  • "This product is expensive."
  • "If we compare it with FortiGate and the co-existing ASA, FortiGate is better in price."
  • "They seem to be at the top end in terms of pricing, but they are worth the price. They are probably a little bit lower than Palo Alto. If the customers are relying on Cisco products and they are thinking more in terms of scaling to another layer in a year, it is pretty much in a good price range."
  • "We're using the smart license for this firewall. The models that we have require licensing for remote access."
  • "There are licensing costs."
  • "I just bought it off the shelf, and I'm using it with my previous one, so I have not spent that much."
  • "The price is fair. It's not the cheapest, but it's not bad."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • More Cisco Secure Firewall Pricing and Cost Advice →

  • "The pricing is fair."
  • "It is too expensive for us. My organization is very small, and we have a total of ten users. We have three internal users and seven external users. The FortiGate 100D series is too expensive for renewing the licenses."
  • "I think the price of Fortinet FortiGate is very reasonable."
  • "It's a very full-featured and it's priced well solution."
  • "The price of FortiGate is average and I would say that based on the top five products available on the market, it is in the affordable range."
  • "Fortinet bundles FortiGate with other products and because of this, the price is a little expensive to some SMB enterprises."
  • "When you look at these end security systems and firewalls, these firewalls even five years ago were $50,000 or perhaps $25,000 to implement in some types of customer sites. Now we're talking about tools that are $1,000. In this case, it might have been $500 or something like that."
  • "The price of FortiGate is good."
  • More Fortinet FortiGate Pricing and Cost Advice →

  • "I spent a couple of $1,000 on hardware, and the OS was free. A comparable firewall would cost me probably 20 grand. It saved a lot of money."
  • "I like the fact that it is open-source."
  • "The pricing is lower than some of its competitors."
  • "pfSense is open-source."
  • "We are using the open-source version which is free. We are testing the solution to see if we are going to go to the enterprise version which requires a license and is not free."
  • "There is no license. You don't have to pay anything. It's completely free."
  • "It's open-source and it's free. Anything for free is good."
  • "pfSense is a free solution."
  • More pfSense Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    653,522 professionals have used our research since 2012.
    Answers from the Community
    Netanya Carmi
    Leon Pinto - PeerSpot reviewerLeon Pinto
    Consultant

    PFSense or Fortinet... That would depend on your used case....


    We are using pfSense for the past two years and it does mostly what you would expect of a firewall... Captive portal, site-to-site VPN, TLS based VPN, IPsec VPN, SNORT, Suricata, ACME, port forwarding, NAT, CA, DHCP, DHCP relay, VLANS, Bridges, LAGG, LACP, etc... etc... 


    Most of all, no paid licenses anywhere as it is open source and free... Support can be purchased but I personally never needed it so far...


    The only downside is that you need to be highly technical to get it working as per your needs...  Also, a lot of docs in Google/YouTube (though a bit of scouting and navigating through bugs is required) to get things moving assuming you already know firewalls as a concept...  


    With a Fortinet, in case you have the money to pay and justify the need for it, then it's worth going for because they will support you as long as they keep getting paid... In our case (in our small SMB), I have not yet come across a need to move away from pfSense because it basically does what it is supposed to do... 


    It has been running with us for almost two years with no reasons for complaints... Again, it's my own personal opinion...

    Richard Benfatto - PeerSpot reviewerRichard Benfatto
    User

    PfSense is the only product that would perform in a Symmetric NAT. Painful but OS-fingerprinting and impossible to do UDP NAT hole punching. Skype, Zoom uses that and even Kerio Operator, but that is all.


    It is a very broken product and when you need IPS (the " free one" is 30 days old database) you need to pay Cisco for Snort... I would not use pfSense on its own. Period.


    Fortinet is one of the best products. Lots of other things rely on one CPU to do the job. Sophos & pfSense (just to name a few) when you start adding inspection modes it is like having a 3 tonnes car with a 2 cylinder engine. The CPU goes to 90%.


    Fortinet has been ultra clever from day number one to have custom chips to do the work in hardware, so throughput with all protection features can happen without suffering speed of service to users, compare to others.


    The new OS7 is very good.


    So, I would not touch pfSense. It Is like comparing a Toyota Yaris to a Kia K 900 car. Sort to speak.

    João Garcia - PeerSpot reviewerJoão Garcia
    Real User

    Many people said that depends on your needs, and I agree.


    Fortinet and many other vendors are more than a set of level 2 or level 3 rules. They also have IPS, Antivirus, SSL Inspection, stateful inspection.


    If I have to choose between Fortinet and pfSense for my company, I would think twice. Fortinet.

    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Top Answer:We have Meraki Mx devices now, we are looking to replace them. But that is because the Meraki MX platform lacks SSL… more »
    Top Answer:You don't really specify what type of router you are looking for but if you are talking about a gateway router I… more »
    Top Answer:Fortinet’s Fortigate is a firewall solution we use and are very much satisfied with its performance. We find Fortigate… more »
    Top Answer:Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
    Comparisons
    Also Known As
    Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    Learn More
    Cisco
    Video Not Available
    Netgate
    Video Not Available
    Overview

    Cisco Secure Firewall is a suite of Cisco ASA Firewall and Cisco Firepower NGFW Firewall among other Cisco products. 

    Anticipate, act, and simplify with Secure Firewall

    With workers, data, and offices located all over, your firewall must be ready for anything. Secure Firewall helps you plan, prioritize, close gaps, and recover from disaster—stronger.

    Turn intent into action

    Unify policy across your environment and prioritize what’s important. Having security resilience is about shoring up your architecture against threats and using automation to save time.

    Achieve superior visibility

    Regain visibility and control of your encrypted traffic and application environments. See more and detect more with Cisco Talos, while leveraging billions of signals across your infrastructure with security resilience.

    Drive efficiency at scale

    Only Secure Firewall includes license entitlement for Cisco SecureX, our open orchestration and XDR platform. The combination increases productivity across your teams and hybrid environments, while reducing threat dwell times.

    Make zero trust practical

    Secure Firewall makes a zero-trust posture achievable and cost-effective with network, microsegmentation, and app security integrations. Automate access and anticipate what comes next.

    Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

    Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.

    Benefits of Fortinet FortiGate

    Some of the benefits of using Fortinet FortiGate include:

    • The ability to manage your firewalls from a centralized automated control console. Fortinet FortiGate’s FortiManager enables administrators to exercise control of their firewalls in a streamlined manner. Administrators have full visibility and control over their system from a single location. It utilizes automation that collects information in real time, which greatly simplifies and reduces the cost of running various types of workflows. Administrators can free up resources by automating the most basic tasks.
    • The ability to produce uniform, appropriate, and coordinated responses to threats across networks. Fortinet FortiGate’s FortiGuard feature generates system protections in near real time. This allows administrators to address threats to the system with custom-made solutions that can be uniformly enforced.
    • The ability to scale up your security to fit your changing security needs. Fortinet FortiGate’s design allows users to accelerate the transfer of data between users and escalate the number of users that are covered without compromising security of performance. This means that users can grow their networks and continue to collaborate without worrying about the system slowing down or coming under attack.

    Reviews from Real Users

    Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.

    PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”

    PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”

    pfSense is a free and open-source operating system for routers and firewalls, and is typically configured as DHCP server, DNS server, WiFi access point, VPN server, all running on the same hardware device. It is operated through a user-friendly web interface, making administration easy even for users with limited networking knowledge.

    In addition, pfSense is feature-rich, has a mature platform, is customizable, is flexible by design, and can be used on a small home router as well as run the entire network of a large corporation. pfSense puts you in control of your networking, is regularly updated, and works to promptly patch security issues. pfSense has recently become the favored alternative to the industry leader, Cisco.

    pfSense is:

    • Robust
    • Powerful
    • Easy to use
    • Secure
    • Scalable

    pfSense Key Features

    pfSense has many key features and capabilities, including:

    • Strength and accuracy: pfSense is able to always follow either default or custom rules, making it a stronger firewall than some of its competitors. It also filters traffic separately, whether it’s coming from your internal network of devices or the open internet, allowing you to set different rules and policies for each.

    • Flexibility: pfSense can work both as a basic firewall and as a complete security system because it gives you the flexibility to integrate additional features as code where necessary.

    • Open-source: Because it is open-source, not only is pfSense free to use, but community members can contribute to the code to make it a better software.

    • User-friendly: Usually firewall products are not user-friendly because they often include complex settings, options, and features that require fine-tuning. pfSense’s interface is simple, direct, and easy to use.

    • WireGuard Support: Instead of building your own VPN using pfSense, or settling for a commercial VPN provider, you can directly integrate WireGuard with the pfSense firewall.

    • Speed Management and Fault Tolerance: pfSense’s multi-WAN feature allows your system to continue operating in case components fail.

    • Well-supported: pfSense regularly has security and feature updates. It also has a documentation site and a well-informed and knowledgeable support forum.

    Reviews from Real Users

    Below is some feedback from PeerSpot Users who are currently using the solution.

    Bojan O., CEO at In.sist d.o.o., says, “The classic features, such as content inspection, content protection, and the application-level firewall, are the most important."

    Another PeerSpot user, a chef at a media company, explains what he finds most valuable about pfSense: "The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is."

    T.O., a VP of Business Development at a tech services company, mentions, "What I found most valuable is the cost of the platform, the flexibility of the platform, and the fact that the ongoing fees are not there as they are with the competitor."



    Offer
    Learn more about Cisco Secure Firewall
    Learn more about Fortinet FortiGate
    Learn more about pfSense
    Sample Customers
    There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
    Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
    Nerds On Site Inc., RKC Development Inc., Expertech, Fisher's Technology, Ncisive, Consulting, CPURX, Vaughn's Computer House Calls, Imeretech LLC, Digital Crisis, Carolina Digital Phone, Technigogo Technology Services, The Simple Solution, SwiftecITInc, Rocky Mountain Tech Team, Free Range Geeks, Alaska Computer Geeks, Lark Information Technology, Renaissance Systems Inc., Cutting Edge Computers, Caretech LLC, GoVanguard, Network Touch Ltd, P.C. Solutions.Net, Vision Voice and Data Systems LLC, Montgomery Technologies, Techforce, Concero Networks, ASONInc, CPS Electronics and Consulting, Darkwire.net LLC, IT Specialists, MBS-Net Inc., VOICE1 LLC, Advantage Networking Inc., Powerhouse Systems, Doxa Multimedia Inc., Pro Computer Service, Virtual IT Services, A&J Computers Inc., Envision IT LLC, CommunicaONE Inc., Bone Computer Inc., Amax Engineering Corporation, QPG Ltd. Co., IT 101 Inc., Perfect Cloud Solutions, Applied Technology Group Inc., The Digital Sun Group LLC, Firespring
    Top Industries
    REVIEWERS
    Financial Services Firm16%
    Comms Service Provider13%
    Computer Software Company9%
    Government8%
    VISITORS READING REVIEWS
    Comms Service Provider21%
    Computer Software Company19%
    Government7%
    Educational Organization5%
    REVIEWERS
    Comms Service Provider16%
    Financial Services Firm10%
    Computer Software Company9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Comms Service Provider23%
    Computer Software Company19%
    Government6%
    Educational Organization5%
    REVIEWERS
    University12%
    Marketing Services Firm10%
    Comms Service Provider10%
    Manufacturing Company6%
    VISITORS READING REVIEWS
    Comms Service Provider27%
    Computer Software Company15%
    Government8%
    Educational Organization5%
    Company Size
    REVIEWERS
    Small Business36%
    Midsize Enterprise24%
    Large Enterprise40%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise19%
    Large Enterprise53%
    REVIEWERS
    Small Business46%
    Midsize Enterprise24%
    Large Enterprise30%
    VISITORS READING REVIEWS
    Small Business30%
    Midsize Enterprise20%
    Large Enterprise50%
    REVIEWERS
    Small Business70%
    Midsize Enterprise17%
    Large Enterprise13%
    VISITORS READING REVIEWS
    Small Business29%
    Midsize Enterprise21%
    Large Enterprise51%
    Buyer's Guide
    Fortinet FortiGate vs. pfSense
    November 2022
    Find out what your peers are saying about Fortinet FortiGate vs. pfSense and other solutions. Updated: November 2022.
    653,522 professionals have used our research since 2012.

    Fortinet FortiGate is ranked 1st in Firewalls with 149 reviews while pfSense is ranked 3rd in Firewalls with 54 reviews. Fortinet FortiGate is rated 8.4, while pfSense is rated 8.6. The top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". On the other hand, the top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". Fortinet FortiGate is most compared with Sophos XG, Check Point NGFW, Meraki MX, WatchGuard Firebox and SonicWall TZ, whereas pfSense is most compared with OPNsense, Sophos XG, Untangle NG Firewall, Sophos UTM and WatchGuard Firebox. See our Fortinet FortiGate vs. pfSense report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.