We performed a comparison between KerioControl and OPNsense based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The Packet Tracer is a really good tool. If someone calls because they're having problems, you can easily create fake traffic without having to do an extended packet capture. You can see, straight away, if there's a firewall rule allowing that traffic in the direction you're trying to troubleshoot."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"The VPN feature is the most valuable to us because it accomplishes the task well. We're able to do everything we need to do."
"The most valuable feature is the anti-malware protection. It protects the endpoints on my network."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"The most valuable feature would be ASDM. The ability to go in, visualize and see the world base in a clear and consistent manner is very powerful."
"If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."
"I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete."
"I have found the most valuable features of Kerio Control to be the IPS and firewall."
"The solution is easy to manage. Kerio Control is unique compared to other firewalls because it has been around since 2000 when we switched and the name it started with was WinRoute, and then later became Kerio Control. It evolved over time and it is more of a proprietary firewall on its own and has been developed through open source."
"The most valuable features of KerioControl are ease of configuration, user-friendliness, and comfortable to use. It is an all-in-one solution, it comes with many features, such as a firewall, antivirus software, and network protection."
"The most valuable features of Kerio Control are the IPS and traffic rules. The traffic rules are very user-friendly and the IPS is working well. Additionally, the anti-virus is effective with quick options, such as filtering."
"I like intrusion detection and prevention and bandwidth management. The routing part is also awesome. It is a good firewall. We never had a major breach from outside. We've never been impacted by ransomware, and our systems have never been infiltrated."
"It is very comprehensive and simple. It has all the active protections. It's updated. We love that you can set how often it is updated so you can work what is right for you. A large company with a lot of bandwidth can update the virus definitions and security definitions hourly, if they want. A smaller site that's remote, where maybe updating the definitions will eat into the bandwidth, we can schedule those more to go later at night. It's very flexible and works for us in all types of situations. This is great because then we don't have to learn seven different products to be able to work with seven different scenarios."
"Kerio Control can be scaled easily."
"The installation is straightforward."
"The system in general is quite flexible."
"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."
"It's more secure and more reliable."
"It has an open license. It works very well, and there is an update every month."
"OPNsense is highly stable."
"We have found pretty much all the features of the solution to be valuable."
"The initial implementation process is simple."
"The technical support is very good."
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."
"The operation of the ASA is good but the problem is that whenever you require an upgrade, there are multiple pieces of software that you have to upgrade. Extensive planning is required, because if you upgrade one piece of the software it has to be compatible with the others as well. You always need to check the compatibility metrics."
"Cisco should work on ASDM. One of the biggest drawbacks of Cisco ASA is ASDM GUI. Cisco should improve the ASDM GUI. The configuration through ASDM is really difficult as compared to CLI. Sometimes when you are doing the configuration in ASDM, it suddenly crashes. It also crashes while pushing a policy. Cisco should really work on this."
"The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."
"Recently, we have been having an issue with the ASA firewall. We haven't found the root cause yet and are still working on it. We failed over the firewall from active to passive and suddenly that resolved the issue. We are now working to find the root cause."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"The ability to better integrate with other tools would be an improvement."
"I'm not a big fan of the FDM (Firepower Device Manager) that comes with Firepower. I found out that you need to use the Firepower Management Center, the FMC, to manage the firewalls a lot better. You can get a lot more granular with the configuration in the FMC, versus the FDM that comes out-of-the-box with it. FDM is like Firepower for dummies."
"They don't provide content filtering when it comes to search engine results. We had an incident on the network where a blocked site was showing up in search results. We are in a school environment, so we have blocked a site with some of the explicit content so that kids wouldn't see it. When one of them did a search, the results came on the search engine part. When you try to drill down to the website, it blocks, but when you search by image, it brings up all the images. That's one of the reasons why we are looking at Juniper."
"Kerio Control could improve content filtering."
"The GUI should be changed because it remains the same consistency across versions. However, those who have been using KerioControl for a long time may be accustomed to the current interface. Installing a new version in the same location makes it easy to find, but overall, there are no notable changes between versions."
"The solution should offer more dashboards."
"I would like to see a little improvement in their technical support when you have a problem. I may be a little jaded because I came from Kerio when we could call and get a person on the phone who worked on the product. Every tech had their own demo setup. They had instant messaging capability with the developers. If we found a problem, then we could get a result for it quickly. Now, the product seems to be 24 hours. They have also gone to the model that if you need quicker support, then they now charge you additional for the exact same level of support that they used to give. I am assuming it's the exact same level of support that they say it is. I'm not paying extra for it. That's the biggest flaw with the product."
"The Kerio hardware devices look cheap and could be improved. Some of our clients are switching to Sophos because their hardware has a more sleek design."
"My experience with the solutions technical support is fine but they could be faster in responding."
"The solution can be improved to create the capability for larger bandwidths that support our business needs."
"The solution could be more secure."
"The support for OPNsense is good because we have documents available on the internet. The support could improve a little."
"While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet."
"The IPS solution could be more reliable."
"They should improve IPEs for security in the future."
"The interface needs to be simplified. It is not user-friendly."
"We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much."
"An area for improvement in OPNsense is the hardware, which needs to be updated more frequently. DNS blocking is another good feature I want to be added to the solution. pfSense has a peer-blocking feature that I also want to see in OPNsense."
KerioControl is ranked 24th in Firewalls with 12 reviews while OPNsense is ranked 7th in Firewalls with 12 reviews. KerioControl is rated 7.8, while OPNsense is rated 8.2. The top reviewer of KerioControl writes "Through the ease of how quickly we could roll out the VPN to everybody, we had whole companies remotely working overnight". On the other hand, the top reviewer of OPNsense writes "Unbeatable pricing and easy to configure and use, but it can be configured only through the GUI, and the integration with Azure cloud is difficult". KerioControl is most compared with pfSense, Fortinet FortiGate, Sophos UTM, Sophos XG and WatchGuard Firebox, whereas OPNsense is most compared with pfSense, Untangle NG Firewall, Sophos XG, Fortinet FortiGate and WatchGuard Firebox. See our KerioControl vs. OPNsense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.