Apr 03, 2023
They are pretty much the same... OPNsense has a better GUI...
The community in pfSense is much bigger... OPNSense has more frequent updates... but other than that... you can not make mistakes...
pfSense and OPNsense are popular firewall solutions. OPNsense seems to have a slight edge due to its comprehensive features and active community, while pfSense excels in customization and support.
Features: pfSense offers extensive customization, a variety of plugins, and strong routing capabilities, making it highly adaptable to complex network environments. OPNsense provides robust features like regular updates, a powerful reporting engine, and integrated two-factor authentication.
Room for Improvement: Users report that pfSense could improve documentation and simplify its installation process. OPNsense could benefit from enhanced compatibility with some hardware and better support options.
Ease of Deployment and Customer Service: pfSense generally receives praise for its straightforward deployment once users get past the initial setup learning curve, with responsive customer support. OPNsense is noted for its user-friendly deployment process and active community support.
Pricing and ROI: pfSense users find the product cost-effective with good long-term ROI due to its extensive customization options and robust features. OPNsense users appreciate the competitive pricing and feel the frequent updates justify the investment, offering good ROI.
Clients are now comfortable and not wasting productive hours on IT support.
The automation part is giving us a cost benefit and speed; we can react faster.
It's a very useful tool to mitigate and protect your enterprise.
If they can save their data from attackers then it would save them at least two days of not working plus the cost of recovery, which would be much more than the cost of the system and maintenance.
Since the memory leak fixes, it's been incredibly stable and requires minimal maintenance.
In four years of using it, that payment of 189 dollars per year has already paid off.
The network attacks reduced by approximately 60% after using that, even without customizing the custom configuration yet.
For a very little investment, I was able to increase the security of my network.
The quick resolution of issues with Fortinet FortiGate is due to the support of the company and the fact that the equipment is easy to work with.
I would rate the technical support for Fortinet FortiGate a ten out of ten.
As a solution provider, when I encounter problems, I connect directly with Fortinet support, and they provide solutions within a very short time.
When I provide detailed information about the problem, they've been able to reply quickly with a solution or go research the problem and get back to us quickly with a fix.
They are highly responsive.
I couldn't imagine having better support.
Compared to some open-source projects with weak support, OPNsense stands out for having both a strong community and commercial backing options.
I mainly rely on community support since the solution is open source.
If you say you do not have one, it is finished. This is where the monopoly starts.
They scale up really well from smaller models like the FortiGate 40 and 50 to bigger sites with the FortiGate 100 for more throughput - up to enterprise datacenters.
The variation comes in terms of the interfaces and throughputs, but from a security perspective, you get the same benefit, irrespective of whether you have an entry-level unit or an enterprise.
We determine sizing based on multiple factors: number of users, available links, traffic types, server count, services in use, and whether services will be published.
If I put things into a certain context and say that we have a network that has around 100 people, then you don't put up a device that can manage 100 people. Instead, you need to get a device that can manage 150 to 200 people, and then you can create room for growth.
I don't think Netgate pfSense can offer much scalability for big enterprises.
Even with a jump from a 50 megabit to a 500 megabit internet connection and approximately 65 active VPN clients, our firewall operates smoothly without any strain.
OPNsense is an extremely scalable solution.
I use Zenarmor, pinning it to one core for packet inspection, and the CPU performance seems very good.
OPNsense's scalability is excellent; I just need to resize my hardware and upgrade the server, and voilà, I am good to go.
We're experiencing 99.999% availability consistently.
I would rate the stability of Fortinet FortiGate a ten out of ten.
Currently, we are experiencing a general outage of one of the main internet service providers of the Dominican Republic, and we have not been impacted in our operations because with SD-WAN, we have another internet service provider and we are working with the second WAN connection without any disruption.
I rate the solution's stability a ten out of ten.
I've noticed a substantial improvement in stability and ease of use for upgrades and patching over the past year or two.
When I replace consumer routers with pfSense for small businesses with two or three employees, they are often amazed to discover the router can run for a year without a reboot.
For home and small network use, OPNsense is also reliable, providing enterprise-grade security at no cost.
OPNsense is the same, but it does have a way of installing the Realtek drivers, which gives you a lot more stability overall on the system.
The only challenge faced was its inadequacy to manage large voice traffic effectively, even with dedicated hardware.
When considering Sophos XG, which we also use, the logging and reporting functionality is notably more efficient.
These sessions should be around five to ten minutes long, allowing users and partners to quickly grasp the information without disrupting their daily tasks.
The solution should be able to implement machine learning and analytics of all the logs for threat detection and protection.
There is some trade-off between having a certain level of security and maintaining acceptable performance.
If I need to go between different VLANs, I have VLAN 19.1 and VLAN 19.2, and I strictly use Netgate pfSense, but it doesn't route very efficiently and works quite slowly.
They should support the idea of configuration management as code from source code and provide a more robust API for managing the pfSense configuration.
I would like the APIs to be more mature and more developed and have more options to automate threat hunting.
Enhancing its performance for significant amounts of data traffic would make it closer to a perfect solution.
It would be beneficial if they could create some videos on how to set it up themselves.
Last year, I renewed the support for three years, which can sometimes be expensive but depends on the security benefits and how it helps us.
It offers cost savings as it is generally cheaper than the competition.
It is about 20% cheaper.
The price of setup is approximately €500 to €800, which also includes the initial monitoring.
The product is free of cost.
Opting for twenty-four-seven support significantly increases the price, reaching around ten thousand to thirteen hundred dollars.
It is free.
They use AI for packet inspection, which integrates with OPNsense and pfSense.
I consider the pricing of OPNsense to be high when compared with other market products.
These features help reduce our downtime, manage the ISPs, and deploy SLAs for all the website traffic.
The most valuable feature of FortiGate is FortiView which provides proactive monitoring.
We got a firewall and gave an SSL VPN to my client to connect to their servers, after which, such kind of activities involving ransomware attacks stopped.
With pfSense, network configurations adhere to standard practices, facilitating troubleshooting without the need for complex overlays or policies.
The price point is the most valuable aspect of the solution.
I like the tool's flexibility in the sense that you do not have to buy an appliance. You can put it on your own hardware, and it can be very simplistic hardware with simple configurations.
The most valuable features include the basic firewall functionality and the GeoIP location services.
I can have a Wi-Fi VLAN and feel secure that the server network or the VM network that I have on a different VLAN are isolated, and they cannot talk to one another, which adds a great level of security.
It offers enterprise-grade features such as intrusion detection and prevention system, VPN support, traffic shaping, and web filtering, all without license cost.
| Product | Market Share (%) |
|---|---|
| Fortinet FortiGate | 18.7% |
| Netgate pfSense | 9.8% |
| OPNsense | 11.2% |
| Other | 60.3% |
| Company Size | Count |
|---|---|
| Small Business | 357 |
| Midsize Enterprise | 133 |
| Large Enterprise | 188 |
| Company Size | Count |
|---|---|
| Small Business | 168 |
| Midsize Enterprise | 33 |
| Large Enterprise | 29 |
| Company Size | Count |
|---|---|
| Small Business | 30 |
| Midsize Enterprise | 5 |
| Large Enterprise | 8 |
Fortinet FortiGate is a versatile network security tool offering features like VPN, firewall, web filtering, intrusion prevention, and scalability. It is known for its performance and integration with other Fortinet products, making it a preferred choice for robust cybersecurity.
Fortinet FortiGate stands out as a comprehensive cybersecurity solution with strong performance and ease of configuration. It delivers unified threat management, integrating features such as dynamic routing, SD-WAN support, and centralized management. Despite its strengths, improvements in the web interface's stability, pricing structures, and reporting capabilities are needed. Users seek better integration with third-party tools and automation advancements to enhance the experience further. These enhancements, alongside improvements in bandwidth management and the reduction of licensing costs, are points of interest for users looking to capitalize on FortiGate's extensive capabilities.
What are Fortinet FortiGate's key features?Fortinet FortiGate is widely implemented across industries as a primary firewall system for securing internet gateways and safeguarding data centers. It supports businesses in achieving SD-WAN integration and enhances cybersecurity by providing essential features like antivirus, web filtering, and application control. Enterprises utilize FortiGate for securing remote connections and ensuring compliance with security standards, making it adaptable for different network sizes and industries.
Netgate pfSense is an open-source firewall and router software known for scalability, cost-effectiveness, and community support. It includes customizable packages for varied network management needs, offering solid performance and straightforward management for diverse setups.
Netgate pfSense provides an impressive range of functionalities including firewall capabilities, VPN options, and extensive customization through packages. Its low resource usage and high availability make it viable for businesses of all sizes, especially when dealing with tailored network demands. Despite its strengths, users suggest improvements in ease of use, mobile compatibility, and support for plug-ins. Enhanced centralized management, better documentation, and additional security features are frequent requests.
What are the key features of Netgate pfSense?In education and healthcare, Netgate pfSense is employed for secure connectivity and efficient traffic management, accommodating distinct demands of remote access and content filtering. Organizations in these sectors often utilize features such as load balancing and VPNs to maintain secure and reliable network operations while integrating with services like Active Directory for streamlined identity management. Small to medium-sized enterprises benefit from its affordability and robust functionality, making it a go-to choice for managed service environments requiring effective network security and control.
OPNsense is an adaptable open-source firewall and routing platform appreciated for its flexibility, scalability, and user-friendly interface. It is equipped with robust security features and offers excellent reporting and visibility, essential for small businesses and home setups.
OPNsense stands out for its modular design, allowing cost-effective customization. This system supports VPNs and various firewall capabilities, making it suitable for securing networks from malicious traffic. Its frequent updates and extensive documentation, combined with a supportive online community, enhance user experience. However, there is room for improvement in integration with virtual servers and Azure. Scalability and hardware updates are important for large-scale environments, and users desire more reliable VPN solutions and enhanced threat intelligence tools.
What are OPNsense's most important features?OPNsense is implemented in industries requiring VPN and firewall functions, supporting site-to-site connections, protecting servers, and managing commercial network traffic. Companies apply it for security, UTM, SD-WAN, content filtering, intrusion detection, and prevention, utilizing its open-source nature and effectiveness as a next-generation firewall.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
