We performed a comparison between Netgate pfSense and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features are SD-WAN, application control, IPS control, and FortiSandbox."
"The simplicity of the configuration and the stability of the product are most valuable. The VPN concentrator is very useful."
"Fortinet FortiGate's most valuable features are ease of use, flexibility, and most of the configuration we can be done using the GUI. When we compare Fortinet FortiGate with other solutions the firewall policy are very easy to understand."
"The product is easy to use and is stable. The SV1 functionality is a benefit."
"We have found it to be very reliable and that's why our teams and various users in our company use it as our main firewall every day."
"There are great templates, so you don't have to customize them if you don't want to. You do have the option to custom create some folders and some reports, however, with what is there, you don't really need to go through extra effort, as they already give you a lot of predefined views of reports and so forth."
"The user interface is relatively easy. The devices are easy to deploy and figure out when you have experience with other security appliances."
"Layer-3 firewall and routing are the most valuable features."
"The most valuable features of pfSense are security, user-friendliness, and helpful online management."
"The interface is straightforward and easy to use."
"We can run it on any hardware."
"Its features rival many of the high cost solutions out there."
"It is a stable solution. It is also easy to install and can be deployed and maintained by one team member."
"Centralized administration with multiple services, which allows for execution in several important functionalities of information security."
"It works. I put pfSense in, and it works. I can't think of any trouble I ever had with it. It runs on heat-sensitive appliances. They don't need a fan, so they don't overheat. It is affordable, fast, and very high-speed. It is built on BSD Unix, and it pretty much runs on any Intel processor."
"I am happy with the EPLS, the radius, and I am happy with the captive portal."
"The stability, overall, is excellent. I haven't had a problem in the last two years."
"It's a stable solution."
"Sophos UTM has improved the porting section. It has improved security by seeing the gaps. For example, when you discover that an entry has been using a certain application, with Sophos UTM acting as a Layer 7 firewall, you can block the application, not the port."
"Sophos UTM provides security for our network here and access through a VPN connection for our remote users. It also offers the flexibility to create different tools for accessibility."
"With Sophos, we have not had any incidents this year. The security provided has been good. It has proven to be okay for our needs."
"The UTM features are reasonably strong and the patterns are updated on a regular basis"
"What I like about Sophos UTM is that it improves my company's security. The solution is easy to set up, which I like, and it's very stable."
"Configuration could not be made any easier."
"We would like to have the ability to disable some of the security functionalities."
"I think there could be more QoS features"
"You do need some IT knowledge in order to effectively work with the solution."
"It would be good if they had fewer updates."
"MTBF: Hardware failure is more common when compared to SonicWall or Cisco ASA."
"Fortinet FortiGate could improve by having more capabilities for troubleshooting VPN connections. For example, I do get some feedback about the current status, but I could use some history and logging of important events. The information is logged in our Syslog server, but I could use that information from the device. If they could provide a GUI to have some more insight on what's going with my VPN would be useful."
"There are just some services that aren't available. For example, the Ethernet or point-to-point protocols. They could add these services to their product offering - especially services for ISPs."
"We would like to see an upgrade to the VPN feature, we are using the VPN from outside of our office and there is a limitation to 10 connections, more connections would be suitable."
"A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion."
"User interface is a little clumsy."
"I believe improving integration with various antivirus vendors could be beneficial."
"We are at the moment looking to use it as a proxy service so that we can limit what websites people go and view and that sort of thing. That's an area I've struggled with a little bit at the moment and it could be a bit easier to set up."
"The solution could always work at being more secure. It's a good idea to continue to work on security features and capabilities in order to ensure they can keep clients safe."
"I expect a better interface with more log analysis because I create my own interface."
"One concern I have with Netgate pfSense is related to packet filtering. Specifically, issues can arise with certain functionalities like GP, and, at times, there may be bugs."
"It's just not listed as FIPS compliant for where we're at now in government, which is an issue."
"I would like to see Sophos UTM add support for all the new threat-detection technologies and the ability to respond to novel security threats that come along every day."
"The five-factor authentication needs improvement."
"It would be nice if it had basic features, such as DLP (Data Loss Prevention)."
"The reporting system needs to allow for customizations because many reports do not include details that we expect."
"Sophos UTM's internet security could be better."
"Sophos should improve its ability to check something like bandwidth consumption for users or something more real-time."
"Flexibility in pricing could be improved. It's more rigid in its pricing compared to its competitor: Kaspersky."
"The memory and processing were problematic. The interface could be better."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Netgate pfSense is rated 8.6, while Sophos UTM is rated 8.4. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos UTM is most compared with Sophos XG, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and Untangle NG Firewall. See our Netgate pfSense vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (www.sophos.com)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
www.itcentralstation.com