Try our new research platform with insights from 80,000+ expert users

Netgate pfSense vs Sophos XG comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 28, 2022
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Number of Reviews
314
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Netgate pfSense
Ranking in Firewalls
1st
Average Rating
8.6
Number of Reviews
204
Ranking in other categories
No ranking in other categories
Sophos XG
Ranking in Firewalls
6th
Average Rating
8.2
Number of Reviews
194
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of September 2024, in the Firewalls category, the mindshare of Fortinet FortiGate is 18.4%, up from 16.7% compared to the previous year. The mindshare of Netgate pfSense is 21.7%, down from 24.1% compared to the previous year. The mindshare of Sophos XG is 10.3%, up from 8.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Q&A Highlights

DK
Jun 30, 2020
 

Featured Reviews

FirasHamdan - PeerSpot reviewer
Apr 13, 2023
Reliable with lots of features and good security
We primarily use the solution for security purposes and for UTM web profile applications There are a variety of features on offer.  It helps protect endpoints.  The wireless control is helpful. It is scalable and extends well. The solution is stable and reliable. Technical support is helpful and…
JM
Jan 25, 2024
Offers robust features, including advanced firewalling, routing, VPN connectivity and traffic shaping
We use pfSense to handle VPN connections, extending to remote workers in our various branches as well. The feature I find most valuable for fulfilling network security requirements is pfBlockerNG. It offers exceptional visibility and filtering capabilities, without the need for dedicated hardware or recurring expenses. Unlike other solutions, pfBlockerNG operates seamlessly and continuously without additional costs or maintenance concerns. The traffic shaping and bandwidth management features of pfSense significantly enhance our network performance. The inclusion of a QoS wizard simplifies the process, eliminating the complexity often associated with configuring QoS on other platforms like Cisco routers. With pfSense, utilizing the wizard streamlines the setup process, making it accessible and effective for users without requiring an advanced understanding of networking intricacies. There have been specific incidents where the reporting and monitoring tools of pfSense played a crucial role in identifying and resolving network issues. In one instance, we received complaints about internet connectivity problems affecting productivity across the business. Upon investigation, I discovered that the issue stemmed from excessive bandwidth consumption caused by multiple HD camera streams being watched simultaneously. Utilizing pfSense's reporting and monitoring tools, I quickly pinpointed the source of the problem and implemented measures to alleviate the network congestion. These tools are invaluable for identifying resource-intensive processes and resolving performance issues effectively. The process of integrating pfSense with other tools and services has proven to be quite straightforward thus far. While there may be a slight learning curve at the outset, particularly for those less familiar with networking concepts, it becomes manageable with experience.
SF
May 23, 2019
Offers a high level of visibility of what's happening on your network or on your client machines
There was a big issue with the Cyberoam and with the SG units as well, i.e. the previous Sophos UTM model. With Sophos XG, you get the chance to block what sites operate on SSL or that operate with HTTPS, without the need of extracting and distributing a certificate. On older Cyberoam and Sophos SG old versions, if you wanted to block something like YouTube or Facebook or any other websites that operate with HTTPS, you had to extract the certificate. Then you had to export that certificate. Then you had to re-import that certificate in all the user browsers. The only problem was if you needed to use an active directory where those certificates would be automatically thrown into the user browsers once they logged in to the domain. For a scenario like mine where you don't have a group policy, it is a disaster and ends up with you setting the rules to block certain websites with HTTPS on the firewall, even while they are not being blocked so that the user will still have access to them. This problem is now 100% sorted out with Sophos XG. Now you can actually block whatever you want, whether it's using HTTPS or HTTP keys from the firewall without the need for extracting certificates. That's a major improvement. That problem with the HTTPS settings was a huge issue. I know other people must be enjoying that it's sorted out now. It was a serious and major issue for Sophos. The only issue that Sophos XG now needs to improve is the product's reporting capabilities.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It can expand easily."
"Overall security features and performance routing is good."
"Fortinet FortiGate is easy to use. Anyone can easily maintain it."
"The most valuable feature of Fortinet FortiGate is load balancing. It can provide central management and VPNA. Additionally, it has enhanced our security environment."
"Security management tool that's easy to integrate and easy to work with. No issues found with its stability and scalability."
"One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them."
"The ability to set up remote systems is the most valuable feature."
"The solution is easy to configure and maintain remotely."
"It is a good firewall with good performance."
"I especially like the VPN part. It works like a charm."
"It is easy to use and has integrity with other systems, such as proxies and quality of service."
"A very stable product that lasts over time, easy to understand, and administer."
"I am happy with the EPLS, the radius, and I am happy with the captive portal."
"The open-source nature of pfSense, paired with the amount of support we receive, has been great."
"Content protection, content inspection, and the application level firewall."
"Firewall system for small, medium, and large data networks. It allows you to provide security to your environment: DMZ networks, LAN, WAN, etc."
"It is feature-rich, I like the server authentication, and the reports are good."
"There are many features. VPN, firewalling, and intrusion detection are the main features that are most useful for us at this time."
"The most valuable features of Sophos XG for our use cases are its firewall capabilities, its ability to connect to wide area and local networks, and its VPN functionality."
"The cloud-based interface makes it easy to manage."
"Sophos Control Center is a good feature. We can monitor everything from the control panel."
"We've deployed quite a number for our users and our customers, and the feedback is quite positive in terms of management and also administration."
"Sophos offers great disk encryption, anti protection, and the interface is very user-friendly."
"The user authentication rules are very useful."
 

Cons

"It would be nice if FortiGate incorporated some built-in endpoint protection features. I would also like a built-in SOC dashboard for managing multiple Fortinet firewalls."
"The advanced models are expensive."
"The firewall engine is not so strong as of now, in my opinion... My second concern is that, while they have Zero-day vulnerability and anti-malware features, the threat engine needs to be strengthened, its efficiency can be increased."
"The logs need to be better. They need to be more visible and easier to access."
"Cisco Meraki products are rising very quickly in the cloud and the connected era. Meraki products offer much better ROI, upgradability, and manageability."
"Fortinet FortiGate could improve by adding FortiAnalyzer to its solution, we should not have to use another solution. FortiAnalyzer can provide more detailed information."
"Some configuration elements cannot be easily altered once created."
"Currently, without the additional reporting module, we only have access to basic reporting."
"Their UI could have hidden some of the complexity better so that it was easy to understand or more general. They could have given some more clarification on the markings on the outside of the machine."
"The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time."
"The intrusion protection system is provided by a third-party provider that's verified by pfSense. It would be best to have an option for IPS because when you deploy pfSense to a SOC, you have to subscribe to another IPS provider. The IPS should be a default feature. On the other hand, that's also the benefit of pfSense because you can also acquire another IPS solution."
"Updating some of the packages can be a bit difficult."
"Performance Optimization Documentation could use improvement. The base setup is great but with higher bandwidth, it is really hard to find good documentation on how to tweak the setup to get the most out of your connection."
"The Netgate forums and community don’t provide extensive discussions and topics related to every pfSense service."
"The access control aspect of the product could be improved."
"It requires more attention to provide a better alternative for open source to small government or educational institutions with reduced budgets in terms of technology."
"Sophos can definitely improve with the interoperability between solutions."
"Having a web portal where you could make requests for the categorization of non-categorized items, would be beneficial."
"It would be helpful if they had a set of standard templates because it would assist in the beginning, when you are just getting started."
"The cloud support needs to be improved."
"The solution could be improved if it offered more documentation or at least provided more information about the products themselves."
"Lacking network access control, user profiling and analytics dashboards."
"Sophos XG could improve Data Loss Prevention(DLP)."
"It would be better if they made their own hardware like Palo Alto and Fortinet. They use their own ASICs and claim it is more secure."
 

Pricing and Cost Advice

"The price depends on the size of the company. From the beginning, you just want to know the internet bandwidths, speed, and the number of users to be able to offer the right product and model. They have a lot of products in FortiGate according to the size of the company, like 200D and 300D."
"It has a competitive price."
"The cost is too high... They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost."
"Pricing is good. They offer a lot of things, the most important is the support. Every time you upgrade your license, you also get insurance for the equipment. If you have any problem with equipment, they send in new equipment."
"For medium and enterprise organizations, FortiGate is more affordable."
"The license is yearly. We pay for the top end. It's called 360."
"It's an expensive solution."
"It is a good product from a price perspective versus functionality."
"The solution is free. However, you need to pay for support."
"Its price is pretty fair."
"The price of pfSense seems reasonable. I pay around a hundred dollars a year for pfSense Plus, which is inexpensive for such a complex product. It's also good that they can still release a community edition. If it started to get extremely expensive to the point where it was more of an enterprise-only product that costs thousands of dollars a year or something like that, I might consider stepping down to the community edition or looking elsewhere."
"pfSense is open-source."
"I am using the community version of the solution and it is priced well. There is a cost of learning how to use the solution, if it was free it would be better."
"It is economical (i.e., free)."
"This solution provides enterprise-level features at a fraction of the cost of an enterprise firewall."
"While pfSense hardware from Netgate might have a higher upfront cost, I've had very little trouble with it. Plus, buying from them directly helps fund the software's development, making it a worthwhile investment in my eyes."
"The price is reasonable but it would be great if it was reduced to half the price."
"Sophos allows for its product to be evaluated without any financial commitment."
"The pricing was reasonable."
"When you compare with Barracuda, Sophos is quite a bit cheaper."
"The price of Sophos is reasonable. It's not too expensive — I think it's worth it."
"Because we're in education, Sophos gives us a very competitive price for it."
"Sophos XG is not expensive for a firewall, especially when you compare it with Check Point."
"The price is reasonable in my opinion."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
801,314 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
15%
Manufacturing Company
6%
Comms Service Provider
5%
Computer Software Company
15%
Government
9%
Comms Service Provider
8%
Educational Organization
7%
Computer Software Company
18%
Comms Service Provider
7%
Manufacturing Company
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Help me find the best open source router
You don't really specify what type of router you are looking for but if you are talking about a gateway router I reco...
How do I choose between Fortinet FortiGate and pfSense?
Fortinet’s Fortigate is a firewall solution we use and are very much satisfied with its performance. We find Fortigat...
What is the difference between PfSense and OPNsense?
Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and cl...
Which is better - Palo Alto Networks NG Firewalls or Sophos XG?
Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...
What are the main differences in features between Sophos XG and FortiGate 80F?
Hi Arvind P , The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form Fact...
What Is The Biggest Difference Between Sophos UTM and Sophos XG?
The Sophos UTM is a UTM and Sophos XG is the NGFW. First, you must know about the difference between a UTM and NGFW. ...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
No data available
No data available
 

Learn More

Video not available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
Nerds On Site Inc., RKC Development Inc., Expertech, Fisher's Technology, Ncisive, Consulting, CPURX, Vaughn's Computer House Calls, Imeretech LLC, Digital Crisis, Carolina Digital Phone, Technigogo Technology Services, The Simple Solution, SwiftecITInc, Rocky Mountain Tech Team, Free Range Geeks, Alaska Computer Geeks, Lark Information Technology, Renaissance Systems Inc., Cutting Edge Computers, Caretech LLC, GoVanguard, Network Touch Ltd, P.C. Solutions.Net, Vision Voice and Data Systems LLC, Montgomery Technologies, Techforce, Concero Networks, ASONInc, CPS Electronics and Consulting, Darkwire.net LLC, IT Specialists, MBS-Net Inc., VOICE1 LLC, Advantage Networking Inc., Powerhouse Systems, Doxa Multimedia Inc., Pro Computer Service, Virtual IT Services, A&J Computers Inc., Envision IT LLC, CommunicaONE Inc., Bone Computer Inc., Amax Engineering Corporation, QPG Ltd. Co., IT 101 Inc., Perfect Cloud Solutions, Applied Technology Group Inc., The Digital Sun Group LLC, Firespring
Information Not Available
Find out what your peers are saying about Netgate pfSense vs. Sophos XG and other solutions. Updated: September 2024.
801,314 professionals have used our research since 2012.