Netgate pfSense vs Sophos XG comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo
124,801 views|91,789 comparisons
Netgate Logo
140,787 views|117,657 comparisons
Sophos Logo
57,417 views|40,596 comparisons
Comparison Buyer's Guide
Executive Summary
Updated on Apr 28, 2022

pfSense vs Sophos XG

We performed a comparison between pfSense vs Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Most pfSense users say that its initial setup is straightforward, but a small percentage say that the setup is complex and requires a higher level of technical expertise. Sophos XG users agree that initial setup is fast and straightforward.

  • Features: Users of both products are satisfied with their scalability, stability, and VPN features. pfSense reviewers say it is robust and performs well, but its user interface needs enhancements. Sophos XG users like its firewall and intrusion detection tools but mention that it lacks integration options.

  • Pricing: pfSense is an open-source solution and is free of charge. Sophos XG reviewers feel that its price is fair.

  • Service and Support pfSense offers commercial support in addition to free online support forums and community support. pfSense reviewers report being satisfied with the level of support they receive. Sophos XG users give mixed reviews for the product’s support. Some users report being satisfied, while others mention a delayed response time.

  • ROI: Users of both solutions report seeing an ROI.

    Comparison Results: pfSense wins out in this comparison. pfSense performs well, is free of charge, and has superior technical support. One area where Sophos XG does come out on top is in the initial setup category.
To learn more, read our detailed Netgate pfSense vs. Sophos XG Report (Updated: September 2023).
734,156 professionals have used our research since 2012.
Q&A Highlights
Question: Comparison between Sophos XG and pfSense as firewalls
Answer: Basically the major difference between Sophos XG Firewall and PFsense is that Sophos is a nextgen firewall based on objects and services and works on layer 7. Instead, Pfsense is a layer 3 firewall based on addresses and ports that is more difficult to block services like Facebook. On Sophos XG firewall you can block these kinds of services easily. There is more information you can find here https://www.sophos.com/en-us/p...
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The wireless control is helpful.""Fortigate's most valuable feature is that it doesn't need a push policy when writing rules.""The most valuable features of Fortinet FortiGate are the ease of use and there are several operating systems that can include the hardware capacities. In the newer releases, the resources were more useful because they were included in the operating system.""It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working.""Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution.""It's very easy to configure.""I like Fortinet's cloud management. It allows me to manage all my devices in different branches for three cloud accounts. Even though I use on-prem devices, I can manage everything on the cloud.""The most valuable feature of Fortinet FortiGate is security. They are known for efficiency and are on the top of Gartner Quadrant reviews. Fortinet FortiGate has an easy-to-use platform with a good graphical interface. The configuration is simple and the solution provides an overall good layer of security."

More Fortinet FortiGate Pros →

"My technicians find the pfSense's web interface very useful. It is very easy to use. pfSense is very reliable and stable. We like the OpenVPN clients that can be deployed using pfSense very much.""The most valuable features of pfSense are security, user-friendliness, and helpful online management.""It is much simpler than other solutions such as Fortinet.""I like pfSense's reports and how I can control access to the policies on the firewall.""The product’s documentation is good.""What I like about pfSense is that it works well and runs on an inexpensive appliance.""Sophos Intercept X is scalable. Currently, we have almost 30 people using it in our company.""It is a very good solution for enterprises that need a VPN for their employees. It is the best way to provide a remote work facility to employees at a very low cost. Other solutions that I have had in the past were very expensive. Enterprises don't always have that kind of money to invest."

More Netgate pfSense Pros →

"The stability of Sophos XG is good, it has good performance.""The most valuable feature of this solution is flexibility.""The solution has good performance and is easy to use.""Sophos offers great disk encryption, anti protection, and the interface is very user-friendly.""Over the past two years, during the COVID pandemic, the VPN has helped us a lot.""Sophos Control Center is a good feature. We can monitor everything from the control panel.""It's a complete firewall solution that has everything.""The performance of Sophos XG is generally good and it is stable."

More Sophos XG Pros →

Cons
"Tunnel flapping was one of the major things I had seen wherein your internet link remains but your VPN tunnel is down. However, since I got a fix from the TAC team, I have not noticed it, but the customer complained a few times that they couldn't access the internet because of this problem.""With the reports, you can see it, and you can get good feelings so upper management can go, "Oh, wow. That looks pretty." However, it's very basic.""Fortinet FortiGate could improve the user interface. There should be more functionality and options through the GUI.""Fortinet FortiGate can improve by integrating the web application firewall and the DDoS protection part of the solution. Having a WAF feature, web application firewall, and proxy together would be a good benefit.""Fortinet FortiGate needs to improve to be on par with its competitors, such as Palo Alto and Sophos. They are the market leaders. Fortinet FortiGate needs to improve its capabilities. However, we are happy with Fortinet FortiGate.""Fortinet FortiGate needs to improve the logging and reporting. Additionally, the next-generation application's policies should be improved. When they were released they had bugs.""The routing capability on the FortiGate devices has room for improvement.""The solution can have more features in a single box that can be multi-applied to integrate everything."

More Fortinet FortiGate Cons →

"The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time.""ClamAV AntiVirus can cause some crashes. That service should be improved.""Ease of use is a problem for a user who is unfamiliar with this product because, in the interface, everything has to be set manually.""I'd like to find something in pfSense that is more specific to URL filtering. We have customers who would like to filter their web traffic. They would like to be able to say to their employees, "You can surf the web, but you cannot get access to Facebook or other social media," or "You can surf the web, but you're not allowed to gamble or watch porn on the web." My technicians say that doing this kind of stuff with pfSense nowadays is not easy. They can implement some filters using IP addresses but not by using the names of the domains and categories. So, we are not able to exclude some categories from the allowed traffic, such as porn, gambling, etc. To do that, we have to use another product and another web filter that uses DNS. I know that there are some third-party products that could work with pfSense, but I'd like the native pfSense solution to do that.""It was difficult to configure our web printer through the solution. This process could be easier. Additionally, integration with SD-WAN solution.""The integration could be improved.""Ultimately, we'd like something stronger, and something that can handle threats better in real-time.""It's just not listed as FIPS compliant for where we're at now in government, which is an issue."

More Netgate pfSense Cons →

"Support could be improved.""It would be better if they made their own hardware like Palo Alto and Fortinet. They use their own ASICs and claim it is more secure.""We recently did an upgrade on the Sophos XG firmware and we were surprised that after the upgrade, the automatic switch actually we were using did not work anymore.""There should be web caching to improve bandwidth utilization. It should have a very good caching feature. That's because we are in a very poor continent, and the connectivity cost is very high. We have low bandwidth, and the intensive usage of bandwidth is not easy here in Africa. If they improve services for web caching, it would be better.""The user interface could be better.""Over the last six months, we have noticed that the hardware is slow, especially the VPN connections.""Better instructions should be provided as part of the technical support so that we can understand the functionalities. This will help us to troubleshoot faster.""I'm just a sole proprietor for IT support, and from my perspective, there could be better ways to educate a proprietor, such as myself, on how to set it up, and program it, and manage it. They do tend to have support, but a lot of times, it is for larger networks. I need something that is simpler and more rudimentary as to how to go about setting up and configuring the firewall, setting up the rules, and that type of thing. So, if there is a missing component there, that would be it."

More Sophos XG Cons →

Pricing and Cost Advice
  • "I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost."
  • "It is more expensive than Sophos. Fortinet is overall more expensive than Sophos. The small range of Fortinet, such as 60F and 80F, is more expensive than the small range of Sophos. Sophos is cheaper. In addition, if you jump from 80F Series to 100F Series, the price doubles."
  • "The license is yearly. We pay for the top end. It's called 360."
  • "Here in Brazil, we're going through difficult economic times and the tax on the dollar is high. All the solutions from minor competitors are growing in the market. The prices have come more competitive."
  • "Licensing for Fortinet FortiGate is on a yearly basis. Pricing for it is a bit high. It could be cheaper."
  • "The licensing scheme of Fortinet is better than Cisco. It is more logical."
  • "The solution requires a license annually, it is not a user license, you can have as many users as your want. I must renew the license regularly per device."
  • "It was probably about $2,500 per firewall. It was all included. It included support, services, threat management software, and 24/7 FortiCare on it. Cisco products are more expensive."
  • More Fortinet FortiGate Pricing and Cost Advice →

  • "Our customers must pay for an annual license."
  • "I would recommend it for a small business or a startup as a starting point. It's also good for companies that are on a tight budget."
  • "The price of pfSense is reasonable. However, there is a free version available."
  • "It is about €1,000. It is a one-time payment. I do not have a monthly or yearly subscription. I don't subscribe to any subscription because I hate cloud services. There are no additional costs."
  • "It is an open source firewall."
  • "It is very suitable in terms of the price. If a client cannot acquire a Netgate appliance, I provide a custom-made appliance, and I install the Community edition of pfSense. It is a very good and affordable solution for enterprises. Some of the clients pay monthly but usually, it is annually."
  • "We are using its Community Edition, which is free. My company is a government school, and we don't have much budget."
  • "pfSense is open-source, but the support is something that the customer pays for."
  • More Netgate pfSense Pricing and Cost Advice →

  • "They have different options for the license."
  • "The price is reasonable"
  • "When compared to other products, Sophos licensing is very affordable."
  • "The price is reasonable but it would be great if it was reduced to half the price."
  • "Over the last two years of the COVID-19 crises, most users required an SSL VPN license, something for which SonicWall charges but which Sophos offers for free."
  • "The pricing was reasonable."
  • "The price is reasonable in my opinion."
  • "Licensing fees are paid on a yearly basis."
  • More Sophos XG Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    734,156 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Top Answer:You don't really specify what type of router you are looking for but if you are talking about a gateway router I… more »
    Top Answer:Fortinet’s Fortigate is a firewall solution we use and are very much satisfied with its performance. We find Fortigate… more »
    Top Answer:Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
    Top Answer:Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat… more »
    Top Answer:Hi Arvind P ,  The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form… more »
    Top Answer:The Sophos UTM is a UTM and Sophos XG is the NGFW. First, you must know about the difference between a UTM and NGFW… more »
    Comparisons
    Also Known As
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    Learn More
    Netgate
    Video Not Available
    Overview

    Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

    Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.

    Benefits of Fortinet FortiGate

    Some of the benefits of using Fortinet FortiGate include:

    • The ability to manage your firewalls from a centralized automated control console. Fortinet FortiGate’s FortiManager enables administrators to exercise control of their firewalls in a streamlined manner. Administrators have full visibility and control over their system from a single location. It utilizes automation that collects information in real time, which greatly simplifies and reduces the cost of running various types of workflows. Administrators can free up resources by automating the most basic tasks.
    • The ability to produce uniform, appropriate, and coordinated responses to threats across networks. Fortinet FortiGate’s FortiGuard feature generates system protections in near real time. This allows administrators to address threats to the system with custom-made solutions that can be uniformly enforced.
    • The ability to scale up your security to fit your changing security needs. Fortinet FortiGate’s design allows users to accelerate the transfer of data between users and escalate the number of users that are covered without compromising security of performance. This means that users can grow their networks and continue to collaborate without worrying about the system slowing down or coming under attack.

    Reviews from Real Users

    Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.

    PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”

    PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”

    pfSense is a powerful and reliable network security appliance primarily used for security purposes such as firewall and VPN or traffic shaping, network management, and web filtering. It is commonly used by small businesses and managed service providers to protect their customers' networks and enable remote access through VPNs. 

    The solution is praised for its stability, user-friendly interface, scalability potential, open-source nature, free cost, easy installation, firewall capabilities, security features, flexibility, and simplicity. Overall, pfSense is a cost-effective solution for enterprises that need a VPN for their employees.

    pfSense Key Features

    pfSense has many key features and capabilities, including:

    • Strength and accuracy: pfSense is able to always follow either default or custom rules, making it a stronger firewall than some of its competitors. It also filters traffic separately, whether it’s coming from your internal network of devices or the open internet, allowing you to set different rules and policies for each.

    • Flexibility: pfSense can work both as a basic firewall and as a complete security system because it gives you the flexibility to integrate additional features as code where necessary.

    • Open-source: Because it is open-source, not only is pfSense free to use, but community members can contribute to the code to make it a better software.

    • User-friendly: Usually firewall products are not user-friendly because they often include complex settings, options, and features that require fine-tuning. pfSense’s interface is simple, direct, and easy to use.

    • WireGuard Support: Instead of building your own VPN using pfSense, or settling for a commercial VPN provider, you can directly integrate WireGuard with the pfSense firewall.

    • Speed Management and Fault Tolerance: pfSense’s multi-WAN feature allows your system to continue operating in case components fail.

    • Well-supported: pfSense regularly has security and feature updates. It also has a documentation site and a well-informed and knowledgeable support forum.

    Reviews from Real Users

    Below is some feedback from PeerSpot Users who are currently using the solution.

    Bojan O., CEO at In.sist d.o.o., says, “The classic features, such as content inspection, content protection, and the application-level firewall, are the most important."

    Another PeerSpot user, a chef at a media company, explains what he finds most valuable about pfSense: "The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is."

    T.O., a VP of Business Development at a tech services company, mentions, "What I found most valuable is the cost of the platform, the flexibility of the platform, and the fact that the ongoing fees are not there as they are with the competitor."



    Sophos XG Firewall is a complete firewall solution that provides all the real-time security and insights you need to protect your network from ransomware and advanced threats. Sophos XG Firewall provides visibility into suspicious users, unknown and unwanted apps, encrypted traffic, and other threats. With its advanced artificial intelligence capabilities, Sophos XG Firewall immediately identifies potential risks and intrusions on web servers and networks.

    Sophos XG Firewall Features

    Sophos XG Firewall offers a wide range of security features, including:

    • Application control: Prevent widespread infections with XG’s Security Heartbeat. XG Firewall automatically identifies the source of an infection on a network and automatically prevents it from accessing other network resources.

    • Synchronized user ID: Eliminate the need for client or server authentication agents by sharing user identification between the endpoint and the firewall through Security Heartbeat.

    • Centralized management: Easily manage all activities with Sophos Central. The XG cloud management platform allows users to easily set up, manage, and monitor XG firewalls along with other Sophos products. Some of Sophos Central’s features include alerting, backup management, one-click firmware updates, and rapid deployments of new firewalls.

    • Lateral movement protection: Automatically isolate compromised systems at every point in the network to stop attacks dead in their tracks.

    • Network protection: Protect networks from attacks and threats while providing secure network access.

    • Web protection: Gain clear visibility and control over all users’ web and application activity.

    • Web server protection: Solidify web servers and applications against hacking attacks while providing secure web access.

    • Email protection: Consolidate email protection with anti-spam, DLP, and encryption. XG’s Live Anti-Spam provides protection from the most recent spam campaigns, phishing attacks, and malicious attachments. Data Loss Prevention automatically triggers encryption on sensitive data in outgoing emails.

    Reviews from Real Users

    Sophos XG Firewall stands out among its competitors, among other reasons, for its intrusion detection capabilities, its user-friendly management platform, and in general, for being a complete and robust firewall solution.

    Niranjan P., a network & system support engineer, writes, “Sophos is a comprehensive solution which allows me to configure all the attendant products, such as Sophos's firewall, endpoint, and encryption features. A nice feature of Sophos is that it offers in sync and heartbeat security. When my clients have a perimeter involving Sophos firewall and endpoints with Sophos Endpoint, they can communicate with each other.”

    Antonio D., sales manager at INFOSEC, notes, “The product has a console that is based in the cloud for all their products. In this console, they have email security, firewall security, endpoint security, et cetera. All of the products on offer in the console are very useful for us. The solution is stable. The solution works well for enterprises and large-scale organizations.”

    Antony M., ICT/HMIS supervisor at a healthcare company, writes, “The VPN feature is the most valuable. It has come in handy during this period when people are working from home. The filtering feature is also valuable because you can easily filter the sites that you don't want to visit. You can also set timely surfing quotas”

    Offer
    Learn more about Fortinet FortiGate
    Learn more about Netgate pfSense
    Learn more about Sophos XG
    Sample Customers
    Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
    Nerds On Site Inc., RKC Development Inc., Expertech, Fisher's Technology, Ncisive, Consulting, CPURX, Vaughn's Computer House Calls, Imeretech LLC, Digital Crisis, Carolina Digital Phone, Technigogo Technology Services, The Simple Solution, SwiftecITInc, Rocky Mountain Tech Team, Free Range Geeks, Alaska Computer Geeks, Lark Information Technology, Renaissance Systems Inc., Cutting Edge Computers, Caretech LLC, GoVanguard, Network Touch Ltd, P.C. Solutions.Net, Vision Voice and Data Systems LLC, Montgomery Technologies, Techforce, Concero Networks, ASONInc, CPS Electronics and Consulting, Darkwire.net LLC, IT Specialists, MBS-Net Inc., VOICE1 LLC, Advantage Networking Inc., Powerhouse Systems, Doxa Multimedia Inc., Pro Computer Service, Virtual IT Services, A&J Computers Inc., Envision IT LLC, CommunicaONE Inc., Bone Computer Inc., Amax Engineering Corporation, QPG Ltd. Co., IT 101 Inc., Perfect Cloud Solutions, Applied Technology Group Inc., The Digital Sun Group LLC, Firespring
    Information Not Available
    Top Industries
    REVIEWERS
    Comms Service Provider16%
    Computer Software Company10%
    Financial Services Firm9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Educational Organization22%
    Computer Software Company15%
    Comms Service Provider9%
    Government5%
    REVIEWERS
    University11%
    Marketing Services Firm9%
    Comms Service Provider9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Comms Service Provider14%
    Government9%
    Educational Organization6%
    REVIEWERS
    Manufacturing Company12%
    Financial Services Firm11%
    Healthcare Company9%
    Comms Service Provider7%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Comms Service Provider12%
    Government7%
    Retailer5%
    Company Size
    REVIEWERS
    Small Business48%
    Midsize Enterprise23%
    Large Enterprise30%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise33%
    Large Enterprise41%
    REVIEWERS
    Small Business69%
    Midsize Enterprise18%
    Large Enterprise13%
    VISITORS READING REVIEWS
    Small Business32%
    Midsize Enterprise18%
    Large Enterprise50%
    REVIEWERS
    Small Business62%
    Midsize Enterprise24%
    Large Enterprise14%
    VISITORS READING REVIEWS
    Small Business38%
    Midsize Enterprise19%
    Large Enterprise44%
    Buyer's Guide
    Netgate pfSense vs. Sophos XG
    September 2023
    Find out what your peers are saying about Netgate pfSense vs. Sophos XG and other solutions. Updated: September 2023.
    734,156 professionals have used our research since 2012.

    Netgate pfSense is ranked 2nd in Firewalls with 22 reviews while Sophos XG is ranked 7th in Firewalls with 55 reviews. Netgate pfSense is rated 8.6, while Sophos XG is rated 8.2. The top reviewer of Netgate pfSense writes "Feature-rich, well documented, and there is good support available online". On the other hand, the top reviewer of Sophos XG writes "Secure, duel switch capabilities, and good support". Netgate pfSense is most compared with OPNsense, Untangle NG Firewall, Sophos UTM, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos XG is most compared with OPNsense, Sophos XGS, Palo Alto Networks NG Firewalls, WatchGuard Firebox and SonicWall TZ. See our Netgate pfSense vs. Sophos XG report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.