

Netgate pfSense and Sophos Firewall are leading contenders in the firewall and network security category. Netgate pfSense holds an advantage with its open-source flexibility, allowing for extensive customization, while Sophos Firewall offers integrated security features appealing for streamlined management.
Features: Netgate pfSense offers WAN load balancing, multiple VPN options such as OpenVPN, and advanced traffic management with modules like Squid and Snort. Its performance is hardware-independent, enhancing cost-effectiveness for diverse deployments. Sophos Firewall provides robust threat prevention, synchronized security, and an integrated security ecosystem that includes application control and web filtering. It also offers easy integration with cloud services and user-friendly configuration.
Room for Improvement: Netgate pfSense users highlight areas such as an outdated central management console, occasionally complex VPN configurations, and integration challenges with antivirus tools. Improvements in reporting and monitoring features are also desired. Sophos Firewall faces challenges related to VPN troubleshooting, occasional bugs, and firmware upgrade issues. Enhancements in high availability configurations and user interface improvements could benefit its users.
Ease of Deployment and Customer Service: Deployment flexibility is a strong point for Netgate pfSense, with options for on-premises and hybrid cloud implementations. However, users primarily rely on community support, which may be challenging for larger deployments. In contrast, Sophos Firewall provides straightforward deployment with a centralized management system, though some users experience slow support responses.
Pricing and ROI: Netgate pfSense is known for its affordability due to its open-source nature and offers a low total cost of ownership without licensing fees. Paid support is available but remains cost-effective. Sophos Firewall adopts a mid-range pricing strategy, offering substantial value with bundled security features and simplified administration, although its initial and renewal costs are higher compared to pfSense.
It's very favorable to have the inclusion of firewall, VPN, and router functionalities.
The total cost of ownership is extremely low when you compare it to a lot of the other devices or other gateway appliances that are available on the market.
There's a significant return on investment.
The costs have increased with Sophos XGS in the last few years, with license prices going up by 30%, doubling from $2,500 to about $5,000, which is a big challenge for us.
The graphical interface of Sophos XG simplifies configurations, saving time in support and troubleshooting compared to the Linux-based solution I previously used.
We purchased endpoint security for the first time last year, and even without endpoint security, it provides comprehensive security.
The support is knowledgeable and responds quickly, so the questions are addressed professionally and accurately.
Snort requires you to pay extra for that help. It's a third-party plugin for pfSense.
When we're down, that's $8000 an hour on a $1500 firewall.
Their team was quick to diagnose and resolve the problem by exchanging the equipment within two weeks.
Any issues are quickly addressed by their support team, which is not common among all OEM manufacturers.
When my customers raise a ticket, a customer representative calls them immediately to address their queries.
Even with a jump from a 50 megabit to a 500 megabit internet connection and approximately 65 active VPN clients, our firewall operates smoothly without any strain.
pfSense is almost infinitely scalable.
The next step up now is to the 4100, which gives you an additional preconfigured WAN port that allows you to easily separate networks.
You can scale up to multiple firewalls with centralized management.
You can't upgrade memory or storage on a specific model, which limits scalability.
Since it uses the underlying Kubernetes infrastructure, it can scale easily if the Kubernetes cluster is sufficiently large.
I've noticed a substantial improvement in stability and ease of use for upgrades and patching over the past year or two.
When I replace consumer routers with pfSense for small businesses with two or three employees, they are often amazed to discover the router can run for a year without a reboot.
Netgate pfSense rates a 10 for stability, and I have experienced no issues there.
It is rated at nine out of ten for stability and is very reliable.
Sophos XG is very stable, even when serving as a DHCP server.
Sophos XGS is stable now, and I would rate its stability as a ten out of ten.
Netgate pfSense is extremely feature-rich for our specific use scenarios.
Having a reseller portal of some kind that allows us to easily remotely access all the different pfSense gateways that we have out there (like Meraki does with their equipment) would be ideal.
I need to speak to someone immediately.
Tekton also has an unstable API with frequent changes, making it challenging to maintain consistency across versions.
It would be beneficial if Sophos XGS offered an end-to-end solution with competitive pricing.
The DDNS features are essential for any organization, as it is better not to have a static IP address from an ISP.
It also offers a free community version that can't be beaten.
The cost of the 3500 was closer to $4,000.
The total cost of ownership is so low because the license and the hardware are remarkably good.
Currently, it costs about four million shillings in Kenya.
The cost depends on the package you are in, such as full threat management or basic.
The last instance I purchased was for three years, around $3,700 for SDG 125.
pfSense's flexibility is great. If you don't have the money to buy the NetGate hardware, anything works with it. You can toss it on any low-end piece of hardware or virtualize it if you choose to virtualize it.
In contrast, pfSense has a graphical user interface, which makes it all very straightforward and easy to use to set up some pretty sophisticated routing scenarios.
Netgate pfSense provides 100 percent visibility, enabling my organization to make data-driven decisions.
The firewall feature of Sophos XG has been the most effective for threat prevention.
It's able to detect cloud applications like Zoom or Microsoft Teams and allows traffic shaping based on the application.
By prioritizing bandwidth for our ERP hosted in Amazon Cloud and de-prioritizing non-essential sites, it has greatly improved our network management.
| Product | Mindshare (%) |
|---|---|
| Netgate pfSense | 7.7% |
| Sophos Firewall | 6.9% |
| Other | 85.4% |

| Company Size | Count |
|---|---|
| Small Business | 171 |
| Midsize Enterprise | 33 |
| Large Enterprise | 29 |
| Company Size | Count |
|---|---|
| Small Business | 209 |
| Midsize Enterprise | 61 |
| Large Enterprise | 53 |
Netgate pfSense is an open-source firewall and router software known for scalability, cost-effectiveness, and community support. It includes customizable packages for varied network management needs, offering solid performance and straightforward management for diverse setups.
Netgate pfSense provides an impressive range of functionalities including firewall capabilities, VPN options, and extensive customization through packages. Its low resource usage and high availability make it viable for businesses of all sizes, especially when dealing with tailored network demands. Despite its strengths, users suggest improvements in ease of use, mobile compatibility, and support for plug-ins. Enhanced centralized management, better documentation, and additional security features are frequent requests.
What are the key features of Netgate pfSense?In education and healthcare, Netgate pfSense is employed for secure connectivity and efficient traffic management, accommodating distinct demands of remote access and content filtering. Organizations in these sectors often utilize features such as load balancing and VPNs to maintain secure and reliable network operations while integrating with services like Active Directory for streamlined identity management. Small to medium-sized enterprises benefit from its affordability and robust functionality, making it a go-to choice for managed service environments requiring effective network security and control.
Sophos Firewall provides comprehensive network security with web filtering, VPN capabilities, and cloud integration. Users highlight its effective threat prevention and flexibility for customizable policies, enhancing network visibility and management.
Renowned for its robust security, Sophos Firewall simplifies network protection through advanced features like intrusion prevention and endpoint protection integration. Its user-friendly interface allows seamless remote management and tailored rule creation, making it ideal for varied environments like healthcare and education. While the system excels in threat detection, areas such as interface navigation, support response times, and VPN integration face challenges. Enhanced reporting and bandwidth management are essential for improved performance.
What are the standout features of Sophos Firewall?Industries such as healthcare, education, and finance implement Sophos Firewall for secure VPNs, improved threat management, and effective traffic monitoring. Its load balancing and email security features support compliance and governance, ensuring robust protection tailored to sector-specific requirements.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.