Try our new research platform with insights from 80,000+ expert users

Netgate pfSense vs Sophos XGS comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
317
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Netgate pfSense
Ranking in Firewalls
1st
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
206
Ranking in other categories
No ranking in other categories
Sophos XGS
Ranking in Firewalls
14th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
82
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of January 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 20.3%, up from 17.4% compared to the previous year. The mindshare of Netgate pfSense is 17.6%, down from 23.3% compared to the previous year. The mindshare of Sophos XGS is 1.8%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Vincent Hamm - PeerSpot reviewer
I appreciate the depth of what the solution can do and the simplicity of the initial setup
We do a lot of managed services and are currently trying to get people off of L2TP VPN. Apparently, we can download a mobile config file from a configured NetGate device, and we're primarily Apple. We've experimented with it on a device that's not a production device, and we can't seem to get the phase one IPSec set correctly so that the Apple config will accept it. We've tried looking at the documentation but haven't found anything. While it's not the highest priority, it is rather frustrating. We'd like to do this, and the feature is right there, but we can't get it configured. We certainly don't want to try it on a production machine because it will break the current VPN. I would like to download the Apple mobile config so that I can tell it to configure my VPN connection to do that. We have some cross-platform things. So there's also a Windows VPN. You can download a script or a PowerShell, put it on a Windows machine, and it can connect to the VPN. It would be nice if I could say I want Mac only, Windows only, or both. I wish it could configure the IPSec phase one and phase two, or at least give me solid instructions on how to configure that. It doesn't supply out-of-the-box visibility to drive decisions. You get 75 log lines, so if you're trying to troubleshoot something, you have to look at one log and then another. It integrates with SysLog systems, but our customers are not at the level where they want to pay for some third-party SysLog system. Usually, we can get things taken care of fairly quickly. I would like to have the ability to control all my devices from one place. With Ubiquiti, you can get a controller that allows you to control all of your Wi-Fi devices, switches, and routers. From one area, you can switch to that customer and see what's happening in their environment. That's not part of pfSense. I understand why it's not because pfSense is open source and community supported. That's something that someone in the community needs to pick up and run with. It's not something the pfSense can easily implement. If they could, that'd be great.
Jaffar Ali - PeerSpot reviewer
Has provided stability, security, ease of management, and better reporting options
People use Sophos XGS because the overall channel support is very good, so they don't face issues. Additionally, it is competitive in pricing against Fortinet in some cases, especially when considering high availability, email subscriptions, and gateways Sophos XGS has provided stability,…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of Fortinet FortiGate is the simple configuration."
"The secure web gateway module and the application control module are valuable. HA operations are very easy."
"The most valuable features are the enterprise modeling and the simple interface."
"The initial setup is easy."
"It has very easy management and an amazing ETM configuration."
"Their proxy-based inspection is responsive and secure."
"It's user-friendly and easy to operate."
"The next-gen features, the unified threat management capabilities are something that just about everybody is interested in at this point."
"Its scalability is a strong point."
"The initial setup is not complex."
"OpenVPN, IPsec, DHCP, and DNS are the most valuable features."
"The performance optimization documentation has improved our organization. The base setup is great but with higher bandwidth, it is really hard to find good documentation on how to tweak the setup to get the most out of your connection."
"Improved service performance and availability through redundancy."
"What I like about pfSense is that it works well and runs on an inexpensive appliance."
"Other firewalls I've used aren't good. They're not easy to configure. The built-in access points are from Wi-Fi, which isn't great. I wanted to go down a route where I could have full control. I like the ability to set up my firewall and access points, link everything together, and be in control of the routing."
"The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network."
"In this solution, the most valuable feature is that it's a security device. Maintaining security is very valuable for us. The other feature that we did not find in other products is that it works well with thin client environments."
"The UI for Sophos is very simple."
"Sophos XGS has contributed to the reduction of the overall security costs of our company's customers."
"Sophos XGS that's a good firewall. If you use the endpoint, then you have what Sophos calls synchronized security. That will mean that if one of the endpoints is affected, it will be automatically set in isolation."
"Sophos XGS' best features are simplicity and its built-in reporting tool."
"The solution is easy to use and configure, once you know how to apply the policies."
"The scalability of Sophos XGS is very good."
"The solution's most valuable features are IPS, IDS, and web application security."
 

Cons

"They have to just improve its performance when we enable all UTM features. When you enable all the features, the performance of FortiGate, as well as of Sophos and SonicWall, goes down."
"A couple of things I've seen that need improvement, especially in terms of a hard coding. The driver-level active moment really is out-of-the-box and we have to have contact the customer support and sometimes it is difficult to resolve."
"It should be more stable. There should be full integration within Fortinet products themselves as well as with other third-party products. Especially when you're not dealing with SIEM and the correlation of the security box, we want Fortinet to be able to share that information with as many other products as it can."
"There could be more integration between the logging and analytical platforms to make it more seamless and integrated."
"FortiOS is not simple."
"I haven't had a single issue since using Fortinet."
"There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision."
"We'd like more management across other integrations."
"I believe improving integration with various antivirus vendors could be beneficial."
"I would like a management console to manage multiple pfSense installs. We have five or six pfSense hardware devices installed. As far as I know, there is no single, unified pane of glass that I can use to manage multiple appliances. That's the one thing I wish I had, just having a good single unified configuration interface for each install."
"PfSense could better utilize the interface and dashboard and include some packages in the built-in solution. For example, pfSense is sharing some other packages. You have to download and configure them within the package manager of pfSense. Some of those important ones, like the IPS and the monitor, could be installed on the solution's image and configured."
"The product must provide integration with other solutions."
"Also, the GUI is helpful, but it's not user-friendly. It's complicated. It should be more intuitive for the average user and have an excellent graphical view. Of course, the user will typically know about network administration, but it still should be easy to understand."
"The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them."
"Other solutions provide more scope for growth. For instance, we can have only 10 to 20 employees on VPN, but other solutions can support more users. We also have more capabilities to increase the performance of the solution."
"It would be nice if the solution had a wizard for some of the complex functions."
"The technical support could be improved as it is currently not competent and pretty slow."
"The application is a little slow; it takes five to ten seconds to respond to every click when configuring. If we need to do significant configuration, it can take a lot of time. This might be because we have a low-end machine, and it could be faster with a high-end one."
"They need intelligent reporting, not just your simple, standard reports."
"In previous versions, NAT rules were easier to create. After version 18.5, creating a NAT rule has become more complex, requiring the creation of a separate policy and an additional component."
"We'd like an interface that can monitor everything."
"It would be good if we could do dual customization."
"In Sophos, the user portal is not user-friendly."
"Sophos' technical support has degraded in the last couple of years. They seem to need to ask a lot of questions, even with simple problems, and take a long time to provide solutions."
 

Pricing and Cost Advice

"It's a very full-featured and it's priced well solution."
"Its price is normal. If I compare it with other vendors, such as Palo Alto, it's normal. Palo Alto is expensive."
"The price is really low. It's cheap in comparison to the cost of Cisco or CheckPoint, for example."
"The price depends on the size of the company. From the beginning, you just want to know the internet bandwidths, speed, and the number of users to be able to offer the right product and model. They have a lot of products in FortiGate according to the size of the company, like 200D and 300D."
"I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost."
"There is a subscription-based model to use Fortinet FortiGate. We pay annually for the solution along with the support. If you want to have all the updates, and security patches you will need to renew your support."
"It is an inexpensive solution."
"The price is okay."
"Unlike many firewalls that require annual licensing fees, making them expensive for small businesses, pfSense is an affordable option."
"The solution is free. However, you need to pay for support."
"Netgate pfSense Community Edition is great and free. For Netgate pfSense Plus, we have to buy Netgate's boxes, and the pricing is great."
"I am using the community version of the solution which is free."
"For what they charge for it, which is maybe $100 a year, it's still good. If you wanted to build your own router, pfSense is more than worth $100 a year to have all that flexibility and maybe your own piece of custom hardware that you want to run it on."
"The price of pfSense seems reasonable. I pay around a hundred dollars a year for pfSense Plus, which is inexpensive for such a complex product. It's also good that they can still release a community edition. If it started to get extremely expensive to the point where it was more of an enterprise-only product that costs thousands of dollars a year or something like that, I might consider stepping down to the community edition or looking elsewhere."
"I buy the appliance and accept whatever comes with it, but I am not bought into paid support. When it comes to the pricing of the appliances, they are pretty competitive. The price is pretty competitive."
"The price point is highly competitive."
"The cost is comparable to other similar solutions."
"The price of Sophos XGS is average compared to other offers from other OEMs."
"Once you pay for the Sophos XGS hardware there is no license required. There are additional costs if you want the support. We have purchased support for three years."
"I would like to see them reduce the price."
"Sophos XGS costs around $6,000 for a basic license."
"We pay about $150."
"There are additional costs involved apart from the licenses."
"There is an annual licensing fee to use Sophos XGS. It is an expensive solution."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
831,071 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Comms Service Provider
6%
Manufacturing Company
6%
Computer Software Company
15%
Comms Service Provider
10%
Government
8%
Educational Organization
7%
Computer Software Company
17%
Manufacturing Company
8%
Comms Service Provider
7%
Educational Organization
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Help me find the best open source router
You don't really specify what type of router you are looking for but if you are talking about a gateway router I reco...
How do I choose between Fortinet FortiGate and pfSense?
Fortinet’s Fortigate is a firewall solution we use and are very much satisfied with its performance. We find Fortigat...
What is the difference between PfSense and OPNsense?
Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and cl...
What do you like most about Sophos XGS?
The policies are the greatest feature. They allow us to configure granular control over our network traffic.
What is your experience regarding pricing and costs for Sophos XGS?
The pricing is justified, and the solution is considered budget-friendly compared to other vendors.
What needs improvement with Sophos XGS?
Hardware stability needs improvement. I have experienced multiple hardware complaints, particularly during firmware u...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
No data available
No data available
 

Learn More

Video not available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
Nerds On Site Inc., RKC Development Inc., Expertech, Fisher's Technology, Ncisive, Consulting, CPURX, Vaughn's Computer House Calls, Imeretech LLC, Digital Crisis, Carolina Digital Phone, Technigogo Technology Services, The Simple Solution, SwiftecITInc, Rocky Mountain Tech Team, Free Range Geeks, Alaska Computer Geeks, Lark Information Technology, Renaissance Systems Inc., Cutting Edge Computers, Caretech LLC, GoVanguard, Network Touch Ltd, P.C. Solutions.Net, Vision Voice and Data Systems LLC, Montgomery Technologies, Techforce, Concero Networks, ASONInc, CPS Electronics and Consulting, Darkwire.net LLC, IT Specialists, MBS-Net Inc., VOICE1 LLC, Advantage Networking Inc., Powerhouse Systems, Doxa Multimedia Inc., Pro Computer Service, Virtual IT Services, A&J Computers Inc., Envision IT LLC, CommunicaONE Inc., Bone Computer Inc., Amax Engineering Corporation, QPG Ltd. Co., IT 101 Inc., Perfect Cloud Solutions, Applied Technology Group Inc., The Digital Sun Group LLC, Firespring
Information Not Available
Find out what your peers are saying about Netgate pfSense vs. Sophos XGS and other solutions. Updated: January 2025.
831,071 professionals have used our research since 2012.