Try our new research platform with insights from 80,000+ expert users

Netgate pfSense vs WatchGuard Firebox comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Number of Reviews
316
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Netgate pfSense
Ranking in Firewalls
1st
Average Rating
8.6
Number of Reviews
206
Ranking in other categories
No ranking in other categories
WatchGuard Firebox
Ranking in Firewalls
11th
Average Rating
8.4
Number of Reviews
85
Ranking in other categories
Unified Threat Management (UTM) (4th)
 

Featured Reviews

DineshKumar28 - PeerSpot reviewer
Sep 25, 2024
Effective threat prevention with responsive customer support
We are using Fortinet FortiGate as a firewall Fortinet FortiGate has been invaluable. It has helped save costs due to its various features, reliable performance, very good UI, low latency, and stability. The Threat Intel engine in Fortinet FortiGate is highly rated for its effectiveness in…
Vincent Hamm - PeerSpot reviewer
Jul 1, 2024
I appreciate the depth of what the solution can do and the simplicity of the initial setup
We do a lot of managed services and are currently trying to get people off of L2TP VPN. Apparently, we can download a mobile config file from a configured NetGate device, and we're primarily Apple. We've experimented with it on a device that's not a production device, and we can't seem to get the phase one IPSec set correctly so that the Apple config will accept it. We've tried looking at the documentation but haven't found anything. While it's not the highest priority, it is rather frustrating. We'd like to do this, and the feature is right there, but we can't get it configured. We certainly don't want to try it on a production machine because it will break the current VPN. I would like to download the Apple mobile config so that I can tell it to configure my VPN connection to do that. We have some cross-platform things. So there's also a Windows VPN. You can download a script or a PowerShell, put it on a Windows machine, and it can connect to the VPN. It would be nice if I could say I want Mac only, Windows only, or both. I wish it could configure the IPSec phase one and phase two, or at least give me solid instructions on how to configure that. It doesn't supply out-of-the-box visibility to drive decisions. You get 75 log lines, so if you're trying to troubleshoot something, you have to look at one log and then another. It integrates with SysLog systems, but our customers are not at the level where they want to pay for some third-party SysLog system. Usually, we can get things taken care of fairly quickly. I would like to have the ability to control all my devices from one place. With Ubiquiti, you can get a controller that allows you to control all of your Wi-Fi devices, switches, and routers. From one area, you can switch to that customer and see what's happening in their environment. That's not part of pfSense. I understand why it's not because pfSense is open source and community supported. That's something that someone in the community needs to pick up and run with. It's not something the pfSense can easily implement. If they could, that'd be great.
CarlosArdila - PeerSpot reviewer
May 24, 2024
Serves as the main firewall for customers' premises and data centers
The initial setup is straightforward. You can deploy it on-premises or using the cloud. If you configure the device to connect to the cloud, you can deploy the Firebox based on templates. You can add a template for a specific client and deploy it for a particular use case. For example, if you're setting it up for a restaurant or a cafe, you can have templates tailored for those businesses. This significantly reduces deployment time, especially if you have several customers of the same type of business. One person is enough for the solution's deployment, but it will run in less than an hour. A network security engineer meets with clients to gather configuration requirements. He prepares a configuration template before the implementation. When he arrives at the site, he turns on the device, applies the template, tests everything, and then migrates the settings from the existing router or firewall to the Firebox.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Initial setup is straightforward. There weren't too many issues with setting it up. It takes one hour or so."
"The web tutor and automatic rules by schedule are good features."
"It's very fast and easy to configure."
"The application control features, such as Facebook blocking and Spotify blocking, are the most valuable."
"The most valuable feature is the ease of configuration."
"Offers good security and filtering."
"The product is very stable, easy to troubleshoot, and configure, so it has reduced the time it takes for support."
"Overall security features and performance routing is good."
"The solution is very robust."
"Users can manage everything under one single pane of glass."
"The initial setup is straightforward."
"I especially like the VPN part. It works like a charm."
"The customer support is very good. Setting up the VPN is pretty straightforward and easy."
"pfSense provides visibility that enables users to make data-driven decisions. I'd rate the capabilities seven out of ten."
"I like how affordable and flexible pfSense is. I can achieve the protection I need in a flexible manner. I enjoy using pfSense. It's effective and solid."
"They're very affordable for what they offer."
"Easy to change the model if you need more performance, with good cohesion in the whole lineup of devices."
"The Dimension control, the one-spot reporting and control, has been nice. It's been easy to go in and make sure people are doing what they're supposed to be doing and that only the right stuff is getting in."
"It has everything we need in terms of functionality."
"The most valuable feature of WatchGuard Firebox is the VPN. It's easy to connect to the VPN."
"Their support is excellent, and the stability is very good."
"It protects me against malicious websites, as well as malicious downloads, as a perimeter anti-virus. I've also seen it blocking a lot of pings and different probes."
"[A] valuable feature would be the branch office. We have five offices throughout the United States, and it coordinates the connections of those offices."
"Management and visibility are the most valuable features."
 

Cons

"In some cases, its initial setup could be hard for customers."
"Fortinet FortiGate can improve the integration with Active Directory. Additionally, I would like to have a Cloud Controller, such as they do in the Cisco Meraki solution."
"We would like to see better pricing."
"A lack of integration between our data centers."
"The support team for Fortinet FortiGate needs to be more customer friendly."
"I would suggest that Fortinet add sandboxing to their solution."
"One of the problems I was having was with user mapping, and it is an issue for which I have escalated tickets with Fortinet support."
"The solution lacks sufficient filtering."
"Other solutions provide more scope for growth. For instance, we can have only 10 to 20 employees on VPN, but other solutions can support more users. We also have more capabilities to increase the performance of the solution."
"It is not centrally managed, where you log into the website and can see all your services there. We would like to be able to see is all the configurations from a central interface on all our pfSenses."
"It could use a little bit of improvement in the reporting."
"I would like clear guidance on supported network interface cards, including detailed performance metrics for various models."
"pfSense could improve by having a sandboxing feature that I have seen in SonicWall. However, maybe it is available I am not aware of it."
"More documentation would be great, especially on new features because sometimes, when new features come out, you don't get to understand them right off the bat. You have to really spend a lot of time understanding them. So, more documentation would be awesome."
"The product could offer more integrated plugins."
"The VPN feature of the solution could improve by adding better functionality and providing easier configure ability."
"The next release should have better software and configuration systems that can also be used on Linux."
"They are working on cloud-based options. However, they do not have the options fully functional in their solution at this time."
"I don't think I can get a full-blown DNS client from it. I've been trying to have DNS services. It has forwarding, but I don't get the services of a full DNS client. My main difficulty with it is that I can't run a complete service. I need NTP. I need DNS. I need DHCP for my domain, but I only get forwarding. As far as I can tell, I don't get caching and the kinds of reporting and registration needed to host a DNS for a domain. I have to have a separate solution for that."
"One area for improvement could be making the interface even more user-friendly."
"A 12-hour power outage... got our batteries."
"The area where I think this product can be improved is the user interface and the reporting. It can be quite difficult to find the correct logs and to actually find out what is going on. The digging can be time-consuming."
"It's sometimes not easy to understand and can require specialist assistance."
"Once you start getting into proxy actions and setting up: "Okay, cool. Once this rule gets triggered, what actions have to happen?" I do know a few people who use WatchGuard and they still have to get assistance when they look at that. So I would file that as a con for WatchGuard. Proxy actions can be a little bit complicated."
 

Pricing and Cost Advice

"Pricing is lower than Cisco."
"Setup cost may be not so low, as you expect, because it depends on different factors, but TCO for 5 years may pleasantly surprise you."
"FortiGate's pricing falls within the mid-range when compared to other leading firewall solutions."
"You need to pay a license for this solution. Our licensing is now done in our subsidiary."
"Our licensing costs are on a yearly basis."
"The licensing costs are very low."
"I give the pricing a nine out of ten."
"The price is fair for what we get with FortiGate."
"It's open source (and free - as in beer and speech), but also has commercial support."
"It is free. It is open source."
"It has almost zero cost, and it is open to us. It runs on a small appliance just for a couple of 100 bucks, and I've never had an appliance burn out on me yet."
"pfSense is open-source."
"It is open source."
"It's highly cost-effective for both the average consumer and business users."
"Unless they have specific requirements that demand a particular device, I always suggest pfSense specifically because of the absence of pricing and licensing."
"It is an open source firewall."
"I would rate the pricing at seven out of ten. As for the licensing costs, we typically have yearly licenses for our clients, but there are no additional costs beyond the standard licensing fees."
"I buy a three-year renewal on the main device, which is usually around $3,000 to $4,000. They usually upgrade the device when I do it. You get a big discount when you do three years."
"Firebox is priced reasonably."
"I find the solution to be very affordable."
"As per my knowledge, the product is more affordable than alternatives."
"WatchGuard had a very competitive price. It was only 10 to 20 percent more than a single instance device but with that extra cost it provided a second load balancing device... unlike other brands whose method of hardware and software licensing would have doubled our cost."
"The licensing costs are comparatively lower than other providers, and I would rate the pricing as five out of five."
"There is an additional cost for support on top of licensing. When I bought my new unit, I received additional time added to my support."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
812,628 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
15%
Manufacturing Company
6%
Comms Service Provider
6%
Computer Software Company
15%
Comms Service Provider
9%
Government
8%
Educational Organization
7%
Computer Software Company
19%
Comms Service Provider
8%
Government
6%
Retailer
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Help me find the best open source router
You don't really specify what type of router you are looking for but if you are talking about a gateway router I reco...
How do I choose between Fortinet FortiGate and pfSense?
Fortinet’s Fortigate is a firewall solution we use and are very much satisfied with its performance. We find Fortigat...
What is the difference between PfSense and OPNsense?
Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and cl...
What is your primary use case for WatchGuard Firebox?
We are providing our services to all WatchGuard customers in the region.
What is your primary use case for WatchGuard Firebox?
We just use it as a secondary WiFi device. We're a small office and we needed to set up a WiFi device for a few of ou...
What is your primary use case for WatchGuard Firebox?
We're a hospital and we use it for developing our incoming and outgoing policies, and we also use it for VPN.
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
No data available
No data available
 

Learn More

Video not available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
Nerds On Site Inc., RKC Development Inc., Expertech, Fisher's Technology, Ncisive, Consulting, CPURX, Vaughn's Computer House Calls, Imeretech LLC, Digital Crisis, Carolina Digital Phone, Technigogo Technology Services, The Simple Solution, SwiftecITInc, Rocky Mountain Tech Team, Free Range Geeks, Alaska Computer Geeks, Lark Information Technology, Renaissance Systems Inc., Cutting Edge Computers, Caretech LLC, GoVanguard, Network Touch Ltd, P.C. Solutions.Net, Vision Voice and Data Systems LLC, Montgomery Technologies, Techforce, Concero Networks, ASONInc, CPS Electronics and Consulting, Darkwire.net LLC, IT Specialists, MBS-Net Inc., VOICE1 LLC, Advantage Networking Inc., Powerhouse Systems, Doxa Multimedia Inc., Pro Computer Service, Virtual IT Services, A&J Computers Inc., Envision IT LLC, CommunicaONE Inc., Bone Computer Inc., Amax Engineering Corporation, QPG Ltd. Co., IT 101 Inc., Perfect Cloud Solutions, Applied Technology Group Inc., The Digital Sun Group LLC, Firespring
Ellips, Diecutstickers.com, Clarke Energy, NCR, Wrest Park, Homeslice Pizza, Fortessa Tableware Solutions, The Phoenix Residence
Find out what your peers are saying about Netgate pfSense vs. WatchGuard Firebox and other solutions. Updated: October 2024.
812,628 professionals have used our research since 2012.