Apr 03, 2023
They are pretty much the same... OPNsense has a better GUI...
The community in pfSense is much bigger... OPNSense has more frequent updates... but other than that... you can not make mistakes...
pfSense and OPNsense are popular firewall solutions. OPNsense seems to have a slight edge due to its comprehensive features and active community, while pfSense excels in customization and support.
Features: pfSense offers extensive customization, a variety of plugins, and strong routing capabilities, making it highly adaptable to complex network environments. OPNsense provides robust features like regular updates, a powerful reporting engine, and integrated two-factor authentication.
Room for Improvement: Users report that pfSense could improve documentation and simplify its installation process. OPNsense could benefit from enhanced compatibility with some hardware and better support options.
Ease of Deployment and Customer Service: pfSense generally receives praise for its straightforward deployment once users get past the initial setup learning curve, with responsive customer support. OPNsense is noted for its user-friendly deployment process and active community support.
Pricing and ROI: pfSense users find the product cost-effective with good long-term ROI due to its extensive customization options and robust features. OPNsense users appreciate the competitive pricing and feel the frequent updates justify the investment, offering good ROI.
Clients are now comfortable and not wasting productive hours on IT support.
The automation part is giving us a cost benefit and speed; we can react faster.
It's a very useful tool to mitigate and protect your enterprise.
If they can save their data from attackers then it would save them at least two days of not working plus the cost of recovery, which would be much more than the cost of the system and maintenance.
Since the memory leak fixes, it's been incredibly stable and requires minimal maintenance.
In four years of using it, that payment of 189 dollars per year has already paid off.
The network attacks reduced by approximately 60% after using that, even without customizing the custom configuration yet.
For a very little investment, I was able to increase the security of my network.
They offer very accurate solutions.
The quick resolution of issues with Fortinet FortiGate is due to the support of the company and the fact that the equipment is easy to work with.
I would rate the technical support for Fortinet FortiGate a ten out of ten.
When I provide detailed information about the problem, they've been able to reply quickly with a solution or go research the problem and get back to us quickly with a fix.
They are highly responsive.
I couldn't imagine having better support.
Compared to some open-source projects with weak support, OPNsense stands out for having both a strong community and commercial backing options.
I mainly rely on community support since the solution is open source.
OPNsense is open source, so you have to rely on the community for customer support.
They scale up really well from smaller models like the FortiGate 40 and 50 to bigger sites with the FortiGate 100 for more throughput - up to enterprise datacenters.
The variation comes in terms of the interfaces and throughputs, but from a security perspective, you get the same benefit, irrespective of whether you have an entry-level unit or an enterprise.
We determine sizing based on multiple factors: number of users, available links, traffic types, server count, services in use, and whether services will be published.
If I put things into a certain context and say that we have a network that has around 100 people, then you don't put up a device that can manage 100 people. Instead, you need to get a device that can manage 150 to 200 people, and then you can create room for growth.
I don't think Netgate pfSense can offer much scalability for big enterprises.
Even with a jump from a 50 megabit to a 500 megabit internet connection and approximately 65 active VPN clients, our firewall operates smoothly without any strain.
Aside from these aspects, it demonstrated good scalability.
It supports routing, VPN setups, and traffic monitoring with additional packages like Snort and Suricata.
OPNsense is an extremely scalable solution.
We're experiencing 99.999% availability consistently.
I would rate the stability of Fortinet FortiGate a ten out of ten.
Currently, we are experiencing a general outage of one of the main internet service providers of the Dominican Republic, and we have not been impacted in our operations because with SD-WAN, we have another internet service provider and we are working with the second WAN connection without any disruption.
I rate the solution's stability a ten out of ten.
I've noticed a substantial improvement in stability and ease of use for upgrades and patching over the past year or two.
When I replace consumer routers with pfSense for small businesses with two or three employees, they are often amazed to discover the router can run for a year without a reboot.
For home and small network use, OPNsense is also reliable, providing enterprise-grade security at no cost.
OPNsense is the same, but it does have a way of installing the Realtek drivers, which gives you a lot more stability overall on the system.
The only challenge faced was its inadequacy to manage large voice traffic effectively, even with dedicated hardware.
Investing in a solution that can accommodate such growth would be more cost-effective than repeatedly purchasing new hardware.
While Fortinet claims to offer a comprehensive network solution, it falls short in addressing computer application issues, particularly server security.
When considering Sophos XG, which we also use, the logging and reporting functionality is notably more efficient.
There is some trade-off between having a certain level of security and maintaining acceptable performance.
If I need to go between different VLANs, I have VLAN 19.1 and VLAN 19.2, and I strictly use Netgate pfSense, but it doesn't route very efficiently and works quite slowly.
They should support the idea of configuration management as code from source code and provide a more robust API for managing the pfSense configuration.
For high availability, it's crucial to have a method in place where a designated component oversees the entire process.
Improved guidance on package usage and integration beyond relying on external tutorials or community support would be beneficial.
I would like the APIs to be more mature and more developed and have more options to automate threat hunting.
Last year, I renewed the support for three years, which can sometimes be expensive but depends on the security benefits and how it helps us.
It offers cost savings as it is generally cheaper than the competition.
It is about 20% cheaper.
The price of setup is approximately €500 to €800, which also includes the initial monitoring.
You can acquire a decent embedded PC for around a hundred dollars and install pfSense on it, effectively creating a robust firewall solution.
The product is free of cost.
It is a free solution, and when you compare it to alternatives like FortiGate, which is quite powerful but also costly, the value becomes evident.
I would rate the pricing a nine out of ten, especially considering the availability of a free community edition.
It is free.
In terms of security, we have not experienced any security flaws or loopholes, and it has proven to be quite stable.
FortiGate has helped reduce the risk of cyberattacks that might disrupt our client's production.
These features help reduce our downtime, manage the ISPs, and deploy SLAs for all the website traffic.
We have multiple VLANs, and with assistance, it was easy to get everything set up and running in our organization the way we needed it to.
We had downtime before pfSense. We've never gone down using the solution.
It is very stable, and it works very well.
The most valuable features include the basic firewall functionality and the GeoIP location services.
I can have a Wi-Fi VLAN and feel secure that the server network or the VM network that I have on a different VLAN are isolated, and they cannot talk to one another, which adds a great level of security.
It offers enterprise-grade features such as intrusion detection and prevention system, VPN support, traffic shaping, and web filtering, all without license cost.
| Product | Market Share (%) |
|---|---|
| Fortinet FortiGate | 20.7% |
| Netgate pfSense | 11.1% |
| OPNsense | 11.1% |
| Other | 57.1% |
| Company Size | Count |
|---|---|
| Small Business | 350 |
| Midsize Enterprise | 129 |
| Large Enterprise | 187 |
| Company Size | Count |
|---|---|
| Small Business | 166 |
| Midsize Enterprise | 33 |
| Large Enterprise | 28 |
| Company Size | Count |
|---|---|
| Small Business | 30 |
| Midsize Enterprise | 5 |
| Large Enterprise | 8 |
Fortinet FortiGate excels in providing integrated VPN, firewalling, and Unified Threat Management (UTM) with centralized management and high availability. It supports remote access and comprehensive threat protection, making it a preferred choice for securing networks.
Fortinet FortiGate offers a robust security platform with features such as strong intrusion prevention, application control, and web filtering. Its integration with Active Directory and SD-WAN functionality provides scalable solutions for large networks. Users appreciate its ease of use through centralized management interfaces, ensuring robust security with flexible configurations. However, FortiGate could enhance its graphical interface and technical support responsiveness, address firmware bugs and costly licensing, improve logging, integrate better with third-party tools, and strengthen scalability and memory for log storage. Complexity in configuration and the need for intuitive features are noted challenges, and there's a demand for advanced security, zero-trust capabilities, and AI integration.
What are the key features of Fortinet FortiGate?Fortinet FortiGate is widely implemented across industries like education, finance, and government. Companies use it for firewall protection, VPN, and SD-WAN capabilities, ensuring secure perimeter and data center security. It facilitates remote access management and traffic routing optimization, offering reliable security and connectivity solutions.
Netgate pfSense is widely leveraged by organizations for its comprehensive capabilities in firewalls, VPN servers, and bandwidth management. It suits LAN, WAN, and DMZ networks, offering secure, scalable, and efficient networking solutions.
Netgate pfSense stands out in diverse environments with its enterprise-grade features and cost-effective operations compared to competitors like Cisco. Deployed as an edge device, it optimizes routing, ad-blocking, content filtering, and traffic shaping. Users benefit from its versatile configurations, robust firewall protection, VPN functionality, and ISP load balancing. The open-source nature allows for extensive customization, integrating plugins like Snort and pfBlockerNG, and compatibility with third-party tools enhances its utility. The intuitive GUI combined with detailed logging and centralized management fortifies network security.
What features define Netgate pfSense?
What benefits should be considered for ROI?
Organizations in industries such as finance, healthcare, and education find Netgate pfSense integral due to its advanced security features and cost benefits. Its scalable architecture and strong VPN support are crucial for industries requiring stringent data protection and reliable remote access. The adaptability of pfSense makes it suitable for dynamic environments seeking comprehensive, secure networking solutions.
OPNsense is widely used for firewall functionalities, intrusion detection, VPN and IPSec, content filtering, securing network traffic, and remote access. It protects internal networks and manages servers securely, suitable for small to medium-sized businesses.
OPNsense is a comprehensive firewall solution leveraging open-source technology. It integrates with third-party modules like WireGuard and CrowdSec, enhancing its security capabilities. Offering on-premises and cloud deployment, it features an intuitive graphical interface, advanced reporting, VPN functionality, IDS/IPS features, and high scalability. Users find it ideal for small businesses and home networks due to its stability and ease of use. Frequent updates and an active community support its continuous improvement. However, it needs advancements in VPN selection, scalability, and technical documentation. Enhanced high availability, threat intelligence, and integration with virtualization platforms are required. User feedback suggests improvements in connectivity, alerting, traffic monitoring, and antivirus protection.
What are the key features of OPNsense?OPNsense is implemented across various industries to secure network infrastructure and ensure reliable connectivity. In fintech, it safeguards sensitive financial data while maintaining compliance. Educational institutions deploy it to protect student information and enable secure remote learning environments. Healthcare organizations use it to secure patient data and comply with HIPAA regulations. By integrating with tools like WireGuard and CrowdSec, businesses enhance their cybersecurity posture and streamline network management, making OPNsense a versatile choice for diverse operational needs.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
