Try our new research platform with insights from 80,000+ expert users

OPNsense vs Sangfor NGAF comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jul 13, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
1st
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
574
Ranking in other categories
Secure Web Gateways (SWG) (2nd), Intrusion Detection and Prevention Software (IDPS) (1st), Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st), ZTNA (2nd), Unified Threat Management (UTM) (1st)
OPNsense
Ranking in Firewalls
3rd
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
43
Ranking in other categories
No ranking in other categories
Sangfor NGAF
Ranking in Firewalls
20th
Average Rating
8.0
Reviews Sentiment
6.5
Number of Reviews
34
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of September 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 20.7%, up from 18.6% compared to the previous year. The mindshare of OPNsense is 11.1%, down from 15.9% compared to the previous year. The mindshare of Sangfor NGAF is 1.2%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls Market Share Distribution
ProductMarket Share (%)
Fortinet FortiGate20.7%
OPNsense11.1%
Sangfor NGAF1.2%
Other67.0%
Firewalls
 

Featured Reviews

Vasu Gala - PeerSpot reviewer
A stable solution with an intuitive interface and quick customer service
I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.
Moutaz Sheikh Alard - PeerSpot reviewer
Has helped simulate enterprise security setups and strengthens network segmentation practices
For my capstone, I use OPNsense for my project and its broader benefits for enterprise and cybersecurity context. OPNsense is an open source based firewall and routing platform. It offers enterprise-grade features such as intrusion detection and prevention system, VPN support, traffic shaping, and web filtering, all without license cost. This platform has a modular design, a clean web-based GUI, and frequent updates that prioritize security and usability. It competes with commercial firewalls such as Cisco ASA, FortiGate, and Palo Alto, but stands out because it's community-driven, cost-effective, and transparent. I find OPNsense's feature of acting as a central firewall and gateway most valuable, providing robust point segmentation between the internal network and DMZs in my capstone project, intrusion detection to monitor malicious traffic, VPN services for secure remote access, and logging and monitoring for compliance and auditing. This allows me to simulate a real-world enterprise environment on a smaller scale, demonstrating both security hardening and network efficiency. OPNsense impacts my projects and home network positively because its cost-effectiveness is perfect for lab and enterprise setup without expensive licensing. The flexibility, easy VLAN and DMZ configuration supports different zones such as web servers, mail servers, and log servers. The security-first design for IDS/IPS integration helps me showcase modern defense-in-depth strategies. The user-friendly management through the web GUI makes it possible to manage complex firewall rules clearly, which is critical when documenting and presenting a capstone. Scalability is also an advantage. Although my project is lab-based, OPNsense can scale into production deployments in SMBs and enterprise.
Zaid Farooqui - PeerSpot reviewer
Enhanced threat detection with integrated security features and good support
We are using application firewalling, WAF, and SD-WAN. The capabilities are mostly within the box. For example, you will get web application firewall WAF as part and parcel of this. SD-WAN is also bundled. It integrates with their SIEM and SOAR solutions very nicely. Lastly, the pricing point is very cost-efficient as well.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We purchased Fortinet because of the pricing, its functionality, because it met our requirements, and the total cost of ownership over five years was quite reasonable. In the market, Fortinet is rated quite well."
"The security features are about the best that I've seen anywhere."
"Fortinet FortiGate is a very good next-generation firewall."
"The product is very stable, easy to troubleshoot, and configure, so it has reduced the time it takes for support."
"The most valuable feature of FortiGate Next Generation Firewall is its SD-WAN."
"The pricing is great and very reasonable."
"FortiGate SWG's most valuable feature is integration with vulnerability management."
"The solution is easy to use."
"The interface and the dashboard are the most valuable features of this solution."
"OPNsense is easy to scale when running on the hardware."
"I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed."
"The tool's integration is more like a button press."
"The technical support is very good."
"The most valuable feature is the Dual WAN in OPNSense, which offers advanced capabilities."
"The system in general is quite flexible."
"We have found pretty much all the features of the solution to be valuable."
"You might try Sangfor if you are on a tight budget. The price is affordable, and Sangfor offers a lot of features. We don't have any complaints about Sangfor."
"Sangfor NGAF specializes in ransomware detection and helps to protect our network from ransomware threats and malware."
"The built-in features function as intended, providing exceptional value."
"Particularly good in the DPI where we can inspect inbound and outbound traffic."
"So far, the performance and reliability of the product have supported our company's critical network traffic."
"Sangfor's tech features and technologies are more powerful than those of the other solution providers in terms of security. They also have big solutions in terms of cybersecurity."
"In our hospital, Sangfor NGAF works well for us in terms of ensuring confidentiality and availability, which are crucial in the healthcare industry."
"The stability of Sangfor NGAF is good."
 

Cons

"I have contacted the support from Fortinet FortiGate IPS. The service was good but the speed could be better."
"The main area needing improvement is the user-friendliness of FortiGate's integration with other Fortinet tools like FortiAuthenticator and VPN services."
"The security of Fortinet FortiGate could improve."
"I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security."
"If they could extend their fabric towards other vendor environments for integration, that would be great."
"It is complicated to manage different kinds of on-premise boxes."
"They have not yet extended to the cloud."
"Performance and technical support are the main issues with this solution."
"OPNsense can be improved by making it more user-friendly, as its current UI is not that user-friendly when compared to paid software such as Sophos."
"There are issues with stability and reliability."
"Given that OPNsense plays a pivotal role as a firewall, safeguarding against various threats, having a reliable backup ensures uninterrupted protection even if unforeseen events impact the primary virtual machine."
"There is room for improvement in SSL inspection."
"pfSense has better performance and quicker updates."
"There are some add-ons that need enhancements to make management easier for users, especially the reporting features. Some reports don't show the level of detail I'm looking for, and I've had trouble installing certain add-ons, especially for Internet bandwidth shaping within my company."
"OPNsense struggles to handle large volumes of voice traffic, indicating scalability issues in that specific use case."
"The solution would not be suitable for anything large-scale."
"Scalability for any network device is not very easy in terms of vertical scalability."
"The tool is expensive."
"The reporting and log management could be improved."
"I believe that IAM and NGFW need to merge into a single box, instead of there being two separate box solutions."
"Sangfor could improve their interface capacity on the 5100 series model and upgrade their hardware from one gig to 10 gig. This would improve the overall throughput."
"The tool's support is an area of concern where improvements are required."
"Sangfor NGAF could improve the policies and default criteria. They could be much better."
"I feel Sangfor should follow the hierarchy and close deals via resellers instead of closing it all with their own team."
 

Pricing and Cost Advice

"The price of FortiGate is average and I would say that based on the top five products available on the market, it is in the affordable range."
"Go for long term pricing negotiated at the time of purchase."
"It is more expensive than Sophos. Fortinet is overall more expensive than Sophos. The small range of Fortinet, such as 60F and 80F, is more expensive than the small range of Sophos. Sophos is cheaper. In addition, if you jump from 80F Series to 100F Series, the price doubles."
"For the performance that we get, the price is reasonable. There are cheaper options, but they may not deliver the same kind of performance that we want. For the performance they provide, the price is acceptable."
"Fortinet has more device options that are affordable for small businesses than Palo Alto, and its enterprise-level models are also cheaper. Palo Alto also has a separate license for VPN connections and SD-WAN, but FortiGate offers these features standard."
"It's an expensive solution."
"Its pricing is competitive with other solutions."
"Fortinet FortiGate has different licensing models, depending on what you're going to do. Services included would depend on the license model. Licenses can be renewed annually."
"OPNsense is open source software so at this time it is free for us to use."
"Its pricing is unbeatable in comparison to other firewalls. You can have a small instance that could be €80 a month with the hardware underneath. Azure Firewall and FortiGate are out of the question at this price. If you are on a public cloud, you need the underlying infrastructure. Other than that, there is no additional cost. If you have it on-prem, you have to buy the server or the appliance. The hardware cost is replaced with the infrastructure cost in the cloud. You also have costs for the public IPs and underlying VMs, but that's not related to OPNsense. It would be the same for a FortiGate deployment on Azure. You need a FortiGate license, and you need the underlying infrastructure that scales up depending on your needs."
"I would rate the pricing a nine out of ten, especially considering the availability of a free community edition."
"I would rate the pricing three out of ten."
"It's not expensive."
"The price of OPNsense is good."
"We are using the paid version."
"The solution is not expensive."
"We purchased one year technical support and return to factory support, and we also purchased one-year technical support services. So those were additional."
"If one is very cheap and ten is very expensive, I rate the tool's price as three out of ten."
"The price falls in the mid-range, neither exceptionally low nor high."
"Price-wise, I would not consider Sangfor NGAF to be a cheap product. It is an expensive firewall solution, though not as expensive as something like Palo Alto, which is costly. However, the higher price point is justifiable given the feature set the tool provides that other firewalls may not offer in a single dedicated appliance."
"It is one of the cheapest tools in the market."
"The price is unmatcheable."
"The pricing is reasonable."
"The solution has a TCO that is 32% to 50% less than Sophos, Fortinet, and SonicWall."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
867,497 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Comms Service Provider
9%
Manufacturing Company
8%
Financial Services Firm
6%
Computer Software Company
16%
Comms Service Provider
16%
University
6%
Manufacturing Company
6%
Manufacturing Company
11%
Computer Software Company
10%
Financial Services Firm
9%
Comms Service Provider
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business350
Midsize Enterprise129
Large Enterprise187
By reviewers
Company SizeCount
Small Business30
Midsize Enterprise4
Large Enterprise8
By reviewers
Company SizeCount
Small Business15
Midsize Enterprise10
Large Enterprise10
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
What is the difference between PfSense and OPNsense?
Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and cl...
What do you like most about OPNsense?
What I like the most about OPNsense is that it offers an easy-to-use dashboard for device management and control.
What is your experience regarding pricing and costs for OPNsense?
The pricing is competitive when compared to vendors like Palo and FortiNet.
What do you like most about Sangfor NGAF?
I think Sangfor NGAF is more valuable than Cisco products because of its simplicity and ease of management. If I comp...
What is your experience regarding pricing and costs for Sangfor NGAF?
The licensing cost is quite high compared to other available firewalls in the market.
What needs improvement with Sangfor NGAF?
The cost of licensing is very high compared to other firewalls available here. There should be improvements in hardwa...
 

Also Known As

No data available
No data available
Sangfor NGAF Firewall Platform
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
1. Deciso B.V. 2. iXsystems, Inc.  3. EuroBSDCon  4. Netgate  5. Claranet  6. Voleatech  7. Open Systems AG  8. Securebit AG  9. Proxmox Server Solutions GmbH  10. AVM Computersysteme Vertriebs GmbH  Additional customers include: T-Systems International GmbH, Deutsche Telekom AG, Vodafone GmbH, 1&1 IONOS SE, OVHcloud, Hetzner Online GmbH, Strato AG, PlusServer GmbH, Host Europe GmbH, United Internet AG, 1&1 Versatel Deutschland GmbH, QSC AG, Bechtle AG, Cancom SE, Computacenter AG & Co. oHG, T-Systems Multimedia Solutions GmbH, Atos SE, Capgemini SE, Accenture plc, IBM Corporation, Hewlett Packard Enterprise Company, Cisco Systems, Inc.
The Ministry of Science, Technology, and Innovation (Indonesia), Lawson, Inc. (Philippines), Universiti Sultan Zainal Abidin (Indonesia), TEK Automotive (Italy), etc.
Find out what your peers are saying about OPNsense vs. Sangfor NGAF and other solutions. Updated: September 2025.
867,497 professionals have used our research since 2012.