Try our new research platform with insights from 80,000+ expert users

OPNsense vs Sangfor NGAF comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jul 13, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
1st
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
411
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
OPNsense
Ranking in Firewalls
3rd
Average Rating
8.2
Reviews Sentiment
6.8
Number of Reviews
41
Ranking in other categories
No ranking in other categories
Sangfor NGAF
Ranking in Firewalls
21st
Average Rating
8.0
Reviews Sentiment
6.5
Number of Reviews
34
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of September 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 20.1%, up from 18.4% compared to the previous year. The mindshare of OPNsense is 11.1%, down from 15.9% compared to the previous year. The mindshare of Sangfor NGAF is 1.2%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls Market Share Distribution
ProductMarket Share (%)
Fortinet FortiGate20.1%
OPNsense11.1%
Sangfor NGAF1.2%
Other67.6%
Firewalls
 

Featured Reviews

Vasu Gala - PeerSpot reviewer
A stable solution with an intuitive interface and quick customer service
I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.
Akram Zaki Hussein - PeerSpot reviewer
Robust network security and management offering a user-friendly interface, open-source flexibility, and cost-effectiveness, with challenges regarding initial setup and the absence of official support
The interface is user-friendly, but there's room for improvement in terms of intuitiveness. The bundle management aspect requires additional attention to make it more intuitive, especially for inspecting high-level traffic. This is crucial, especially for larger companies where the existing features might not be the most optimal choice, given limitations like printer constraints. For high availability, it's crucial to have a method in place where a designated component oversees the entire process. Given that OPNsense plays a pivotal role as a firewall, safeguarding against various threats, having a reliable backup ensures uninterrupted protection even if unforeseen events impact the primary virtual machine. It would be beneficial if OPNsense supported additional virtualization platforms like Hyper-V from Microsoft and VMware, similar to how Kaspersky has integrated them.
Zaid Farooqui - PeerSpot reviewer
Enhanced threat detection with integrated security features and good support
We are using application firewalling, WAF, and SD-WAN. The capabilities are mostly within the box. For example, you will get web application firewall WAF as part and parcel of this. SD-WAN is also bundled. It integrates with their SIEM and SOAR solutions very nicely. Lastly, the pricing point is very cost-efficient as well.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"This version is stable. I don't have any issues with this solution, in our environment, it works well."
"Provides good firewall security and has great VPN features."
"Fortinet FortiGate is a very good next-generation firewall."
"There are lots of features and most of them are deployed for internet security. Users are protected if they accidentally go to some malicious sites."
"I really like the captive portal feature for our guest network. It has nice VLAN features in terms of separating our network. The anti-virus is also good."
"On a scale of one to ten, I rate this solution 10 out of 10."
"Offers good security and filtering."
"Security, SD-WAN, and Streetscape are valuable features."
"The tool's integration is more like a button press."
"OPNsense is highly stable."
"The IDS and IPS features are valuable. From the usability perspective, there is a lot of good documentation. As IT professionals, we found it very easy to configure the firewall. It was easy to configure and use."
"The VPN server feature is the most valuable. It is integrated with Radius and AAA for doing accounting and authentication. Insight view is also an important feature for me at this time. It allows me to assess our network traffic. I also like the firewall feature. The BSD kernel has a packet filter. It is one of the most solid frameworks for firewalls. Its user interface is one of the best interfaces I have used."
"One of the most valuable features is the network checking. Additionally, the firewall and web filtering functionalities are highly useful."
"OPNsense is very stable, easy to upgrade, and maintain."
"It has firewall and VPN capabilities, which are very valuable features."
"The technical support is very good."
"The most valuable features are the WAN optimization, the internet access gateway (IAG), and the central console, which allows us to implement on their firewall."
"I think Sangfor NGAF is more valuable than Cisco products because of its simplicity and ease of management. If I compare it with Palo Alto and Cisco, both are quite complex products. And if I compare it with FortiGate firewalls from Fortinet, I have also used all these products. Fortinet and Sangfor NGAF are similar products because the applications behind the application and policy layers are almost identical."
"The product is very fast and reliable."
"Sangfor NGAF works accordingly with our customers. The solution has good performance, easy to use, and integrates well with the endpoints."
"Sangfor NGAF's standout feature is its powerful application control, enabling precise restrictions on mobile user access to approved applications."
"We've found the technical support to be helpful."
"Sangfor has the best capabilities for securing connections, securing web browsers, securing servers, and general threat protection."
"The top functionality is the reporting feature."
 

Cons

"In an incident, after a restart, Fortinet FortiGate did not connect to FortiGuard servers. Due to that reason, on the customer end, all websites got blocked. I don't know why this happened. The firewall of a bank in Sri Lanka rebooted yesterday, and after that, FortiGuard servers did not connect properly, blocking all customer environment websites."
"The stability could be a bit better."
"The stability of Fortinet FortiGate could improve."
"I believe one area that could be improved in Fortinet FortiGate is posturing, specifically for remote VPN users, as there are OS-based limitations I encountered with only Windows; adding domain restrictions for VPN access would make it more competitive and useful."
"I use the FortiGate 60D model and realized the 300Mbps bandwidth limitation. Because it is a product that offers many services, I think it could have greater bandwidth capacity."
"During a recent upgrade from old devices to the latest ones, corporate IT faced challenges as there was no straightforward migration process, requiring many manual steps."
"It should be more stable. There should be full integration within Fortinet products themselves as well as with other third-party products. Especially when you're not dealing with SIEM and the correlation of the security box, we want Fortinet to be able to share that information with as many other products as it can."
"A disadvantage exists when we are collecting the logs, as it sometimes becomes very difficult to interpret the logs that are generated from the firewall."
"pfSense has better performance and quicker updates."
"There is room for improvement in SSL inspection."
"OPNsense struggles to handle large volumes of voice traffic, indicating scalability issues in that specific use case."
"The solution could be more secure."
"While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet."
"The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs."
"I would like better documentation concerning the provided packages and their integration."
"I would like to see better SD-WAN performance."
"The cost of licensing is very high compared to other firewalls available here."
"They need to improve their research team and they need to study their data to analyze it and build the product."
"The interface and user experience are horrible."
"The support for YouTube or the Internet is not enough."
"An area for improvement would be the number of ports defined on the box. In the next release, I would like them to develop their provisioning stage of enrolling end devices."
"It does not offer any recommendations on how to mitigate or control attacks."
"Sangfor NGAF could improve by refining its application control policies, especially in addressing challenges with certain types of applications."
"I believe that IAM and NGFW need to merge into a single box, instead of there being two separate box solutions."
 

Pricing and Cost Advice

"In terms of the market, it's not a cheap product, but it's cost-effective."
"The licensing cost is at the intermediate level."
"FortiGate's pricing falls within the mid-range when compared to other leading firewall solutions."
"The price of Fortinet FortiGate is affordable. Most of our customers are on a three-year license to use the solution. All the features and support are included in the price."
"The license of Fortinet FortiGate should be reduced."
"Currently, we are paying about $1,500 a month for three sites."
"There is a license to use Fortinet FortiGate."
"The Fortinet FortiGate security features cost approximately $1,500 a year. The firewall itself doesn't have a recurring cost. It's the security features on top of that that you pay for."
"I would rate the pricing a nine out of ten, especially considering the availability of a free community edition."
"The price of OPNsense is good."
"It costs about $1000."
"We are using the paid version."
"It is free."
"Its pricing is unbeatable in comparison to other firewalls. You can have a small instance that could be €80 a month with the hardware underneath. Azure Firewall and FortiGate are out of the question at this price. If you are on a public cloud, you need the underlying infrastructure. Other than that, there is no additional cost. If you have it on-prem, you have to buy the server or the appliance. The hardware cost is replaced with the infrastructure cost in the cloud. You also have costs for the public IPs and underlying VMs, but that's not related to OPNsense. It would be the same for a FortiGate deployment on Azure. You need a FortiGate license, and you need the underlying infrastructure that scales up depending on your needs."
"We are not paying any licensing fees. OPNsense is completely free for us."
"As an appliance, it's in the medium price range."
"The license of Sangfor NGAF can be purchased at different interval lengths, such as annually or three years. They offer a range of packages to choose from, such as combo or hybrid packages. We are using the complete solution package which includes IM, NGF and SSL VPN, and WAF."
"The product is very cost-effective compared to other brands or vendors."
"It is one of the cheapest tools in the market."
"Sangfor NGAF price is reasonable and there is an annual license. However, the maintenance cost can be a bit high."
"For four to five physical appliances for a licensed firewall, it costs approximately $4,000."
"If one is very cheap and ten is very expensive, I rate the tool's price as three out of ten."
"When it comes to the price of firewall solutions, Sangfor NGAF takes the cake."
"I rate the product price as one on a scale of one to ten, where one is low price and ten is high price."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
866,744 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Comms Service Provider
9%
Manufacturing Company
8%
Financial Services Firm
6%
Computer Software Company
16%
Comms Service Provider
16%
University
6%
Manufacturing Company
6%
Manufacturing Company
11%
Computer Software Company
11%
Financial Services Firm
9%
University
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business261
Midsize Enterprise99
Large Enterprise143
By reviewers
Company SizeCount
Small Business28
Midsize Enterprise4
Large Enterprise8
By reviewers
Company SizeCount
Small Business15
Midsize Enterprise10
Large Enterprise10
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
What is the difference between PfSense and OPNsense?
Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and cl...
What do you like most about OPNsense?
What I like the most about OPNsense is that it offers an easy-to-use dashboard for device management and control.
What is your experience regarding pricing and costs for OPNsense?
The pricing is competitive when compared to vendors like Palo and FortiNet.
What do you like most about Sangfor NGAF?
I think Sangfor NGAF is more valuable than Cisco products because of its simplicity and ease of management. If I comp...
What is your experience regarding pricing and costs for Sangfor NGAF?
The licensing cost is quite high compared to other available firewalls in the market.
What needs improvement with Sangfor NGAF?
The cost of licensing is very high compared to other firewalls available here. There should be improvements in hardwa...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
No data available
Sangfor NGAF Firewall Platform
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
1. Deciso B.V. 2. iXsystems, Inc.  3. EuroBSDCon  4. Netgate  5. Claranet  6. Voleatech  7. Open Systems AG  8. Securebit AG  9. Proxmox Server Solutions GmbH  10. AVM Computersysteme Vertriebs GmbH  Additional customers include: T-Systems International GmbH, Deutsche Telekom AG, Vodafone GmbH, 1&1 IONOS SE, OVHcloud, Hetzner Online GmbH, Strato AG, PlusServer GmbH, Host Europe GmbH, United Internet AG, 1&1 Versatel Deutschland GmbH, QSC AG, Bechtle AG, Cancom SE, Computacenter AG & Co. oHG, T-Systems Multimedia Solutions GmbH, Atos SE, Capgemini SE, Accenture plc, IBM Corporation, Hewlett Packard Enterprise Company, Cisco Systems, Inc.
The Ministry of Science, Technology, and Innovation (Indonesia), Lawson, Inc. (Philippines), Universiti Sultan Zainal Abidin (Indonesia), TEK Automotive (Italy), etc.
Find out what your peers are saying about OPNsense vs. Sangfor NGAF and other solutions. Updated: July 2025.
866,744 professionals have used our research since 2012.