• Home
  • OPNsense vs. Sophos XG

OPNsense vs Sophos XG comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo

Fortinet FortiGate

Read 108 Fortinet FortiGate reviews
124,801 views|91,789 comparisons
OPNsense Logo

OPNsense

Read 17 OPNsense reviews
99,674 views|86,588 comparisons
Sophos Logo

Sophos XG

Read 54 Sophos XG reviews
57,417 views|40,596 comparisons
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
OPNsense vs. Sophos XG
September 2023
Executive Summary
Updated on Sep 6, 2022

We performed a comparison between OPNsense and Sophos XG based on our users’ reviews in four categories. After reading the collected data, you can find our conclusion below.

  • Ease of Deployment: Users of both solutions relate that they are easy and straightforward to deploy.
  • Features: OPNSense users say it offers good reporting and visibility and that it is a good option for home and small business use. Many users feel the solution could be more secure and user friendly. It can be a challenging solution to use for the complete novice.

    Sophos XG offers VPN, solid firewalling, robust intrusion detection, and content blocking. Users find it easy to use and manage. They find the interface user friendly and very intuitive. They would like to have improvement to the SD-WAN, GDPR capabilities, and better integrations.
  • Pricing: OPNsense is open source and free to use but provides limited features. Paid versions can be pricey. Sophos XG users find the price to be reasonable.
  • Service and Support: For the most part, users of both solutions are happy with the service and support.

Comparison Results: Sophos XG’s single pane of glass makes it easy for users to manage the entire solution from anywhere. The solution is very light, stable, and provides excellent real-time control. Users feel OPNsense is not a good product for medium to large businesses, as it has some very limited features and needs better reporting and documentation.

To learn more, read our detailed OPNsense vs. Sophos XG Report (Updated: September 2023).
Download the complete report
735,226 professionals have used our research since 2012.
Featured Review
Anonymous User
Promptly addresses security threats and vulnerabilities commonly found in the modern technology world
Fortinet FortiGate makes it extremely easy to manage the entire security system independently of our enterprise. In our company, we operate... Read more →
Anonymous User
Free to use, easy to manage, and offers good security options
This is a free and secure solution that is easy to use.
Anonymous User
Good filtering and application control features, but the bandwidth could be more effective
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The UTM feature is quite good. FortiAP is easy to deploy because both Fortigate and FortiAP are under the same brand. Otherwise, you need to do more work on the configuration.""I like that you are able to manage FortiGate from the FortiManager to create a more centralized environment.""FortiGate has a strong security topic which allows all of the Fortinet devices to communicate and share information which makes their security more powerful.""Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution.""Fortinet FortiGate is easy to use. Anyone can easily maintain it.""The license management is very valuable. You can get a new license each year, or you can enroll every two to four years. You can get the logs, and you will get the information on the risk in your network and the entire organization. With this information, you can take action on your actives, computers, or devices. You can bring your own device as an SSE.""Their interface is very easy to use, it is without bugs.""The security fabric is excellent."

More Fortinet FortiGate Pros →

"I feel that its valuable features are that it is simple and free.""OPNsense is easy to use and open source.""One of the most valuable features is the network checking. Additionally, the firewall and web filtering functionalities are highly useful.""URL blocking, Wireguard, Tail Scale, Engine Blocker, and VPN are the most valuable features for me.""It's open source.""It has an open license. It works very well, and there is an update every month.""The IDS and IPS features are valuable. From the usability perspective, there is a lot of good documentation. As IT professionals, we found it very easy to configure the firewall. It was easy to configure and use.""We have been operating here in our lab for several months, and everything appears to be extremely stable."

More OPNsense Pros →

"The performance of Sophos XG is generally good and it is stable.""Sophos XG is very useful, it does many things.""One of the standout features of Sophos XG is its proprietary VPN technology known as RID (Remote Internet Device). This unique technology provides efficient branch connectivity without the need to invest in additional firewalls for each branch. By utilizing an affordable device called RED, users can effectively control and establish connections in a cost-effective manner. Additionally, the solution is feature-rich.""Compared to other firewalls that I had looked at, I thought Sophos was the better solution. It just seems to be easier to manage versus Cisco, Fortinet, or one of the other options I was looking at.""The most valuable feature of Sophos XG is the VBM.""I have found configuring the ports to be easier in Sophos XG compared to the other devices.""The solution comes with a common bundle which comprises all the feature.""Over the past two years, during the COVID pandemic, the VPN has helped us a lot."

More Sophos XG Pros →

Cons
"The solution lacks sufficient filtering.""I would like to see improvements with the antivirus and IPS as they are not working properly all the time.""When we cluster the two Fortinet FortiGate boxes together we have some issues.""It would be nice if FortiGate incorporated some built-in endpoint protection features. I would also like a built-in SOC dashboard for managing multiple Fortinet firewalls.""We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs.""Fortinet should focus on enhancing the capabilities of FortiGate by consolidating its various products, such as FortiGate Cloud, FortiManager, and FortiAnalyzer.""There can be more security in hybrid implementations. When a customer has a hybrid environment where some parts are in the cloud, we need a consistent security solution for such scenarios.""Palo Alto has a feature called WildFire Analysis that is unavailable in FortiGate. WildFire is better than a sandbox because it can address zero-day threats and vulnerabilities. It can immediately identify zero-day threats from the cloud."

More Fortinet FortiGate Cons →

"There are a few weaknesses. For example, there is a lack of some features that I have in certain commercial products.""An area for improvement in OPNsense is the hardware, which needs to be updated more frequently. DNS blocking is another good feature I want to be added to the solution. pfSense has a peer-blocking feature that I also want to see in OPNsense.""While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet.""I think the most important thing is that it should be easily accessible, but currently, that doesn't seem to be the case. We need a hardware platform that's based on common standards and open computing principles, which would be like a commodity and benefit us greatly.""The IPS solution could be more reliable.""We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much.""The reporting part could be better.""The user interface could be improved, and the DNS section should be more intuitive."

More OPNsense Cons →

"The solution could be more secure.""In the Sophos XG, the SD-WAN has all the rules done separately, such as net policy routing. In the previous version, they were all in a single rule and everything was done that way. The way it is now is difficult for us because we are not used to this newer version. The firewall rules should be easier to configure and create. Everything should be done with a single click.""The support from the vendor needs to be improved.""Sophos XG could improve by coming out with more innovative feature developments.""The VPN features can be improved. Due to covid-19, we have a lot of employees that work from home and we need better VPN capabilities.""SD-WAN would benefit from further improvement, particularly in terms of incorporating optimization techniques that are not typically found in traditional firewalls. Nowadays, WAN optimization features are being integrated into many firewalls, and implementing similar capabilities in SD-WAN would enhance its performance and functionality.""Our clients use Karios, and while it integrates well with it, the integration could be improved.""The interface of Sophos XG could be improved. I would prefer the Sophos XG to have an interface for the technician who is setting it up similar to the Sophos SG. I felt the Sophos SG user interface was superior. however, in terms of the functionality of the product, Sophos XG is in many ways more powerful than the Sophos SG. I have no complaints about the quality of the product or the end result. For someone who has used both, I preferred the old interface to the new one."

More Sophos XG Cons →

Pricing and Cost Advice
  • "I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost."
  • "It is more expensive than Sophos. Fortinet is overall more expensive than Sophos. The small range of Fortinet, such as 60F and 80F, is more expensive than the small range of Sophos. Sophos is cheaper. In addition, if you jump from 80F Series to 100F Series, the price doubles."
  • "The license is yearly. We pay for the top end. It's called 360."
  • "Here in Brazil, we're going through difficult economic times and the tax on the dollar is high. All the solutions from minor competitors are growing in the market. The prices have come more competitive."
  • "Licensing for Fortinet FortiGate is on a yearly basis. Pricing for it is a bit high. It could be cheaper."
  • "The licensing scheme of Fortinet is better than Cisco. It is more logical."
  • "The solution requires a license annually, it is not a user license, you can have as many users as your want. I must renew the license regularly per device."
  • "It was probably about $2,500 per firewall. It was all included. It included support, services, threat management software, and 24/7 FortiCare on it. Cisco products are more expensive."

    • More Fortinet FortiGate Pricing and Cost Advice →

  • "Its pricing is unbeatable in comparison to other firewalls. You can have a small instance that could be €80 a month with the hardware underneath. Azure Firewall and FortiGate are out of the question at this price. If you are on a public cloud, you need the underlying infrastructure. Other than that, there is no additional cost. If you have it on-prem, you have to buy the server or the appliance. The hardware cost is replaced with the infrastructure cost in the cloud. You also have costs for the public IPs and underlying VMs, but that's not related to OPNsense. It would be the same for a FortiGate deployment on Azure. You need a FortiGate license, and you need the underlying infrastructure that scales up depending on your needs."
  • "It is open source and free."
  • "The price of OPNsense is good."
  • "I'm using the free version of OPNsense. I didn't check the pricing for the solution because I still need to test it before getting the approval to purchase OPNsense, and it isn't easy to get approval from the higher-ups."
  • "It's a free solution."
  • "It's not expensive."

    • More OPNsense Pricing and Cost Advice →

  • "The price is reasonable"
  • "When compared to other products, Sophos licensing is very affordable."
  • "The price is reasonable but it would be great if it was reduced to half the price."
  • "Over the last two years of the COVID-19 crises, most users required an SSL VPN license, something for which SonicWall charges but which Sophos offers for free."
  • "The pricing was reasonable."
  • "The price is reasonable in my opinion."
  • "Licensing fees are paid on a yearly basis."
  • "We have a three-year license."

    • More Sophos XG Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    See Recommendations
    735,226 professionals have used our research since 2012.
    Questions from the Community
    Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Read all 3 answers   →
    What is the biggest difference between Sophos XG and FortiGate?
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Read all 13 answers   →
    What are the biggest technical differences between Sophos UTM and Fortine...
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Read all 11 answers   →
    What is the difference between PfSense and OPNsense?
    Top Answer:Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
    What do you like most about OPNsense?
    Top Answer:OPNsense is easy to use and open source.
    Read all 27 answers   →
    What is your experience regarding pricing and costs for OPNsense?
    Top Answer:It's reasonably priced. It's not expensive.
    Read all 23 answers   →
    Which is better - Palo Alto Networks NG Firewalls or Sophos XG?
    Top Answer:Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat… more »
    Read all 2 answers   →
    What are the main differences in features between Sophos XG and FortiGate...
    Top Answer:Hi Arvind P ,  The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form… more »
    Read all 6 answers   →
    What Is The Biggest Difference Between Sophos UTM and Sophos XG?
    Top Answer:The Sophos UTM is a UTM and Sophos XG is the NGFW. First, you must know about the difference between a UTM and NGFW… more »
    Read all 18 answers   →
    Comparisons
    Also Known As
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    Learn More
    Fortinet
    OPNsense
    Video Not Available
    Sophos
    Overview

    Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

    Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.

    Benefits of Fortinet FortiGate

    Some of the benefits of using Fortinet FortiGate include:

    • The ability to manage your firewalls from a centralized automated control console. Fortinet FortiGate’s FortiManager enables administrators to exercise control of their firewalls in a streamlined manner. Administrators have full visibility and control over their system from a single location. It utilizes automation that collects information in real time, which greatly simplifies and reduces the cost of running various types of workflows. Administrators can free up resources by automating the most basic tasks.
    • The ability to produce uniform, appropriate, and coordinated responses to threats across networks. Fortinet FortiGate’s FortiGuard feature generates system protections in near real time. This allows administrators to address threats to the system with custom-made solutions that can be uniformly enforced.
    • The ability to scale up your security to fit your changing security needs. Fortinet FortiGate’s design allows users to accelerate the transfer of data between users and escalate the number of users that are covered without compromising security of performance. This means that users can grow their networks and continue to collaborate without worrying about the system slowing down or coming under attack.

    Reviews from Real Users

    Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.

    PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”

    PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”

    OPNsense is a user-friendly, fast-track, open-source FreeBSD-based firewall and routing platform. This software offers features that are generally available from costly commercial firewalls, with the added benefit of open and verifiable sources. The firewall provides users, developers, and organizations with an advantageous environment through transparency. The development of this project is driven by a strong focus on security and code quality.

    The solution offers a variety of components, such as:

    • Weekly security updates. These updates provide the user with the ability to reach new emerging threats in a timely manner through small increments.

    • Two major releases every year. These yearly releases are on a fixed release cycle and provide organizations with the ability to plan ahead of an upcoming upgrade.

    • A roadmap of instructions. Each major release provides a guide and a set of clear goals.

    A team of professionals developed OPNsense. Other professional and experienced software architects, engineers, and developers are encouraged to join in the development of the solution to make it as successful as possible. OPNsense offers a variety of rich features with each release. Each upgrade is based on FreeBSD for continual, long-term support and utilizes a freshly advanced MVC framework based on Phalcon. OPNsense is committed to helping businesses, school networks, remote offices, hotels, and other markets in keeping their data protected.

    OPNsense Core Features

    OPNsense continually offers a free, complete, high-end security platform with new releases and features. With each release, OPNsense focuses on providing more unique and better security features in a timely manner. These features include:

    • Captive Portal
    • Built-in reporting and monitoring tools including RRD Graphs
    • Network Flow Monitoring
    • Traffic Shaper
    • Support for Plugins
    • Granular Control Over State Table
    • Dynamic DNS
    • Two-factor authentication throughout the system
    • Netflow Exporter
    • Encrypted Configuration Backup to Google Drive
    • Forward Caching Proxy (transparent) with Blacklist Support
    • Stateful inspection firewall
    • DNS Server & DNS Forwarder
    • High Availability & Hardware Failover (with configuration synchronization & synchronized state tables)
    • DHCP Server and Relay
    • Virtual Private Network (site to site & road warrior, IPsec, OpenVPN & legacy PPTP support)
    • Intrusion Detection and Prevention
    • 802.1Q VLAN support

    Reviews from Real Users

    OPNsense is a favorite security solution among reviewers for a number of reasons. Two of those reasons include the user-friendliness of the solution, which makes it easy to use, and its ability to easily scale.

    For many, a user-friendly solution is essential. FiorindoDi A., a system administration specialist at a tech vendor, says, "The graphic user interface is very good and it is user-friendly, which makes the product easy-to-use."

    Peerspot reviewers speak of the scalability of the solution. For example, an anonymous cloud and infrastructure manager at a venture capital and private equity firm reviewer notes, "OPNsense is easy to scale when running on the hardware."

    Sophos XG Firewall is a complete firewall solution that provides all the real-time security and insights you need to protect your network from ransomware and advanced threats. Sophos XG Firewall provides visibility into suspicious users, unknown and unwanted apps, encrypted traffic, and other threats. With its advanced artificial intelligence capabilities, Sophos XG Firewall immediately identifies potential risks and intrusions on web servers and networks.

    Sophos XG Firewall Features

    Sophos XG Firewall offers a wide range of security features, including:

    • Application control: Prevent widespread infections with XG’s Security Heartbeat. XG Firewall automatically identifies the source of an infection on a network and automatically prevents it from accessing other network resources.

    • Synchronized user ID: Eliminate the need for client or server authentication agents by sharing user identification between the endpoint and the firewall through Security Heartbeat.

    • Centralized management: Easily manage all activities with Sophos Central. The XG cloud management platform allows users to easily set up, manage, and monitor XG firewalls along with other Sophos products. Some of Sophos Central’s features include alerting, backup management, one-click firmware updates, and rapid deployments of new firewalls.

    • Lateral movement protection: Automatically isolate compromised systems at every point in the network to stop attacks dead in their tracks.

    • Network protection: Protect networks from attacks and threats while providing secure network access.

    • Web protection: Gain clear visibility and control over all users’ web and application activity.

    • Web server protection: Solidify web servers and applications against hacking attacks while providing secure web access.

    • Email protection: Consolidate email protection with anti-spam, DLP, and encryption. XG’s Live Anti-Spam provides protection from the most recent spam campaigns, phishing attacks, and malicious attachments. Data Loss Prevention automatically triggers encryption on sensitive data in outgoing emails.

    Reviews from Real Users

    Sophos XG Firewall stands out among its competitors, among other reasons, for its intrusion detection capabilities, its user-friendly management platform, and in general, for being a complete and robust firewall solution.

    Niranjan P., a network & system support engineer, writes, “Sophos is a comprehensive solution which allows me to configure all the attendant products, such as Sophos's firewall, endpoint, and encryption features. A nice feature of Sophos is that it offers in sync and heartbeat security. When my clients have a perimeter involving Sophos firewall and endpoints with Sophos Endpoint, they can communicate with each other.”

    Antonio D., sales manager at INFOSEC, notes, “The product has a console that is based in the cloud for all their products. In this console, they have email security, firewall security, endpoint security, et cetera. All of the products on offer in the console are very useful for us. The solution is stable. The solution works well for enterprises and large-scale organizations.”

    Antony M., ICT/HMIS supervisor at a healthcare company, writes, “The VPN feature is the most valuable. It has come in handy during this period when people are working from home. The filtering feature is also valuable because you can easily filter the sites that you don't want to visit. You can also set timely surfing quotas”

    Offer
    Learn more about Fortinet FortiGate
    Learn More
    Learn more about OPNsense
    Learn More
    Learn more about Sophos XG
    Learn More
    Sample Customers
    Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
    CompuNet Systems GmbH,
    Information Not Available
    Top Industries
    REVIEWERS
    Comms Service Provider16%
    Computer Software Company10%
    Financial Services Firm9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Educational Organization21%
    Computer Software Company15%
    Comms Service Provider9%
    Government5%
    REVIEWERS
    Comms Service Provider25%
    Financial Services Firm19%
    Logistics Company13%
    Government6%
    VISITORS READING REVIEWS
    Comms Service Provider16%
    Computer Software Company15%
    Government9%
    Educational Organization6%
    REVIEWERS
    Manufacturing Company12%
    Financial Services Firm11%
    Healthcare Company9%
    Comms Service Provider7%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Comms Service Provider12%
    Government7%
    Retailer5%
    Company Size
    REVIEWERS
    Small Business48%
    Midsize Enterprise23%
    Large Enterprise30%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise33%
    Large Enterprise41%
    REVIEWERS
    Small Business68%
    Midsize Enterprise13%
    Large Enterprise19%
    VISITORS READING REVIEWS
    Small Business31%
    Midsize Enterprise18%
    Large Enterprise51%
    REVIEWERS
    Small Business62%
    Midsize Enterprise23%
    Large Enterprise15%
    VISITORS READING REVIEWS
    Small Business38%
    Midsize Enterprise19%
    Large Enterprise44%
    Buyer's Guide
    OPNsense vs. Sophos XG
    September 2023
    Free Report: OPNsense vs. Sophos XG
    Find out what your peers are saying about OPNsense vs. Sophos XG and other solutions. Updated: September 2023.
    DOWNLOAD NOW
    735,226 professionals have used our research since 2012.

    OPNsense is ranked 4th in Firewalls with 17 reviews while Sophos XG is ranked 7th in Firewalls with 54 reviews. OPNsense is rated 8.4, while Sophos XG is rated 8.2. The top reviewer of OPNsense writes "There are lots of capabilities built-in: Few would be High Availability, Proxy, DNS, Intrusion detection/prevention, content filtering, traffic and bandwidth management with 2factor autn. ". On the other hand, the top reviewer of Sophos XG writes "Secure, duel switch capabilities, and good support". OPNsense is most compared with Netgate pfSense, Untangle NG Firewall, Sophos UTM, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos XG is most compared with Netgate pfSense, Sophos XGS, Palo Alto Networks NG Firewalls, WatchGuard Firebox and SonicWall TZ. See our OPNsense vs. Sophos XG report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.