"We have not had to deal with stability issues."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"The features I've found most valuable are the packet captures and packet traces because they help me debug connections. I like the logs because they help me see what's going on."
"Cisco's technical support is the best and that's why everybody implements their products."
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"IPS and Snort are very important because they also differentiate Cisco from other vendors and competitors."
"The implementation is pretty straightforward."
"The system in general is quite flexible."
"The VPN server feature is the most valuable. It is integrated with Radius and AAA for doing accounting and authentication. Insight view is also an important feature for me at this time. It allows me to assess our network traffic. I also like the firewall feature. The BSD kernel has a packet filter. It is one of the most solid frameworks for firewalls. Its user interface is one of the best interfaces I have used."
"I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed."
"The IDS and IPS features are valuable. From the usability perspective, there is a lot of good documentation. As IT professionals, we found it very easy to configure the firewall. It was easy to configure and use."
"The most valuable features are reporting, the Sensei plugin, and firewall capabilities."
"We have found pretty much all the features of the solution to be valuable."
"The initial implementation process is simple."
"OPNsense is easy to scale when running on the hardware."
"Some of the most valuable features are filtering and application control. The DDoS detection also shows traffic jamming and traffic shaping."
"The installation is easy. There is a wizard that can be used for a single connection making it simple and if you have multiple connections you can configure it manually."
"The product offers many great features."
"The most valuable feature of Sophos XG is the VBM."
"I have found the feature allowing you to manage everything from a centralized location beneficial."
"Sophos XG is very useful, it does many things."
"It's a product that is in continuous improvement and is following what the customer is asking for. They are taking inputs and designing new releases specifically according to the client and their needs."
"The solution is stable. I've had very few problems with it."
"The ability to better integrate with other tools would be an improvement."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"I would like it to have faster deployment times. A typical deployment could take two to three minutes. Sometimes, it depends on the situation. It is better than it was in the past, but it could always use improvement."
"The only drawback of the user interface is when it comes to policies. When you open it and click on the policies, you have to move manually left and right if you want to see the whole field within the cell. Checkpoint has a very detailed user interface."
"The maturity needs to be better."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"The reporting and other features are nice, but there is an issue with applying the configuration. That part needs some improvement."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"The logging could improve in OPNsense."
"The interface needs to be simplified. It is not user-friendly."
"The only thing that I would like to see improved is the Insight or the NetFlow analysis part. It would be good to have the possibility to dig down on the Insight platform. Right now, we can easily do only a few analyses. If this page becomes more powerful, it surely will be a well-adopted platform."
"I would like to see better SD-WAN performance."
"The solution could be more secure."
"The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs."
"While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet."
"We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much."
"Areas for improvement would be the access points and the on-premise version, which is very bad."
"The management console could be improved and the solution lacks good technical support."
"Some of the firewall rules are complicated for us to understand, they should be simplified."
"The reporting could be improved in this solution by adding more details."
"The interface can bit a bit more user-friendly."
"There should be web caching to improve bandwidth utilization. It should have a very good caching feature. That's because we are in a very poor continent, and the connectivity cost is very high. We have low bandwidth, and the intensive usage of bandwidth is not easy here in Africa. If they improve services for web caching, it would be better."
"XG is at its end of life. People are moving to XGS."
"Sophos XG could improve by coming out with more innovative feature developments."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
OPNsense is ranked 13th in Firewalls with 8 reviews while Sophos XG is ranked 6th in Firewalls with 141 reviews. OPNsense is rated 7.8, while Sophos XG is rated 8.0. The top reviewer of OPNsense writes "Unbeatable pricing and easy to configure and use, but it can be configured only through the GUI, and the integration with Azure cloud is difficult". On the other hand, the top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". OPNsense is most compared with pfSense, Untangle NG Firewall, Fortinet FortiGate, Sophos UTM and Cisco ASA Firewall, whereas Sophos XG is most compared with Fortinet FortiGate, pfSense, Palo Alto Networks NG Firewalls, Meraki MX and SonicWall NSa. See our OPNsense vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
