Cancel
You must select at least 2 products to compare!
Cisco Logo
99,561 views|66,518 comparisons
OPNsense Logo
80,006 views|69,785 comparisons
Sophos Logo
56,363 views|42,137 comparisons
Comparison Buyer's Guide
Executive Summary
Updated on Sep 6, 2022

We performed a comparison between OPNsense and Sophos XG based on our users’ reviews in four categories. After reading the collected data, you can find our conclusion below.

  • Ease of Deployment: Users of both solutions relate that they are easy and straightforward to deploy.
  • Features: OPNSense users say it offers good reporting and visibility and that it is a good option for home and small business use. Many users feel the solution could be more secure and user friendly. It can be a challenging solution to use for the complete novice.

    Sophos XG offers VPN, solid firewalling, robust intrusion detection, and content blocking. Users find it easy to use and manage. They find the interface user friendly and very intuitive. They would like to have improvement to the SD-WAN, GDPR capabilities, and better integrations.
  • Pricing: OPNsense is open source and free to use but provides limited features. Paid versions can be pricey. Sophos XG users find the price to be reasonable.
  • Service and Support: For the most part, users of both solutions are happy with the service and support.

Comparison Results: Sophos XG’s single pane of glass makes it easy for users to manage the entire solution from anywhere. The solution is very light, stable, and provides excellent real-time control. Users feel OPNsense is not a good product for medium to large businesses, as it has some very limited features and needs better reporting and documentation.

To learn more, read our detailed OPNsense vs. Sophos XG Report (Updated: November 2022).
655,711 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"One of the most valuable features is the GUI front end, which is very easy to use. But I'm also a command-line guy, and being able to access the device via command-line for advanced troubleshooting is quite important.""Cisco ASA works very nicely from an administration perspective. The management of the device is very nice. The ASDM (Adaptive Security Device Manager) is the software that we use and it is very easy to configure using the GUI.""The user interface is very easy to manage and find rules. You can do object searches, which are very easy. Also, the logging is very simple to use. So, it is a lot easier to troubleshoot and find items inside the firewall.""It has definitely improved our organization. It gives us remote connectivity, helps workers connect remotely, and also gives us good connectivity to our other branches.""The most valuable feature is that it's secure.""With Cisco, there are a lot of features such as the network map. Cisco builds the whole network map of the machines you have behind your firewall and gives you insight into the vulnerabilities and attributes that the host has. Checkpoint and Fortinet don't have that functionality directly on the firewall.""Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity.""The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."

More Cisco Secure Firewall Pros →

"It has an open license. It works very well, and there is an update every month.""The most valuable features are reporting, the Sensei plugin, and firewall capabilities.""The system in general is quite flexible.""I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed.""OPNsense could improve by making the configuration more web-based rather than shell or command-line-based.""The initial implementation process is simple.""The IDS and IPS features are valuable. From the usability perspective, there is a lot of good documentation. As IT professionals, we found it very easy to configure the firewall. It was easy to configure and use.""OPNsense is easy to scale when running on the hardware."

More OPNsense Pros →

"The VPN features and its capabilities are great.""I have found the solution easy to use and fully integrated.""We get good usage out of the features. It has enabled us to gain popularity. It has great features.""The stability of Sophos XG is good, it has good performance.""It's a complete firewall solution that has everything.""The initial setup is straightforward.""Sophos began with a basic version and evolved into something more efficient in terms of performance.""I have found configuring the ports to be easier in Sophos XG compared to the other devices."

More Sophos XG Pros →

Cons
"The graphical interface could be improved. From what I have seen, Fortinet, for example, has a nicer GUI.""It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience.""One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue.""They could improve by having more skilled, high-level engineers that are available around the clock. I know that's an easy thing to say and a hard thing to do.""One of the challenges we've had with the Cisco ASA is the lack of a strong controller or central management console that is dependable and reliable all the time.""Sometimes, it is not easy to troubleshoot. You need to know where to go. It took me quite awhile. It's like, "Okay, if it doesn't go smoothly here, then go find the documentation." Once you do it, it is not so bad. However, it is sometimes a steep learning curve on the troubleshooting part of it.""When comparing the graphical interface of this solution to other vendors it is more difficult to configure. There is a higher learning curve for administrators in this solution.""It can be improved when it comes to monitoring. Today, the logs from the firewalls could be improved a bit more without integrating with other devices."

More Cisco Secure Firewall Cons →

"I would like to see better SD-WAN performance.""The logging could improve in OPNsense.""They should improve IPEs for security in the future.""OPNsense could improve by making the configuration more web-based rather than shell or command-line-based.""The IPS solution could be more reliable.""The support for OPNsense is good because we have documents available on the internet. The support could improve a little.""The solution could be more secure.""We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much."

More OPNsense Cons →

"Some of the firewall rules are complicated for us to understand, they should be simplified.""The solution could be improved if it offered more documentation or at least provided more information about the products themselves.""Their support is fairly good, and they come back to me. I've had an issue once or twice where I couldn't understand what the support person was saying because those calls were probably routed to India. They were a bit difficult to understand, but it is generally not an issue.""There are issues with electricity with this solution.""In the Firewall, the Intrusion Prevention System can be improved.""While it is possible to configure between two of the solution's devices in the same model, the high available usually fails.""While it is a secure solution, I believe it could be improved.""In the next release, I would like to see improvements to simplify the interface and more policy deployments."

More Sophos XG Cons →

Pricing and Cost Advice
  • "If we compare it with FortiGate and the co-existing ASA, FortiGate is better in price."
  • "They seem to be at the top end in terms of pricing, but they are worth the price. They are probably a little bit lower than Palo Alto. If the customers are relying on Cisco products and they are thinking more in terms of scaling to another layer in a year, it is pretty much in a good price range."
  • "We're using the smart license for this firewall. The models that we have require licensing for remote access."
  • "There are licensing costs."
  • "I just bought it off the shelf, and I'm using it with my previous one, so I have not spent that much."
  • "The price is fair. It's not the cheapest, but it's not bad."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The product is very expensive."
  • More Cisco Secure Firewall Pricing and Cost Advice →

  • "OPNsense is an open-source solution and it is free to use."
  • "The solution is not expensive."
  • "As an appliance, it's in the medium price range."
  • "Its pricing is unbeatable in comparison to other firewalls. You can have a small instance that could be €80 a month with the hardware underneath. Azure Firewall and FortiGate are out of the question at this price. If you are on a public cloud, you need the underlying infrastructure. Other than that, there is no additional cost. If you have it on-prem, you have to buy the server or the appliance. The hardware cost is replaced with the infrastructure cost in the cloud. You also have costs for the public IPs and underlying VMs, but that's not related to OPNsense. It would be the same for a FortiGate deployment on Azure. You need a FortiGate license, and you need the underlying infrastructure that scales up depending on your needs."
  • "It is open source and free."
  • "The price of OPNsense is good."
  • More OPNsense Pricing and Cost Advice →

  • "It is not very expensive."
  • "We prepaid in advance to get the max discount."
  • "Sophos XG isn't expensive compared to Check Point."
  • "The price is in the mid-range and it is very good for small to medium-sized businesses."
  • "When you compare with Barracuda, Sophos is quite a bit cheaper."
  • "Licensing fees are on a yearly basis."
  • "For our company, the price was reasonable."
  • "It is not that expensive compared to the other solutions. It is about the same price range as Fortigate, which we used previously. Licensing is on a yearly basis."
  • More Sophos XG Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    655,711 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer:Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
    Top Answer:OPNsense could improve by making the configuration more web-based rather than shell or command-line-based.
    Top Answer:The price of OPNsense is good. I rate the price of OPNsense a five out of five.
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Top Answer:Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat… more »
    Top Answer:Hi Arvind P ,  The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form… more »
    Comparisons
    Also Known As
    Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
    Learn More
    OPNsense
    Video Not Available
    Overview

    The Cisco Secure Firewall portfolio delivers greater protections for your network against an increasingly evolving and complex set of threats. With Cisco, you’re investing in a foundation for security that is both agile and integrated- leading to the strongest security posture available today and tomorrow.

      From your data center, branch offices, cloud environments, and everywhere in between, you can leverage the power of Cisco to turn your existing network infrastructure into an extension of your firewall solution, resulting in world class security controls everywhere you need them.

      Investing in a Secure Firewall appliance today gives you robust protections against even the most sophisticated threats without compromising performance when inspecting encrypted traffic. Further, integrations with other Cisco and 3rd party solutions provides you with a broad and deep portfolio of security products, all working together to correlate previously disconnected events, eliminate noise, and stop threats faster.

      OPNsense is a user-friendly, fast-track, open-source FreeBSD-based firewall and routing platform. This software offers features that are generally available from costly commercial firewalls, with the added benefit of open and verifiable sources. The firewall provides users, developers, and organizations with an advantageous environment through transparency. The development of this project is driven by a strong focus on security and code quality.

      The solution offers a variety of components, such as:

      • Weekly security updates. These updates provide the user with the ability to reach new emerging threats in a timely manner through small increments.

      • Two major releases every year. These yearly releases are on a fixed release cycle and provide organizations with the ability to plan ahead of an upcoming upgrade.

      • A roadmap of instructions. Each major release provides a guide and a set of clear goals.

      A team of professionals developed OPNsense. Other professional and experienced software architects, engineers, and developers are encouraged to join in the development of the solution to make it as successful as possible. OPNsense offers a variety of rich features with each release. Each upgrade is based on FreeBSD for continual, long-term support and utilizes a freshly advanced MVC framework based on Phalcon. OPNsense is committed to helping businesses, school networks, remote offices, hotels, and other markets in keeping their data protected.

      OPNsense Core Features

      OPNsense continually offers a free, complete, high-end security platform with new releases and features. With each release, OPNsense focuses on providing more unique and better security features in a timely manner. These features include:

      • Captive Portal
      • Built-in reporting and monitoring tools including RRD Graphs
      • Network Flow Monitoring
      • Traffic Shaper
      • Support for Plugins
      • Granular Control Over State Table
      • Dynamic DNS
      • Two-factor authentication throughout the system
      • Netflow Exporter
      • Encrypted Configuration Backup to Google Drive
      • Forward Caching Proxy (transparent) with Blacklist Support
      • Stateful inspection firewall
      • DNS Server & DNS Forwarder
      • High Availability & Hardware Failover (with configuration synchronization & synchronized state tables)
      • DHCP Server and Relay
      • Virtual Private Network (site to site & road warrior, IPsec, OpenVPN & legacy PPTP support)
      • Intrusion Detection and Prevention
      • 802.1Q VLAN support

      Reviews from Real Users

      OPNsense is a favorite security solution among reviewers for a number of reasons. Two of those reasons include the user-friendliness of the solution, which makes it easy to use, and its ability to easily scale.

      For many, a user-friendly solution is essential. FiorindoDi A., a system administration specialist at a tech vendor, says, "The graphic user interface is very good and it is user-friendly, which makes the product easy-to-use."

      Peerspot reviewers speak of the scalability of the solution. For example, an anonymous cloud and infrastructure manager at a venture capital and private equity firm reviewer notes, "OPNsense is easy to scale when running on the hardware."

      Sophos XG Firewall is a complete firewall solution that provides all the real-time security and insights you need to protect your network from ransomware and advanced threats. Sophos XG Firewall provides visibility into suspicious users, unknown and unwanted apps, encrypted traffic, and other threats. With its advanced artificial intelligence capabilities, Sophos XG Firewall immediately identifies potential risks and intrusions on web servers and networks.

      Sophos XG Firewall Features

      Sophos XG Firewall offers a wide range of security features, including:

      • Application control: Prevent widespread infections with XG’s Security Heartbeat. XG Firewall automatically identifies the source of an infection on a network and automatically prevents it from accessing other network resources.

      • Synchronized user ID: Eliminate the need for client or server authentication agents by sharing user identification between the endpoint and the firewall through Security Heartbeat.

      • Centralized management: Easily manage all activities with Sophos Central. The XG cloud management platform allows users to easily set up, manage, and monitor XG firewalls along with other Sophos products. Some of Sophos Central’s features include alerting, backup management, one-click firmware updates, and rapid deployments of new firewalls.

      • Lateral movement protection: Automatically isolate compromised systems at every point in the network to stop attacks dead in their tracks.

      • Network protection: Protect networks from attacks and threats while providing secure network access.

      • Web protection: Gain clear visibility and control over all users’ web and application activity.

      • Web server protection: Solidify web servers and applications against hacking attacks while providing secure web access.

      • Email protection: Consolidate email protection with anti-spam, DLP, and encryption. XG’s Live Anti-Spam provides protection from the most recent spam campaigns, phishing attacks, and malicious attachments. Data Loss Prevention automatically triggers encryption on sensitive data in outgoing emails.

      Reviews from Real Users

      Sophos XG Firewall stands out among its competitors, among other reasons, for its intrusion detection capabilities, its user-friendly management platform, and in general, for being a complete and robust firewall solution.

      Niranjan P., a network & system support engineer, writes, “Sophos is a comprehensive solution which allows me to configure all the attendant products, such as Sophos's firewall, endpoint, and encryption features. A nice feature of Sophos is that it offers in sync and heartbeat security. When my clients have a perimeter involving Sophos firewall and endpoints with Sophos Endpoint, they can communicate with each other.”

      Antonio D., sales manager at INFOSEC, notes, “The product has a console that is based in the cloud for all their products. In this console, they have email security, firewall security, endpoint security, et cetera. All of the products on offer in the console are very useful for us. The solution is stable. The solution works well for enterprises and large-scale organizations.”

      Antony M., ICT/HMIS supervisor at a healthcare company, writes, “The VPN feature is the most valuable. It has come in handy during this period when people are working from home. The filtering feature is also valuable because you can easily filter the sites that you don't want to visit. You can also set timely surfing quotas”

      Offer
      Learn more about Cisco Secure Firewall
      Learn more about OPNsense
      Learn more about Sophos XG
      Sample Customers
      There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
      CompuNet Systems GmbH,
      Information Not Available
      Top Industries
      REVIEWERS
      Financial Services Firm16%
      Comms Service Provider13%
      Computer Software Company9%
      Government8%
      VISITORS READING REVIEWS
      Comms Service Provider20%
      Computer Software Company19%
      Government7%
      Educational Organization5%
      REVIEWERS
      Comms Service Provider30%
      Logistics Company20%
      Aerospace/Defense Firm10%
      Financial Services Firm10%
      VISITORS READING REVIEWS
      Comms Service Provider27%
      Computer Software Company16%
      Government8%
      Educational Organization5%
      REVIEWERS
      Manufacturing Company11%
      Financial Services Firm11%
      Healthcare Company8%
      Comms Service Provider8%
      VISITORS READING REVIEWS
      Comms Service Provider24%
      Computer Software Company19%
      Government7%
      Media Company4%
      Company Size
      REVIEWERS
      Small Business36%
      Midsize Enterprise24%
      Large Enterprise40%
      VISITORS READING REVIEWS
      Small Business28%
      Midsize Enterprise19%
      Large Enterprise53%
      REVIEWERS
      Small Business70%
      Midsize Enterprise10%
      Large Enterprise20%
      VISITORS READING REVIEWS
      Small Business26%
      Midsize Enterprise21%
      Large Enterprise53%
      REVIEWERS
      Small Business62%
      Midsize Enterprise24%
      Large Enterprise14%
      VISITORS READING REVIEWS
      Small Business34%
      Midsize Enterprise21%
      Large Enterprise44%
      Buyer's Guide
      OPNsense vs. Sophos XG
      November 2022
      Find out what your peers are saying about OPNsense vs. Sophos XG and other solutions. Updated: November 2022.
      655,711 professionals have used our research since 2012.

      OPNsense is ranked 7th in Firewalls with 12 reviews while Sophos XG is ranked 6th in Firewalls with 134 reviews. OPNsense is rated 8.2, while Sophos XG is rated 8.0. The top reviewer of OPNsense writes "Unbeatable pricing and easy to configure and use, but it can be configured only through the GUI, and the integration with Azure cloud is difficult". On the other hand, the top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". OPNsense is most compared with pfSense, Untangle NG Firewall, Fortinet FortiGate, Sophos UTM and WatchGuard Firebox, whereas Sophos XG is most compared with Fortinet FortiGate, pfSense, Palo Alto Networks NG Firewalls, WatchGuard Firebox and Meraki MX. See our OPNsense vs. Sophos XG report.

      See our list of best Firewalls vendors.

      We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.