We changed our name from IT Central Station: Here's why
Cancel
You must select at least 2 products to compare!
OPNsense Logo
39,021 views|32,205 comparisons
Sophos XG Logo
44,070 views|36,313 comparisons
Featured Review
Find out what your peers are saying about OPNsense vs. Sophos XG and other solutions. Updated: January 2022.
563,780 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS.""The most valuable feature is the access control list (ACL).""The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate.""The most valuable feature is stability.""One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful.""A good intrusion prevention system and filtering.""I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable.""We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."

More Cisco Firepower NGFW Firewall Pros →

"I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed.""The system in general is quite flexible.""OPNsense is easy to scale when running on the hardware.""We have found pretty much all the features of the solution to be valuable.""The most valuable features are reporting, the Sensei plugin, and firewall capabilities.""The solution is good for a basic firewall for a small business or for home use.""The most valuable features in OPNsense are reporting and visibility.""The graphic user interface is very good and it is user-friendly which makes the product easy-to-use."

More OPNsense Pros →

"The interface is user-friendly and the product is easy to configure.""There are many features. VPN, firewalling, and intrusion detection are the main features that are most useful for us at this time.""It is stable, flexible, and easy to use. It has got a web management portal that can be accessed from anywhere.""The solution is easy to set up and configure.""It is feature-rich, I like the server authentication, and the reports are good.""Sophos XG's price is right, and it's easy to manage. It's a good fit for our current needs at the moment.""Sophos CG is cost-effective, which makes it really suitable for SMB. If you want basic security and more embedded features, go with Sophos XG.""Dashboard is easy to use and the reporting offers a lot of detail."

More Sophos XG Pros →

Cons
"My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement.""Its interface is sometimes is a little bit slow, and it can be improved. When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode. In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment.""They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me.""We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve.""One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box.""We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond.""One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically.""FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it."

More Cisco Firepower NGFW Firewall Cons →

"The ability to set the VPN IP address would be a welcome addition.""The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs.""The interface needs to be simplified. It is not user-friendly.""While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet.""There should be more technical documentation.""The solution could be more secure.""I would like to see better SD-WAN performance.""The only thing that I would like to see improved is the Insight or the NetFlow analysis part. It would be good to have the possibility to dig down on the Insight platform. Right now, we can easily do only a few analyses. If this page becomes more powerful, it surely will be a well-adopted platform."

More OPNsense Cons →

"The cloud support needs to be improved.""The only area that requires improvement is scalability.""I'm just a sole proprietor for IT support, and from my perspective, there could be better ways to educate a proprietor, such as myself, on how to set it up, and program it, and manage it. They do tend to have support, but a lot of times, it is for larger networks. I need something that is simpler and more rudimentary as to how to go about setting up and configuring the firewall, setting up the rules, and that type of thing. So, if there is a missing component there, that would be it.""Sophos can improve the debugging of the WAPS function.""Everything is working as expected at this moment, but the anti-spam solution in Sophos XG needs to be improved. It needs more granular features and more stability. The anti-spam solution currently doesn't have many features, and we would like to have more features. At this moment, there is no expression filter for anti-spam. We need something to be able to filter subjects or attachments in emails based on the keyword. Sometimes, there is an issue with anti-spam, and Sophos XG suddenly stops processing incoming or outgoing emails. The only solution for this issue is to restart the appliance. Their support should be improved. It takes a long time to escalate a support case from level one to level two.""It would be helpful if the solution offered some tutorial videos to help new users learn the system quickly.""They need to do more quality checks before they release firmware upgrades. Currently, a few Cyberoam firewall customers are facing some issues while upgrading the Cyberoam firmware to Sophos. After the new firmware is installed, they are seeing some performance issues, which require some bug fixes. The performance is fine after getting the required support. Customers who are already using Sophos hardware are quite satisfied with this solution. Their support should also be improved. We are facing difficulties getting support on time through email or phone.""I think that the main area for improvement is the quality assurance of the updates."

More Sophos XG Cons →

Pricing and Cost Advice
  • "Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
  • "There are additional implementation and validation costs."
  • "Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
  • "This product requires licenses for advanced features including Snort, IPS, and malware detection."
  • "This product is expensive."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The price of Firepower is not bad compared to other products."
  • "The solution was chosen because of its price compared to other similar solutions."
  • More Cisco Firepower NGFW Firewall Pricing and Cost Advice →

  • "OPNsense is open source software so at this time it is free for us to use."
  • "OPNsense is a well known open-source tool."
  • "It is not an expensive product. Basically, I deployed it because it was the fastest solution to satisfy our needs in open source."
  • "OPNsense is an open-source solution and it is free to use."
  • "The solution is not expensive."
  • "As an appliance, it's in the medium price range."
  • More OPNsense Pricing and Cost Advice →

  • "The Sophos pricing, in general, is better than SonicWall, Fortinet, WatchGuard, or anybody else."
  • "We paid for our licensing for three years, upfront, and there are no costs in addition to the standard fees."
  • "The price is cheaper than that of some competing vendors."
  • "The pricing is flexible. Sophos looks at a country's economy and offers flexible pricing. This is how they have managed to penetrate the market."
  • "It's approximately $6,000 for each device."
  • "It is not expensive, it's a reasonable price,"
  • "The issue of a recurring license is a hassle because every year, we have to subscribe."
  • "It is not very expensive."
  • More Sophos XG Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    563,780 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer: 
    The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
    Top Answer: 
    It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer: 
    Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
    Top Answer: 
    The initial implementation process is simple.
    Top Answer: 
    We're a customer and an end-user. We are using the telemetry-free version of the solution. Overall, the solution is… more »
    Top Answer: 
    Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat… more »
    Top Answer: 
    Sophos UTM is no longer being developed, according to our reseller. All the development effort is going into XG. So XG… more »
    Top Answer: 
    In terms of the functionality, I think it's pretty straightforward. It's easy to pick up. It's also user-friendly.
    Comparisons
    Also Known As
    Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
    Learn More
    OPNsense
    Video Not Available
    Overview

    Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
    small/branch offices to high performance data centers and service providers. Available in a wide
    range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
    defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
    Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
    features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
    volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
    for increased performance, high availability configurations, and more.
    Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
    deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
    the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
    can deliver micro-segmentation to protect east-west network traffic.
    Cisco firewalls provide consistent security policies, enforcement, and protection across all your
    environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
    delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
    SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
    greater simplicity, visibility, and efficiency.
    Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

    OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources.

    Sophos XG Firewall is next gen firewall that is optimized for today’s business, delivering all the protection and insights you need in a single, powerful appliance that’s easy to manage.

    Offer
    Learn more about Cisco Firepower NGFW Firewall
    Learn more about OPNsense
    Learn more about Sophos XG
    Sample Customers
    Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
    CompuNet Systems GmbH,
    Information Not Available
    Top Industries
    REVIEWERS
    Comms Service Provider22%
    Financial Services Firm16%
    Manufacturing Company8%
    Non Profit8%
    VISITORS READING REVIEWS
    Comms Service Provider33%
    Computer Software Company21%
    Government7%
    Manufacturing Company4%
    VISITORS READING REVIEWS
    Comms Service Provider46%
    Computer Software Company16%
    Government7%
    Media Company4%
    REVIEWERS
    Manufacturing Company11%
    Financial Services Firm11%
    Healthcare Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Comms Service Provider40%
    Computer Software Company18%
    Government6%
    Media Company4%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise28%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise66%
    REVIEWERS
    Small Business69%
    Midsize Enterprise15%
    Large Enterprise15%
    REVIEWERS
    Small Business63%
    Midsize Enterprise24%
    Large Enterprise13%
    VISITORS READING REVIEWS
    Small Business50%
    Midsize Enterprise24%
    Large Enterprise26%
    Find out what your peers are saying about OPNsense vs. Sophos XG and other solutions. Updated: January 2022.
    563,780 professionals have used our research since 2012.

    OPNsense is ranked 13th in Firewalls with 11 reviews while Sophos XG is ranked 5th in Firewalls with 129 reviews. OPNsense is rated 8.0, while Sophos XG is rated 8.2. The top reviewer of OPNsense writes "A solution that detects and blocks malicious content with good reporting and visibility, but the reliability needs improvement". On the other hand, the top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". OPNsense is most compared with pfSense, Untangle NG Firewall, Sophos UTM, Fortinet FortiGate and Cisco ASA Firewall, whereas Sophos XG is most compared with Fortinet FortiGate, pfSense, Meraki MX, Palo Alto Networks NG Firewalls and SonicWall NSa. See our OPNsense vs. Sophos XG report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.