Try our new research platform with insights from 80,000+ expert users

OPNsense vs WatchGuard Firebox comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
317
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
OPNsense
Ranking in Firewalls
3rd
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
39
Ranking in other categories
No ranking in other categories
WatchGuard Firebox
Ranking in Firewalls
13th
Average Rating
8.4
Reviews Sentiment
7.5
Number of Reviews
86
Ranking in other categories
Unified Threat Management (UTM) (4th)
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Eddy Ramirez - PeerSpot reviewer
Good interface and firewall capabilities and overall easy to use
The security has improved as we can isolate the network. We can do attrition prevention via a tool that comes with the solution. We can have a VPN solution in place for those that work from home, outside the network, in a secure manner. We also like that it offers good authentication. It offers radius-based authentication, which has been useful for the company. The main platform is under the Open VPN firewall. The solution has high availability. When we have different ISPs, we can actually load balance those links or actually put some priority or even classify the traffic that might go into one ISP or another.
Ronald Lewis - PeerSpot reviewer
Useful VPNs, effective web filtering, and cost effective
The VPN aspect of the WatchGuard Firebox is an area that could potentially benefit from improvement. We encountered difficulties while attempting to integrate Windows 11 laptops into the system, which resulted in unreliable connections. After some research, we discovered that this was primarily due to compatibility issues with Windows 11 and required a patch. However, it was still a challenge as it seemed that even when we tried to keep the laptops on Windows 10, they still exhibited the same issues as Windows 11 machines. Despite WatchGuard attributing the problem to Microsoft, we were eventually able to find a solution and all the machines are now functioning seamlessly. The solution comes with a web interface that facilitates configurations, but it doesn't have the same level of functionality as the installed client or system manager. The web UI could be further improved. In a future release, the detection of ransomware would be helpful. Ransomware is our biggest fear.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The initial setup is straightforward."
"Fortinet FortiGate is a security device. It can optimize security on the networks of a company. It actually protects the company from attacks from outside. With FortiGate, you can categorize the users. You can create a group of users that can access all of the websites for their work. You can limit other users' access."
"Fortigate is very scalable to serve our customers' needs. We have scaled already from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers."
"The most valuable features are the policies, filtering, and configuration."
"The most valuable features are the enterprise modeling and the simple interface."
"The initial setup of Fortinet FortiGate was straightforward."
"Valuable features include the Web Application Firewall, and it even has DLP (data leak prevention)."
"The most valuable feature is the SSL VPN, as it allows us to connect and it separates this product from other firewalls."
"OPNsense is easy to scale when running on the hardware."
"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."
"The solution is good for a basic firewall for a small business or for home use."
"It's more secure and more reliable."
"It's open source."
"The tool's integration is more like a button press."
"The feature I find most valuable, is that the program helped me to realize all the requested functionality that was needed."
"The most valuable features are reporting, the Sensei plugin, and firewall capabilities."
"Their centralized console simplifies management for organizations with multiple Fireboxes."
"The most valuable feature is the GUI, especially the real-time bandwidth usage report. Also, its integration with WiFi access points is nice."
"All of the features have been valuable. There's nothing on my M270 that I'm not using. If you have remote access, you can see how many users are coming from the outside world to be connected to the systems, through the virus systems that we have behind the firewall, in order to gain access to their files and do their work. We can also see how long they stay online and whether these connections are closed forcefully or for any other reasons, such as a glitch or some kind of misbehavior, to see if internet traffic is optimized and if that particular traffic is under company policies, concerning which websites were visited."
"I like that this product has very few issues."
"The most valuable are the VPN and proxy features."
"Intrusion Prevention is my primary focus so that's what I find most useful. The why is straightforward: It's to prevent intrusion."
"What I found most valuable in WatchGuard Firebox is that it's a functional platform that works, and each of its features works well. The solution also has good reporting and dashboard capabilities. I also find the overall performance of WatchGuard Firebox great."
"The main features of the solution are the control of the site-to-site network access and the overall features."
 

Cons

"There are SD-WAN network monitoring, SD-WAN features, Industrial Databases, Internet of Things, Detection, etc., however, we do have not licenses for those features. We thought that if you bought a product, you should have all of the features it offers. Why should you need to make so many extra purchases to enable features? They should have one price for the entire offering."
"The license renewal process, annual renewal price, and the web application firewall features should be improved."
"The central management for the FortiGate Fortinet Firewall needs improvement. They have the manager to do the essential management for both SD-WAN and for the security policy. They should also improve the SD-WAN function."
"You do need some IT knowledge in order to effectively work with the solution."
"The initial setup is complex."
"It should have a better pricing plan. It is too expensive. It should also have a more granular view of the attack. I don't have FortiAnalyzer, and it is difficult for me to have a complete view when there is an attack on my server."
"Its reporting capabilities can be improved. It should have some out-of-the-box reporting capabilities and some degree of customization. The basic reporting that it currently has is not sufficient to create more usable reports. It needs some sort of out-of-the-box reporting. They try to make customers purchase FortiAnalyzer for this kind of reporting, which is an additional cost. Other firewall vendors, such as SonicWall and Sophos, provide this sort of reporting without any additional cost."
"Cisco Meraki products are rising very quickly in the cloud and the connected era. Meraki products offer much better ROI, upgradability, and manageability."
"There are a few weaknesses. For example, there is a lack of some features that I have in certain commercial products."
"OPNsense showed me some problems when using it in different environments. The problem is integration with a virtual server."
"pfSense has better performance and quicker updates."
"The IPS solution could be more reliable."
"I think the most important thing is that it should be easily accessible, but currently, that doesn't seem to be the case. We need a hardware platform that's based on common standards and open computing principles, which would be like a commodity and benefit us greatly."
"There are some add-ons that need enhancements to make management easier for users, especially the reporting features. Some reports don't show the level of detail I'm looking for, and I've had trouble installing certain add-ons, especially for Internet bandwidth shaping within my company."
"The solution could be more secure."
"The logging could improve in OPNsense."
"We bought Firebox four or five years ago, and with the first version I had to reboot it every two or three months for no apparent reason. We upgraded last year to the M370 and it's been running, but it is rebooting from time to time. I don't know why."
"The scalability of the solution needs improvement."
"It would be wonderful if the WatchGuard team develops nice products for threat intelligence."
"Reporting is something you've got to set up separately. It's one of those things that you've got to put some time into. One of the options is to set up a local report server, which is what I did. It's not great. It's okay... Some of the stuff is a little complicated to get up and running. Once you do, it becomes very user-friendly and easy to work with, but I find there are some implementation headaches with some of their stuff."
"The UI is not as user-friendly as the model that I had used before, which was from Check Point. The design of the Firebox UI is restricted and needs an experienced network guy to understand the format and settings."
"I think one area for improvement in this solution would be enhancing communication with tools like Active Directory. This would make the tool easier to integrate and effective for users."
"Sometimes I would like to copy a rule set from one box to another box in a direct way. This is a feature that is not present at the moment in WatchGuard."
"The product's technical support services need improvement."
 

Pricing and Cost Advice

"I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost."
"The product pricing is reasonable."
"The price, in comparison to other products is very cheap."
"The price depends on the size of the company. From the beginning, you just want to know the internet bandwidths, speed, and the number of users to be able to offer the right product and model. They have a lot of products in FortiGate according to the size of the company, like 200D and 300D."
"Pricing and licensing is a little bit complicated in FortiGate. They are always on the higher side. This is one issue that we always raise with the company that they should reduce the price according to Indian market requirements. There are no costs in addition to the standard licensing fees."
"The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors."
"As far as I'm aware, in our case, it's just a yearly pricing arrangement with no additional licensing costs."
"It is cost-effective, and provides a good value for your money. The pricing, and license renewal, is very reasonable for us."
"As an appliance, it's in the medium price range."
"It's not expensive."
"It is free."
"It is not an expensive product. Basically, I deployed it because it was the fastest solution to satisfy our needs in open source."
"Its pricing is unbeatable in comparison to other firewalls. You can have a small instance that could be €80 a month with the hardware underneath. Azure Firewall and FortiGate are out of the question at this price. If you are on a public cloud, you need the underlying infrastructure. Other than that, there is no additional cost. If you have it on-prem, you have to buy the server or the appliance. The hardware cost is replaced with the infrastructure cost in the cloud. You also have costs for the public IPs and underlying VMs, but that's not related to OPNsense. It would be the same for a FortiGate deployment on Azure. You need a FortiGate license, and you need the underlying infrastructure that scales up depending on your needs."
"I've used the free version. My computer with two network cards at home allows me to try as many different software options as I want. I did pay for the license, but it was for the Zenarmor license, which is the packet inspection tool. They use AI for packet inspection, which integrates with OPNsense and pfSense."
"We are not paying any licensing fees. OPNsense is completely free for us."
"I would rate the pricing a nine out of ten, especially considering the availability of a free community edition."
"It's in the medium range. Its price is pretty good considering the functions and add-ons that are used."
"They have an annual subscription license. Initially, we had opted for three years. After that, we went for another three years, and after that, we have been doing it yearly. They also have a license for five years."
"I find the solution to be very affordable."
"Despite the fact that there is always room for improvement, the current pricing of the solution is still lower compared to its competitors."
"The cost three years ago was about $800."
"We license the WatchGuard Firebox annually. There are different types of subscriptions available. We are paying approximately $15,000 annually. The cost can increase if you purchase different subscriptions."
"It is an entry-level product, so the price is cheap."
"Cheap."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
831,481 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Comms Service Provider
6%
Manufacturing Company
6%
Computer Software Company
16%
Comms Service Provider
11%
Government
8%
Educational Organization
7%
Computer Software Company
18%
Comms Service Provider
10%
Hospitality Company
6%
Educational Organization
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
What is the difference between PfSense and OPNsense?
Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and cl...
What do you like most about OPNsense?
What I like the most about OPNsense is that it offers an easy-to-use dashboard for device management and control.
What is your experience regarding pricing and costs for OPNsense?
I consider the pricing of OPNsense to be high when compared with other market products. However, as a free firewall p...
What is your primary use case for WatchGuard Firebox?
We are providing our services to all WatchGuard customers in the region.
What is your primary use case for WatchGuard Firebox?
We just use it as a secondary WiFi device. We're a small office and we needed to set up a WiFi device for a few of ou...
What is your primary use case for WatchGuard Firebox?
We're a hospital and we use it for developing our incoming and outgoing policies, and we also use it for VPN.
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
No data available
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
1. Deciso B.V. 2. iXsystems, Inc.  3. EuroBSDCon  4. Netgate  5. Claranet  6. Voleatech  7. Open Systems AG  8. Securebit AG  9. Proxmox Server Solutions GmbH  10. AVM Computersysteme Vertriebs GmbH  Additional customers include: T-Systems International GmbH, Deutsche Telekom AG, Vodafone GmbH, 1&1 IONOS SE, OVHcloud, Hetzner Online GmbH, Strato AG, PlusServer GmbH, Host Europe GmbH, United Internet AG, 1&1 Versatel Deutschland GmbH, QSC AG, Bechtle AG, Cancom SE, Computacenter AG & Co. oHG, T-Systems Multimedia Solutions GmbH, Atos SE, Capgemini SE, Accenture plc, IBM Corporation, Hewlett Packard Enterprise Company, Cisco Systems, Inc.
Ellips, Diecutstickers.com, Clarke Energy, NCR, Wrest Park, Homeslice Pizza, Fortessa Tableware Solutions, The Phoenix Residence
Find out what your peers are saying about OPNsense vs. WatchGuard Firebox and other solutions. Updated: January 2025.
831,481 professionals have used our research since 2012.