OPNsense vs Zscaler Cloud Firewall comparison

OPNsense and Zscaler are both solutions in the Firewalls category. OPNsense is ranked #3 with an average rating of 8.3, while Zscaler is ranked #24 with an average rating of 8.6. OPNsense holds a 11.5% mindshare in Firewalls, compared to Zscaler’s 0.4% mindshare. Additionally, 97% of OPNsense users are willing to recommend the solution, compared to 92% of Zscaler users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 16, 2024

OPNsense and Zscaler Cloud Firewall compete in network security solutions. Users prefer Zscaler for its advanced features, while OPNsense is valued for cost-effectiveness and customer support.

Features: OPNsense offers open-source flexibility, extensive plugin options, and community-driven support. Zscaler Cloud Firewall provides comprehensive cloud-based security, scalability, and integrated threat intelligence.

Room for Improvement: OPNsense needs more extensive documentation, better integration capabilities, and a more user-friendly interface. Zscaler requires simplified policy management, a more straightforward setup process, and lower pricing for smaller businesses.

Ease of Deployment and Customer Service: OPNsense has a straightforward deployment process supported by a strong community. Zscaler’s cloud-based model is complex but is supported by efficient customer service.

Pricing and ROI: OPNsense offers low setup costs and favorable ROI through its open-source model. Zscaler presents higher upfront costs, but users find the investment justified by the robust features and long-term benefits.

To learn more, read our detailed OPNsense vs. Zscaler Cloud Firewall Report (Updated: April 2025).

Buyer's Guide

OPNsense vs. Zscaler Cloud Firewall

April 2025

Download the complete report

Helped 849,686 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Mindshare comparison

As of May 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.4%, up from 17.7% compared to the previous year. The mindshare of OPNsense is 11.5%, down from 17.6% compared to the previous year. The mindshare of Zscaler Cloud Firewall is 0.4%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewalls

Featured Reviews

EhabAli

Sr. Cybersecurity Solutions Architect at BMB

Efficient, user-friendly, and affordable

In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.

Read full review

Eddy Ramirez

IT Security Director at a financial services firm with 1,001-5,000 employees

Good interface and firewall capabilities and overall easy to use

The security has improved as we can isolate the network. We can do attrition prevention via a tool that comes with the solution. We can have a VPN solution in place for those that work from home, outside the network, in a secure manner. We also like that it offers good authentication. It offers radius-based authentication, which has been useful for the company. The main platform is under the Open VPN firewall. The solution has high availability. When we have different ISPs, we can actually load balance those links or actually put some priority or even classify the traffic that might go into one ISP or another.

Read full review

Bhaskar Rao

Network manager admin at Yamaha

Though it helps deal with web traffic or any malicious traffic, it needs to work on its DC performance issues

The product's initial setup phase is moderate in level, so it is neither very complex nor very easy. For the deployment, my company first needs to gather all the requirements of the users and the domain names and consider how many users there are in the company. In the implementation and planning part, my company needs to consider what kind of policies we will create while ensuring that the policies are created based on the requirements of the users. There is a need to segregate the users' requirements since there are separate departments in the company, like the HR department, sales department, IT department, and manufacturing department, so that our company can create policies depending on their requirements. On-site, if you want a GRE tunnel, our company can handle GRE tunnel traffic routing and Zscaler Cloud Firewall, after which Zscaler will take action based on the policies created by our organization. For the deployments and maintenance, a team of five members consisting of two managers and three engineers is required.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The SD-WAN feature is the most valuable. This feature evolved from link load balancing. It has helped us in terms of our uptime and privatizing applications whenever we experience an outage. The SD-WAN feature has been a plus for us. Two-factor authentication has allowed us to add more users in terms of remote working. We have two-factor authentication for remote workers to authenticate them before they get on the network."

"Fortigate is very scalable to serve our customers' needs. We have scaled already from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers."

"Using this product makes the VPN seamless and almost invisible to me in the sense that I don't have to think about it."

"I like Fortinet's cloud management. It allows me to manage all my devices in different branches for three cloud accounts. Even though I use on-prem devices, I can manage everything on the cloud."

"The most valuable features of Fortinet FortiGate are the different types of profiling. It has been the most effective for me. The WAF and the antivirus profile are the most effective in network protection."

"My clients appreciate it for its features. It is easy to install and manage, and it offers all-around protection, including web filtering, content filtering, IPS, and IDS."

"Overall security features and performance routing is good."

"The SD-WAN function is very developed. It has SD-WAN functionality with security features in one device. We can manage from one single console SD-WAN and the security policy."

More Fortinet FortiGate pros

"The most valuable features of OPNsense are the GUI and frequent updates."

"The initial implementation process is simple."

"The solution has high availability."

"Overall, I would rate OPNsense as nine out of ten."

"What I like best about OPNsense is that, as a firewall, it's pretty good. I'm quite impressed with it. I had an excellent experience with OPNsense, which helped me achieve the targets I wanted."

"OPNsense is highly stable."

"The initial setup is easy. It only takes 15-30 minutes to deploy."

"I mostly rely on the solution's network intrusion detection and prevention system, along with other systems, CMs, and log management."

More OPNsense pros

"It is a stable solution."

"Most of the features that Zscaler has to offer, we will deploy."

"The visibility and log availability offered are highly valued for troubleshooting purposes, and this is a key factor driving customer interest in the firewall module."

"Zscaler is still a very good product."

"Includes advanced tech protection."

"Since it is really customizable, I can use it and avoid enabling access to the full network."

"The solution is scalable."

"Zscaler provides effective protection against various cyber threats ensuring a safe environment"

More Zscaler Cloud Firewall pros

Cons

"The improvement is related to logs. Instead of the CLI, we should be able to have more insights into the logs of the firewall in the GUI."

"The solution can have more features in a single box that can be multi-applied to integrate everything."

"The central management for the FortiGate Fortinet Firewall needs improvement. They have the manager to do the essential management for both SD-WAN and for the security policy. They should also improve the SD-WAN function."

"They have to just improve its performance when we enable all UTM features. When you enable all the features, the performance of FortiGate, as well as of Sophos and SonicWall, goes down."

"It is stable, but its stability can be improved."

"Pricing for it is a bit high. It could be cheaper."

"It could use better throughput on some of the smaller boxes for the branch offices."

"The solution could be improved by addressing limited local reporting. It requires obtaining the FortiAnalyzer for proper visibility because you can't do much from a reporting perspective with just the firewall alone."

More Fortinet FortiGate cons

"They should improve IPEs for security in the future."

"The ability to set the VPN IP address would be a welcome addition."

"There should be more technical documentation."

"The reporting part could be better."

"We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much."

"The interface needs to be simplified. It is not user-friendly."

"The user interface could be improved, and the DNS section should be more intuitive."

"The scalability needs improvement."

More OPNsense cons

"If I can get rid of Jetscaler, I will use Twingate for sure."

"There are some areas it could improve when it comes to blocking, we have to block some things manually. For example, if we block a top-level domain we have seen that the new IPs come through, the IPs are not blocked. There should be some more granular way of doing it. My only request is if you're blocking something at a top level, the sub-level sub-domains and all those other IPs should be blocked too automatically."

"I don't have the visibility of a control dashboard or a network management system."

"It would be nice to have some sort of a form factor, a physical form factor perhaps, or virtual machine that you could install on devices or on a cloud, and have some cloud computing."

"Zscaler Cloud Firewall should have a better understanding of all dynamic cloud applications."

"Its technical support services could be better."

"Instead of the standard license, they should certainly provide customers with the visibility to access and view the logs."

"Apart from the issues associated with the product in areas like the DC performance issues and DC failover, Zscaler Cloud Firewall's IP should not have a proxy IP."

More Zscaler Cloud Firewall cons

Pricing and Cost Advice

"I find it quite reasonable."

"The pricing of the solution is very competitive."

"Its price is reasonable. They have a clear pricing policy. It is not complicated by the number of VPN users at a time. We know what the price is. The yearly subscription for the security license is rather high, but it is all included for whatever number of users you have and the kind of functions you need."

"For our organization, the licensing costs are approximately $7,000 per year."

"The price is really low. It's cheap in comparison to the cost of Cisco or CheckPoint, for example."

"Fortinet is the least expensive solution."

"We are on an annual license to use Fortinet FortiGate."

"Its licenses cost the same for different subscription plans."

More Fortinet FortiGate pricing and cost advice

"It's a free solution."

"I'm using the free version of OPNsense. I didn't check the pricing for the solution because I still need to test it before getting the approval to purchase OPNsense, and it isn't easy to get approval from the higher-ups."

"It is not an expensive product. Basically, I deployed it because it was the fastest solution to satisfy our needs in open source."

"It's not expensive."

"It is open source and free."

"It is free."

"The solution is not expensive."

"OPNsense is a well known open-source tool."

More OPNsense pricing and cost advice

"Zscaler is priced too high compared to the cost of Fortinet."

"It comes at a significantly reduced cost while ensuring control and effectiveness."

"On a scale from one to ten, where one is cheap, and ten is expensive, I rate the solution's pricing an eight out of ten."

"It is not the most budget-friendly solution, but it's important to consider its overall value."

"The licensing is on a yearly basis. It is somewhere around 30 or 40 pounds per user for our organization."

"There are licensing costs, and I would not say that it's a cheap vendor."

"There is an annual license required for the use of the Zscaler Cloud Firewall."

"The product is a bit expensive compared to the solutions offered by its competitors, like Palo Alto. There is a need to make yearly payments towards the license in charges associated with the product."

More Zscaler Cloud Firewall pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

849,686 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

20%

Computer Software Company

14%

Comms Service Provider

Manufacturing Company

Computer Software Company

16%

Comms Service Provider

13%

Government

Educational Organization

Computer Software Company

14%

Financial Services Firm

12%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

What is the difference between PfSense and OPNsense?

Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and cl...

See all answers

What do you like most about OPNsense?

What I like the most about OPNsense is that it offers an easy-to-use dashboard for device management and control.

See all answers

What is your experience regarding pricing and costs for OPNsense?

I consider the pricing of OPNsense to be high when compared with other market products. However, as a free firewall p...

See all answers

Which lesser known firewall product has the best chance at unseating the market leaders?

Netscope, Zscaler if they continue route they are on now. FIrewalls needs great deal of automation on each end, datac...

See all answers

What do you like most about Zscaler Cloud Firewall?

The product’s firewall and VPN package are fantastic compared to any other solution.

See all answers

What is your experience regarding pricing and costs for Zscaler Cloud Firewall?

Zscaler Cloud Firewall is quite expensive compared to competitors. However, it offered moderate value for money.

See all answers

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 22% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 13% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 11% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

Check Point NGFW vs Fortinet FortiGate

Compared 3% of the time

More Fortinet FortiGate Competitors

Netgate pfSense vs OPNsense

Compared 38% of the time

IPFire vs OPNsense

Compared 13% of the time

Sophos XG vs OPNsense

Compared 8% of the time

Untangle NG Firewall vs OPNsense

Compared 4% of the time

Sophos XGS vs OPNsense

Compared 4% of the time

More OPNsense Competitors

Azure Firewall vs Zscaler Cloud Firewall

Compared 16% of the time

Check Point NGFW vs Zscaler Cloud Firewall

Compared 9% of the time

Palo Alto Networks NG Firewalls vs Zscaler Cloud Firewall

Compared 8% of the time

Cisco Multicloud Defense vs Zscaler Cloud Firewall

Compared 6% of the time

Cisco Secure Firewall vs Zscaler Cloud Firewall

Compared 5% of the time

More Zscaler Cloud Firewall Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

April 2025

Download Fortinet FortiGate product report

Buyer's Guide

OPNsense

April 2025

Download OPNsense product report

Buyer's Guide

Zscaler Cloud Firewall

April 2025

Download Zscaler Cloud Firewall product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

No data available

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

OPNsense is widely used for firewall functionalities, intrusion detection, VPN and IPSec, content filtering, securing network traffic, and remote access. It protects internal networks and manages servers securely, suitable for small to medium-sized businesses.

OPNsense is a comprehensive firewall solution leveraging open-source technology. It integrates with third-party modules like WireGuard and CrowdSec, enhancing its security capabilities. Offering on-premises and cloud deployment, it features an intuitive graphical interface, advanced reporting, VPN functionality, IDS/IPS features, and high scalability. Users find it ideal for small businesses and home networks due to its stability and ease of use. Frequent updates and an active community support its continuous improvement. However, it needs advancements in VPN selection, scalability, and technical documentation. Enhanced high availability, threat intelligence, and integration with virtualization platforms are required. User feedback suggests improvements in connectivity, alerting, traffic monitoring, and antivirus protection.

What are the key features of OPNsense?

Strong Firewall: Robust firewall capabilities for securing network traffic.
Intrusion Detection and Prevention: Effective IDS/IPS for threat mitigation.
VPN Functionality: Comprehensive VPN support including WireGuard.
Content Filtering: DNS-level filtering for enhanced security.
Advanced Reporting: In-depth traffic analysis and reporting features.
High Scalability: Supports growing network demands.
Integration Capabilities: Works with third-party modules like CrowdSec.
Intuitive GUI: User-friendly graphical interface enhances usability.

What benefits should users look for in OPNsense reviews?

Security: High level of protection for internal networks.
Manageability: Easy management of servers and network traffic.
Cost-Effective: Open-source nature reduces costs.
Reliability: Stable performance suitable for small and medium-sized businesses.
Community Support: Active community and frequent updates.

OPNsense is implemented across various industries to secure network infrastructure and ensure reliable connectivity. In fintech, it safeguards sensitive financial data while maintaining compliance. Educational institutions deploy it to protect student information and enable secure remote learning environments. Healthcare organizations use it to secure patient data and comply with HIPAA regulations. By integrating with tools like WireGuard and CrowdSec, businesses enhance their cybersecurity posture and streamline network management, making OPNsense a versatile choice for diverse operational needs.

OPNsense

Zscaler enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud first world. Its flagship services, Zscaler Internet Access and Zscaler Private Access, create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100% cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, Zscaler operates the world’s largest cloud security platform, protecting thousands of enterprises and government agencies from cyberattacks and data loss.

Check more details: https://www.zscaler.com/produc...

Zscaler

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

1. Deciso B.V. 2. iXsystems, Inc. 3. EuroBSDCon 4. Netgate 5. Claranet 6. Voleatech 7. Open Systems AG 8. Securebit AG 9. Proxmox Server Solutions GmbH 10. AVM Computersysteme Vertriebs GmbH Additional customers include: T-Systems International GmbH, Deutsche Telekom AG, Vodafone GmbH, 1&1 IONOS SE, OVHcloud, Hetzner Online GmbH, Strato AG, PlusServer GmbH, Host Europe GmbH, United Internet AG, 1&1 Versatel Deutschland GmbH, QSC AG, Bechtle AG, Cancom SE, Computacenter AG & Co. oHG, T-Systems Multimedia Solutions GmbH, Atos SE, Capgemini SE, Accenture plc, IBM Corporation, Hewlett Packard Enterprise Company, Cisco Systems, Inc.

Zenith Live, Azure, Carlsberg Group

Buyer's Guide

OPNsense vs. Zscaler Cloud Firewall

April 2025

Free Report: OPNsense vs. Zscaler Cloud Firewall

Find out what your peers are saying about OPNsense vs. Zscaler Cloud Firewall and other solutions. Updated: April 2025.

DOWNLOAD NOW

849,686 professionals have used our research since 2012.

See our OPNsense vs. Zscaler Cloud Firewall report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.