We performed a comparison between pfSense and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be."
"I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete."
"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"The product is quite robust and durable."
"It is a very user-friendly product."
"The features that are most valuable within the firewall are the IPS as well as the Unified Communications. We also really like the dynamic grouping."
"All the rules are secure and we haven't had a significant malware attack in the five years that we've been using ASA Firewall. It has been a tremendous improvement for our network. However, I can't quantify the benefits in monetary terms."
"The most valuable feature is the Intrusion Prevention System."
"I like pfSense's security features."
"I like pfSense's reports and how I can control access to the policies on the firewall."
"The firewall sensor is highly effective, and it's easy to deploy. You can deploy pfSense with limited hardware resources. It's not necessary to have an appliance with much RAM to make it work. It's cost-effective and performs well."
"It is a very good solution for enterprises that need a VPN for their employees. It is the best way to provide a remote work facility to employees at a very low cost. Other solutions that I have had in the past were very expensive. Enterprises don't always have that kind of money to invest."
"The most valuable features of pfSense are the reports, monitoring, filtration, and blocking incoming and outgoing traffic."
"We've found the stability to be very good overall."
"pfSense helped us during COVID-19 because we used OpenVPN to connect from home."
"It is a better firewall than others and it has better features."
"Monitoring and reporting are areas that need improvement."
"Sophos SG UTM had all the basic functionality that you needed. It is user-friendly and easy to manage for any integrator."
"With Sophos, we have not had any incidents this year. The security provided has been good. It has proven to be okay for our needs."
"So far, the solution has been problem-free."
"It's a stable solution."
"The most valuable feature of Sophos UTM is the efficiency and mail filtering module."
"Sophos UTM is very user-friendly and has good integration with other solutions."
"Technical support is very responsive."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"The configuration is an area that needs improvement."
"The graphical interface should be improved to make the configuration easier, to do things with a single click."
"The graphical interface could be improved. From what I have seen, Fortinet, for example, has a nicer GUI."
"Cisco Firepower NGFW Firewall can be more secure."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"There are some bias issues and some intrusions in our network that have to be addressed. So, we're thinking of changing this firewall to something like a professional hardware-enabled firewall."
"Ultimately, we'd like something stronger, and something that can handle threats better in real-time."
"pfSense has some limitations in detecting site sessions. We want to control internet usage based on sites and their content, and pfSense doesn't perform this function."
"Lacks instructional videos."
"More documentation would be great, especially on new features because sometimes, when new features come out, you don't get to understand them right off the bat. You have to really spend a lot of time understanding them. So, more documentation would be awesome."
"It would be great to add more to security."
"The user interface can be improved to make it easier to add more features. And pfSense could be better integrated with other solutions, like antivirus."
"I tried pfSense, and it has a big issue with file system consistency, and this is what drove me to OPNsense. The file system stability is quite a big issue for us. We have a lot of outages related to power issues, and OPNsense is much more stable on this side."
"Sophos customer support could use some improvement."
"The integration capabilities could be better."
"We need to speed up the support."
"The ease of use could be a bit better."
"We'd like to see them offer their services on mobile devices like tablets. I'm not sure if that's an option or not."
"The solution is not scalable."
"The classification segregation of applications lacks sufficient definition."
"The solution needs to do better at covering mobile devices, although they may have an integrated solution for that purpose."
pfSense is ranked 3rd in Firewalls with 52 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 38 reviews. pfSense is rated 8.4, while Sophos UTM is rated 8.2. The top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". On the other hand, the top reviewer of Sophos UTM writes "Great web and email filtering with reasonable pricing". pfSense is most compared with OPNsense, Fortinet FortiGate, Sophos XG, Untangle NG Firewall and WatchGuard Firebox, whereas Sophos UTM is most compared with Fortinet FortiGate, Sophos XG, OPNsense, Untangle NG Firewall and WatchGuard Firebox. See our Sophos UTM vs. pfSense report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
https://www.itcentralstation.com/products/comparisons/pfsense_vs_sophos-utm