Netgate pfSense and Sophos Firewall are leading contenders in the firewall and network security category. Netgate pfSense holds an advantage with its open-source flexibility, allowing for extensive customization, while Sophos Firewall offers integrated security features appealing for streamlined management.
Features: Netgate pfSense offers WAN load balancing, multiple VPN options such as OpenVPN, and advanced traffic management with modules like Squid and Snort. Its performance is hardware-independent, enhancing cost-effectiveness for diverse deployments. Sophos Firewall provides robust threat prevention, synchronized security, and an integrated security ecosystem that includes application control and web filtering. It also offers easy integration with cloud services and user-friendly configuration.
Room for Improvement: Netgate pfSense users highlight areas such as an outdated central management console, occasionally complex VPN configurations, and integration challenges with antivirus tools. Improvements in reporting and monitoring features are also desired. Sophos Firewall faces challenges related to VPN troubleshooting, occasional bugs, and firmware upgrade issues. Enhancements in high availability configurations and user interface improvements could benefit its users.
Ease of Deployment and Customer Service: Deployment flexibility is a strong point for Netgate pfSense, with options for on-premises and hybrid cloud implementations. However, users primarily rely on community support, which may be challenging for larger deployments. In contrast, Sophos Firewall provides straightforward deployment with a centralized management system, though some users experience slow support responses.
Pricing and ROI: Netgate pfSense is known for its affordability due to its open-source nature and offers a low total cost of ownership without licensing fees. Paid support is available but remains cost-effective. Sophos Firewall adopts a mid-range pricing strategy, offering substantial value with bundled security features and simplified administration, although its initial and renewal costs are higher compared to pfSense.
Clients are now comfortable and not wasting productive hours on IT support.
The automation part is giving us a cost benefit and speed; we can react faster.
It's a very useful tool to mitigate and protect your enterprise.
Since the memory leak fixes, it's been incredibly stable and requires minimal maintenance.
In four years of using it, that payment of 189 dollars per year has already paid off.
It's very favorable to have the inclusion of firewall, VPN, and router functionalities.
The costs have increased with Sophos XGS in the last few years, with license prices going up by 30%, doubling from $2,500 to about $5,000, which is a big challenge for us.
The graphical interface of Sophos XG simplifies configurations, saving time in support and troubleshooting compared to the Linux-based solution I previously used.
We purchased endpoint security for the first time last year, and even without endpoint security, it provides comprehensive security.
The quick resolution of issues with Fortinet FortiGate is due to the support of the company and the fact that the equipment is easy to work with.
I would rate the technical support for Fortinet FortiGate a ten out of ten.
As a solution provider, when I encounter problems, I connect directly with Fortinet support, and they provide solutions within a very short time.
When I provide detailed information about the problem, they've been able to reply quickly with a solution or go research the problem and get back to us quickly with a fix.
They are highly responsive.
I couldn't imagine having better support.
Their team was quick to diagnose and resolve the problem by exchanging the equipment within two weeks.
Any issues are quickly addressed by their support team, which is not common among all OEM manufacturers.
When my customers raise a ticket, a customer representative calls them immediately to address their queries.
They scale up really well from smaller models like the FortiGate 40 and 50 to bigger sites with the FortiGate 100 for more throughput - up to enterprise datacenters.
The variation comes in terms of the interfaces and throughputs, but from a security perspective, you get the same benefit, irrespective of whether you have an entry-level unit or an enterprise.
We determine sizing based on multiple factors: number of users, available links, traffic types, server count, services in use, and whether services will be published.
If I put things into a certain context and say that we have a network that has around 100 people, then you don't put up a device that can manage 100 people. Instead, you need to get a device that can manage 150 to 200 people, and then you can create room for growth.
I don't think Netgate pfSense can offer much scalability for big enterprises.
Even with a jump from a 50 megabit to a 500 megabit internet connection and approximately 65 active VPN clients, our firewall operates smoothly without any strain.
You can scale up to multiple firewalls with centralized management.
You can't upgrade memory or storage on a specific model, which limits scalability.
I'd recommend it for companies of all sizes.
We're experiencing 99.999% availability consistently.
I would rate the stability of Fortinet FortiGate a ten out of ten.
Currently, we are experiencing a general outage of one of the main internet service providers of the Dominican Republic, and we have not been impacted in our operations because with SD-WAN, we have another internet service provider and we are working with the second WAN connection without any disruption.
I rate the solution's stability a ten out of ten.
I've noticed a substantial improvement in stability and ease of use for upgrades and patching over the past year or two.
When I replace consumer routers with pfSense for small businesses with two or three employees, they are often amazed to discover the router can run for a year without a reboot.
It is rated at nine out of ten for stability and is very reliable.
Sophos XG is very stable, even when serving as a DHCP server.
Sophos XGS is stable now, and I would rate its stability as a ten out of ten.
These sessions should be around five to ten minutes long, allowing users and partners to quickly grasp the information without disrupting their daily tasks.
The solution should be able to implement machine learning and analytics of all the logs for threat detection and protection.
It would be better for customers to get immediate replacements even with a standard subscription.
If I need to go between different VLANs, I have VLAN 19.1 and VLAN 19.2, and I strictly use Netgate pfSense, but it doesn't route very efficiently and works quite slowly.
They should support the idea of configuration management as code from source code and provide a more robust API for managing the pfSense configuration.
Monitoring is crucial. The easier the monitoring and user interface, the simpler our team can work on and investigate issues.
This suggests a vulnerability that needs addressing to ensure administrators can update patches without losing access.
Business cannot stop just because of issues with support.
Tekton also has an unstable API with frequent changes, making it challenging to maintain consistency across versions.
Last year, I renewed the support for three years, which can sometimes be expensive but depends on the security benefits and how it helps us.
It offers cost savings as it is generally cheaper than the competition.
It is about 20% cheaper.
Opting for twenty-four-seven support significantly increases the price, reaching around ten thousand to thirteen hundred dollars.
It is far cheaper than big brand names like FortiGate and Cisco while delivering a feature set that's nearly the same across the entire list.
Advanced features like Suricato or Snort require additional subscriptions for business use, but overall, pfSense remains a cost-effective solution.
Currently, it costs about four million shillings in Kenya.
The cost depends on the package you are in, such as full threat management or basic.
The last instance I purchased was for three years, around $3,700 for SDG 125.
We got a firewall and gave an SSL VPN to my client to connect to their servers, after which, such kind of activities involving ransomware attacks stopped.
They put in a thing called the FortiCookbook, which is very easy to read with real-life scenarios that make networking tasks like joining networks very straightforward.
The firewall and VPN features are the most valuable in protecting our customers' networks.
We had downtime before pfSense. We've never gone down using the solution.
It is very stable, and it works very well.
With pfSense, network configurations adhere to standard practices, facilitating troubleshooting without the need for complex overlays or policies.
The firewall feature of Sophos XG has been the most effective for threat prevention.
Integration with endpoint security products ensures seamless traffic flow and rule enforcement, even when endpoints are not directly connected to the firewall.
Visibility features are included in XDR. This provides information on user impact, potential threats on specific machines, source and destination IPs, setup firewall details, and unique identifiers for each machine.
| Product | Mindshare (%) |
|---|---|
| Fortinet FortiGate | 18.3% |
| Netgate pfSense | 9.1% |
| Sophos Firewall | 9.4% |
| Other | 63.2% |
| Company Size | Count |
|---|---|
| Small Business | 360 |
| Midsize Enterprise | 135 |
| Large Enterprise | 190 |
| Company Size | Count |
|---|---|
| Small Business | 168 |
| Midsize Enterprise | 33 |
| Large Enterprise | 29 |
| Company Size | Count |
|---|---|
| Small Business | 205 |
| Midsize Enterprise | 61 |
| Large Enterprise | 53 |
Fortinet FortiGate is a versatile network security tool offering features like VPN, firewall, web filtering, intrusion prevention, and scalability. It is known for its performance and integration with other Fortinet products, making it a preferred choice for robust cybersecurity.
Fortinet FortiGate stands out as a comprehensive cybersecurity solution with strong performance and ease of configuration. It delivers unified threat management, integrating features such as dynamic routing, SD-WAN support, and centralized management. Despite its strengths, improvements in the web interface's stability, pricing structures, and reporting capabilities are needed. Users seek better integration with third-party tools and automation advancements to enhance the experience further. These enhancements, alongside improvements in bandwidth management and the reduction of licensing costs, are points of interest for users looking to capitalize on FortiGate's extensive capabilities.
What are Fortinet FortiGate's key features?Fortinet FortiGate is widely implemented across industries as a primary firewall system for securing internet gateways and safeguarding data centers. It supports businesses in achieving SD-WAN integration and enhances cybersecurity by providing essential features like antivirus, web filtering, and application control. Enterprises utilize FortiGate for securing remote connections and ensuring compliance with security standards, making it adaptable for different network sizes and industries.
Netgate pfSense is an open-source firewall and router software known for scalability, cost-effectiveness, and community support. It includes customizable packages for varied network management needs, offering solid performance and straightforward management for diverse setups.
Netgate pfSense provides an impressive range of functionalities including firewall capabilities, VPN options, and extensive customization through packages. Its low resource usage and high availability make it viable for businesses of all sizes, especially when dealing with tailored network demands. Despite its strengths, users suggest improvements in ease of use, mobile compatibility, and support for plug-ins. Enhanced centralized management, better documentation, and additional security features are frequent requests.
What are the key features of Netgate pfSense?In education and healthcare, Netgate pfSense is employed for secure connectivity and efficient traffic management, accommodating distinct demands of remote access and content filtering. Organizations in these sectors often utilize features such as load balancing and VPNs to maintain secure and reliable network operations while integrating with services like Active Directory for streamlined identity management. Small to medium-sized enterprises benefit from its affordability and robust functionality, making it a go-to choice for managed service environments requiring effective network security and control.
Sophos Firewall provides comprehensive network security with web filtering, VPN capabilities, and cloud integration. Users highlight its effective threat prevention and flexibility for customizable policies, enhancing network visibility and management.
Renowned for its robust security, Sophos Firewall simplifies network protection through advanced features like intrusion prevention and endpoint protection integration. Its user-friendly interface allows seamless remote management and tailored rule creation, making it ideal for varied environments like healthcare and education. While the system excels in threat detection, areas such as interface navigation, support response times, and VPN integration face challenges. Enhanced reporting and bandwidth management are essential for improved performance.
What are the standout features of Sophos Firewall?Industries such as healthcare, education, and finance implement Sophos Firewall for secure VPNs, improved threat management, and effective traffic monitoring. Its load balancing and email security features support compliance and governance, ensuring robust protection tailored to sector-specific requirements.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
