Netgate pfSense and Sophos XG are competitors in the network security category. Netgate pfSense appears to have an advantage in terms of cost-effectiveness and open-source flexibility, whereas Sophos XG excels in providing advanced security features.
Features: Netgate pfSense offers customization options, low resource usage, and an open-source model. Its VPN features are comprehensive, and it is supported robustly by a community. Sophos XG stands out for its advanced threat protection, integrated firewall functionalities, and detailed security report capabilities.
Room for Improvement: Netgate pfSense could improve its interface for beginners, central management, and integration with other systems. Enhancing security functionalities could also be beneficial. Sophos XG should enhance third-party product integration, offer greater pricing transparency, and improve its SD-WAN features.
Ease of Deployment and Customer Service: Netgate pfSense is easy to deploy due to its open-source nature and community support, but formal paid support from Netgate is rated lower. Sophos XG includes customer support with license, which is praised for making deployment straightforward for users needing professional assistance.
Pricing and ROI: Netgate pfSense is highly cost-effective offering enterprise-level features at no licensing cost, with primary costs from hardware and optional support contracts, ensuring low total cost and high ROI. Sophos XG is slightly more expensive with comprehensive protection features and bundled licensing but provides strong security justifying its cost.
Clients are now comfortable and not wasting productive hours on IT support.
The automation part is giving us a cost benefit and speed; we can react faster.
It's a very useful tool to mitigate and protect your enterprise.
If they can save their data from attackers then it would save them at least two days of not working plus the cost of recovery, which would be much more than the cost of the system and maintenance.
Since the memory leak fixes, it's been incredibly stable and requires minimal maintenance.
In four years of using it, that payment of 189 dollars per year has already paid off.
The graphical interface of Sophos XG simplifies configurations, saving time in support and troubleshooting compared to the Linux-based solution I previously used.
We purchased endpoint security for the first time last year, and even without endpoint security, it provides comprehensive security.
It's good, but I would still say it's higher by about 10-15 percent compared to other market products with similar configurations.
The quick resolution of issues with Fortinet FortiGate is due to the support of the company and the fact that the equipment is easy to work with.
I would rate the technical support for Fortinet FortiGate a ten out of ten.
As a solution provider, when I encounter problems, I connect directly with Fortinet support, and they provide solutions within a very short time.
When I provide detailed information about the problem, they've been able to reply quickly with a solution or go research the problem and get back to us quickly with a fix.
They are highly responsive.
I couldn't imagine having better support.
I rate the technical support a ten out of ten.
Their team was quick to diagnose and resolve the problem by exchanging the equipment within two weeks.
When my customers raise a ticket, a customer representative calls them immediately to address their queries.
They scale up really well from smaller models like the FortiGate 40 and 50 to bigger sites with the FortiGate 100 for more throughput - up to enterprise datacenters.
The variation comes in terms of the interfaces and throughputs, but from a security perspective, you get the same benefit, irrespective of whether you have an entry-level unit or an enterprise.
We determine sizing based on multiple factors: number of users, available links, traffic types, server count, services in use, and whether services will be published.
If I put things into a certain context and say that we have a network that has around 100 people, then you don't put up a device that can manage 100 people. Instead, you need to get a device that can manage 150 to 200 people, and then you can create room for growth.
I don't think Netgate pfSense can offer much scalability for big enterprises.
Even with a jump from a 50 megabit to a 500 megabit internet connection and approximately 65 active VPN clients, our firewall operates smoothly without any strain.
You can scale up to multiple firewalls with centralized management.
You can't upgrade memory or storage on a specific model, which limits scalability.
I rate the scalability a nine out of ten.
We're experiencing 99.999% availability consistently.
I would rate the stability of Fortinet FortiGate a ten out of ten.
Currently, we are experiencing a general outage of one of the main internet service providers of the Dominican Republic, and we have not been impacted in our operations because with SD-WAN, we have another internet service provider and we are working with the second WAN connection without any disruption.
I rate the solution's stability a ten out of ten.
I've noticed a substantial improvement in stability and ease of use for upgrades and patching over the past year or two.
When I replace consumer routers with pfSense for small businesses with two or three employees, they are often amazed to discover the router can run for a year without a reboot.
Sophos XG is very stable, even when serving as a DHCP server.
Sophos XG is resource-greedy, affecting performance even on newer computers.
It's on 24/7 and has consistently been reliable over the years.
When considering Sophos XG, which we also use, the logging and reporting functionality is notably more efficient.
These sessions should be around five to ten minutes long, allowing users and partners to quickly grasp the information without disrupting their daily tasks.
The solution should be able to implement machine learning and analytics of all the logs for threat detection and protection.
There is some trade-off between having a certain level of security and maintaining acceptable performance.
If I need to go between different VLANs, I have VLAN 19.1 and VLAN 19.2, and I strictly use Netgate pfSense, but it doesn't route very efficiently and works quite slowly.
They should support the idea of configuration management as code from source code and provide a more robust API for managing the pfSense configuration.
The solution should have the ability to be up to date with the most recent threats.
This suggests a vulnerability that needs addressing to ensure administrators can update patches without losing access.
Business cannot stop just because of issues with support.
Last year, I renewed the support for three years, which can sometimes be expensive but depends on the security benefits and how it helps us.
It offers cost savings as it is generally cheaper than the competition.
It is about 20% cheaper.
The price of setup is approximately €500 to €800, which also includes the initial monitoring.
The product is free of cost.
Opting for twenty-four-seven support significantly increases the price, reaching around ten thousand to thirteen hundred dollars.
I rate the pricing a ten out of ten.
Currently, it costs about four million shillings in Kenya.
The cost depends on the package you are in, such as full threat management or basic.
These features help reduce our downtime, manage the ISPs, and deploy SLAs for all the website traffic.
The most valuable feature of FortiGate is FortiView which provides proactive monitoring.
We got a firewall and gave an SSL VPN to my client to connect to their servers, after which, such kind of activities involving ransomware attacks stopped.
With pfSense, network configurations adhere to standard practices, facilitating troubleshooting without the need for complex overlays or policies.
The price point is the most valuable aspect of the solution.
I like the tool's flexibility in the sense that you do not have to buy an appliance. You can put it on your own hardware, and it can be very simplistic hardware with simple configurations.
The firewall feature of Sophos XG has been the most effective for threat prevention.
Integration with endpoint security products ensures seamless traffic flow and rule enforcement, even when endpoints are not directly connected to the firewall.
Visibility features are included in XDR. This provides information on user impact, potential threats on specific machines, source and destination IPs, setup firewall details, and unique identifiers for each machine.
| Product | Market Share (%) |
|---|---|
| Fortinet FortiGate | 18.7% |
| Netgate pfSense | 9.8% |
| Sophos XG | 8.4% |
| Other | 63.1% |
| Company Size | Count |
|---|---|
| Small Business | 357 |
| Midsize Enterprise | 133 |
| Large Enterprise | 188 |
| Company Size | Count |
|---|---|
| Small Business | 168 |
| Midsize Enterprise | 33 |
| Large Enterprise | 29 |
| Company Size | Count |
|---|---|
| Small Business | 141 |
| Midsize Enterprise | 52 |
| Large Enterprise | 35 |
Fortinet FortiGate is a versatile network security tool offering features like VPN, firewall, web filtering, intrusion prevention, and scalability. It is known for its performance and integration with other Fortinet products, making it a preferred choice for robust cybersecurity.
Fortinet FortiGate stands out as a comprehensive cybersecurity solution with strong performance and ease of configuration. It delivers unified threat management, integrating features such as dynamic routing, SD-WAN support, and centralized management. Despite its strengths, improvements in the web interface's stability, pricing structures, and reporting capabilities are needed. Users seek better integration with third-party tools and automation advancements to enhance the experience further. These enhancements, alongside improvements in bandwidth management and the reduction of licensing costs, are points of interest for users looking to capitalize on FortiGate's extensive capabilities.
What are Fortinet FortiGate's key features?Fortinet FortiGate is widely implemented across industries as a primary firewall system for securing internet gateways and safeguarding data centers. It supports businesses in achieving SD-WAN integration and enhances cybersecurity by providing essential features like antivirus, web filtering, and application control. Enterprises utilize FortiGate for securing remote connections and ensuring compliance with security standards, making it adaptable for different network sizes and industries.
Netgate pfSense is an open-source firewall and router software known for scalability, cost-effectiveness, and community support. It includes customizable packages for varied network management needs, offering solid performance and straightforward management for diverse setups.
Netgate pfSense provides an impressive range of functionalities including firewall capabilities, VPN options, and extensive customization through packages. Its low resource usage and high availability make it viable for businesses of all sizes, especially when dealing with tailored network demands. Despite its strengths, users suggest improvements in ease of use, mobile compatibility, and support for plug-ins. Enhanced centralized management, better documentation, and additional security features are frequent requests.
What are the key features of Netgate pfSense?In education and healthcare, Netgate pfSense is employed for secure connectivity and efficient traffic management, accommodating distinct demands of remote access and content filtering. Organizations in these sectors often utilize features such as load balancing and VPNs to maintain secure and reliable network operations while integrating with services like Active Directory for streamlined identity management. Small to medium-sized enterprises benefit from its affordability and robust functionality, making it a go-to choice for managed service environments requiring effective network security and control.
Sophos XG provides robust security capabilities, offering features like web filtering, VPN, and user-friendly management. Its intuitive setup and policy adjustments enhance security while synchronized endpoint protection ensures comprehensive defense.
Sophos XG is a network security solution with web and application filtering, VPN features, and a management interface that simplifies configuration. It offers email protection, threat prevention, and reporting capabilities, all contributing to a comprehensive defense strategy. Synchronized security with endpoints enhances protection, and advanced threat protection with efficient bandwidth management supports secure remote work environments. However, users suggest improvements in log interfaces for real-time actions and better email protection. Enhancements in link load balancing, RAM, VPN stability, and central management are needed. HTTPS filtering, certificate management, technical support, and scalability of the SD-WAN feature can see advances.
What are the key features of Sophos XG?In industries such as healthcare, education, and financial services, Sophos XG acts as a mainline defense for network security, VPN connectivity, and web filtering. It supports secure remote access, intrusion prevention, antivirus scanning, and secure web gateways integrated with endpoint systems, tailoring its extensive security capabilities to meet specific industry requirements.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
