

Netgate pfSense and Sophos Firewall are leading contenders in the firewall and network security category. Netgate pfSense holds an advantage with its open-source flexibility, allowing for extensive customization, while Sophos Firewall offers integrated security features appealing for streamlined management.
Features: Netgate pfSense offers WAN load balancing, multiple VPN options such as OpenVPN, and advanced traffic management with modules like Squid and Snort. Its performance is hardware-independent, enhancing cost-effectiveness for diverse deployments. Sophos Firewall provides robust threat prevention, synchronized security, and an integrated security ecosystem that includes application control and web filtering. It also offers easy integration with cloud services and user-friendly configuration.
Room for Improvement: Netgate pfSense users highlight areas such as an outdated central management console, occasionally complex VPN configurations, and integration challenges with antivirus tools. Improvements in reporting and monitoring features are also desired. Sophos Firewall faces challenges related to VPN troubleshooting, occasional bugs, and firmware upgrade issues. Enhancements in high availability configurations and user interface improvements could benefit its users.
Ease of Deployment and Customer Service: Deployment flexibility is a strong point for Netgate pfSense, with options for on-premises and hybrid cloud implementations. However, users primarily rely on community support, which may be challenging for larger deployments. In contrast, Sophos Firewall provides straightforward deployment with a centralized management system, though some users experience slow support responses.
Pricing and ROI: Netgate pfSense is known for its affordability due to its open-source nature and offers a low total cost of ownership without licensing fees. Paid support is available but remains cost-effective. Sophos Firewall adopts a mid-range pricing strategy, offering substantial value with bundled security features and simplified administration, although its initial and renewal costs are higher compared to pfSense.
In four years of using it, that payment of 189 dollars per year has already paid off.
It's very favorable to have the inclusion of firewall, VPN, and router functionalities.
The total cost of ownership is extremely low when you compare it to a lot of the other devices or other gateway appliances that are available on the market.
The costs have increased with Sophos XGS in the last few years, with license prices going up by 30%, doubling from $2,500 to about $5,000, which is a big challenge for us.
The graphical interface of Sophos XG simplifies configurations, saving time in support and troubleshooting compared to the Linux-based solution I previously used.
We purchased endpoint security for the first time last year, and even without endpoint security, it provides comprehensive security.
I couldn't imagine having better support.
The biggest fear I have, and probably the only reason I still have the old one lying around is that if something were to happen to this hardware and I had to send it back for support, I need to be able to keep my network running in the meantime.
The support is knowledgeable and responds quickly, so the questions are addressed professionally and accurately.
Their team was quick to diagnose and resolve the problem by exchanging the equipment within two weeks.
Any issues are quickly addressed by their support team, which is not common among all OEM manufacturers.
When my customers raise a ticket, a customer representative calls them immediately to address their queries.
If I put things into a certain context and say that we have a network that has around 100 people, then you don't put up a device that can manage 100 people. Instead, you need to get a device that can manage 150 to 200 people, and then you can create room for growth.
I don't think Netgate pfSense can offer much scalability for big enterprises.
Even with a jump from a 50 megabit to a 500 megabit internet connection and approximately 65 active VPN clients, our firewall operates smoothly without any strain.
You can scale up to multiple firewalls with centralized management.
You can't upgrade memory or storage on a specific model, which limits scalability.
Since it uses the underlying Kubernetes infrastructure, it can scale easily if the Kubernetes cluster is sufficiently large.
I rate the solution's stability a ten out of ten.
I've noticed a substantial improvement in stability and ease of use for upgrades and patching over the past year or two.
When I replace consumer routers with pfSense for small businesses with two or three employees, they are often amazed to discover the router can run for a year without a reboot.
It is rated at nine out of ten for stability and is very reliable.
Sophos XG is very stable, even when serving as a DHCP server.
Sophos XGS is stable now, and I would rate its stability as a ten out of ten.
If I need to go between different VLANs, I have VLAN 19.1 and VLAN 19.2, and I strictly use Netgate pfSense, but it doesn't route very efficiently and works quite slowly.
They should support the idea of configuration management as code from source code and provide a more robust API for managing the pfSense configuration.
Monitoring is crucial. The easier the monitoring and user interface, the simpler our team can work on and investigate issues.
Tekton also has an unstable API with frequent changes, making it challenging to maintain consistency across versions.
It would be beneficial if Sophos XGS offered an end-to-end solution with competitive pricing.
The DDNS features are essential for any organization, as it is better not to have a static IP address from an ISP.
It also offers a free community version that can't be beaten.
Since I'm using my own hardware instead of a Netgate appliance, this is the most bang for your buck you can deploy.
There are cheaper firewall options, but they aren't as reliable and easy to manage.
Currently, it costs about four million shillings in Kenya.
The cost depends on the package you are in, such as full threat management or basic.
The last instance I purchased was for three years, around $3,700 for SDG 125.
I like the tool's flexibility in the sense that you do not have to buy an appliance. You can put it on your own hardware, and it can be very simplistic hardware with simple configurations.
The most valuable feature is the routing capability.
It is not licensed and is not run by some corporation that watches you.
The firewall feature of Sophos XG has been the most effective for threat prevention.
It's able to detect cloud applications like Zoom or Microsoft Teams and allows traffic shaping based on the application.
By prioritizing bandwidth for our ERP hosted in Amazon Cloud and de-prioritizing non-essential sites, it has greatly improved our network management.
| Product | Mindshare (%) |
|---|---|
| Netgate pfSense | 7.7% |
| Sophos Firewall | 6.9% |
| Other | 85.4% |

| Company Size | Count |
|---|---|
| Small Business | 171 |
| Midsize Enterprise | 33 |
| Large Enterprise | 29 |
| Company Size | Count |
|---|---|
| Small Business | 209 |
| Midsize Enterprise | 61 |
| Large Enterprise | 53 |
Netgate pfSense is an open-source firewall and router software known for scalability, cost-effectiveness, and community support. It includes customizable packages for varied network management needs, offering solid performance and straightforward management for diverse setups.
Netgate pfSense provides an impressive range of functionalities including firewall capabilities, VPN options, and extensive customization through packages. Its low resource usage and high availability make it viable for businesses of all sizes, especially when dealing with tailored network demands. Despite its strengths, users suggest improvements in ease of use, mobile compatibility, and support for plug-ins. Enhanced centralized management, better documentation, and additional security features are frequent requests.
What are the key features of Netgate pfSense?In education and healthcare, Netgate pfSense is employed for secure connectivity and efficient traffic management, accommodating distinct demands of remote access and content filtering. Organizations in these sectors often utilize features such as load balancing and VPNs to maintain secure and reliable network operations while integrating with services like Active Directory for streamlined identity management. Small to medium-sized enterprises benefit from its affordability and robust functionality, making it a go-to choice for managed service environments requiring effective network security and control.
Sophos Firewall provides comprehensive network security with web filtering, VPN capabilities, and cloud integration. Users highlight its effective threat prevention and flexibility for customizable policies, enhancing network visibility and management.
Renowned for its robust security, Sophos Firewall simplifies network protection through advanced features like intrusion prevention and endpoint protection integration. Its user-friendly interface allows seamless remote management and tailored rule creation, making it ideal for varied environments like healthcare and education. While the system excels in threat detection, areas such as interface navigation, support response times, and VPN integration face challenges. Enhanced reporting and bandwidth management are essential for improved performance.
What are the standout features of Sophos Firewall?Industries such as healthcare, education, and finance implement Sophos Firewall for secure VPNs, improved threat management, and effective traffic monitoring. Its load balancing and email security features support compliance and governance, ensuring robust protection tailored to sector-specific requirements.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.