Netgate pfSense and Sophos XG are prominent players in the firewall solutions market. While Netgate pfSense is favored for its affordability and open-source flexibility, Sophos XG stands out with its comprehensive security features and ease of management, particularly in enterprise environments.
Features: Netgate pfSense offers extensive open-source capabilities, highlighted by its VPN, load balancing, and customizable plugin options. Users appreciate its efficient resource utilization and scalability, supported by community-driven modules like Snort for intrusion detection. Sophos XG is renowned for its enterprise-grade security, featuring advanced intrusion detection, user-friendly management, and synchronization with other Sophos products. Its strengths lie in web and application filtering and intrusion prevention, providing robust protection across networks.
Room for Improvement: Netgate pfSense could benefit from refining its user interface and enhancing centralized management and plugin compatibility. Users seek better third-party tool integration and real-time reporting capabilities. Sophos XG requires improvements in VPN and SD-WAN functionalities, with users citing update process complexities and centralized management challenges. Enhancing reporting and third-party product integration could significantly boost its enterprise utility.
Ease of Deployment and Customer Service: Netgate pfSense appeals to those preferring cost-effective, on-premises deployments, though it relies more on technical expertise and community support. Sophos XG, with its streamlined setup and structured customer support, provides a more integrated security environment, justifying its higher price with ease of management and responsive technical assistance.
Pricing and ROI: Netgate pfSense is celebrated for its low ownership cost and open-source pricing model, appealing to those seeking cost-effective solutions with enterprise-level features. Its community edition is free, with competitively-priced support and hardware. Sophos XG, although pricier, delivers significant ROI through its extensive security features and efficient management, making it suitable for businesses requiring robust, centralized security oversight.
Clients are now comfortable and not wasting productive hours on IT support.
The automation part is giving us a cost benefit and speed; we can react faster.
It's a very useful tool to mitigate and protect your enterprise.
If they can save their data from attackers then it would save them at least two days of not working plus the cost of recovery, which would be much more than the cost of the system and maintenance.
Since the memory leak fixes, it's been incredibly stable and requires minimal maintenance.
In four years of using it, that payment of 189 dollars per year has already paid off.
The graphical interface of Sophos XG simplifies configurations, saving time in support and troubleshooting compared to the Linux-based solution I previously used.
We purchased endpoint security for the first time last year, and even without endpoint security, it provides comprehensive security.
It's good, but I would still say it's higher by about 10-15 percent compared to other market products with similar configurations.
They offer very accurate solutions.
The quick resolution of issues with Fortinet FortiGate is due to the support of the company and the fact that the equipment is easy to work with.
I would rate the technical support for Fortinet FortiGate a ten out of ten.
When I provide detailed information about the problem, they've been able to reply quickly with a solution or go research the problem and get back to us quickly with a fix.
They are highly responsive.
I couldn't imagine having better support.
They are professional, respond quickly, and help resolve issues effectively.
I rate the technical support a ten out of ten.
Their team was quick to diagnose and resolve the problem by exchanging the equipment within two weeks.
They scale up really well from smaller models like the FortiGate 40 and 50 to bigger sites with the FortiGate 100 for more throughput - up to enterprise datacenters.
The variation comes in terms of the interfaces and throughputs, but from a security perspective, you get the same benefit, irrespective of whether you have an entry-level unit or an enterprise.
We determine sizing based on multiple factors: number of users, available links, traffic types, server count, services in use, and whether services will be published.
If I put things into a certain context and say that we have a network that has around 100 people, then you don't put up a device that can manage 100 people. Instead, you need to get a device that can manage 150 to 200 people, and then you can create room for growth.
I don't think Netgate pfSense can offer much scalability for big enterprises.
Even with a jump from a 50 megabit to a 500 megabit internet connection and approximately 65 active VPN clients, our firewall operates smoothly without any strain.
You can scale up to multiple firewalls with centralized management.
You can't upgrade memory or storage on a specific model, which limits scalability.
You cannot buy one model and upgrade it to provide higher capacity.
We're experiencing 99.999% availability consistently.
I would rate the stability of Fortinet FortiGate a ten out of ten.
The solution is very stable.
I rate the solution's stability a ten out of ten.
I've noticed a substantial improvement in stability and ease of use for upgrades and patching over the past year or two.
When I replace consumer routers with pfSense for small businesses with two or three employees, they are often amazed to discover the router can run for a year without a reboot.
Sophos XG is very stable, even when serving as a DHCP server.
Sophos XG is resource-greedy, affecting performance even on newer computers.
It's on 24/7 and has consistently been reliable over the years.
Investing in a solution that can accommodate such growth would be more cost-effective than repeatedly purchasing new hardware.
The constant daily revisions necessitate meticulous identification of the relevant documents to prevent the use of outdated information that could jeopardize our environment.
While Fortinet claims to offer a comprehensive network solution, it falls short in addressing computer application issues, particularly server security.
There is some trade-off between having a certain level of security and maintaining acceptable performance.
If I need to go between different VLANs, I have VLAN 19.1 and VLAN 19.2, and I strictly use Netgate pfSense, but it doesn't route very efficiently and works quite slowly.
They should support the idea of configuration management as code from source code and provide a more robust API for managing the pfSense configuration.
The solution should have the ability to be up to date with the most recent threats.
This suggests a vulnerability that needs addressing to ensure administrators can update patches without losing access.
Business cannot stop just because of issues with support.
FortiGate is priced lower than Palo Alto.
Last year, I renewed the support for three years, which can sometimes be expensive but depends on the security benefits and how it helps us.
It is about 20% cheaper.
The price of setup is approximately €500 to €800, which also includes the initial monitoring.
You can acquire a decent embedded PC for around a hundred dollars and install pfSense on it, effectively creating a robust firewall solution.
The product is free of cost.
I rate the pricing a ten out of ten.
Currently, it costs about four million shillings in Kenya.
The cost depends on the package you are in, such as full threat management or basic.
In terms of security, we have not experienced any security flaws or loopholes, and it has proven to be quite stable.
FortiGate has helped reduce the risk of cyberattacks that might disrupt our client's production.
These features help reduce our downtime, manage the ISPs, and deploy SLAs for all the website traffic.
With pfSense, network configurations adhere to standard practices, facilitating troubleshooting without the need for complex overlays or policies.
The price point is the most valuable aspect of the solution.
I like the tool's flexibility in the sense that you do not have to buy an appliance. You can put it on your own hardware, and it can be very simplistic hardware with simple configurations.
Integration with endpoint security products ensures seamless traffic flow and rule enforcement, even when endpoints are not directly connected to the firewall.
Visibility features are included in XDR. This provides information on user impact, potential threats on specific machines, source and destination IPs, setup firewall details, and unique identifiers for each machine.
If any file is detected as malicious on any endpoint or firewall, Sophos Central immediately identifies the threat and publishes the information across all endpoints and firewalls.
Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.
Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.
What are the key features of Fortinet FortiGate?
What benefits should users expect from Fortinet FortiGate?
Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.
Netgate pfSense is widely leveraged by organizations for its comprehensive capabilities in firewalls, VPN servers, and bandwidth management. It suits LAN, WAN, and DMZ networks, offering secure, scalable, and efficient networking solutions.
Netgate pfSense stands out in diverse environments with its enterprise-grade features and cost-effective operations compared to competitors like Cisco. Deployed as an edge device, it optimizes routing, ad-blocking, content filtering, and traffic shaping. Users benefit from its versatile configurations, robust firewall protection, VPN functionality, and ISP load balancing. The open-source nature allows for extensive customization, integrating plugins like Snort and pfBlockerNG, and compatibility with third-party tools enhances its utility. The intuitive GUI combined with detailed logging and centralized management fortifies network security.
What features define Netgate pfSense?
What benefits should be considered for ROI?
Organizations in industries such as finance, healthcare, and education find Netgate pfSense integral due to its advanced security features and cost benefits. Its scalable architecture and strong VPN support are crucial for industries requiring stringent data protection and reliable remote access. The adaptability of pfSense makes it suitable for dynamic environments seeking comprehensive, secure networking solutions.
Sophos XG is a versatile network security solution that offers network protection, firewall management, VPN access, web filtering, and intrusion prevention, providing comprehensive security for businesses from small offices to large enterprises.
Sophos XG stands out for its Synchronized Security, easy setup, and robust templates. It manages VPN access, protects against threats, and handles load balancing and traffic monitoring. The cloud-based management, centralized dashboard, and detailed logging make it user-friendly and reliable. Integration of features like email protection, SD-WAN, and unified threat management ensures a broad spectrum of security needs are covered. However, it could benefit from improvements in network security, user portals, technical support, and more scalable SD-WAN features.
What are the key features of Sophos XG?Sophos XG is implemented across industries such as healthcare, education, and finance to secure sensitive data and ensure regulatory compliance. It aids in endpoint protection, application control, load balancing, and traffic monitoring essential for these industries. Enhancing network security, simplifying VPN setup, and integrating adaptive security features remain focal points for businesses.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
