pfSense vs Sophos XG
We performed a comparison between pfSense vs Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"There are no issues that we are aware of. It does its job silently in the background."
"Firepower has reduced our firewall operational costs by about 25 percent."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"The most valuable feature would be ASDM. The ability to go in, visualize and see the world base in a clear and consistent manner is very powerful."
"It is very easy to use. The interface is quite understandable. There is a good community, and I can take over at any time I want. If there is anything wrong with it, I could just reinstall the whole thing and start all over again, and I'll be up again in less than a few minutes"
"A valuable feature is that the solution is open source."
"The solution is very easy to use and configure."
"I have found the firewall portion for the blocking most valuable."
"The solution is very easy to use and has a very nice GUI."
"Content protection, content inspection, and the application level firewall."
"The initial setup was simple and fast."
"I like the connectivity to the open VPN. It's very smooth."
"The VPN is easy and has good logging, monitoring and notifications."
"If you want to install antivirus and firewalling on endpoints, then Sophos is the best option."
"The feature that we find most valuable is the VPN, which ensures that people working remotely have a secure connection."
"The simplicity and timely updates."
"Sophos Control Center is a good feature. We can monitor everything from the control panel."
"The performance of Sophos XG is generally good and it is stable."
"The stability of Sophos XG is very good. However, there have been some issues with other weaker models because they are limited in hardware in resources."
"The VPN access for users is also a great thing, especially nowadays when working from home."
"Report generation is an area that should be improved."
"We only have an issue with time sync with Cisco ASA and NTP. If the time is out of sync, it will be a disaster for the failover."
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."
"The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs."
"Most of the features don't work well, and some features are missing as well."
"Deploying configurations takes longer than it should."
"We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."
"In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard."
"It's just not listed as FIPS compliant for where we're at now in government, which is an issue."
"It needs to be more secure."
"The main problem with pfSense is that it lacks adequate ransomware protection."
"I'd like to find something in pfSense that is more specific to URL filtering. We have customers who would like to filter their web traffic. They would like to be able to say to their employees, "You can surf the web, but you cannot get access to Facebook or other social media," or "You can surf the web, but you're not allowed to gamble or watch porn on the web." My technicians say that doing this kind of stuff with pfSense nowadays is not easy. They can implement some filters using IP addresses but not by using the names of the domains and categories. So, we are not able to exclude some categories from the allowed traffic, such as porn, gambling, etc. To do that, we have to use another product and another web filter that uses DNS. I know that there are some third-party products that could work with pfSense, but I'd like the native pfSense solution to do that."
"Also, simplifying the rules for the GeoIP. Making it simpler to understand would be an improvement."
"We are at the moment looking to use it as a proxy service so that we can limit what websites people go and view and that sort of thing. That's an area I've struggled with a little bit at the moment and it could be a bit easier to set up."
"Many people have problems setting up the web cache for the web system."
"The integration should be improved."
"I would want the level of integration to have another device on your network that is also reliable."
"Sophos XG's user interface has some room for improvement."
"There have been some issues when upgrading. For some reason, parts of the configuration become unconfigured, I then have to reconfigure it. I should not need to keep reconfiguring it after upgrades."
"The only area that requires improvement is scalability."
"The VPN device could be improved upon."
"In the Firewall, the Intrusion Prevention System can be improved."
"The initial setup, specifically when activating the license, is a nightmare and is quite difficult."
"We feel that the GUI can be improved a bit because it has a lot of information and looks a bit outdated."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
pfSense is ranked 2nd in Firewalls with 58 reviews while Sophos XG is ranked 6th in Firewalls with 141 reviews. pfSense is rated 8.6, while Sophos XG is rated 8.0. The top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". On the other hand, the top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". pfSense is most compared with OPNsense, Fortinet FortiGate, Untangle NG Firewall, Sophos UTM and Zyxel Unified Security Gateway, whereas Sophos XG is most compared with Fortinet FortiGate, OPNsense, Palo Alto Networks NG Firewalls, Meraki MX and SonicWall NSa. See our Sophos XG vs. pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.