We performed a comparison between pfSense and WatchGuard Firebox based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Both products received high marks from reviewers, but WatchGuard ultimately won out in this comparison. According to reviews, WatchGuard appears to be a more secure solution.
"The management console is pretty simple, so anyone who understands networking can initially deploy the solution."
"Fortinet FortiGate is easy to use."
"Some of the key features of the solution is that it has good reporting, you can receive many details from the connection, for example, clients and website information."
"The IPS is good. It protect my network from attackers."
"The solution is very easy to understand. It's not overly complex."
"The solution is easy to configure and maintain remotely."
"It's quite comfortable to handle the FortiGate firewall."
"It has improved our organization with control data."
"The solution is very easy to use and has a very nice GUI."
"I can manage it easily by myself."
"The gain in performance and security from configuring the VPN connections was significant."
"Easy to deploy and easy to use."
"The documentation is very good."
"The GUI is easy to understand."
"We generally use it because it's cheap. When we need something more robust we use Barracuda and Sony Wireless Routers. For certain clients, we use pfSense because it's compatible with the VoIP platform."
"My company mainly works in the health and educational domain, schools and universities. I prevent the improper use of content from schools and universities. I defend the medical records for the patients in our hospitals. That is the main use case for me for the firewall."
"The policy monitoring and allowing different traffic flows are the most useful features for us; regulating which traffic comes in and out."
"The solution simplifies my business. Normally, for administration, we are using NetApp System Manager on Window since it's easy to create new policies. In a short amount of time, you can create new policies based on new requirements. For example, in the last few months, many requirements changed due to the coronavirus, adding the use of new services, like Office 365, and eLearning tools, like Zoom."
"It's pretty simple to understand when you want to do any diagnostics on your network. If you want to go in and see what packages are having trouble getting through, what's being held, stalled, etc., it's very easy to use in that way."
"WatchGuard Firebox is the most powerful firewall for Wi-Fi security."
"The GUI is easy and intuitive."
"It's pretty simple to use. It's pretty simple to understand, and there's plenty of documentation. It does a pretty good job of what it is meant to do."
"WatchGuard has a very easy VPN and branch office VPN setup, so we use those pretty extensively."
"The most valuables feature of WatchGuard Firebox are the VPNs, and web filtering where we can stop users from going to malicious sites."
"FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and that presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate."
"The security of Fortinet FortiGate could improve."
"Fortinet needs more memory to save the log files. We need it to save the logs on the hardware and not in the cloud. I know this feature is available in FortiCloud, but if we need this log locally, it is not available."
"Fortinet FortiGate can improve the integration with Active Directory. Additionally, I would like to have a Cloud Controller, such as they do in the Cisco Meraki solution."
"The monitor and the visibility, in this proxy, is very weak."
"Bandwidth usage in reporting could be improved for Fortinet FortiGate."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"The integration with third-party tools may be something that they should work on."
"Web interface could be enhanced and more user friendly."
"pfSense is not user-friendly. I hope to have something to make the interfaces more user-friendly."
"Many people have problems setting up the web cache for the web system."
"Netgate pfSense needs to improve the configuration for a VPN."
"Reporting and real-time monitoring, since I'm used to Watchguard's reporting features, it would be nice to have an embedded solution for reporting."
"User interface is a little clumsy."
"When I checked other packages, it seems they use different tools that are installed on the PSS for functionality. They rely on third-party tools, unlike Fortinet, for example, which has its own tools. In comparison, we also use third-party tools on pfSense. For example, we had a situation where we needed a tool to identify authorized users, and when I searched for a solution, I found a third-party tool. However, using such tools may come with additional costs."
"Ultimately, we'd like something stronger, and something that can handle threats better in real-time."
"Cloud-based central administration of all devices from one point would be nice"
"I don't think I can get a full-blown DNS client from it. I've been trying to have DNS services. It has forwarding, but I don't get the services of a full DNS client. My main difficulty with it is that I can't run a complete service. I need NTP. I need DNS. I need DHCP for my domain, but I only get forwarding. As far as I can tell, I don't get caching and the kinds of reporting and registration needed to host a DNS for a domain. I have to have a separate solution for that."
"We were able to take from an older configuration, build a new one quickly, and get it up and running, which didn't take long, but there was some pain around it."
"The data loss protection works well, but it could be easier to configure. The complexity of data loss protection makes it a more difficult feature to fully leverage. Better integration with third-party, two-factor authentication would be advantageous."
"Make WatchGuard Firebox capable of integrating with third-party vendors like FireMon, Splunk, Tenable, etc."
"Websense is an application that monitors and filters internet traffic. Websense was derived from WatchGuard. But when you go to WatchGuard to actually implement that particular feature, you have to use some type of additional feature and you have to pay for it, unfortunately. I think it should be free or free in the WatchGuard box itself, as an option. It would be nice if they didn't charge us for that."
"There are a couple of things I wished that it would do, but I can't think of those off the top of my head."
"One other shortcoming is that there is no backup for it. We really haven't figured out how we might solve that problem. We may want to put a duplicate in... With WatchGuard, we just have the one box. If that were to fail, we'd probably be really hurting."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while WatchGuard Firebox is ranked 13th in Firewalls with 78 reviews. Netgate pfSense is rated 8.6, while WatchGuard Firebox is rated 8.6. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of WatchGuard Firebox writes "Offers a streamlined deployment, intuitive interface and robust security features". Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and Untangle NG Firewall, whereas WatchGuard Firebox is most compared with Sophos XG, OPNsense, SonicWall TZ, Meraki MX and Cisco Secure Firewall. See our Netgate pfSense vs. WatchGuard Firebox report.
See our list of best Firewalls vendors and best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.