I'd agree with Karl's comment above. PfSense is a great product but treat it like a firewall and the big bonus is it's free. It's great at what it does.
Sophos UTM on the other hand can be a beast as it's an all in one solution and can get as complex as you would like it. We have failover clustering, load balancing and make use of all of their proxies. Very easy to make initial configuration errors until you know the product and how traffic flows etc.
It can also be fairly expensive with the subscriptions eg AV, sandstorm etc
If you can afford it, go for Sophos but pfSense can also play it's part too.
Specialist in IT Infrastructure, Networks and Software Quality at a tech services company with 51-200 employees
Real User
2019-05-17T01:37:34Z
May 17, 2019
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
Sophos Certified UTM Architect, Sophos Certified XG Engineer at MediaSoft, Inc.
User
2019-05-16T19:41:39Z
May 16, 2019
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
Information Security Manager at a tech services company with 201-500 employees
Real User
2019-05-16T14:58:16Z
May 16, 2019
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
https://www.itcentralstation.com/products/comparisons/pfsense_vs_sophos-utm
Hello peers,
I am researching firewalls and found the following two options: Fortinet FortiGate and pfSense.
What are the differences between these two firewalls? Which firewall do you prefer and why?
Thank you for your help.
Especially with support and updates of the signatures, FortiGate has a more solid base. Being an IPO company, with respect to Pfsense, start as a community project and you can purchase support and even dedicated appliances if you have a budget for FortiGate, or if you are starting Pfsense.
Greetings
Both are very good products, but some features that Sophos mentioned as new, FortiGate has been handling. If you are going to grow with several appliances I recommend Sophos, since the administration can be done from the cloud. With Fortinet, you have to pay a licensing fee. In terms of costs and all the options, they are very similar. Another detail to review is the support, at the beginning with Fortigate, I had enough details, but it is really improving significantly with respect to Sophos.
My comment is based on experience and I do not lean toward any of the brands. To reiterate, they are good types of equipment.
Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and client, Open VPN and client, and PPTP client. Both also have intrusion detection and prevention in transparent mode. I like that both firewalls offer DNS filtering with any DNS filtering company and also have a network configuration feature with customized configuration that is enabled by a setup wizard.
Two stark differences between PfSense and OPNsense are that PfSense does not allow for quick updates and patches, but OPNsense does. On the flipside, PfSense has two factor authentication that works with a remote radius server, which OPNsense can’t do.
Another feature of each to consider based on your company needs is the dashboard; PfSense has drop-down menus, while OPNsense has its menus placed on the left side. It comes down to your personal preference, but I find that having menus on the left side of a dashboard makes it easier to use because it is organized and navigation is clear. Some people may think OPNsense is harder to navigate because of the messy dashboard layout.
What I like about both options is that they are free to download and use. They also both have frequent updates, with constant updated documentation. OPNsense seems to be more intuitive to use and has a great reporting feature. PfSense, though, seems to have more product tutorials available and also more answers to FAQs that can be easily found online.
Conclusion
Both products have a similar set of features. In my opinion, though, I think PfSense is superior to OPNsense, not only because it has an array of features but also because it has an automatic backup feature that I find very valuable.
I'd agree with Karl's comment above. PfSense is a great product but treat it like a firewall and the big bonus is it's free. It's great at what it does.
Sophos UTM on the other hand can be a beast as it's an all in one solution and can get as complex as you would like it. We have failover clustering, load balancing and make use of all of their proxies. Very easy to make initial configuration errors until you know the product and how traffic flows etc.
It can also be fairly expensive with the subscriptions eg AV, sandstorm etc
If you can afford it, go for Sophos but pfSense can also play it's part too.
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
https://www.itcentralstation.com/products/comparisons/pfsense_vs_sophos-utm