We performed a comparison between Check Point NGFW and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The main difference between these two products is that Check Point users feel that the tool’s VPN is hard to integrate. In addition, Check Point does not have an open-source version like pfSense does.
"The simplicity of the configuration and the stability of the product are most valuable. The VPN concentrator is very useful."
"The VPN is the most valuable feature."
"Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough."
"The security fabric is excellent."
"Fortigate is very scalable to serve our customers' needs. We have scaled already from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers."
"The most valuable feature is the interface, which is very user friendly. We are utilizing most of the features, like content filtering. The firewall is powerful."
"The CLI and GUI do a good job of putting a lot at your fingertips."
"Their proxy-based inspection is responsive and secure."
"The product is flexible."
"When applying application control, we can ensure user access to the internet in accordance with company policy and easy implementation if some users need exception access."
"We can manage which users have access to certain websites."
"It filters unwanted traffic."
"There is a lot of legacy traffic from other vendors that has been migrated to Check Point which has resulted in a lot of stability in our environment."
"The solution can scale."
"The solution offers very good central management, which saves time and is hassle-free."
"One ability that Check Point has is that it is the first to provide us with the ability to use identities instead of using the traditional IP-based format, which allows way more flexibility in what we can do with the rule base."
"The product’s documentation is good."
"It's a good solution for end-users. It's pretty easy to work with."
"Centralized administration with multiple services, which allows for execution in several important functionalities of information security."
"The interface is straightforward and easy to use."
"The solution is very robust."
"Super easy to manage. Anyone who has been working with firewalls can handle it."
"We can run it on any hardware."
"The initial setup is easy."
"I would like reporting to be improved and should offer a lot more tools to monitor the products."
"The sniffing packets or packet captures, can be simplified and improved because it's a little confusing."
"Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why."
"We had a minor problem where there was a major system upgrade on the hardware platfrom and the Mac client was not available as soon as it might have been. The PC client was available immediately, but we had to wait a month or so, before there was a mac client. I was slightly irritated that it was not ready on time, but it was eventually resolved."
"The support we receive when we need to upgrade is not satisfactory and has room for improvement."
"The solution's framework needs to be frequently updated in order to have a stable solution."
"One area for improvement is the performance on the bandwidth demands for smaller devices, as well as better web filtering."
"FortiGate support could do some improvements on their IPv6 configuration. Right now it's still in the very early stage for utilizing in an enterprise level network environment."
"They have few predefined reports and it would be nice to increase them since the logs are excellent."
"Something worth mentioning is the need for Spanish support and better representation for teams in the Latin American area."
"The NAT services part needs improvement. It's not sophisticated. It needs functions like range assignment for NATing. The way you assign a list of IPs for NATing is too simple. It just allows you to use pools."
"The setup is a little complex compared to its competitors."
"Currently, some prices are very expensive."
"With the version we're on, it's a bit time-consuming if you have multiple IP addresses to add. But in the later versions, which we're moving to, it makes it a lot easier to add IP addresses with dynamic objects, as they call it."
"Check Point can improve a little better in their technical services, especially in the Indian market."
"The antivirus is less effective than its competitors' antivirus. The antivirus is good, but in other firewalls, such as Palo Alto, it's quite effective. Check Point should provide more output. Sometimes it provides comprehensive information and sometimes it doesn't."
"We have not had any problems with it, and we also do not have a need for any new features. If anything, its reporting can be better. Sophos has better reporting than pfSense. Sophos has more detailed information. pfSense is not as detailed. It is summarized."
"Layer 7 advanced firewall features are not included in the solution."
"One concern I have with Netgate pfSense is related to packet filtering. Specifically, issues can arise with certain functionalities like GP, and, at times, there may be bugs."
"I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner."
"It could use a little bit of improvement in the reporting."
"Also, simplifying the rules for the GeoIP. Making it simpler to understand would be an improvement."
"The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time."
"The hotspot and the portal feature in this solution are not stable for WiFi access. We use it at least once or twice every day and it crashes. Some modules can be better by improving detection and having new updates. Additionally, we have some issues with clustering and load balancing that could improve."
Check Point NGFW is ranked 5th in Firewalls with 277 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Check Point NGFW is rated 8.8, while Netgate pfSense is rated 8.6. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Azure Firewall and OPNsense, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and Meraki MX. See our Check Point NGFW vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.