pfSense vs Sophos XG
We performed a comparison between pfSense vs Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
"You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances."
"The solution is extremely reliable."
"The security on offer is very good."
"Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution."
"It is a good source for firewall protection."
"The most valuable features of Fortinet FortiGate are remote access, web filtering, and IPS."
"The most valuable feature of Fortinet FortiGate is load balancing. It can provide central management and VPNA. Additionally, it has enhanced our security environment."
"The flexibility and ease of configuration are the most valuable features."
"The most valuable features of pfSense are security, user-friendliness, and helpful online management."
"I have found pfSense to be stable."
"What I found most valuable is the cost of the platform, the flexibility of the platform, and the fact that the ongoing fees are not there as they are with the competitor. Some people may think you're taking a risk with using Opensource. I think it just provides the end user, specifically for us small, medium business providers of services, the flexibility we need at the right cost to provide them a higher end, almost enterprise type service."
"Its features rival many of the high cost solutions out there."
"Creation of certificates and the facility to administer services are valuable features."
"Super easy to manage. Anyone who has been working with firewalls can handle it."
"The features I have found best are ease of use, GUI, and performance."
"I'm the expert when it comes to Linux systems, however, with the pfSense, due to the web interface, the rest of the staff can actually make changes to it as required without me worrying about whether they've opened up ports incorrectly or not. The ease of use for non-expert staff is very good."
"Using Sophos endpoint and the firewall, synchronized security is easy."
"The most valuable is the synchronized security between Sophos XG and Sophos endpoint because it provides a lot of visibility about unknown applications. The endpoint shares the information of unknown applications, and you can learn about those applications and create policies to allow or block those applications."
"Easy to deploy and user friendly."
"This solution is very user-friendly and even a non-professional can configure the policies."
"The most valuable feature is the VPN aspect."
"The firewall functionality and unified threat management are the most useful features."
"The most valuable features of Sophos XG are user-friendliness and it is highly secure."
"It is stable, flexible, and easy to use. It has got a web management portal that can be accessed from anywhere."
"It claims it does DLP, but the degree and level of controls are very basic."
"The sniffing packets or packet captures, can be simplified and improved because it's a little confusing."
"I don't really have anything negative to say as far as Fortinet firewalls are concerned. If anything, they can support a user a little bit better. They can stop being so time-sensitive about how much time the support call has taken, and they can help you do it yourself."
"Reporting is limited to providing an external appliance for improving the reporting capabilities of the FortiAnalyzer. It does not offer a central management and is also sold separably as an appliance."
"Palo Alto has a feature called WildFire Analysis that is unavailable in FortiGate. WildFire is better than a sandbox because it can address zero-day threats and vulnerabilities. It can immediately identify zero-day threats from the cloud."
"They should improve the interface to make it more user-friendly."
"The routing capability on the FortiGate devices has room for improvement."
"Maybe they could make some features more accessible, such as a way to translate directions between two networks that share the same subnets."
"In terms of areas of improvement, the interface seemed like it had a lot. The GUI interface that I had gotten into was rather elaborate. I don't know if they could zero in on some markets and potentially for small, medium businesses specifically, give them a stripped-down version of the GUI for pfSense."
"Lacks instructional videos."
"The solution requires a lot of administration."
"The usage reports can be better."
"I'd like to find something in pfSense that is more specific to URL filtering. We have customers who would like to filter their web traffic. They would like to be able to say to their employees, "You can surf the web, but you cannot get access to Facebook or other social media," or "You can surf the web, but you're not allowed to gamble or watch porn on the web." My technicians say that doing this kind of stuff with pfSense nowadays is not easy. They can implement some filters using IP addresses but not by using the names of the domains and categories. So, we are not able to exclude some categories from the allowed traffic, such as porn, gambling, etc. To do that, we have to use another product and another web filter that uses DNS. I know that there are some third-party products that could work with pfSense, but I'd like the native pfSense solution to do that."
"The Netgate forums and community don’t provide extensive discussions and topics related to every pfSense service."
"We would like to see ready-made profiles to cover most users' needs."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
"The only issue that Sophos XG now needs to improve is the product's reporting capability."
"Sophos can improve the debugging of the WAPS function."
"There are issues with electricity with this solution."
"While it is possible to configure between two of the solution's devices in the same model, the high available usually fails."
"We feel that the GUI can be improved a bit because it has a lot of information and looks a bit outdated."
"I would like to have a more efficient login process."
"They should expand their DDoS feature. It's basic. They need to enhance it."
"It is performing well. However, the only challenges that we are facing are the effectiveness with blocking the proxy and tuneling applications, aside from proxy and similar applications. So the application filter on the product is not really performing 100%. Every now and then there are some updates that are happening on such applications, and it takes time until it gets the appropriate updates and becomes capable of capturing such applications and blocking them. A new feature I would really like to see would be some sort of an enhanced application filter with greater efficiency when it comes to the applications that can bypass firewall policies. These applications are really a nightmare. Once they are on the network and not detected, or the appliance is not really successful in capturing them and unblocking them, the bandwidth gets wasted all the time."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Sophos XG is ranked 7th in Firewalls with 192 reviews. Netgate pfSense is rated 8.6, while Sophos XG is rated 8.2. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Sophos XG writes "Easy to use and deploy with an improved pricing structure in place". Netgate pfSense is most compared with OPNsense, KerioControl, Sophos UTM, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos XG is most compared with OPNsense, Sophos XGS, SonicWall TZ, Meraki MX and Sophos UTM. See our Netgate pfSense vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.