We performed a comparison between Check Point NGFW and OPNsense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Check Point NGFW is highly regarded for its extensive security functions, centralized control, and ability to virtualize. OPNsense is appreciated for its ability to scale, provide guest access, offer user-friendly dashboards, and provide a free version for users. Check Point NGFW needs enhancements in integration, hardware upgrades, cost, stability, load balancing, technical support, and reporting capabilities. OPNsense, on the other hand, requires improvements in its interface, bandwidth management, multi-provider internet protection, integration with Azure, a timeline for new features and updates, IPS solution, reporting capabilities, SSL inspection, and learning curve.
Service and Support: The service for Check Point NGFW has varying feedback, with certain customers appreciating its assistance and quick response, while others believe there is room for improvement. OPNsense boasts an exceptional community support network, although a few users encounter challenges in directly accessing support.
Ease of Deployment: The setup process for Check Point NGFW can be complex and challenging, especially for those who are unfamiliar with the product. It requires expertise and experience for certain configurations and migrations. The initial setup of OPNsense is described as straightforward and easy, even for clients without IT experience. It can be completed within a few hours, with slight variations depending on individual circumstances.
Pricing: The cost of setting up Check Point NGFW is deemed to be expensive, whereas OPNsense falls into the moderate range. Check Point provides flexible licensing choices, although some individuals find the procedure complex. OPNsense is a license-free open-source solution. In addition to the basic expenses, OPNsense requires additional costs for hardware, installation, and training.
ROI: Check Point NGFW provides cost savings, simplicity, and reliable security enforcement, resulting in a favorable return on investment. OPNsense achieves a return on investment in less than three months and eliminates recurring fees.
Comparison Results: Check Point NGFW is the preferred choice over OPNsense. Users appreciate its comprehensive security features, centralized management, and virtualization capabilities. It is known for its stability, ease of use, and scalability. Check Point NGFW is considered worth the price due to its superior security and reliability.
"LinkGreat firewall capabilities"
"The threat prevention is the solution's most valuable aspect."
"The simplicity of the product is great. It's very easy to use, which is a compliment we get all the time in terms of feedback."
"There are great templates, so you don't have to customize them if you don't want to. You do have the option to custom create some folders and some reports, however, with what is there, you don't really need to go through extra effort, as they already give you a lot of predefined views of reports and so forth."
"It has improved our security capabilities."
"Our security improved from being able to put in rules and close off unwanted traffic."
"Its user interface is good, and it is always working fine."
"Offers good security and filtering."
"The features that are important include: IPS, sandbox, SandBlast, Anti-Bot, and URL filtering."
"The Anti-Spoofing has the ability to monitor the interfaces. Suppose any spoofed IP addresses are coming from an external interface, it won't allow them. It will drop that traffic. You have two options with the Anti-Spoofing: prevent or detect. If any kind of spoof traffic is coming through the external interface, we can prevent that."
"All of the features are very valuable, but the most valuable features are the sandboxing and the advanced IPS/IDS."
"We are delighted with the powerful management console and diagnostic tools."
"We have found the solution to be scalable."
"The way in which a computer is immediately isolated if it starts behaving badly and I get a notification of an infected computer is also extremely nice and a great feature."
"The technical services always replied in a very fast and effective way."
"The tool has solid firmware with very few vulnerabilities."
"The initial setup is easy. It only takes 15-30 minutes to deploy."
"What I like the most about OPNsense is that it offers an easy-to-use dashboard for device management and control."
"It has an open license. It works very well, and there is an update every month."
"The solution is user-friendly and easy to configure."
"The graphic user interface is very good and it is user-friendly which makes the product easy-to-use."
"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."
"The solution has high availability."
"OPNsense is easy to use and open source."
"The cloud features can be improved."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"Fortinet FortiGate needs to improve to be on par with its competitors, such as Palo Alto and Sophos. They are the market leaders. Fortinet FortiGate needs to improve its capabilities. However, we are happy with Fortinet FortiGate."
"The support system could be improved."
"The inability to scale the FortiAnalyzer to match our growth necessitates the purchase of new hardware."
"Improvement is needed in the Web Filter quotas to restrict users with allocated quotas."
"There are some complex administration tasks in their administration portal. That needs to be improved."
"The support structure needs to be improved because every time we contact them, there is a delay in the response."
"If you have a long ruleset, you may experience performance issues on the GUI, and installing rule changes on gateways can take a comparatively long time."
"Although the GUI is simple to use and fairly comprehensive, more support via CLI would be beneficial for bulk operations."
"One feature that could be improved is the internet object in the application control/URL filtering blade."
"I would like to see an improvement of built-in monitoring capabilities such as throughput. Practically visualization of CPview outputs into beautiful pink GUI will do it."
"At the moment it is not easy to configure some VPN S2S in Check Point."
"I would rate the technical support as a seven out of 10. Sometimes, it's difficult to get them to understand what the issue is. Sometimes, the issue is not resolved, then we solve it by ourselves with Check Point's documentation, which can be useful. When you open a case with Check Point, they can be a little slow. Sometimes, they don't solve things."
"When installed on Windows, the system with low storage space slows down."
"Unfortunately, the API is not fully complete and also it is not an API which I would refer to as a RESTful API as there are different endpoints for the same entity."
"While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet."
"The solution would not be suitable for anything large-scale."
"The scalability needs improvement."
"I think the most important thing is that it should be easily accessible, but currently, that doesn't seem to be the case. We need a hardware platform that's based on common standards and open computing principles, which would be like a commodity and benefit us greatly."
"Given that OPNsense plays a pivotal role as a firewall, safeguarding against various threats, having a reliable backup ensures uninterrupted protection even if unforeseen events impact the primary virtual machine."
"I would like to see better SD-WAN performance."
"I would like better documentation concerning the provided packages and their integration."
"The logging could improve in OPNsense."
Check Point NGFW is ranked 5th in Firewalls with 276 reviews while OPNsense is ranked 3rd in Firewalls with 36 reviews. Check Point NGFW is rated 8.8, while OPNsense is rated 8.4. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of OPNsense writes "Robust network security and management offering a user-friendly interface, open-source flexibility, and cost-effectiveness, with challenges regarding initial setup and the absence of official support". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Juniper SRX Series Firewall, whereas OPNsense is most compared with Netgate pfSense, Sophos XG, Untangle NG Firewall, Sophos UTM and KerioControl. See our Check Point NGFW vs. OPNsense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.