We performed a comparison between Kerio Control and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: pfSense has the winning edge in this comparison because it received higher marks in the features, pricing, and service and support categories.
"Fortinet FortiGate is easy to use."
"The inspection and web security features are most valuable."
"The solution is very user-friendly."
"It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware."
"It's very good and very stable for businesses. It works very well."
"There are lots of features and most of them are deployed for internet security. Users are protected if they accidentally go to some malicious sites."
"It is quite easy to handle."
"Offers good security and filtering."
"One very good thing about the Kerio device is its authentication. I don't have a Windows domain for authentication. Instead, I use the Kerio product because it can separate users by Mac addresses and give them IP addresses based on their usernames, automatically logging them in. This makes for a very simple authentication system."
"The most valuable features of Kerio Control are the IPS and traffic rules. The traffic rules are very user-friendly and the IPS is working well. Additionally, the anti-virus is effective with quick options, such as filtering."
"The solution is user-friendly."
"The reporting needs to be improved. It is hard to get a domain."
"What I like the most about Kerio is that I can use the software appliance as a solution, so if the hardware fails for any reason then I can quickly replace it with hardware that I have in stock."
"Its support is very good, and it is stable product."
"Kerio has improved my organization's security."
"Technical support is good. They respond right away."
"The GUI is easy to understand."
"The solution is very robust."
"Its reliability and cost-effectiveness stand out."
"Sophos Intercept X is scalable. Currently, we have almost 30 people using it in our company."
"The solution is fairly scalable when it comes to integrating with other applications and data sets."
"I have found the firewall portion for the blocking most valuable."
"A valuable feature is that the solution is open source."
"Easy to deploy and easy to use."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"One area for improvement is the performance on bandwidth demands for smaller devices, as well as better web filtering."
"Fortinet already improved FortiGate, but in the current market, many brands of security devices have improved together. Fortinet still needs to catch up with market standards. Fortinet is lacking in features in comparison to competitors."
"With the addition of some features, it is possible that FortiGate can be used in all verticals."
"I would like to see more advanced developments of a wireless controller in the future."
"The non-error conserve mode has room for improvement."
"FortiGate should have a better way of detecting and managing the system memory because otherwise if the memory is too low, a system restart is required."
"In the next release, I would like to see the interface simplified to be more user-friendly."
"There's also room for improvement in the Traffic Rules. We define networks to use a specific outgoing interface, say VSAT, shore, or marine WiFi, which is okay. But then all we have is a checkbox that says "Use other internet interfaces if this one is unavailable." What we would prefer would be to have a priority list. So if VSAT is unavailable, try to use 4G, etc. We haven't really found a reliable way of doing that in the current release."
"The comprehensiveness of the security features could be improved upon. However, for the most part, it is pretty good. They could add more logs. I would like to see more detailed reporting, custom reporting from the logs, and more of a streamlined interface for certain aspects."
"The upgrades make the network slower."
"Support responses need improvement."
"The solution should offer more dashboards."
"I find it a bit costly to pay for the products that I am not using. They need to change their model in such a way that you don't have to pay for the products that you are not using. Its local support and scalability are also not good. I am looking forward to a more scalable product that will be able to grow with time and technology."
"I can no longer renew my subscription directly with GFI but we have to go through third-party resellers like CDW. The first time I did it with CDW. I went to CDW and it was almost like they didn't even know anything. They didn't know what package I was supposed to get. Then after I got it, it took almost five days to get everything working."
"I would like the customer statistics to be more user-friendly. It should explain more what users have been doing throughout the day. Sometimes, it'll just say they downloaded a big file. Meanwhile, they were connected through a VPN."
"There is more demand for UTMs than a simple firewall. pfSense should support real-time features for handling the latest viruses and threats. It should support real-time checks and real-time status of threats. Some other vendors, such as Fortinet, already offer this type of capability. Such capability will be good for bringing pfSense at the same level as other solutions."
"The GUI. There are TONS of plugins for pfSense, as such, if a user wants to add quite a bit of functionality, the GUI will feel a little congested."
"My only observation is about the quality of the IPSec logs, which are difficult to interpret and are poor in filters."
"Needs services on additional features, such as managing inventory and generating reports."
"The stability could be improved."
"The product could offer more integrated plugins."
"The main problem with pfSense is that it lacks adequate ransomware protection."
"I would like to see multiple DNS servers running on individual interfaces."
KerioControl is ranked 29th in Firewalls with 54 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. KerioControl is rated 8.0, while Netgate pfSense is rated 8.6. The top reviewer of KerioControl writes "With VPN, any of our guys can log in to the system and effectively be on board; helps with our customers all over the world". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". KerioControl is most compared with OPNsense, Sophos UTM, Sophos XG, Cisco Secure Firewall and Fortinet FortiGate-VM, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, Cisco Secure Firewall and WatchGuard Firebox. See our KerioControl vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.