We performed a comparison between Check Point CloudGuard Network Security and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Check Point CloudGuard Network Security provides valuable features like VPN Blade, IPS Blade, URL filtering, and Applications Control Blade. pfSense is appreciated for its capacity to block IP addresses, user-friendly dashboards, and open-source nature.
Check Point could enhance its support system, cluster creation on AWS, data protection visibility, DLP feature, user interface, integration with other security solutions, cost reduction, documentation, and on-prem deployment flexibility. pfSense could improve instructional videos, stability, mobile application, GUI usability, updates, threat handling, FIPs compliance, log analysis, VPN capacity, documentation, user-friendliness, configuration processes, and SD-WAN integration.
Service and Support: Some customers appreciate the technical support provided by Check Point, while others express dissatisfaction with response time and global support. pfSense's customer service garners both positive and negative reviews. Some users commend the technical support they receive, while others rely on community resources for assistance.
Ease of Deployment: Check Point CloudGuard Network Security is praised for its easy, simple, and straightforward initial setup. Users find it interactive, user-friendly, and effortless to configure. However, it may require technical expertise and proper guidelines from customer support. pfSense is generally regarded as easy and straightforward to set up, with a simple installation process. The timeframe for completion varies from as little as 15 minutes to a few days, depending on the user's familiarity with firewall and network concepts.
Pricing: Check Point CloudGuard Network Security is recognized for its high price, however, it provides strong security measures and good value. pfSense is an open-source option that offers reasonable pricing and no extra expenses. However, there is a lack of available information concerning the exact costs associated with pfSense's licensing.
ROI: Check Point CloudGuard Network Security provides improved performance and benefits for organizations, resulting in a higher ROI range of 80% to 85%. pfSense is highly regarded for its cost-effectiveness and affordability, enabling substantial savings.
Comparison Results: Check Point CloudGuard Network Security is the preferred option when compared to pfSense. Users find the initial setup of Check Point CloudGuard Network Security to be straightforward, and user-friendly. Check Point CloudGuard Network Security offers more valuable features including VPN, IPS, URL filtering, and Applications Control Blade, which are highly appreciated for their compliance, intrusion protection, and productivity enhancement.
"The dashboard I have found the most valuable in Fortinet FortiGate."
"The user interface is relatively easy. The devices are easy to deploy and figure out when you have experience with other security appliances."
"The most valuable feature of Fortinet FortiGate is the simple configuration."
"It is simple to manage, and there are a lot of functionalities in the same box."
"This solution made it very easy to manage our bandwidth."
"The main benefit is the grouping of our security monitoring."
"I think that the UTM features are the most value, as it truly protects my infrastructure."
"A strong point of FortiGate is that the graphical interface is complete and easy to use, especially if we think there is a list of operations that we are able to perform inside."
"Check Point has pretty simple solutions, like the virtual appliance which you just download and it is imported into VMware and you just start using it."
"Security effectiveness is the most valuable feature. Operational efficiency, reporting, and support are also good."
"The tool's deployment is rapid. Its dashboard is also useful. It's easy to deploy both on-premises and in Azure. In an office with VMware running, deployment is a simple process. Similarly, in Azure, deployment is easy and scalable. Adding more CPUs is a straightforward task – just shut it down, modify the security, and restart. This ease of use translates into cost and resource savings, and faster deployment times."
"The easy management of the policies is great for us because we are a small team and having easy management is great and useful for us."
"The tool's most valuable features for us are threat prevention, HTTPS inspection, and the Anti-Bot blade. Threat prevention helps to protect our assets from threats. HTTPS inspection ensures secure communication, and the Anti-Bot blade is particularly helpful in detecting C2 servers, enhancing our ability to identify malicious activities and protect our network."
"The solution provides a centralized management console for easy administration and monitoring of security policies and events, making it easy for the security team."
"The program is very stable."
"It is scalable. It's a cloud solution, so it's easy to implement and manage."
"It has a very nice web interface, and it is very simple to use. The way policies are working is also good."
"The most valuable features are the VPN and the capture photo."
"The VPN is my favorite feature."
"The intrusion detection feature is the most valuable. It is an open-source firewall, so there is a lot of material on it. I also find the open VPN capability very nice. It is pretty customizable. The clustering and the high availability are the two biggest things to be able to get out of a firewall."
"The classic features such as content inspection, content protection, and the application-level firewall, are the most important."
"Routing, load balancing, Traffic Limiter and queues. Since this company relies on an Internet connection, having these features is a must."
"It is very easy to use. The interface is quite understandable. There is a good community, and I can take over at any time I want. If there is anything wrong with it, I could just reinstall the whole thing and start all over again, and I'll be up again in less than a few minutes"
"Improved service performance and availability through redundancy."
"The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are."
"Fortinet FortiGate could improve if it had a cloud-managed solution."
"I would like some automated custom reporting."
"The support is the main thing that needs to be improved."
"Lacks training for new features."
"The product does need better support in the cloud environment. It's not exactly cloud-native right now."
"Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN."
"I would like reporting to be improved and should offer a lot more tools to monitor the products."
"Check Point could show us use cases that would help us in Czech and could help us with security threats in our specific country."
"The documentation has been rough. Being able to do it yourself can be hit or miss given the constraints of the documentation."
"In the past year, I noticed that the challenging part, especially in the cloud, is upgrading to the next release of the firewall. Unlike on-premise upgrades, it's not as simple in the cloud. You need to recreate the machine, which makes the process more complex."
"I would like to see a step-by-step initial installation of the firewall. That would be really helpful. Like in Oracle appliances, when you start it asks you, what's your current IP address? An initial setup should be a step by step and intuitive process. You click on "begin," it asks you some simple questions. You fill in the blanks - your current IP address, what you want to do, you want to set up a site to site VPN, for example, that kind of thing. That would be the smartest thing to have."
"The cost is relatively high compared to the cost of other products in the market."
"For major upgrades, it's still necessary to destroy the VMs and re-create them again. Doing that would mean new public IPs as well."
"The convergence time between cluster members is still not perfect. It's far away from what we get in traditional appliances. If a company wants to move mission-critical applications for an environment to the cloud, it somehow has to accept that it could have downtime of up to 40 seconds, until cluster members switch virtual IP addresses between themselves and start accepting the traffic. That is a little bit too high in my opinion. It's not fully Check Point's fault, because it's a hybrid mechanism with AWS. The blame is 50/50."
"At the cost level, the solution is somewhat expensive."
"I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner."
"There is more demand for UTMs than a simple firewall. pfSense should support real-time features for handling the latest viruses and threats. It should support real-time checks and real-time status of threats. Some other vendors, such as Fortinet, already offer this type of capability. Such capability will be good for bringing pfSense at the same level as other solutions."
"I believe improving integration with various antivirus vendors could be beneficial."
"In an upcoming release, the reporting could be more user-friendly. For example, the reporting in graphs and charts for the host can be cumbersome."
"pfSense could improve by having a sandboxing feature that I have seen in SonicWall. However, maybe it is available I am not aware of it."
"Also, the GUI is helpful, but it's not user-friendly. It's complicated. It should be more intuitive for the average user and have an excellent graphical view. Of course, the user will typically know about network administration, but it still should be easy to understand."
"More documentation would be great, especially on new features because sometimes, when new features come out, you don't get to understand them right off the bat. You have to really spend a lot of time understanding them. So, more documentation would be awesome."
"As an open-source solution, there are so many loopholes happening within the product. By design, no one is taking ownership of it, and that is worrisome to me."
More Check Point CloudGuard Network Security Pricing and Cost Advice →
Check Point CloudGuard Network Security is ranked 8th in Firewalls with 119 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Check Point CloudGuard Network Security is rated 8.6, while Netgate pfSense is rated 8.6. The top reviewer of Check Point CloudGuard Network Security writes "The solution has good threat emulation, threat extraction, and reporting features". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Check Point CloudGuard Network Security is most compared with Azure Firewall, VMware NSX, Cisco Secure Firewall, Akamai Guardicore Segmentation and Cisco Secure Workload, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and Cisco Secure Firewall. See our Check Point CloudGuard Network Security vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.