We performed a comparison between Check Point CloudGuard Network Security and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Check Point CloudGuard Network Security provides valuable features like VPN Blade, IPS Blade, URL filtering, and Applications Control Blade. pfSense is appreciated for its capacity to block IP addresses, user-friendly dashboards, and open-source nature.
Check Point could enhance its support system, cluster creation on AWS, data protection visibility, DLP feature, user interface, integration with other security solutions, cost reduction, documentation, and on-prem deployment flexibility. pfSense could improve instructional videos, stability, mobile application, GUI usability, updates, threat handling, FIPs compliance, log analysis, VPN capacity, documentation, user-friendliness, configuration processes, and SD-WAN integration.
Service and Support: Some customers appreciate the technical support provided by Check Point, while others express dissatisfaction with response time and global support. pfSense's customer service garners both positive and negative reviews. Some users commend the technical support they receive, while others rely on community resources for assistance.
Ease of Deployment: Check Point CloudGuard Network Security is praised for its easy, simple, and straightforward initial setup. Users find it interactive, user-friendly, and effortless to configure. However, it may require technical expertise and proper guidelines from customer support. pfSense is generally regarded as easy and straightforward to set up, with a simple installation process. The timeframe for completion varies from as little as 15 minutes to a few days, depending on the user's familiarity with firewall and network concepts.
Pricing: Check Point CloudGuard Network Security is recognized for its high price, however, it provides strong security measures and good value. pfSense is an open-source option that offers reasonable pricing and no extra expenses. However, there is a lack of available information concerning the exact costs associated with pfSense's licensing.
ROI: Check Point CloudGuard Network Security provides improved performance and benefits for organizations, resulting in a higher ROI range of 80% to 85%. pfSense is highly regarded for its cost-effectiveness and affordability, enabling substantial savings.
Comparison Results: Check Point CloudGuard Network Security is the preferred option when compared to pfSense. Users find the initial setup of Check Point CloudGuard Network Security to be straightforward, and user-friendly. Check Point CloudGuard Network Security offers more valuable features including VPN, IPS, URL filtering, and Applications Control Blade, which are highly appreciated for their compliance, intrusion protection, and productivity enhancement.
"The wireless control is helpful."
"FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all of these features on one device because it can cause performance issues."
"Some of the valuable features are the firewall, IPS, web filter, and gateway capabilities. Additionally, it is easy to use and flexible."
"The solution is extremely reliable."
"Initial setup is straightforward. There weren't too many issues with setting it up. It takes one hour or so."
"Fortinet FortiGate appears to be scalable."
"The notable features that I have found most valuable are that it includes the antivirus, and also IPS, and even SD-WAN."
"Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution."
"The tool's most valuable features for us are threat prevention, HTTPS inspection, and the Anti-Bot blade. Threat prevention helps to protect our assets from threats. HTTPS inspection ensures secure communication, and the Anti-Bot blade is particularly helpful in detecting C2 servers, enhancing our ability to identify malicious activities and protect our network."
"The main benefit of the Check Point Virtual Systems solution is its ability to split up the hardware appliances that we have into several logical, virtual devices with separate traffic handling policies, as well as the switching and routing."
"Check Point CloudGuard technical support is good."
"The SSL spectrum proved to be the most valuable for our incoming connections."
"The solution has been quite stable."
"We have unified management. It is one of the advantages of this product."
"The most valuable feature for us is the simplicity of creating this environment. Even though our current cloud usage is limited, the process of setting up machines in the product and establishing an HR system was straightforward."
"Check Point CloudGuard Network Security has a beautiful threat emulation different from the market."
"The ability to create a VPN allows me to monitor branch offices from a central location."
"It is a good firewall with good performance."
"There is good documentation with a fantastic community and enterprise support."
"pfSense helped us during COVID-19 because we used OpenVPN to connect from home."
"I have found the most valuable features to be antivirus and malware protection."
"The classic features such as content inspection, content protection, and the application-level firewall, are the most important."
"I'm the expert when it comes to Linux systems, however, with the pfSense, due to the web interface, the rest of the staff can actually make changes to it as required without me worrying about whether they've opened up ports incorrectly or not. The ease of use for non-expert staff is very good."
"It is easy to use and has integrity with other systems, such as proxies and quality of service."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"It does not have key authentication for admin access."
"There are some problems that support cannot give you a logical reason as to why it happened. For example, I had a case where I was dealing with a WhatsApp application that was giving issues. Technical support gave more than one reason it could be giving issues, but none of them solved the problem. Eventually I solved the problem, but it was far from the solutions that support had given."
"FortiOS is not simple."
"The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. When I have used the Sophos solution it is a complete solution, in Fortinet FortiGate you have to use additional tools to have the features needed."
"The support structure needs to be improved because every time we contact them, there is a delay in the response."
"I feel that the reporting needs to be improved."
"The cloud features can be improved."
"The solution's integration with cloud providers has seen significant development in the past months, but there is room for improvement for better integration."
"The deployment phase takes too much time."
"The connection to the on-premises management requires using the CLI. It's not just a click, and you cannot edit in the management to prepare everything. You need to do it online and in real time. After that, you must execute a script, and then you should be happy that it appears in the management."
"I want the upgrades of their CloudGuard solution to major versions to be easier. We have had a few small hiccups. They have different types of cloud clusters called Geo Clusters, and those just cannot be upgraded past a certain point, which is a hurdle that we are currently experiencing."
"There is room for improvement in addressing bugs and support issues."
"This application can be more integrated with web application firewalls. Better integrations would provide more granularity, which would be helpful for focusing on the application itself and preventing attacks. It would be good to include the cross-domain search. If you have multiple firewalls that are managed on the same platform and you want to check who is using some particular objects or where a specific ID is being used, it should provide an option for this kind of search instead of having to check one by one on each firewall."
"The migration to TerraForm is a little more complicated, but we made it work."
"I haven't used CloudGuard Network Security in the past couple of years as I moved out of the network security role. However, based on my previous experience, there were improvements, especially in in-place upgrades. Regarding cost, it might be potentially cheaper considering resource utilization in Azure and VM costs, but licensing could be improved, possibly moving towards a simpler model."
"Netgate pfSense needs to improve the configuration for a VPN."
"The GUI could use improvements, though it is manageable."
"The product could offer more integrated plugins."
"It requires more attention to provide a better alternative for open source to small government or educational institutions with reduced budgets in terms of technology."
"The access control aspect of the product could be improved."
"The Netgate forums and community don’t provide extensive discussions and topics related to every pfSense service."
"The main problem with pfSense is that it lacks adequate ransomware protection."
"Ease of use is a problem for a user who is unfamiliar with this product because, in the interface, everything has to be set manually."
More Check Point CloudGuard Network Security Pricing and Cost Advice →
Check Point CloudGuard Network Security is ranked 8th in Firewalls with 117 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Check Point CloudGuard Network Security is rated 8.6, while Netgate pfSense is rated 8.6. The top reviewer of Check Point CloudGuard Network Security writes "The solution has good threat emulation, threat extraction, and reporting features". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Check Point CloudGuard Network Security is most compared with Azure Firewall, VMware NSX, Cisco Secure Firewall, Akamai Guardicore Segmentation and Cisco Secure Workload, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and Cisco Secure Firewall. See our Check Point CloudGuard Network Security vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.