Fortinet FortiGate and Netgate pfSense are firewall solutions. FortiGate is a commercial product with a focus on advanced security features and ease of use, making it ideal for businesses of all sizes. pfSense, on the other hand, is an open-source firewall known for its flexibility, customization, and cost-effectiveness, popular among tech-savvy users and small to medium businesses.
What are the valuable features of FortiGate and pfSense?
Pricing and ROI: Fortinet FortiGate has mixed reviews regarding pricing, setup cost, and licensing. FortiGate offers positive ROI with cost savings, reduced communication costs, and enhanced security. pfSense provides valuable ROI with flexibility, scalability, and improved network solutions. pfSense is open source. The pfSense Community Edition (CE) is a free. However, Netgate developed pfSense is a commercial version of pfSense called pfSense Plus. pfSense Plus includes additional features and support, but the core functionality is the same as the Community Edition. ROI comes from cost savings and granular control.
Room for Improvement: FortiGate users would appreciate better monitoring and advanced reporting. pfSense reviewers suggest improvements to the user interface for a more streamlined experience, also advanced reporting, better documentation, and troubleshooting tools.
Deployment and customer support: FortiGate users commented for a straightforward setup process with clear documentation and readily available support. pfSense installation is considered user-friendly, but advanced configurations can be challenging. The open-source community provides extensive documentation and online resources.
The summary above is based on 296 interviews we conducted recently with Fortinet FortiGate and pfSense users. To access the review's full transcripts, download our report.
"Using this product makes the VPN seamless and almost invisible to me in the sense that I don't have to think about it."
"The most valuable features of Fortinet FortiGate are the APIs. They are the most widely known."
"The product is very stable, easy to troubleshoot, and configure, so it has reduced the time it takes for support."
"It's user-friendly and easy to operate."
"Customers are more inclined towards FortiGate because of application control, web filtering, and anti-spam features. The support from the FortiGate team is good, and price-wise, it is affordable."
"The features that we have found most valuable are the SSL VPN and the User Portal."
"The UTM feature is quite good. FortiAP is easy to deploy because both Fortigate and FortiAP are under the same brand. Otherwise, you need to do more work on the configuration."
"The solution is easy to configure and maintain remotely."
"Open source and support are valuable. I have community support."
"There is good documentation with a fantastic community and enterprise support."
"Good basic firewall features."
"Firewall system for small, medium, and large data networks. It allows you to provide security to your environment: DMZ networks, LAN, WAN, etc."
"The concurrent users are perfect for us."
"The flexibility of adding new kinds of services without spending any money can't be beaten."
"This solution has helped our organization by protecting our network from attacks."
"At our peak time, we have reached more than 5,000 concurrent connections."
"I have to say that the initial setup was complex. The deployment took a few days to get set up. Initially, we were using an IPVanish. We switched to this tool since we thought it would be easier. But it turns out it wasn't easier to set up and run."
"From a reporting perspective, there's room for improvement. They're providing FortiAnalyzer through which one can get some enhancements, but the visibility and reporting still need slight improvement."
"Compared to some other products, the DLP is not at par for the moment."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"There aren't really any negative aspects to discuss."
"Tunnel flapping was one of the major things I had seen wherein your internet link remains but your VPN tunnel is down. However, since I got a fix from the TAC team, I have not noticed it, but the customer complained a few times that they couldn't access the internet because of this problem."
"There are just some services that aren't available. For example, the Ethernet or point-to-point protocols. They could add these services to their product offering - especially services for ISPs."
"Application management can be improved."
"The technical support needs to be improved."
"The stability could be improved."
"They could improve their commercial stance and be more agile when it comes to the commercial pricing of enterprise deals."
"Could be simplified for new users."
"The product must provide integration with other solutions."
"The product could offer more integrated plugins."
"It was difficult to configure our web printer through the solution. This process could be easier. Additionally, integration with SD-WAN solution."
"I believe improving integration with various antivirus vendors could be beneficial."
Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Fortinet FortiGate is rated 8.4, while Netgate pfSense is rated 8.6. The top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Meraki MX, WatchGuard Firebox and Check Point NGFW, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and Cisco Secure Firewall. See our Fortinet FortiGate vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Both are very good products, but some features that Sophos mentioned as new, FortiGate has been handling. If you are going to grow with several appliances I recommend Sophos, since the administration can be done from the cloud. With Fortinet, you have to pay a licensing fee. In terms of costs and all the options, they are very similar. Another detail to review is the support, at the beginning with Fortigate, I had enough details, but it is really improving significantly with respect to Sophos.
My comment is based on experience and I do not lean toward any of the brands. To reiterate, they are good types of equipment.