Fortinet FortiGate and Netgate pfSense are firewall solutions. FortiGate is a commercial product with a focus on advanced security features and ease of use, making it ideal for businesses of all sizes. pfSense, on the other hand, is an open-source firewall known for its flexibility, customization, and cost-effectiveness, popular among tech-savvy users and small to medium businesses.
What are the valuable features of FortiGate and pfSense?
Pricing and ROI: Fortinet FortiGate has mixed reviews regarding pricing, setup cost, and licensing. FortiGate offers positive ROI with cost savings, reduced communication costs, and enhanced security. pfSense provides valuable ROI with flexibility, scalability, and improved network solutions. pfSense is open source. The pfSense Community Edition (CE) is a free. However, Netgate developed pfSense is a commercial version of pfSense called pfSense Plus. pfSense Plus includes additional features and support, but the core functionality is the same as the Community Edition. ROI comes from cost savings and granular control.
Room for Improvement: FortiGate users would appreciate better monitoring and advanced reporting. pfSense reviewers suggest improvements to the user interface for a more streamlined experience, also advanced reporting, better documentation, and troubleshooting tools.
Deployment and customer support: FortiGate users commented for a straightforward setup process with clear documentation and readily available support. pfSense installation is considered user-friendly, but advanced configurations can be challenging. The open-source community provides extensive documentation and online resources.
The summary above is based on 296 interviews we conducted recently with Fortinet FortiGate and pfSense users. To access the review's full transcripts, download our report.
"Overall, the pricing of the solution is very good. The product offers good value."
"Secure, user-friendly, stable, and scalable network security solution. Installation is straightforward."
"The most valuable features of Fortinet FortiGate are it is one of the most mature firewalls in the UTM bundle."
"Mainly the FortiGate reporting system is very good. It guides us through all the expectations of security. Fortinet provides us all that we need for security. Also, Fortinet FortiGate is a next-generation firewall. It is much more advanced than others."
"The Intrusion Prevention System and the web filtering are both working well."
"The threat prevention is the solution's most valuable aspect."
"The solution is stable."
"FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features."
"A free firewall that is a good network security appliance."
"Is good at blocking IP addresses."
"For everyday tasks, we just get alerts. It's anything that's suspicious, including from our Netgate. So, it's part of how we maintain cybersecurity in our school. This is working alongside our endpoint security solution."
"Content protection, content inspection, and the application level firewall."
"Super easy to manage. Anyone who has been working with firewalls can handle it."
"My company mainly works in the health and educational domain, schools and universities. I prevent the improper use of content from schools and universities. I defend the medical records for the patients in our hospitals. That is the main use case for me for the firewall."
"The performance and functionality are good."
"The product’s documentation is good."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"The solution needs to improve its integration with cybersecurity."
"FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and that presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate."
"I would prefer to have more detailed logs within the FortiGate products themselves rather than relying on a separate tool."
"Cisco Meraki products are rising very quickly in the cloud and the connected era. Meraki products offer much better ROI, upgradability, and manageability."
"Fortinet FortiGate could improve by having more capabilities for troubleshooting VPN connections. For example, I do get some feedback about the current status, but I could use some history and logging of important events. The information is logged in our Syslog server, but I could use that information from the device. If they could provide a GUI to have some more insight on what's going with my VPN would be useful."
"We were not able to build a full-mesh VPN; however, I am not sure if this was the fault of Fortinet FortiGate."
"There were quite a few problems with the stability of the system."
"User interface is a little clumsy."
"pfSense has some limitations in detecting site sessions. We want to control internet usage based on sites and their content, and pfSense doesn't perform this function."
"The security could be improved."
"The solution could always work at being more secure. It's a good idea to continue to work on security features and capabilities in order to ensure they can keep clients safe."
"The product could offer more integrated plugins."
"There are some bias issues and some intrusions in our network that have to be addressed. So, we're thinking of changing this firewall to something like a professional hardware-enabled firewall."
"Also, simplifying the rules for the GeoIP. Making it simpler to understand would be an improvement."
"Could be simplified for new users."
Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Fortinet FortiGate is rated 8.4, while Netgate pfSense is rated 8.6. The top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Meraki MX, WatchGuard Firebox and Check Point NGFW, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and Cisco Secure Firewall. See our Fortinet FortiGate vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Both are very good products, but some features that Sophos mentioned as new, FortiGate has been handling. If you are going to grow with several appliances I recommend Sophos, since the administration can be done from the cloud. With Fortinet, you have to pay a licensing fee. In terms of costs and all the options, they are very similar. Another detail to review is the support, at the beginning with Fortigate, I had enough details, but it is really improving significantly with respect to Sophos.
My comment is based on experience and I do not lean toward any of the brands. To reiterate, they are good types of equipment.