Fortinet FortiGate and Netgate pfSense are firewall solutions. FortiGate is a commercial product with a focus on advanced security features and ease of use, making it ideal for businesses of all sizes. pfSense, on the other hand, is an open-source firewall known for its flexibility, customization, and cost-effectiveness, popular among tech-savvy users and small to medium businesses.
What are the valuable features of FortiGate and pfSense?
Pricing and ROI: Fortinet FortiGate has mixed reviews regarding pricing, setup cost, and licensing. FortiGate offers positive ROI with cost savings, reduced communication costs, and enhanced security. pfSense provides valuable ROI with flexibility, scalability, and improved network solutions. pfSense is open source. The pfSense Community Edition (CE) is a free. However, Netgate developed pfSense is a commercial version of pfSense called pfSense Plus. pfSense Plus includes additional features and support, but the core functionality is the same as the Community Edition. ROI comes from cost savings and granular control.
Room for Improvement: FortiGate users would appreciate better monitoring and advanced reporting. pfSense reviewers suggest improvements to the user interface for a more streamlined experience, also advanced reporting, better documentation, and troubleshooting tools.
Deployment and customer support: FortiGate users commented for a straightforward setup process with clear documentation and readily available support. pfSense installation is considered user-friendly, but advanced configurations can be challenging. The open-source community provides extensive documentation and online resources.
The summary above is based on 296 interviews we conducted recently with Fortinet FortiGate and pfSense users. To access the review's full transcripts, download our report.
"You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances."
"I appreciate FortiGate's flexibility, which allows for centralized management through FortiManager."
"This is an easy solution to deploy."
"The stability and scalability of this solution are satisfactory. Its SD-WAN, VPN, and URL filtering features are very useful."
"Good performance, stability, and virtual domain ability."
"The solution is easy to configure and maintain remotely."
"It performs very well."
"The virtual firewall feature is the most valuable. We have around 1,500 firewalls. We did not buy individual hardware, and the virtual firewalls made sense because we don't have to keep on buying the hardware. FortiGate is easier to use as compared to Checkpoint devices. It is user friendly and has a good UI. You don't need much expertise to work on this firewall. You don't need to worry much about DCLA, commands, and things like that."
"Good basic firewall features."
"I like the connectivity to the open VPN. It's very smooth."
"Easy to deploy and easy to use."
"I like pfSense's security features."
"It is a very good solution for enterprises that need a VPN for their employees. It is the best way to provide a remote work facility to employees at a very low cost. Other solutions that I have had in the past were very expensive. Enterprises don't always have that kind of money to invest."
"We like the fact that the product is open-source. It's free to use. There are no costs associated with it."
"The performance and functionality are good."
"The "OpenVPN Client Export" package is really helpful in exporting the VPN client software on most popular devices: iOS/Android, Windows, Mac, Linux, and a handful of SIP handsets."
"I would prefer to have more detailed logs within the FortiGate products themselves rather than relying on a separate tool."
"The UTM filtering needs improvement."
"There are some license issues. Not every feature must have a separate license. There must be some of kind synergy between the license so we don't have to pay for every individual license that we would like to have."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"Their software support needs improvement. I would prefer to have better support for bug fixes. Sometimes, we open a ticket, and it is very difficult to get a solution. Specifically, we are not at all happy with their support for load balancing."
"I need user-behavior analytics, to find threat scenarios from inside the organization, insider attacks. That would be very helpful for us. In addition, I would like next-generation features for small and medium businesses. These businesses require UTM, all in one product. Fortinet must include it."
"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files."
"The setup is pretty complex and not easy to implement."
"It's just not listed as FIPS compliant for where we're at now in government, which is an issue."
"Reporting and real-time monitoring, since I'm used to Watchguard's reporting features, it would be nice to have an embedded solution for reporting."
"The solution could always work at being more secure. It's a good idea to continue to work on security features and capabilities in order to ensure they can keep clients safe."
"The GUI could use improvements, though it is manageable."
"Adjustment in the interfaces: I had to adjust those interfaces manually and of course that is a great feature that you can restore it but it is immediately also one point for improvement. If you don't have to adjust, if it's just stamped and it works, that's great."
"There could be a way to remote to it through a mobile app. You can always browse through your browser on your mobile phone or tablet, but it would be good to have a dedicated app. I understand that iOS and Android developers are expensive, but there should be a mobile app."
"We would like to see ready-made profiles to cover most users' needs."
"The router monitoring needs improvement when compared with Sonicwall."
Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Fortinet FortiGate is rated 8.4, while Netgate pfSense is rated 8.6. The top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Meraki MX, Check Point NGFW and WatchGuard Firebox, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and Cisco Secure Firewall. See our Fortinet FortiGate vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Both are very good products, but some features that Sophos mentioned as new, FortiGate has been handling. If you are going to grow with several appliances I recommend Sophos, since the administration can be done from the cloud. With Fortinet, you have to pay a licensing fee. In terms of costs and all the options, they are very similar. Another detail to review is the support, at the beginning with Fortigate, I had enough details, but it is really improving significantly with respect to Sophos.
My comment is based on experience and I do not lean toward any of the brands. To reiterate, they are good types of equipment.