We performed a comparison between pfSense and Fortinet Fortigate based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, it seems that pfSense is the more favorable solution because it is open source and also offers great features.
"I like Fortinet FortiGate's antispam filter, SPN, and clustering features."
"The initial setup is straightforward."
"Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough."
"What's most important is the ease of use."
"Good load balancing feature."
"Centralized monitoring, policy management, and virtualized appliances allow us to take control over our public and private infrastructure."
"Security solution with a straightforward and quick setup. It's a stable and scalable product."
"Our security improved from being able to put in rules and close off unwanted traffic."
"The documentation is very good."
"It is easy to use and has integrity with other systems, such as proxies and quality of service."
"The concurrent users are perfect for us."
"Its features rival many of the high cost solutions out there."
"At our peak time, we have reached more than 5,000 concurrent connections."
"We can run it on any hardware."
"The gain in performance and security from configuring the VPN connections was significant."
"It is a good firewall with good performance."
"One issue that I have had is that sometimes I need to monitor the traffic, so I need to filter it according to the user and which user is using it the most. I experience a bottleneck most of the time, particularly at the peak time when the number of contracts and users are at maximum."
"For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial."
"Currently, without the additional reporting module, we only have access to basic reporting."
"I feel that the reporting needs to be improved."
"Its customer service could be better."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"They need faster serviceability and more security features."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"The solution could always work at being more secure. It's a good idea to continue to work on security features and capabilities in order to ensure they can keep clients safe."
"One concern I have with Netgate pfSense is related to packet filtering. Specifically, issues can arise with certain functionalities like GP, and, at times, there may be bugs."
"It should integrate with LDAP, Active Directory, etc, to improve the way in which the traces and connections of each IP, or user connected through the firewall, are shown."
"The Netgate forums and community don’t provide extensive discussions and topics related to every pfSense service."
"The interface is not very shiny and attractive."
"The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time."
"Reporting and real-time monitoring, since I'm used to Watchguard's reporting features, it would be nice to have an embedded solution for reporting."
"A way to clean squid cache from the GUI."
Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Fortinet FortiGate is rated 8.4, while Netgate pfSense is rated 8.6. The top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Meraki MX, Check Point NGFW and WatchGuard Firebox, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, Cisco Secure Firewall and KerioControl. See our Fortinet FortiGate vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Both are very good products, but some features that Sophos mentioned as new, FortiGate has been handling. If you are going to grow with several appliances I recommend Sophos, since the administration can be done from the cloud. With Fortinet, you have to pay a licensing fee. In terms of costs and all the options, they are very similar. Another detail to review is the support, at the beginning with Fortigate, I had enough details, but it is really improving significantly with respect to Sophos.
My comment is based on experience and I do not lean toward any of the brands. To reiterate, they are good types of equipment.