We performed a comparison between Netgate pfSense and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortinet FortiGate's most valuable features are ease of use, flexibility, and most of the configuration we can be done using the GUI. When we compare Fortinet FortiGate with other solutions the firewall policy are very easy to understand."
"It can expand easily."
"The email protection and VPN features are the most valuable."
"Fortinet FortiGate's reliability is valuable."
"FortiGate has a strong security topic which allows all of the Fortinet devices to communicate and share information which makes their security more powerful."
"The interface is very good."
"The most useful functionality of Fortinet FortiGate is the user interface, multiple engines, and their cloud with the latest integrations. Additionally, the Security Fabric tool is very good."
"The reporting you receive out of this appliance is excellent. You will not need an external management system."
"The most valuable features of pfSense are the reports, monitoring, filtration, and blocking incoming and outgoing traffic."
"My company mainly works in the health and educational domain, schools and universities. I prevent the improper use of content from schools and universities. I defend the medical records for the patients in our hospitals. That is the main use case for me for the firewall."
"I have found the most valuable features to be antivirus and malware protection."
"I like the connectivity to the open VPN. It's very smooth."
"The most valuable features are the VPN and the capture photo."
"The solution is very robust."
"Creation of certificates and the facility to administer services are valuable features."
"Some of the terminologies were more familiar to me than it was when I first encountered Cisco."
"The solution's sandboxing, application center, and database engine are good."
"It does not take much effort or thinking to understand how it works."
"Scaling out cannot be easier, as there are many migration paths."
"It's easy to use."
"UTM 9 brings along IPSec as well as iPhone and iPad support. This seems small but it’s useful."
"Has great security features and does a good job of protecting the network."
"What I like about the solution is the ease of use."
"We use Sophos UTM as our main firewall with all its features included. Mainly, it controls all of our network perimeter security: firewall, IDS/IPS, and web application firewall (including VoIP)."
"One of the features that I would like to have is to do with endpoint production, it should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not."
"It would be nice if backups could more easily migrate between different models."
"Tunnel flapping was one of the major things I had seen wherein your internet link remains but your VPN tunnel is down. However, since I got a fix from the TAC team, I have not noticed it, but the customer complained a few times that they couldn't access the internet because of this problem."
"They are doing good, but they can improve the distributor assignment. The availability of the product and the timeline of delivery are the main things. The distribution should be swift, and the distributor should not reach out to end customers directly. They should work as a distributor. There should also be one more local distributor. Currently, there is only one distributor in Pakistan, and the rest of them are in UAE. It is difficult to work with only one distributor. Sometimes, you don't get along with the same distributor, and that's why they should have one more distributor. Their licensing should also be improved. The activation or renewal of the product should be done from the date of renewal, not from the date on which the license expired."
"The search tool needs improvement. It's very difficult to search for policies right now."
"They should improve high CPU and memory usage that occurs."
"There are a lot of bugs I have found in the solution and it is difficult to upgrade. These areas need improvement."
"It would be ideal if they had some sort of GUI interface for troubleshooting and diagnostics."
"The interface is not very shiny and attractive."
"The GUI could use more “bells and whistles”. It's got plenty of info for a Sysadmin but some people like shiny things."
"This solution is good for small businesses but it is not as stable as other competitors such as Fortinet."
"ClamAV AntiVirus can cause some crashes. That service should be improved."
"Also, the GUI is helpful, but it's not user-friendly. It's complicated. It should be more intuitive for the average user and have an excellent graphical view. Of course, the user will typically know about network administration, but it still should be easy to understand."
"The router monitoring needs improvement when compared with Sonicwall."
"The integration should be improved."
"I would like to see different graphs available in the reporting."
"The initial setup was straightforward. The full deployment takes approximately two days which could be simplified to reduce the time. The major part of the process is the configuration and the policy setup."
"The only time we face a problem or issues is when we place a ticket. We have found that response is very slow."
"There's an issue that when we deploy UTM on fiber, it automatically upgrades to the latest version without giving an option to stay on the current one."
"The five-factor authentication needs improvement."
"We didn’t find any issues but I know there have been some in the last few years."
"They could reduce the price."
"It does have built-in policies, which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them."
"The documentation during the AWS integration was a little fuzzy on getting it to work with how the whole public exposure versus private exposure, then routing some of the traffic."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Netgate pfSense is rated 8.6, while Sophos UTM is rated 8.4. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos UTM is most compared with Sophos XG, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and Untangle NG Firewall. See our Netgate pfSense vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (www.sophos.com)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
www.itcentralstation.com