We performed a comparison between Netgate pfSense and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Easy to use support and licensing portal as well as activation process."
"FortiGate is on the cheaper end, and it offers good value."
"We purchased Fortinet because of the pricing, its functionality, because it met our requirements, and the total cost of ownership over five years was quite reasonable. In the market, Fortinet is rated quite well."
"Fortinet offers the latest versions to cater to the needs of enterprises."
"Allows for firewall rules to be programmed and named in a way that makes it “readable”"
"The most important features with FortiGate are the web filter and application controls. We can control our internet usage and use the web filter for application purposes."
"One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them."
"The security fabric is excellent."
"This solution has helped our organization by protecting our network from attacks."
"It is a stable solution. It is also easy to install and can be deployed and maintained by one team member."
"Open source and support are valuable. I have community support."
"pfSense is a nice product, and I find that there's a lot of information out there. There are some good tutorials on YouTube and other websites with helpful information."
"There is good documentation with a fantastic community and enterprise support."
"Centralized administration with multiple services, which allows for execution in several important functionalities of information security."
"I'm the expert when it comes to Linux systems, however, with the pfSense, due to the web interface, the rest of the staff can actually make changes to it as required without me worrying about whether they've opened up ports incorrectly or not. The ease of use for non-expert staff is very good."
"The interface is straightforward and easy to use."
"The most valuable feature of Sophos UTM is reporting, it is flexible. I can monitor the end user's devices, even when they are not on my network. It has good drill-down capabilities."
"Stability-wise, I rate this solution a ten out of ten...Scalability-wise, I rate this solution a ten out of ten."
"The stability, overall, is excellent. I haven't had a problem in the last two years."
"I have no problem with the cost or licensing of this solution. This is a primary reason whay I wanted this solution. It does the same thing cheaper than other name brands."
"What I like about Sophos UTM is that it improves my company's security. The solution is easy to set up, which I like, and it's very stable."
"The implementation with the AWS environment was good."
"The isolation of infected machines is a big feature. Also, the ability to detect external sources that change files on a file server is really big."
"Sophos UTM has improved the porting section. It has improved security by seeing the gaps. For example, when you discover that an entry has been using a certain application, with Sophos UTM acting as a Layer 7 firewall, you can block the application, not the port."
"The renewal price and the availability could be improved."
"Scalability is one of the disadvantages. When it comes to scalability, you have to actually change the box. If you want to upgrade it, you need to actually change the existing box and probably you take the system off to other sites."
"From a reporting perspective, there's room for improvement. They're providing FortiAnalyzer through which one can get some enhancements, but the visibility and reporting still need slight improvement."
"The routing capability on the FortiGate devices has room for improvement."
"They should improve the interface to make it more user-friendly."
"It's my understanding that more of the current generation features could be brought in. There could be more integration with EDRs, for example."
"In the future, I would like to see improvements made to cloud-based management."
"Bandwidth usage in reporting could be improved for Fortinet FortiGate."
"We would like to see ready-made profiles to cover most users' needs."
"The user interface can be improved to make it easier to add more features. And pfSense could be better integrated with other solutions, like antivirus."
"A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion."
"It requires more attention to provide a better alternative for open source to small government or educational institutions with reduced budgets in terms of technology."
"The configuration of the solution is a bit difficult."
"pfSense has some limitations in detecting site sessions. We want to control internet usage based on sites and their content, and pfSense doesn't perform this function."
"Layer 7 advanced firewall features are not included in the solution."
"One concern I have with Netgate pfSense is related to packet filtering. Specifically, issues can arise with certain functionalities like GP, and, at times, there may be bugs."
"I would like this solution to support ICAP. Also, they no longer support on-premises management, and are forcing clients to use centralized management via the cloud, which I don't agree with."
"It is a pretty straightforward setup, but it should be some sort of documentation that takes you step-by-step to help set it up for your VPC."
"Initially, there were issues with the wireless network as wireless access points were disappearing from the dashboard after some time."
"We need a better VPN client for the customers."
"Updates come out agonizingly slowly, a trickle."
"The solution is not scalable."
"The UI can be cumbersome and, sometimes, features are not where you think they should be."
"The documentation during the AWS integration was a little fuzzy on getting it to work with how the whole public exposure versus private exposure, then routing some of the traffic."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Netgate pfSense is rated 8.6, while Sophos UTM is rated 8.4. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos UTM is most compared with Sophos XG, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and Untangle NG Firewall. See our Netgate pfSense vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (www.sophos.com)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
www.itcentralstation.com