We performed a comparison between Netgate pfSense and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware."
"Fortinet FortiGate is easy to use. Anyone can easily maintain it."
"The UTM feature is quite good. FortiAP is easy to deploy because both Fortigate and FortiAP are under the same brand. Otherwise, you need to do more work on the configuration."
"The email protection and VPN features are the most valuable."
"Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution."
"Overall, the pricing of the solution is very good. The product offers good value."
"Overall security features and performance routing is good."
"This version is stable. I don't have any issues with this solution, in our environment, it works well."
"I'm the expert when it comes to Linux systems, however, with the pfSense, due to the web interface, the rest of the staff can actually make changes to it as required without me worrying about whether they've opened up ports incorrectly or not. The ease of use for non-expert staff is very good."
"I like pfSense's reports and how I can control access to the policies on the firewall."
"It is much simpler than other solutions such as Fortinet."
"I especially like the VPN part. It works like a charm."
"We generally use it because it's cheap. When we need something more robust we use Barracuda and Sony Wireless Routers. For certain clients, we use pfSense because it's compatible with the VoIP platform."
"Open source and support are valuable. I have community support."
"The firewall sensor is highly effective, and it's easy to deploy. You can deploy pfSense with limited hardware resources. It's not necessary to have an appliance with much RAM to make it work. It's cost-effective and performs well."
"The initial setup is straightforward."
"The initial setup is pretty straightforward."
"The stability of Sophos UTM is very good. The solution has been stable since Sophos took over Cyberoam which was the original company providing this solution."
"We use Sophos UTM as our main firewall with all its features included. Mainly, it controls all of our network perimeter security: firewall, IDS/IPS, and web application firewall (including VoIP)."
"The scalability is good."
"The initial configuration is straightforward thanks to the web GUI. In 30 minutes, you can have a running firewall with UTM protection enabled."
"The packet filtering's great. You get out what you put into it. It works great as long as you know your security and configure everything adequately. If you just pop one in and it's not configured, then it's basically wide open. It kind of depends on the admin skill, but it's an excellent product."
"Configuration could not be made any easier."
"The stability, overall, is excellent. I haven't had a problem in the last two years."
"To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution."
"It could use better throughput on some of the smaller boxes for the branch offices."
"My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."
"Bandwidth usage in reporting could be improved for Fortinet FortiGate."
"The captive portal could be improved."
"MTBF: Hardware failure is more common when compared to SonicWall or Cisco ASA."
"I have to say that the initial setup was complex. The deployment took a few days to get set up. Initially, we were using an IPVanish. We switched to this tool since we thought it would be easier. But it turns out it wasn't easier to set up and run."
"Currently, without the additional reporting module, we only have access to basic reporting."
"They can improve the dynamic of the input of IPs from outside."
"There are some bias issues and some intrusions in our network that have to be addressed. So, we're thinking of changing this firewall to something like a professional hardware-enabled firewall."
"The hotspot and the portal feature in this solution are not stable for WiFi access. We use it at least once or twice every day and it crashes. Some modules can be better by improving detection and having new updates. Additionally, we have some issues with clustering and load balancing that could improve."
"The VPN feature of the solution could improve by adding better functionality and providing easier configure ability."
"We would like to see ready-made profiles to cover most users' needs."
"We are at the moment looking to use it as a proxy service so that we can limit what websites people go and view and that sort of thing. That's an area I've struggled with a little bit at the moment and it could be a bit easier to set up."
"The solution requires a lot of administration."
"It needs to be more secure."
"Sophos UTM could improve if there was no limitation on users."
"The initial setup was straightforward. The full deployment takes approximately two days which could be simplified to reduce the time. The major part of the process is the configuration and the policy setup."
"We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work."
"I would like this solution to support ICAP. Also, they no longer support on-premises management, and are forcing clients to use centralized management via the cloud, which I don't agree with."
"There were a lot of features and functionality in Sophos SG UTM but nothing was state of the art in terms of technology. You did not get the latest functions. It was very monolithic as it was based on an old Linux PuTTY system."
"Sophos UTM's firewall is a bit weak, and some of its features lack depth compared to other products like F5."
"The pricing is an issue."
"It is a little too CPU resource intensive, so we would like to see improvements there."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Netgate pfSense is rated 8.6, while Sophos UTM is rated 8.4. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Netgate pfSense is most compared with OPNsense, Sophos XG, Cisco Secure Firewall, KerioControl and Untangle NG Firewall, whereas Sophos UTM is most compared with Sophos XG, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and Untangle NG Firewall. See our Netgate pfSense vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
https://www.itcentralstation.com/products/comparisons/pfsense_vs_sophos-utm