We performed a comparison between Netgate pfSense and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's an easy solution to set up."
"The most valuable features are that it is very simple to configure and to manage."
"It works very well. It has a lot of different functionalities. Its cost is also fine for our customers."
"The IPS is good. It protect my network from attackers."
"The interface is very good."
"A strong point of FortiGate is the graphical interface is complete and easy to use."
"The next-gen features, the unified threat management capabilities are something that just about everybody is interested in at this point."
"I like how we can achieve total integration."
"The built-in open VPN and the VPN Client Export are the solution's most valuable aspects."
"The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network."
"The most valuable features of pfSense are the reports, monitoring, filtration, and blocking incoming and outgoing traffic."
"The solution is fairly scalable when it comes to integrating with other applications and data sets."
"The flexibility of adding new kinds of services without spending any money can't be beaten."
"It has a good web cache. I used to use a DHCP server and DNS server. For my company, I use pfSense as a load balancing application."
"The gain in performance and security from configuring the VPN connections was significant."
"pfSense is a nice product, and I find that there's a lot of information out there. There are some good tutorials on YouTube and other websites with helpful information."
"It makes it a lot easier for us to maintain things. Prior to it, things were more difficult. This means less time on us. We can focus on other things. The recovery is more in man-hours for us than anything else."
"We've found the technical support to be helpful."
"It is a stable product... I rate the solution's technical support a nine out of ten...The initial setup is quite easy because they have all the information on their website."
"The solution is easy to handle and configure."
"Scaling out cannot be easier, as there are many migration paths."
"The initial setup is pretty straightforward."
"The management suite is easy and the agent is easy to develop."
"It is a very good product. The threat monitoring process is the most valuable feature."
"Difficult to add or define, and not that easy to configure and manage."
"The solution could have licensing fees reduced in the future."
"The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. When I have used the Sophos solution it is a complete solution, in Fortinet FortiGate you have to use additional tools to have the features needed."
"There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision."
"Fortinet already improved FortiGate, but in the current market, many brands of security devices have improved together. Fortinet still needs to catch up with market standards. Fortinet is lacking in features in comparison to competitors."
"FortiOS is not simple."
"Fortinet FortiGate needs to improve the protection, it did not prevent us from being attacked. Additionally, Fortinet FortiGate could provide more features for WAF devices. I should not have to purchase two solutions, it would be a benefit to combine these features into one solution."
"The process of configuring firewall rules appears excessively complex."
"The solution could improve by having centralized management and API support online."
"This solution is good for small businesses but it is not as stable as other competitors such as Fortinet."
"The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time."
"The access control aspect of the product could be improved."
"Lacks instructional videos."
"Needs services on additional features, such as managing inventory and generating reports."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
"The solution requires a lot of administration."
"There is absolutely no support when using AWS. If you buy the on-premise Sophos solution, you get support."
"With Sophos UTM, there is a general rule in the firewall when the country blocking can block some countries from accessing your data. In the current version, you still need to add it by putting in the IP range. This feature would be helpful for administrators and it gives them the advantage to block stuff in less time."
"Needs to improve the certificate management (ex. Let's Encrypt support)."
"It does have built-in policies, which enable you to disable USB devices, etc. It would be nice if they had more policies because there are not that many of them."
"The reporting system needs to allow for customizations because many reports do not include details that we expect."
"There were a lot of features and functionality in Sophos SG UTM but nothing was state of the art in terms of technology. You did not get the latest functions. It was very monolithic as it was based on an old Linux PuTTY system."
"I think that additional metrics features are needed to be able to monitor other areas or to monitor as much as you can, at a fine-grain resolution."
"The initial setup may be difficult for those not familiar with the product."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Netgate pfSense is rated 8.6, while Sophos UTM is rated 8.4. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos UTM is most compared with Sophos XG, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and Untangle NG Firewall. See our Netgate pfSense vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (www.sophos.com)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
www.itcentralstation.com