We performed a comparison between Netgate pfSense and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The simplicity of the configuration and the stability of the product are most valuable. The VPN concentrator is very useful."
"Security, SD-WAN, and Streetscape are valuable features."
"The most valuable feature of Fortinet FortiGate is security. They are known for efficiency and are on the top of Gartner Quadrant reviews. Fortinet FortiGate has an easy-to-use platform with a good graphical interface. The configuration is simple and the solution provides an overall good layer of security."
"With FortiClient, you can easily connect when you are home, check out what you want to do, and connect to your network when you are not at work. You can switch on servers and you can check what is wrong."
"I like Fortinet FortiGate's antispam filter, SPN, and clustering features."
"It's very easy to configure."
"The security features that they have are quite good. On top of that, their licensing model is quite nice where they don't charge you anything for the SD-WAN functionality for the firewall."
"The pricing is great and very reasonable."
"It has a very nice web interface, and it is very simple to use. The way policies are working is also good."
"I have found pfSense to be stable."
"The ability to perform packet captures on the command line and via the GUI is useful for diagnosing problems."
"It is a stable solution."
"The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network."
"Its scalability is a strong point."
"For everyday tasks, we just get alerts. It's anything that's suspicious, including from our Netgate. So, it's part of how we maintain cybersecurity in our school. This is working alongside our endpoint security solution."
"My technicians find the pfSense's web interface very useful. It is very easy to use. pfSense is very reliable and stable. We like the OpenVPN clients that can be deployed using pfSense very much."
"The stability, overall, is excellent. I haven't had a problem in the last two years."
"It makes it a lot easier for us to maintain things. Prior to it, things were more difficult. This means less time on us. We can focus on other things. The recovery is more in man-hours for us than anything else."
"The implementation with the AWS environment was good."
"Efficient and effective - it's easy to separate rules."
"The isolation of infected machines is a big feature. Also, the ability to detect external sources that change files on a file server is really big."
"The intrusion prevention is great, and I like dual virus scanning on the network layer because we scan it through Avira and Sophos. Web filtering is also a fantastic option for clients who want to really lock down internet access."
"Sophos UTM has a good user interface and granular security controls."
"Good basic firewall functions with advanced firewall scanning."
"The user interface could be improved."
"Stability and technical support are the two major issues I have found with Fortinet."
"Its reporting and pricing need improvement."
"It needs to improve its ISP load balancing."
"The process of configuring firewall rules appears excessively complex."
"It is very expensive, and their support is not very good. I hope that their technical support will be better in the future."
"Fortinet FortiGate could improve by adding enhancements to FortiMail, FortiSOAR, and FortiDeceptor."
"Scalability for Fortinet FortiGate needs to be improved. SD-WAN security for this solution also needs some improvement."
"One concern I have with Netgate pfSense is related to packet filtering. Specifically, issues can arise with certain functionalities like GP, and, at times, there may be bugs."
"My only observation is about the quality of the IPSec logs, which are difficult to interpret and are poor in filters."
"The solution’s interface must be improved."
"It would be great to add more to security."
"The Netgate forums and community don’t provide extensive discussions and topics related to every pfSense service."
"The configuration of the solution is a bit difficult."
"It should integrate with LDAP, Active Directory, etc, to improve the way in which the traces and connections of each IP, or user connected through the firewall, are shown."
"There is more demand for UTMs than a simple firewall. pfSense should support real-time features for handling the latest viruses and threats. It should support real-time checks and real-time status of threats. Some other vendors, such as Fortinet, already offer this type of capability. Such capability will be good for bringing pfSense at the same level as other solutions."
"In short, the UI and UX are the areas of improvement in Sophos UTM and similar solutions compared to Palo Alto."
"Sophos should improve its ability to check something like bandwidth consumption for users or something more real-time."
"Finding information about Sophos’ sizing guidelines can actually be difficult. Also, Sophos does not make it clear what they mean by “users” when you are sizing a firewall, which then leads to undersized implementations."
"The solution could be improved by adding cloud soundboxing."
"The technical support only communicates via email. I would prefer to communicate directly with someone."
"There were a lot of features and functionality in Sophos SG UTM but nothing was state of the art in terms of technology. You did not get the latest functions. It was very monolithic as it was based on an old Linux PuTTY system."
"We didn’t find any issues but I know there have been some in the last few years."
"The reporting could be a lot better."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Netgate pfSense is rated 8.6, while Sophos UTM is rated 8.4. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos UTM is most compared with Sophos XG, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and Untangle NG Firewall. See our Netgate pfSense vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (www.sophos.com)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
www.itcentralstation.com