We performed a comparison between Netgate pfSense and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The SD-WAN function is very developed. It has SD-WAN functionality with security features in one device. We can manage from one single console SD-WAN and the security policy."
"Security solution with a straightforward and quick setup. It's a stable and scalable product."
"The initial installation is very straightforward."
"The most valuable feature is the bundled subscription, which is IPS, TV and web filtering."
"In terms of security, we have not experienced any security flaws or loopholes, and it has proven to be quite stable."
"The signature database and zero-day detection are Fortinet FortiGate's most valuable features."
"The web filtering facility and application control are the most valuable features from the point of view of our clients. The VPN feature is also quite popular amongst our clients. Two-factor authentication is one of the good features in Fortinet. These features are important for the current scenario of security. Security has become a necessity nowadays. With cyber-attacks becoming more common, protecting an organization's data is one of the major tasks. It is also very stable and scalable, and it is very straightforward to configure. Their technical support is also good."
"User-friendly and affordable security solution that's recommended for SMB customers. This solution has good technical support."
"It works. I put pfSense in, and it works. I can't think of any trouble I ever had with it. It runs on heat-sensitive appliances. They don't need a fan, so they don't overheat. It is affordable, fast, and very high-speed. It is built on BSD Unix, and it pretty much runs on any Intel processor."
"pfSense helped us during COVID-19 because we used OpenVPN to connect from home."
"For everyday tasks, we just get alerts. It's anything that's suspicious, including from our Netgate. So, it's part of how we maintain cybersecurity in our school. This is working alongside our endpoint security solution."
"I had some outages in the network and we provide services for our company. We sell mobile credits. The terminal gets access to our own server inside the network and if one internet fails, then the other one is still up and we have a back-up link on the devices."
"The "OpenVPN Client Export" package is really helpful in exporting the VPN client software on most popular devices: iOS/Android, Windows, Mac, Linux, and a handful of SIP handsets."
"My technicians find the pfSense's web interface very useful. It is very easy to use. pfSense is very reliable and stable. We like the OpenVPN clients that can be deployed using pfSense very much."
"Routing, load balancing, Traffic Limiter and queues. Since this company relies on an Internet connection, having these features is a must."
"Centralized administration with multiple services, which allows for execution in several important functionalities of information security."
"The most valuable feature is the IPS. It also protects us from malware."
"The initial setup is pretty easy."
"The most valuable feature of Sophos UTM is reporting, it is flexible. I can monitor the end user's devices, even when they are not on my network. It has good drill-down capabilities."
"The initial setup was easy."
"The initial setup has been fine."
"If a computer does get infected the Sophos appliance lets us know via it's Advanced Threat Protection so we can get a much faster response time."
"Sophos UTM is very user-friendly and has good integration with other solutions."
"Has great security features and does a good job of protecting the network."
"In the next release, maybe the documentation on how to use this solution could be improved."
"Its reporting can be improved. Sometimes, I don't get proper reports."
"Fortinet should focus on enhancing the capabilities of FortiGate by consolidating its various products, such as FortiGate Cloud, FortiManager, and FortiAnalyzer."
"I think that the infrastructure for the VPN could be improved. The way that it is bundled also made it difficult to use and sell as it is too expensive."
"It needs to improve its ISP load balancing."
"There were quite a few problems with the stability of the system."
"Difficult to add or define, and not that easy to configure and manage."
"A lack of integration between our data centers."
"If you want to take advantage of all of the solution's options, you need to have a bit of a technical background. It's not for a layperson."
"It was difficult to configure our web printer through the solution. This process could be easier. Additionally, integration with SD-WAN solution."
"I've never tried it in large environments. All my clients are small businesses with a handful of employees, so I am not sure how it works in large environments. I keep up with recent versions, and there's nothing I'm waiting for, and nothing breaks when I get a new version."
"A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
"For the third-party packages, I'd rather have it built-in, like a core feature of pfSense, part of the core model."
"The main problem with pfSense is that we have to use proxy solutions."
"pfSense could improve by having a sandboxing feature that I have seen in SonicWall. However, maybe it is available I am not aware of it."
"There is absolutely no support when using AWS. If you buy the on-premise Sophos solution, you get support."
"The reporting system needs to allow for customizations because many reports do not include details that we expect."
"As it stands right now, when we have an internet failure on WAN1, it takes several minutes before our WAN2 connection picks up the traffic"
"It is a little too CPU resource intensive, so we would like to see improvements there."
"In Sophos UTM there is always a problem with the routing tables. If you want to see the routing table, you have to use the UI. You can't do it via a web browser. The routing table is better in Fortinet."
"Flexibility in pricing could be improved. It's more rigid in its pricing compared to its competitor: Kaspersky."
"Sophos UTM could be simplified, and they can improve on the many other features, like SD-WAN and load balancing. Sophos UTM is missing a few features that their competitors have. For example, if you have multiple branches you would like to connect, the load balancing features aren't available on multilink. If we create a VPM for multiple LAN links, we cannot load balance the traffic."
"The scalability of the product is an area with certain shortcomings where improvements are required."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Netgate pfSense is rated 8.6, while Sophos UTM is rated 8.4. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos UTM is most compared with Sophos XG, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and Untangle NG Firewall. See our Netgate pfSense vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (www.sophos.com)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
www.itcentralstation.com