We performed a comparison between Netgate pfSense and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all of these features on one device because it can cause performance issues."
"This solution made it very easy to manage our bandwidth."
"FortiGate SD-WAN facilitated a smooth transition for our customers between their two internet service providers, ensuring uninterrupted connectivity without any downtime."
"Its stability is the most valuable."
"The license management is very valuable. You can get a new license each year, or you can enroll every two to four years. You can get the logs, and you will get the information on the risk in your network and the entire organization. With this information, you can take action on your actives, computers, or devices. You can bring your own device as an SSE."
"The Fortinet FortiGate local partners were good. I did not have direct contact with Fortinet support."
"Security management tool that's easy to integrate and easy to work with. No issues found with its stability and scalability."
"The user interface is relatively easy. The devices are easy to deploy and figure out when you have experience with other security appliances."
"Technical support is perfect, excellent."
"Is good at blocking IP addresses."
"pfSense is a nice product, and I find that there's a lot of information out there. There are some good tutorials on YouTube and other websites with helpful information."
"The scalability is very good, where you can do an HA configuration and then bring in another box, if necessary."
"The ability to create a VPN allows me to monitor branch offices from a central location."
"I have found pfSense to be stable."
"My technicians find the pfSense's web interface very useful. It is very easy to use. pfSense is very reliable and stable. We like the OpenVPN clients that can be deployed using pfSense very much."
"The VPN is my favorite feature."
"The most valuable features of the solution are application filtering and web filtering."
"This is a very stable product."
"It does not take much effort or thinking to understand how it works."
"We find all of the features valuable because together they fit the needs of our customers."
"Installing Sophos UTM is straightforward. The deployment itself doesn't take long, but you have to spend some time planning and waiting for the hardware to be delivered."
"I would recommend UTM over XG because it's easier to manage."
"It is a stable product... I rate the solution's technical support a nine out of ten...The initial setup is quite easy because they have all the information on their website."
"Sophos integrates seamlessly, and we don't even feel it is running in the background."
"The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are."
"Reporting is limited to providing an external appliance for improving the reporting capabilities of the FortiAnalyzer. It does not offer a central management and is also sold separably as an appliance."
"The monitor and the visibility, in this proxy, is very weak."
"The user interface could be improved to make it less confusing and easier to set up."
"The logs need to be better. They need to be more visible and easier to access."
"I don't like that anything more than very basic reporting is not included."
"While FortiGate is cheaper than most other solutions, we're seeing increased license renewal costs. Most of our clients are asking for more significant discounts because the price is going up."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"The GUI could use more “bells and whistles”. It's got plenty of info for a Sysadmin but some people like shiny things."
"The VPN feature of the solution could improve by adding better functionality and providing easier configure ability."
"As an open-source solution, there are so many loopholes happening within the product. By design, no one is taking ownership of it, and that is worrisome to me."
"The solution could be more user-friendly, and the graphical interface needs some work so that someone without an IT background can use the application. I would like the ability to manage the on-premise appliance from the cloud. When I'm not in the office, it would be great to connect to the pfSense server and administer the network remotely."
"There are some bias issues and some intrusions in our network that have to be addressed. So, we're thinking of changing this firewall to something like a professional hardware-enabled firewall."
"pfSense could improve by having a sandboxing feature that I have seen in SonicWall. However, maybe it is available I am not aware of it."
"The Netgate forums and community don’t provide extensive discussions and topics related to every pfSense service."
"The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them."
"I am going to flat out say technical support is terrible. Being a Platinum level customer, I am not happy with the support."
"Monitoring and reporting are areas that need improvement."
"It is a little too CPU resource intensive, so we would like to see improvements there."
"Sophos UTM's firewall is a bit weak, and some of its features lack depth compared to other products like F5."
"Sophos UTM sometimes falls short in high-availability environments. They used to launch firmware that didn't work very well in a high-availability environment."
"The solution needs better integration with captive portals and XGs."
"I would like some features that are available in other brands. For example, I sometimes a person is using too much bandwidth, and it isn't easy to find this information in Sophos. Also, we have to switch connections manually when we are using a VPN and lose the MPLS connection. It isn't automatic."
"Sophos UTM could be simplified, and they can improve on the many other features, like SD-WAN and load balancing. Sophos UTM is missing a few features that their competitors have. For example, if you have multiple branches you would like to connect, the load balancing features aren't available on multilink. If we create a VPM for multiple LAN links, we cannot load balance the traffic."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Netgate pfSense is rated 8.6, while Sophos UTM is rated 8.4. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos UTM is most compared with Sophos XG, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and Untangle NG Firewall. See our Netgate pfSense vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (www.sophos.com)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
www.itcentralstation.com