We performed a comparison between Netgate pfSense and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The wireless control is helpful."
"Its user interface is good, and it is always working fine."
"Fortinet FortiGate is user-friendly and affordable."
"The most valuable features of Fortinet FortiGate are the different types of profiling. It has been the most effective for me. The WAF and the antivirus profile are the most effective in network protection."
"It is easy to manage, and it doesn't need much knowledge from the team. It is a stable device, and there are many features that are included out of the box."
"In terms of security, we have not experienced any security flaws or loopholes, and it has proven to be quite stable."
"The CLI is robust and powerful, enabling rapid, consistent changes via SSH."
"The product offers very good security."
"We generally use it because it's cheap. When we need something more robust we use Barracuda and Sony Wireless Routers. For certain clients, we use pfSense because it's compatible with the VoIP platform."
"I had some outages in the network and we provide services for our company. We sell mobile credits. The terminal gets access to our own server inside the network and if one internet fails, then the other one is still up and we have a back-up link on the devices."
"The most valuable features of pfSense are the reports, monitoring, filtration, and blocking incoming and outgoing traffic."
"We can run it on any hardware."
"For everyday tasks, we just get alerts. It's anything that's suspicious, including from our Netgate. So, it's part of how we maintain cybersecurity in our school. This is working alongside our endpoint security solution."
"It is a very good solution for enterprises that need a VPN for their employees. It is the best way to provide a remote work facility to employees at a very low cost. Other solutions that I have had in the past were very expensive. Enterprises don't always have that kind of money to invest."
"Its scalability is a strong point."
"I mostly like all of it. Whatever we use is valuable."
"UTM 9 brings along IPSec as well as iPhone and iPad support. This seems small but it’s useful."
"The most valuable feature is the IPS. It also protects us from malware."
"Good basic firewall functions with advanced firewall scanning."
"The packet filtering's great. You get out what you put into it. It works great as long as you know your security and configure everything adequately. If you just pop one in and it's not configured, then it's basically wide open. It kind of depends on the admin skill, but it's an excellent product."
"The most valuable feature of Sophos UTM is the simple-to-use interface."
"The implementation with the AWS environment was good."
"I have no problem with the cost or licensing of this solution. This is a primary reason whay I wanted this solution. It does the same thing cheaper than other name brands."
"The initial setup is easy."
"The integration with third-party tools may be something that they should work on."
"Fortinet should focus on enhancing the capabilities of FortiGate by consolidating its various products, such as FortiGate Cloud, FortiManager, and FortiAnalyzer."
"There are mainly two areas of improvement in Fortinet FortiGate— the licensing cost and the timing of upgrading licenses for boxes."
"I use the FortiGate 60D model and realized the 300Mbps bandwidth limitation. Because it is a product that offers many services, I think it could have greater bandwidth capacity."
"With FortiGate, the main complaint that I have heard is about the technical support."
"I have to say that the initial setup was complex. The deployment took a few days to get set up. Initially, we were using an IPVanish. We switched to this tool since we thought it would be easier. But it turns out it wasn't easier to set up and run."
"We would like to see better pricing."
"Lacks training for new features."
"It is not centrally managed, where you log into the website and can see all your services there. We would like to be able to see is all the configurations from a central interface on all our pfSenses."
"There are some bias issues and some intrusions in our network that have to be addressed. So, we're thinking of changing this firewall to something like a professional hardware-enabled firewall."
"The VPN feature of the solution could improve by adding better functionality and providing easier configure ability."
"Ease of use is a problem for a user who is unfamiliar with this product because, in the interface, everything has to be set manually."
"We would like to see ready-made profiles to cover most users' needs."
"There are several levels of firewall configuration such as beginner, advanced, and expert configurations. At each level, it becomes more complex and more tricky to set up the firewall. For example, if you want to install the firewall on your computer system, it would be a lot easier if it just tells you that this is the internet NIC and this is the Wi-Fi NIC."
"pfSense is not user-friendly. I hope to have something to make the interfaces more user-friendly."
"Reporting and real-time monitoring, since I'm used to Watchguard's reporting features, it would be nice to have an embedded solution for reporting."
"The reporting system needs to allow for customizations because many reports do not include details that we expect."
"I am going to flat out say technical support is terrible. Being a Platinum level customer, I am not happy with the support."
"I don't really have any notes for improvements."
"The five-factor authentication needs improvement."
"Sophos customer support could use some improvement."
"It's stable, but the reaction time of the GUI is terrible."
"Sophos UTM could be simplified, and they can improve on the many other features, like SD-WAN and load balancing. Sophos UTM is missing a few features that their competitors have. For example, if you have multiple branches you would like to connect, the load balancing features aren't available on multilink. If we create a VPM for multiple LAN links, we cannot load balance the traffic."
"The initial setup may be difficult for those not familiar with the product."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Netgate pfSense is rated 8.6, while Sophos UTM is rated 8.4. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos UTM is most compared with Sophos XG, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and Untangle NG Firewall. See our Netgate pfSense vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (www.sophos.com)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
www.itcentralstation.com