We performed a comparison between Netgate pfSense and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the web filter."
"The scalability of Fortinet FortiGate is good."
"I like several features that this product has, such as antivirus and internet navigation inspection. It is also simple to use."
"The solution is very user friendly. The user interface in particular is quite nice."
"The pricing is excellent. It's much less expensive than Cisco."
"I have found Fortinet FortiGate to be scalable."
"The most valuable features of Fortinet FortiGate are the ability to work in proxy mode, which other solutions, such as Palo Alto cannot. There are some features that are better that come at no extra license or subscriptions cost, such as basic SD-WAN. The DLT is useful, other solutions have the same feature too, such as Palo Alto."
"The web filtering facility and application control are the most valuable features from the point of view of our clients. The VPN feature is also quite popular amongst our clients. Two-factor authentication is one of the good features in Fortinet. These features are important for the current scenario of security. Security has become a necessity nowadays. With cyber-attacks becoming more common, protecting an organization's data is one of the major tasks. It is also very stable and scalable, and it is very straightforward to configure. Their technical support is also good."
"Technical support is perfect, excellent."
"A valuable feature is that the solution is open source."
"The interface is straightforward and easy to use."
"The initial setup is not complex."
"The most valuable features of pfSense are the reports, monitoring, filtration, and blocking incoming and outgoing traffic."
"The solution is very robust."
"The classic features such as content inspection, content protection, and the application-level firewall, are the most important."
"I'm the expert when it comes to Linux systems, however, with the pfSense, due to the web interface, the rest of the staff can actually make changes to it as required without me worrying about whether they've opened up ports incorrectly or not. The ease of use for non-expert staff is very good."
"The initial configuration is straightforward thanks to the web GUI. In 30 minutes, you can have a running firewall with UTM protection enabled."
"Monitoring and reporting are areas that need improvement."
"The initial setup has been fine."
"Scaling out cannot be easier, as there are many migration paths."
"It is easy to manage."
"The isolation of infected machines is a big feature. Also, the ability to detect external sources that change files on a file server is really big."
"It now controls all the security aspects of our web servers with Sophos UTM WAF."
"The initial setup is pretty straightforward."
"Some configuration elements cannot be easily altered once created."
"Cisco Meraki products are rising very quickly in the cloud and the connected era. Meraki products offer much better ROI, upgradability, and manageability."
"Compared to some other products, the DLP is not at par for the moment."
"Fortinet could improve the windows opener or the virtual IP solutions for opening windows. The virtual IP settings need improvement as firewalls are trending in new development directions."
"If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement."
"We would like to see an upgrade to the VPN feature, we are using the VPN from outside of our office and there is a limitation to 10 connections, more connections would be suitable."
"Fortinet doesn't provide multiple virtual firewalls which would facilitate end users and customers."
"One of the features that I would like to have is to do with endpoint production, it should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not."
"The Netgate forums and community don’t provide extensive discussions and topics related to every pfSense service."
"It is not centrally managed, where you log into the website and can see all your services there. We would like to be able to see is all the configurations from a central interface on all our pfSenses."
"It requires more attention to provide a better alternative for open source to small government or educational institutions with reduced budgets in terms of technology."
"It's just not listed as FIPS compliant for where we're at now in government, which is an issue."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
"Improve analysis of logs and dashboards (control panel) with improved alert functionality."
"For the third-party packages, I'd rather have it built-in, like a core feature of pfSense, part of the core model."
"We are at the moment looking to use it as a proxy service so that we can limit what websites people go and view and that sort of thing. That's an area I've struggled with a little bit at the moment and it could be a bit easier to set up."
"Email spam filtering only works if you have an on-prem Exchange server. It doesn't interface with Office 365 like the XG model. That would be one feature that they could improve. They're not going to do it because they're trying to push us all to XG."
"They could use more SSL VPN support."
"The solution is not scalable."
"The pricing is an issue."
"Flexibility in pricing could be improved. It's more rigid in its pricing compared to its competitor: Kaspersky."
"The management suite is easy and the agent is easy to develop."
"Doesn't provide antivirus for individual computers."
"The five-factor authentication needs improvement."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Netgate pfSense is rated 8.6, while Sophos UTM is rated 8.4. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos UTM is most compared with Sophos XG, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and Untangle NG Firewall. See our Netgate pfSense vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (www.sophos.com)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
www.itcentralstation.com