We performed a comparison between Netgate pfSense and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Offers good security and filtering."
"It's very easy to set up, it's very easy to make policies and, for an organization, that means you don't need IT expert in firewalls. You just need to have somebody who knows a little bit of IT, and that's it. With other products, you need someone with a "Masters" degree in firewalls."
"The product is very stable, easy to troubleshoot, and configure, so it has reduced the time it takes for support."
"FortiGate has a strong security topic which allows all of the Fortinet devices to communicate and share information which makes their security more powerful."
"The customization potential is quite impressive."
"Some of the valuable features are the firewall, IPS, web filter, and gateway capabilities. Additionally, it is easy to use and flexible."
"The solution is stable."
"The solution is very user-friendly."
"Improved service performance and availability through redundancy."
"I especially like the VPN part. It works like a charm."
"Its scalability is a strong point."
"The solution is very robust."
"The built-in open VPN and the VPN Client Export are the solution's most valuable aspects."
"Centralized administration with multiple services, which allows for execution in several important functionalities of information security."
"I am happy with the EPLS, the radius, and I am happy with the captive portal."
"The interface is straightforward and easy to use."
"The most valuable features of the solution are application filtering and web filtering."
"Scaling out cannot be easier, as there are many migration paths."
"It helps us with protection, with concurrent use of the VPN."
"The product is extremely intuitive."
"With Sophos, we have not had any incidents this year. The security provided has been good. It has proven to be okay for our needs."
"The solution can scale."
"The three most important features for us are web protection, web server protection, and network protection."
"Brings greater visibility into the network traffic coming inside and passing away from the company."
"It's my understanding that more of the current generation features could be brought in. There could be more integration with EDRs, for example."
"Fortinet FortiGate needs to improve the logging and reporting. Additionally, the next-generation application's policies should be improved. When they were released they had bugs."
"We had a minor problem where there was a major system upgrade on the hardware platfrom and the Mac client was not available as soon as it might have been. The PC client was available immediately, but we had to wait a month or so, before there was a mac client. I was slightly irritated that it was not ready on time, but it was eventually resolved."
"It can be a little bit more user-friendly in terms of policy definition and implementation. It seems a little bit complicated, and it could be simplified."
"WAN load-balancing could be a lot better at detecting when a link is poor or inconsistent, and not just flat out dead."
"The initial setup is complex."
"Lacks sufficient security options."
"The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are."
"I would like to see SD1 integration into the software. That would be fantastic."
"The Netgate forums and community don’t provide extensive discussions and topics related to every pfSense service."
"It would be great to add more to security."
"My only observation is about the quality of the IPSec logs, which are difficult to interpret and are poor in filters."
"I've never tried it in large environments. All my clients are small businesses with a handful of employees, so I am not sure how it works in large environments. I keep up with recent versions, and there's nothing I'm waiting for, and nothing breaks when I get a new version."
"The main problem with pfSense is that it lacks adequate ransomware protection."
"A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion."
"It is not centrally managed, where you log into the website and can see all your services there. We would like to be able to see is all the configurations from a central interface on all our pfSenses."
"Monitoring and reporting are areas that need improvement."
"Sophos UTM's internet security could be better."
"The solution is not scalable."
"We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work."
"It's stable, but the reaction time of the GUI is terrible."
"There were a lot of features and functionality in Sophos SG UTM but nothing was state of the art in terms of technology. You did not get the latest functions. It was very monolithic as it was based on an old Linux PuTTY system."
"Flexibility in pricing could be improved. It's more rigid in its pricing compared to its competitor: Kaspersky."
"Reporting: We have had to work manually in many of our reports."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Netgate pfSense is rated 8.6, while Sophos UTM is rated 8.4. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos UTM is most compared with Sophos XG, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and Untangle NG Firewall. See our Netgate pfSense vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (www.sophos.com)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
www.itcentralstation.com