We performed a comparison between Netgate pfSense and WatchGuard XTM [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."Fortigate is very scalable to serve our customers' needs. We have scaled already from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers."
"The security features are about the best that I've seen anywhere."
"There is an easy process for configuring it, and it is straightforward to implement the device from scratch."
"The solution is easy to configure and maintain remotely."
"It is simple to manage, and there are a lot of functionalities in the same box."
"The most valuable features are the policies, filtering, and configuration."
"FortiGate is on the cheaper end, and it offers good value."
"The usage in general is pretty good."
"Centralized administration with multiple services, which allows for execution in several important functionalities of information security."
"It is a stable solution. It is also easy to install and can be deployed and maintained by one team member."
"The interface is straightforward and easy to use."
"It is a better firewall than others and it has better features."
"The VPN is my favorite feature."
"The solution is very easy to use and has a very nice GUI."
"The built-in open VPN and the VPN Client Export are the solution's most valuable aspects."
"The gain in performance and security from configuring the VPN connections was significant."
"We have used technical support for WatchGuard many times and overall, we are satisfied with it. They are always listening and there is a good reaction time to our findings. When there are issues, they really try to resolve them."
"There is a site-to-site VPN configuration between others people."
"They have a reporting system which can store data over a very long period of time. Not many other firewall vendors provide a reporting system, but if they do, like Fortinet does, then you've got buy that as an additional product and that can be more than twice as expensive as the initial investment in the firewall. And without reporting over a long-term period, you're just about wasting your time."
"It is stable and does not require you to reboot all the time."
"SNMP status monitoring and the Central Management Software."
"Reputation Enabled Defense indicates that some websites are so infested that it's not even worth visiting them, and therefore saving the bandwidth of going through the detection process."
"Application Control is fantastic with over 2,500 applications and the granularity that we can either allow people to view but not be able to log on to Facebook; or view it and log onto it if they're in the marketing department, but not play Facebook games. There are all sorts of different options like that. So it's highly granular."
"After installing the product, we achieved awareness of our data protection needs and email misuse."
"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files."
"Tunnel flapping was one of the major things I had seen wherein your internet link remains but your VPN tunnel is down. However, since I got a fix from the TAC team, I have not noticed it, but the customer complained a few times that they couldn't access the internet because of this problem."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"The UI could be improved."
"Improvement is needed in the Web Filter quotas to restrict users with allocated quotas."
"If I had any criticism that I would give FortiGate, it would be that they need to stop changing their logging format. Every time we do a firmware upgrade, it is a massive issue on the SIM. Parsers have to be rebuilt. Even the FortiGate guys came in and said that they don't play well in the sandbox."
"Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN."
"It would be nice if FortiGate incorporated some built-in endpoint protection features. I would also like a built-in SOC dashboard for managing multiple Fortinet firewalls."
"I have been using WireGuard VPN because it is a lot faster and more secure than an open VPN. However, in the latest version of pfSense, they have removed this feature, which is one of the main features that I need. They should include this feature."
"pfSense is not user-friendly. I hope to have something to make the interfaces more user-friendly."
"I would like to see SD1 integration into the software. That would be fantastic."
"Ultimately, we'd like something stronger, and something that can handle threats better in real-time."
"The usage reports can be better."
"The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time."
"The solution requires a lot of administration."
"The product could offer more integrated plugins."
"The VPN errors are not helpful when troubleshooting."
"I would like them to improve the product's overall protections. This would be good for all product users."
"The setting policies need improvement. It needs an easier way to do static NAT and check on what policy is being used for that specific traffic."
"The initial setup is neither simple nor complex. If you know the base in networking and how the firewall works, you will be able to figure it out."
"Sometimes we have had issues with stability of the product."
"Syslog (Dimension) is focused on presentation, but needs more focus on utility like SonicWall syslog (GMS/Analyzer)."
"WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job. The software could do it, but there's no hardware that allows that to happen at the moment. So it doesn't scale as well as some other products, that's for sure."
"One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. That functionality is what we are looking for from WatchGuard XTM here."
Earn 20 points
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while WatchGuard XTM [EOL] doesn't meet the minimum requirements to be ranked in Firewalls. Netgate pfSense is rated 8.6, while WatchGuard XTM [EOL] is rated 8.0. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of WatchGuard XTM [EOL] writes "The multi-layer security of the products are the primary reason we use these appliances, however, the gateway wireless functionality for managing access points leaves much to be desired". Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and Cisco Secure Firewall, whereas WatchGuard XTM [EOL] is most compared with .
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.