We performed a comparison between Netgate pfSense and WatchGuard XTM [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."It's very fast and easy to configure."
"Offers good security and filtering."
"Fortigate's most valuable feature is that it doesn't need a push policy when writing rules."
"Good anti-malware and web filtering features."
"The SD-WAN feature is the most valuable. This feature evolved from link load balancing. It has helped us in terms of our uptime and privatizing applications whenever we experience an outage. The SD-WAN feature has been a plus for us. Two-factor authentication has allowed us to add more users in terms of remote working. We have two-factor authentication for remote workers to authenticate them before they get on the network."
"FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features."
"The solution is very user-friendly."
"The pricing is great and very reasonable."
"The ability to create a VPN allows me to monitor branch offices from a central location."
"The solution is very robust."
"It is a very good solution for enterprises that need a VPN for their employees. It is the best way to provide a remote work facility to employees at a very low cost. Other solutions that I have had in the past were very expensive. Enterprises don't always have that kind of money to invest."
"Super easy to manage. Anyone who has been working with firewalls can handle it."
"The flexibility of adding new kinds of services without spending any money can't be beaten."
"The concurrent users are perfect for us."
"It has a good web cache. I used to use a DHCP server and DNS server. For my company, I use pfSense as a load balancing application."
"pfSense allows us to spread the hours of connection and do the filtering on the pfSense site."
"WatchGuard XTM is fairly basic. We use it as the perimeter firewall. The main point is to protect from attack software and hacking."
"We have used technical support for WatchGuard many times and overall, we are satisfied with it. They are always listening and there is a good reaction time to our findings. When there are issues, they really try to resolve them."
"After installing the product, we achieved awareness of our data protection needs and email misuse."
"Monitoring of network activity is included in the box."
"Reputation Enabled Defense indicates that some websites are so infested that it's not even worth visiting them, and therefore saving the bandwidth of going through the detection process."
"They have a reporting system which can store data over a very long period of time. Not many other firewall vendors provide a reporting system, but if they do, like Fortinet does, then you've got buy that as an additional product and that can be more than twice as expensive as the initial investment in the firewall. And without reporting over a long-term period, you're just about wasting your time."
"It configures in all-in-one place."
"It is stable and does not require you to reboot all the time."
"Palo Alto has a feature called WildFire Analysis that is unavailable in FortiGate. WildFire is better than a sandbox because it can address zero-day threats and vulnerabilities. It can immediately identify zero-day threats from the cloud."
"There are some cloud-based features that could be much more flexible than they currently are."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"Technical support could be better. You don't always get the level of help you need right away."
"This product needs to have an analysis feature, rather than having the analysis done through the integration of a different product."
"Fortinet needs to overhaul its documentation."
"The support system could be improved."
"Fortinet needs more memory to save the log files. We need it to save the logs on the hardware and not in the cloud. I know this feature is available in FortiCloud, but if we need this log locally, it is not available."
"ClamAV AntiVirus can cause some crashes. That service should be improved."
"As an open-source solution, there are so many loopholes happening within the product. By design, no one is taking ownership of it, and that is worrisome to me."
"It would be great to add more to security."
"Web interface could be enhanced and more user friendly."
"Also, simplifying the rules for the GeoIP. Making it simpler to understand would be an improvement."
"I'd like to find something in pfSense that is more specific to URL filtering. We have customers who would like to filter their web traffic. They would like to be able to say to their employees, "You can surf the web, but you cannot get access to Facebook or other social media," or "You can surf the web, but you're not allowed to gamble or watch porn on the web." My technicians say that doing this kind of stuff with pfSense nowadays is not easy. They can implement some filters using IP addresses but not by using the names of the domains and categories. So, we are not able to exclude some categories from the allowed traffic, such as porn, gambling, etc. To do that, we have to use another product and another web filter that uses DNS. I know that there are some third-party products that could work with pfSense, but I'd like the native pfSense solution to do that."
"The security could be improved."
"One concern I have with Netgate pfSense is related to packet filtering. Specifically, issues can arise with certain functionalities like GP, and, at times, there may be bugs."
"I would like them to improve the product's overall protections. This would be good for all product users."
"Sometimes we have had issues with stability of the product."
"The VPN errors are not helpful when troubleshooting."
"WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job. The software could do it, but there's no hardware that allows that to happen at the moment. So it doesn't scale as well as some other products, that's for sure."
"The setting policies need improvement. It needs an easier way to do static NAT and check on what policy is being used for that specific traffic."
"The initial setup is neither simple nor complex. If you know the base in networking and how the firewall works, you will be able to figure it out."
"Syslog (Dimension) is focused on presentation, but needs more focus on utility like SonicWall syslog (GMS/Analyzer)."
"One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. That functionality is what we are looking for from WatchGuard XTM here."
Earn 20 points
Netgate pfSense is ranked 1st in Firewalls with 15 reviews while WatchGuard XTM [EOL] doesn't meet the minimum requirements to be ranked in Firewalls. Netgate pfSense is rated 8.6, while WatchGuard XTM [EOL] is rated 8.0. The top reviewer of Netgate pfSense writes "Feature-rich, well documented, and there is good support available online". On the other hand, Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, Cisco Secure Firewall and KerioControl, whereas WatchGuard XTM [EOL] is most compared with .
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.