We performed a comparison between Netgate pfSense and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The web filtering feature and the intrusion protection system are the most valuable. It is a resilient appliance. I never had an issue with it in terms of any security breaches."
"The most important feature, normally for small business customers, is link load balancing."
"The simplicity of the configuration and the stability of the product are most valuable. The VPN concentrator is very useful."
"Its administrative panel is very intuitive and simple. It is simpler than the other solutions that we had. As an administrator, we are always looking for the easiest solution to manage network policies. We are able to filter everything on our network and also use the VPN feature, which is important these days when people are working remotely during COVID."
"Advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless and simple integration into a large network."
"The SD-WAN feature is the most valuable. This feature evolved from link load balancing. It has helped us in terms of our uptime and privatizing applications whenever we experience an outage. The SD-WAN feature has been a plus for us. Two-factor authentication has allowed us to add more users in terms of remote working. We have two-factor authentication for remote workers to authenticate them before they get on the network."
"The features that prevent internet connections, the filtering are the most valuable because we did not have any internet protection before."
"Initial setup is easy to configure."
"It is a good firewall with good performance."
"What I found most valuable is the cost of the platform, the flexibility of the platform, and the fact that the ongoing fees are not there as they are with the competitor. Some people may think you're taking a risk with using Opensource. I think it just provides the end user, specifically for us small, medium business providers of services, the flexibility we need at the right cost to provide them a higher end, almost enterprise type service."
"The intrusion detection feature is the most valuable. It is an open-source firewall, so there is a lot of material on it. I also find the open VPN capability very nice. It is pretty customizable. The clustering and the high availability are the two biggest things to be able to get out of a firewall."
"The most valuable features are the VPN and the capture photo."
"The redundancy and scalability ARE very nice."
"The ability to perform packet captures on the command line and via the GUI is useful for diagnosing problems."
"Routing, load balancing, Traffic Limiter and queues. Since this company relies on an Internet connection, having these features is a must."
"The most valuable feature, for instance, is the ease of migrating configurations between different Netgate devices housed in the same box."
"The isolation of infected machines is a big feature. Also, the ability to detect external sources that change files on a file server is really big."
"It gives us the ability to manage our firewalls from the cloud and deploy a unified configuration onto them. Other competitors like Meraki have that ability, but they fail to optimize it in the way that Sophos has."
"Efficient and effective - it's easy to separate rules."
"The initial configuration is straightforward thanks to the web GUI. In 30 minutes, you can have a running firewall with UTM protection enabled."
"The UTM features are reasonably strong and the patterns are updated on a regular basis"
"The solution's sandboxing, application center, and database engine are good."
"This is a very stable product."
"The scalability is good."
"Its customer service could be better."
"Fortinet FortiGate needs to improve the logging and reporting. Additionally, the next-generation application's policies should be improved. When they were released they had bugs."
"I would like Fortinet to add more automation to FortiGate."
"When we cluster the two Fortinet FortiGate boxes together we have some issues."
"It should provide better visibility over the network and more information in the form of reports for the end users. Its installation should also be easier."
"There can be more security in hybrid implementations. When a customer has a hybrid environment where some parts are in the cloud, we need a consistent security solution for such scenarios."
"At first glance, the interface for the device is very confusing."
"Technical support is good but the response time could be faster."
"I have been using WireGuard VPN because it is a lot faster and more secure than an open VPN. However, in the latest version of pfSense, they have removed this feature, which is one of the main features that I need. They should include this feature."
"Ultimately, we'd like something stronger, and something that can handle threats better in real-time."
"They could improve their commercial stance and be more agile when it comes to the commercial pricing of enterprise deals."
"It would be great to add more to security."
"Layer 7 advanced firewall features are not included in the solution."
"More documentation would be great, especially on new features because sometimes, when new features come out, you don't get to understand them right off the bat. You have to really spend a lot of time understanding them. So, more documentation would be awesome."
"Web interface could be enhanced and more user friendly."
"This product needs improvements with respect to reporting and auditing."
"The reporting could improve by providing information on where, or from which device attacks are coming from. We are already given the country where the attack is coming from but more information would be beneficial."
"We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work."
"As it stands right now, when we have an internet failure on WAN1, it takes several minutes before our WAN2 connection picks up the traffic"
"I think that additional metrics features are needed to be able to monitor other areas or to monitor as much as you can, at a fine-grain resolution."
"When we call support, we get put on hold for a long time."
"It would be nice if it had basic features, such as DLP (Data Loss Prevention)."
"Sophos UTM could be simplified, and they can improve on the many other features, like SD-WAN and load balancing. Sophos UTM is missing a few features that their competitors have. For example, if you have multiple branches you would like to connect, the load balancing features aren't available on multilink. If we create a VPM for multiple LAN links, we cannot load balance the traffic."
"The reporting system needs to allow for customizations because many reports do not include details that we expect."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Netgate pfSense is rated 8.6, while Sophos UTM is rated 8.4. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos UTM is most compared with Sophos XG, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and WatchGuard Firebox. See our Netgate pfSense vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (www.sophos.com)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
www.itcentralstation.com