We performed a comparison between OPNsense and Palo Alto Networks NG Firewalls based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: OPNsense is highly regarded for its ability to adapt and grow, its ability to allow guest access, its user-friendly interface, its versatility, its reliability, its intrusion detection and prevention system, and the availability of a free version. Palo Alto Networks NG Firewalls excel in their incorporation of machine learning, their ability to prevent attacks in real-time, their unified platform, and their robust security capabilities.
OPNsense has room for improvement in interface simplicity, bandwidth management, high availability, logging, integration, hardware updates, reporting, SSL inspection, and learning curve. Palo Alto Networks NG Firewalls can enhance customization, SD-WAN configuration, logging accuracy, management interface, documentation, VPN availability, training materials, external dynamic list feature, and internet filtering.
Service and Support: Some users find the customer service for OPNsense excellent, while others believe it could be enhanced. Opinions on Palo Alto Networks NG Firewalls' customer service are divided. Some customers appreciate the support team's expertise and promptness, while others have faced challenges in contacting support.
Ease of Deployment: The setup process for both OPNsense and Palo Alto Networks NG Firewalls is described as straightforward. Users with or without IT experience can easily navigate through either setup. The deployment time for both options can vary depending on specific circumstances. Palo Alto Networks NG Firewalls provide training materials that contribute to the simplified and user-friendly setup experience.
Pricing: OPNsense primarily incurs expenses for hardware, while the software is available for free. Additional costs may involve public IPs and underlying VMs. Palo Alto Networks NG Firewalls are generally perceived as having higher pricing due to licensing and subscriptions. Nevertheless, this higher cost is deemed reasonable given the level of security and features offered by the product.
ROI: OPNsense delivers cost savings within a short period, eradicating the need for ongoing expenses. Palo Alto Networks NG Firewalls enhance visibility, reporting, and security, streamlining administration and ensuring a sense of security.
Comparison Results: Based on user feedback, Palo Alto Networks NG Firewalls is the preferred choice when compared to OPNsense. Users find the initial setup of Palo Alto Networks NG Firewalls to be straightforward and easy. Palo Alto Networks NG Firewalls is highly regarded for its embedded machine learning capabilities, strong security features, and comprehensive logging.
"One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them."
"The UTM feature is quite good. FortiAP is easy to deploy because both Fortigate and FortiAP are under the same brand. Otherwise, you need to do more work on the configuration."
"What's most important is the ease of use."
"We are very happy with the general bandwidth agility we have seen from one website to another website."
"We have found it to be very reliable and that's why our teams and various users in our company use it as our main firewall every day."
"The solution is very user-friendly."
"The main benefit is the grouping of our security monitoring."
"It's very easy to set up, it's very easy to make policies and, for an organization, that means you don't need IT expert in firewalls. You just need to have somebody who knows a little bit of IT, and that's it. With other products, you need someone with a "Masters" degree in firewalls."
"The initial setup is easy. It only takes 15-30 minutes to deploy."
"The VPN server feature is the most valuable. It is integrated with Radius and AAA for doing accounting and authentication. Insight view is also an important feature for me at this time. It allows me to assess our network traffic. I also like the firewall feature. The BSD kernel has a packet filter. It is one of the most solid frameworks for firewalls. Its user interface is one of the best interfaces I have used."
"It's open source."
"The solution is good for a basic firewall for a small business or for home use."
"The interface and the dashboard are the most valuable features of this solution."
"OPNsense is highly stable."
"One of the most valuable features is the network checking. Additionally, the firewall and web filtering functionalities are highly useful."
"It has an open license. It works very well, and there is an update every month."
"With its single pane of glass, it makes monitoring and troubleshooting a bit more homogeneous. We are not looking at multiple platforms and monitoring management tools. It is more efficient from that perspective. It is more of a common monitoring and control system for multiple aspects of what used to be different systems. It provides efficiency and time savings."
"The most valuable features are application inspection and sandboxing. Application inspection decides where traffic is transmitted. If I have a perimeter report for a particular service, then other services or malicious services cannot use an open port. In this way, application inspection is doing a fantastic job. We also have a very good sandbox with almost no rate limit. It will inspect any file that comes in and goes out in a dedicated patch to identify malware. Therefore, these two things help me to protect our organization from any bad actors."
"The configuration is quite simple to understand."
"The most valuable features are web filtering and application filtering."
"The best features of this solution are URL filtering and traffic visibility."
"When we put it on the border, it was blocking everything that we were getting ahead of time, and we weren't getting any hits. This includes URL filtering, spam prevention, and anti-virus."
"You just need a web browser to manage it, unlike Cisco, which requires another management system."
"I like to install Palo Alto mainly on the data center side to have visibility into all VLANs. That gives full visibility into the core."
"I would like Fortinet to add more automation to FortiGate."
"One of the features that I would like to have is to do with endpoint production, it should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not."
"The license renewal process, annual renewal price, and the web application firewall features should be improved."
"Application management can be improved."
"We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs."
"The updates Fortinet provides are sometimes unstable."
"It should come integrated or have its own type of network monitor tool in a module. There should just be one package, and you are good to go."
"I think there could be more QoS features"
"When using the solution at the beginning was difficult. There was a steep learning curve."
"There are some add-ons that need enhancements to make management easier for users, especially the reporting features. Some reports don't show the level of detail I'm looking for, and I've had trouble installing certain add-ons, especially for Internet bandwidth shaping within my company."
"The solution would not be suitable for anything large-scale."
"There are a few weaknesses. For example, there is a lack of some features that I have in certain commercial products."
"While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet."
"The logging could improve in OPNsense."
"The interface needs to be simplified. It is not user-friendly."
"There should be more technical documentation."
"The solution could offer better pricing. We'd like it if it could be a bit more affordable for us."
"When you delete and add a new rule, because of the one hundred rule limit, if the new rule has an ID that is greater than one hundred, even though you have fewer than that, it will not work."
"I would like them to bring in some features that would encourage traffic shaping or bandwidth routing, like other UTM firewalls, because the solution should be capable of limiting the bandwidth for rules."
"I don't deal with it from a day-to-day perspective, but I can say that the evidence that I typically need is there, but sometimes, it's a task to actually get it and pull it out. They can make it easier to gather that evidence."
"The only real drawback to this product is that it is expensive. But you get what you pay for and there is no way to put a price on top-notch security."
"Its reporting can definitely be improved. I would like to have better graphical dashboards and more widgets for more clarity in the reporting area. In a third-generation firewall, you can generate some dashboards. It provides the information that we need, but from the C-level or a higher-level perspective, it is kind of rough and incomplete. Its data loss prevention (DLP) feature is not good enough. Currently, this feature is very basic and not suitable for enterprises. It would be nice if they can include a better DLP feature like Fortinet. We would like to have a local depot of Palo Alto in Latin America. Competitors such as Cisco and Check Point have a local depot here. If there is an issue with their hardware, you can go to the depot, and in about four hours, you can get a replacement device, but that's not the case with Palo Alto Networks because we need to import from Miami. It takes about two to three weeks."
"The stability, scalability for enterprise-level organizations, and technical documentation have room for improvement."
"The pricing of the solution is quite high. It's one of the most expensive firewall solutions on the market."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
OPNsense is ranked 3rd in Firewalls with 36 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 162 reviews. OPNsense is rated 8.4, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of OPNsense writes "Robust network security and management offering a user-friendly interface, open-source flexibility, and cost-effectiveness, with challenges regarding initial setup and the absence of official support". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". OPNsense is most compared with Netgate pfSense, Sophos XG, Untangle NG Firewall, Sophos UTM and Sophos XGS, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Sophos UTM. See our OPNsense vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.