We performed a comparison between Check Point CloudGuard Network Security and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Check Point CloudGuard Network Security provides valuable features like VPN Blade, IPS Blade, URL filtering, and Applications Control Blade. pfSense is appreciated for its capacity to block IP addresses, user-friendly dashboards, and open-source nature.
Check Point could enhance its support system, cluster creation on AWS, data protection visibility, DLP feature, user interface, integration with other security solutions, cost reduction, documentation, and on-prem deployment flexibility. pfSense could improve instructional videos, stability, mobile application, GUI usability, updates, threat handling, FIPs compliance, log analysis, VPN capacity, documentation, user-friendliness, configuration processes, and SD-WAN integration.
Service and Support: Some customers appreciate the technical support provided by Check Point, while others express dissatisfaction with response time and global support. pfSense's customer service garners both positive and negative reviews. Some users commend the technical support they receive, while others rely on community resources for assistance.
Ease of Deployment: Check Point CloudGuard Network Security is praised for its easy, simple, and straightforward initial setup. Users find it interactive, user-friendly, and effortless to configure. However, it may require technical expertise and proper guidelines from customer support. pfSense is generally regarded as easy and straightforward to set up, with a simple installation process. The timeframe for completion varies from as little as 15 minutes to a few days, depending on the user's familiarity with firewall and network concepts.
Pricing: Check Point CloudGuard Network Security is recognized for its high price, however, it provides strong security measures and good value. pfSense is an open-source option that offers reasonable pricing and no extra expenses. However, there is a lack of available information concerning the exact costs associated with pfSense's licensing.
ROI: Check Point CloudGuard Network Security provides improved performance and benefits for organizations, resulting in a higher ROI range of 80% to 85%. pfSense is highly regarded for its cost-effectiveness and affordability, enabling substantial savings.
Comparison Results: Check Point CloudGuard Network Security is the preferred option when compared to pfSense. Users find the initial setup of Check Point CloudGuard Network Security to be straightforward, and user-friendly. Check Point CloudGuard Network Security offers more valuable features including VPN, IPS, URL filtering, and Applications Control Blade, which are highly appreciated for their compliance, intrusion protection, and productivity enhancement.
"Fortigate's most valuable feature is that it doesn't need a push policy when writing rules."
"The most valuable features of the solution are SD-WAN, filtering testing applications, web filtering, and the new VPN."
"The threat prevention is the solution's most valuable aspect."
"The most valuable feature of this solution is Quota."
"The solution is extremely reliable."
"The Intrusion Prevention System and the web filtering are both working well."
"The next-gen features, the unified threat management capabilities are something that just about everybody is interested in at this point."
"You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances."
"The CloudGuard Network Security's most valuable feature is implementing IPS for accessing our data center and server environment in Azure. It helps us to prevent attacks. By protecting our environment with Check Point, which we were already familiar with, it provided a solution that extended into the cloud environment."
"The tool's most valuable feature is its scalability. You will only have to pay less for scaling up. Its notable benefit is deployment complexity. Regional deployment is simpler compared to on-premise setup."
"The most valuable features are the ease of administration with the cloud management extension and the cloud licensing model."
"The product has allowed us to develop applications from the cloud - even with large environments and well-segmented security lines."
"The product offers an easy and nice way to manage the gateways, similar to on-prem hardware. It has packet filtering features. Our security operations are faster and less prone to errors. We selected CloudGuard Network Security due to its visibility."
"We have found the overall functionality of the product to be exactly similar to the physical product. The one good advantage is that it is cloud-based and can be deployed either as a part of a scale set or one can shut down the virtual machine and adjust the physical parameters of the virtual machine easily and bring it right back up."
"The query feature is going to be a game-changer for us as we move forward."
"Check Point is one of the few solutions that pay attention to cloud security. Many others mostly focus on providing on-premises solutions."
"I mostly like all of it. Whatever we use is valuable."
"The most valuable features are the VPN and the capture photo."
"I handle the scanning for the finance department. I recently encountered an issue with the PCL bills, our company bills. I resolved the matter, cleared the bill, and received calls regarding it using pfsense.The user interface is extremely user-friendly, which is why we use it across various plant sites. Our IT representatives at the plants find it easy to use and manage because of its straightforward interface."
"I have found the most valuable features to be antivirus and malware protection."
"Open source and support are valuable. I have community support."
"The solution has good customization abilities and plenty of features."
"The redundancy and scalability ARE very nice."
"I had some outages in the network and we provide services for our company. We sell mobile credits. The terminal gets access to our own server inside the network and if one internet fails, then the other one is still up and we have a back-up link on the devices."
"The process of configuring firewall rules appears excessively complex."
"The solution could have licensing fees reduced in the future."
"There are some cloud-based features that could be much more flexible than they currently are."
"Its customer service could be better."
"There are SD-WAN network monitoring, SD-WAN features, Industrial Databases, Internet of Things, Detection, etc., however, we do have not licenses for those features. We thought that if you bought a product, you should have all of the features it offers. Why should you need to make so many extra purchases to enable features? They should have one price for the entire offering."
"The pricing could be a bit better, especially when you consider how they have the most basic offering priced."
"Tunnel flapping was one of the major things I had seen wherein your internet link remains but your VPN tunnel is down. However, since I got a fix from the TAC team, I have not noticed it, but the customer complained a few times that they couldn't access the internet because of this problem."
"The pricing could always be better."
"This application can be more integrated with web application firewalls. Better integrations would provide more granularity, which would be helpful for focusing on the application itself and preventing attacks. It would be good to include the cross-domain search. If you have multiple firewalls that are managed on the same platform and you want to check who is using some particular objects or where a specific ID is being used, it should provide an option for this kind of search instead of having to check one by one on each firewall."
"The deployment phase takes too much time."
"I think they have pretty much mastered what can be done. There are some nuances like when you fail over from one cluster member to the other, the external IP address takes about two minutes to fail over."
"Regarding CloudGuard Network Security's integration with various resources like application gateways and application-based security groups, there's room for exploring dynamic access in those areas. A significant concern is the upgrade process. Unlike an in-place upgrade, upgrading the tool in Azure requires deploying a new resource, which can be hectic and less reliable. We have to spend something new to have the tool's latest version."
"There are some usability issues we'd like to see improved."
"The user experience might suffer if we don't have the time to follow up with our clients and ensure they are using the right options. Clients also want more local support in Portuguese and Spanish during their normal business hours. That's something I hear from my customers and my team, too."
"The licensing structure is unclear, so a transparent and flexible licensing structure would be preferable."
"While today we can manage some scopes, there are still some segments in the OSI layer we cannot manage."
"I would like to see different graphs available in the reporting."
"When I checked other packages, it seems they use different tools that are installed on the PSS for functionality. They rely on third-party tools, unlike Fortinet, for example, which has its own tools. In comparison, we also use third-party tools on pfSense. For example, we had a situation where we needed a tool to identify authorized users, and when I searched for a solution, I found a third-party tool. However, using such tools may come with additional costs."
"I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner."
"It needs to be more secure."
"As an open-source solution, there are so many loopholes happening within the product. By design, no one is taking ownership of it, and that is worrisome to me."
"I believe improving integration with various antivirus vendors could be beneficial."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
"We are at the moment looking to use it as a proxy service so that we can limit what websites people go and view and that sort of thing. That's an area I've struggled with a little bit at the moment and it could be a bit easier to set up."
More Check Point CloudGuard Network Security Pricing and Cost Advice →
Check Point CloudGuard Network Security is ranked 8th in Firewalls with 121 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Check Point CloudGuard Network Security is rated 8.6, while Netgate pfSense is rated 8.6. The top reviewer of Check Point CloudGuard Network Security writes "Highly reliable, great visibility, and centralized management". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Check Point CloudGuard Network Security is most compared with Azure Firewall, VMware NSX, Akamai Guardicore Segmentation, Cisco Secure Firewall and Fortinet FortiGate-VM, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and Cisco Secure Firewall. See our Check Point CloudGuard Network Security vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.