We performed a comparison between Check Point NGFW and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The main difference between these two products is that Check Point users feel that the tool’s VPN is hard to integrate. In addition, Check Point does not have an open-source version like pfSense does.
"Fortinet FortiGate is a scalable solution."
"Overall security features and performance routing is good."
"The initial installation is very straightforward."
"The most valuable feature is the ease of use."
"Security, SD-WAN, and Streetscape are valuable features."
"It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware."
"All of the features of Fortinet FortiGate are useful and the security protection is good."
"I think that the UTM features are the most value, as it truly protects my infrastructure."
"The threat emulation blade and user identity awareness feature has helped us a lot in terms of perimeter security and have given us granular visibility of user access."
"HTTP forwarding is something I haven't seen elsewhere."
"It is easy to administrate and maintain."
"The most valuable feature is the powerful, deep packet inspection engine."
"With the outstanding capabilities of Check Point, we managed to have stable site-to-site VPNs with all our partners and with every other vendor's devices."
"Check Point is awesome from a security standpoint. Based on our experience and also the experience of the other customers, it is a very stable appliance."
"The security posture assessment with two-factor authentication has saved more time and commercial costs by avoiding deploying having to deploy another solution."
"I haven't had any data leaks or vulnerability situations."
"The solution is fairly scalable when it comes to integrating with other applications and data sets."
"It is a stable solution. It is also easy to install and can be deployed and maintained by one team member."
"What I like about pfSense is that it works well and runs on an inexpensive appliance."
"One of the advantages of pfSense is that it is very easy to work with. It is a very good open-source solution, and it works really well. pfSense provides a complete package. For some features, it could be the first solution in the world. It is a very good alternative in the market for a firewall solution. You don't need to go to Cisco or other brands with expensive firewalls. pfSense also allows us to offer some support services."
"We generally use it because it's cheap. When we need something more robust we use Barracuda and Sony Wireless Routers. For certain clients, we use pfSense because it's compatible with the VoIP platform."
"The built-in open VPN and the VPN Client Export are the solution's most valuable aspects."
"The scalability is very good, where you can do an HA configuration and then bring in another box, if necessary."
"The product’s documentation is good."
"I would like to see improvements in the product's application rules."
"It would be a benefit if Fortinet would release a one-stop solution that is better integrated with other products and an automated emergency response system."
"I think that the infrastructure for the VPN could be improved. The way that it is bundled also made it difficult to use and sell as it is too expensive."
"The integration with third-party tools may be something that they should work on."
"We were not able to build a full-mesh VPN; however, I am not sure if this was the fault of Fortinet FortiGate."
"There aren't really any negative aspects to discuss."
"Technical support could be better. You don't always get the level of help you need right away."
"I would suggest that Fortinet add sandboxing to their solution."
"Geo-blocking would be very useful. There are too many attempts to infiltrate by non-country users. I can block access by IP address or IP network, however, a country-level blocking would be more useful and much quicker to implement."
"It would be nice to have comprehensive documentation and training resources that can help users and administrators to better understand and utilize the full range of Check Point's capabilities."
"I would like for them to develop the ability to manage a cloud firewall with the same console. That would be very helpful."
"Of the areas of improvement that I want to see in this product, without a doubt, one is the technical support. In this time of globalization, with so many cyberattacks and risks, the Check Point support staff take a long time to attend to incidents due to the high demand."
"Several security modules are based on HTTPS inspection, losing a relevant security capability if you don't implement it in your network."
"The virtual infrastructure of the central management requires a huge amount of resources to work properly and manage all the logs without problems."
"Although there is a lot of automation and pattern that can be classified automatically, the IPS systems are sometimes a little bit complicated, and doing the fine-tuning in over 20,000 patterns is hard to do."
"One area for improvement in Check Point NGFW is the support process."
"The router monitoring needs improvement when compared with Sonicwall."
"A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion."
"pfSense could improve by having a sandboxing feature that I have seen in SonicWall. However, maybe it is available I am not aware of it."
"The integration could be improved."
"I'd like to find something in pfSense that is more specific to URL filtering. We have customers who would like to filter their web traffic. They would like to be able to say to their employees, "You can surf the web, but you cannot get access to Facebook or other social media," or "You can surf the web, but you're not allowed to gamble or watch porn on the web." My technicians say that doing this kind of stuff with pfSense nowadays is not easy. They can implement some filters using IP addresses but not by using the names of the domains and categories. So, we are not able to exclude some categories from the allowed traffic, such as porn, gambling, etc. To do that, we have to use another product and another web filter that uses DNS. I know that there are some third-party products that could work with pfSense, but I'd like the native pfSense solution to do that."
"It's just not listed as FIPS compliant for where we're at now in government, which is an issue."
"pfSense is not user-friendly. I hope to have something to make the interfaces more user-friendly."
"It requires more attention to provide a better alternative for open source to small government or educational institutions with reduced budgets in terms of technology."
Check Point NGFW is ranked 5th in Firewalls with 275 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Check Point NGFW is rated 8.8, while Netgate pfSense is rated 8.6. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Azure Firewall and OPNsense, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and Stormshield Network Security. See our Check Point NGFW vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.