We performed a comparison between Meraki MX and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The main difference between the two solutions is that Meraki MX is expensive, while pfSense is an open-source solution and is free of charge. In addition, Meraki’s monitoring capabilities could use improvement.
"The most valuable feature of this solution is the analytics."
"We use the filtering feature the most. It has filtering and inbuilt securities. We can create customized rules to define which users can access a particular type of site. We can create policies inside the firewall."
"FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all of these features on one device because it can cause performance issues."
"The most useful functionality of Fortinet FortiGate is the user interface, multiple engines, and their cloud with the latest integrations. Additionally, the Security Fabric tool is very good."
"Reliability is the best feature. We faced some issues when we were setting it up, but the service, portal, and administration are good."
"Overall security features and performance routing is good."
"We are using the FortiGate 100D series. VPN, firewall, anti-malware, OTM, and intrusion prevention are useful features."
"Their proxy-based inspection is responsive and secure."
"We work also with domain control (DC) from Microsoft or Amazon. We use a whole virtual appliance with Meraki."
"Its ease of configuration and management is very useful for us and for other companies that don't have an onsite IT person. It is easy to configure and easy to manage. It is easy to configure the VPN with the Auto VPN feature."
"MX is easy to manage, configure and install."
"A strong, reliable solution for small companies with little or no dedicated IT department."
"The most valuable feature is that we didn't have any problems with Meraki MX."
"We've had no issues with the scalability or the stability of this solution"
"I use Meraki in my POCs and with my customers as well."
"Deployment takes no more than one working day."
"Easy to deploy and easy to use."
"This solution has increased the level of security, given us more control, provided a deep insight into network traffic, and is a great VPN solution."
"The initial setup was simple and fast."
"It has a good web cache. I used to use a DHCP server and DNS server. For my company, I use pfSense as a load balancing application."
"We've found the stability to be very good overall."
"Some of the terminologies were more familiar to me than it was when I first encountered Cisco."
"The firewall sensor is highly effective, and it's easy to deploy. You can deploy pfSense with limited hardware resources. It's not necessary to have an appliance with much RAM to make it work. It's cost-effective and performs well."
"It is a stable solution. It is also easy to install and can be deployed and maintained by one team member."
"While FortiGate is cheaper than most other solutions, we're seeing increased license renewal costs. Most of our clients are asking for more significant discounts because the price is going up."
"Reporting is limited to providing an external appliance for improving the reporting capabilities of the FortiAnalyzer. It does not offer a central management and is also sold separably as an appliance."
"FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and that presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate."
"There are a lot of bugs I have found in the solution and it is difficult to upgrade. These areas need improvement."
"To some degree, it's almost a question as to why some of this stuff isn't simpler. For example, for an AP deployment, while it's integrated, the number of steps that you have to go through in order to get the AP up, seems like a lot."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"I don't really have anything negative to say as far as Fortinet firewalls are concerned. If anything, they can support a user a little bit better. They can stop being so time-sensitive about how much time the support call has taken, and they can help you do it yourself."
"One of the features that I would like to have is to do with endpoint production, it should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not."
"The problem is that the two licenses do not currently integrate. We have to create separate companies and do an interconnection."
"We had minor issues with Meraki MX. We had a couple of RMAs, so that could be an area for improvement, but in terms of how the RMAs went, the turnaround time and getting those back into redeployment were quick. Another area for improvement in Meraki MX is that when you're scaling for multiple locations, you need to use the same model, but the model you'd need is only available for a short time. The specific model you require could be out of stock, or Meraki isn't making that model anymore, so Meraki should improve that."
"The IPS, the Intrusion Prevention System, can be improved."
"When we do API integrations with Meraki, they have always been hard as well as tedious to build. The data that we want out of the API integrations has been only recently available. Six months ago, it was hard to get someone to build something correctly or useful with Meraki APIs. Recently, they have made more data available on the API, but it is just a start. They need to do more."
"Pricing is an area where the solution lacks since it is an expensive tool."
"The security is not as strong as it could be"
"The configuration options for firewall and IPS have limitations."
"Direct logging is something that can be introduced. In the absence of cloud management, the possibility of local configurations and on-premise logins becomes restricted. This limitation stands as a primary concern. When it comes to resolving issues, the inability to access login options hampers troubleshooting efforts. The stability is noteworthy; but when compared to alternative products, its stability is comparatively lower. Additionally, certain limitations are observed in terms of remote control. Price-wise, the solution stands out for its competitive and cost-effective nature compared to other alternatives. Operationally, it is user-friendly and requires minimal effort from administrators, making configuration hassle-free."
"pfSense could improve by having a sandboxing feature that I have seen in SonicWall. However, maybe it is available I am not aware of it."
"A way to clean squid cache from the GUI."
"Many people have problems setting up the web cache for the web system."
"I have been using WireGuard VPN because it is a lot faster and more secure than an open VPN. However, in the latest version of pfSense, they have removed this feature, which is one of the main features that I need. They should include this feature."
"The VPN feature of the solution could improve by adding better functionality and providing easier configure ability."
"I believe improving integration with various antivirus vendors could be beneficial."
"We are at the moment looking to use it as a proxy service so that we can limit what websites people go and view and that sort of thing. That's an area I've struggled with a little bit at the moment and it could be a bit easier to set up."
"The solution’s interface must be improved."
Meraki MX is ranked 2nd in Unified Threat Management (UTM) with 57 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Meraki MX is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Meraki MX writes "Cost-effective, simplified, easy to manage, and reliable with advanced security features and granular visibility". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Meraki MX is most compared with Palo Alto Networks NG Firewalls, Cisco Secure Firewall, Sophos XG, SonicWall TZ and SonicWall NSa, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and Check Point NGFW. See our Meraki MX vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.