• Home
  • Check Point NGFW vs. OPNsense

Check Point NGFW vs OPNsense comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo
Fortinet FortiGate
Read 306 Fortinet FortiGate reviews
120,425 views|88,209 comparisons
90% willing to recommend
Check Point Software Technologies Logo
Check Point NGFW
Read 277 Check Point NGFW reviews
27,173 views|16,714 comparisons
96% willing to recommend
OPNsense Logo
OPNsense
Read 36 OPNsense reviews
105,864 views|93,109 comparisons
96% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Check Point NGFW vs. OPNsense
May 2024
Executive Summary
Updated on Jul 11, 2023

We performed a comparison between Check Point NGFW and OPNsense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

Features: Check Point NGFW is highly regarded for its extensive security functions, centralized control, and ability to virtualize. OPNsense is appreciated for its ability to scale, provide guest access, offer user-friendly dashboards, and provide a free version for users. Check Point NGFW needs enhancements in integration, hardware upgrades, cost, stability, load balancing, technical support, and reporting capabilities. OPNsense, on the other hand, requires improvements in its interface, bandwidth management, multi-provider internet protection, integration with Azure, a timeline for new features and updates, IPS solution, reporting capabilities, SSL inspection, and learning curve.

Service and Support: The service for Check Point NGFW has varying feedback, with certain customers appreciating its assistance and quick response, while others believe there is room for improvement. OPNsense boasts an exceptional community support network, although a few users encounter challenges in directly accessing support.

Ease of Deployment: The setup process for Check Point NGFW can be complex and challenging, especially for those who are unfamiliar with the product. It requires expertise and experience for certain configurations and migrations. The initial setup of OPNsense is described as straightforward and easy, even for clients without IT experience. It can be completed within a few hours, with slight variations depending on individual circumstances.

Pricing: The cost of setting up Check Point NGFW is deemed to be expensive, whereas OPNsense falls into the moderate range. Check Point provides flexible licensing choices, although some individuals find the procedure complex. OPNsense is a license-free open-source solution. In addition to the basic expenses, OPNsense requires additional costs for hardware, installation, and training.

ROI: Check Point NGFW provides cost savings, simplicity, and reliable security enforcement, resulting in a favorable return on investment. OPNsense achieves a return on investment in less than three months and eliminates recurring fees.

Comparison Results: Check Point NGFW is the preferred choice over OPNsense. Users appreciate its comprehensive security features, centralized management, and virtualization capabilities. It is known for its stability, ease of use, and scalability. Check Point NGFW is considered worth the price due to its superior security and reliability.

To learn more, read our detailed Check Point NGFW vs. OPNsense Report (Updated: May 2024).
Download the complete report
771,212 professionals have used our research since 2012.
Featured Review
Saurabh-Pal
Researched Check Point NGFW but chose Fortinet FortiGate: It's a reliable solution that's easy to install and cheaper than competitors
Champika Wijewickrama
Enables exceptional security with its comprehensive suite of features and ensures robust protection against cyber...
Unlike Fortinet, where the log loading process can take up to a month, Check Point stands out for its efficiency. While other solutions may only... Read more →
Michael Dietze
Has valuable VPN capabilities, but the scalability needs improvement
The VPN has helped us a lot.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Their reliability and their policy of pre-shipping replacements when a unit has failed.""The wireless control is helpful.""The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors.""The features that we have found most valuable are the SSL VPN and the User Portal.""Its performance in fulfilling our requirements has been satisfactory.""The product is very stable, easy to troubleshoot, and configure, so it has reduced the time it takes for support.""The most valuable features of Fortinet FortiGate are the rules and quality of service.""Fortinet FortiGate is a stable solution."

More Fortinet FortiGate Pros →

"The way in which it manages the nodes within a cluster architecture is excellent, offering fault tolerance which is, in my experience, practically imperceptible when one of the nodes fails.""It is giving us a greater reach for greater prevention and is proactively protecting our employees.""The most valuable feature of Check Point NGFW is it is a complete solution for protecting not only the network but the applications. Additionally, it provides a hybrid cloud solution.""Newer versions are much more stable.""If there is a critical issue observed, the Check Point support team can create a custom package that we can deploy on the gateway to mitigate critical issues/bug fixes.""It is easy to deploy or upgrade. There is no need to do this manually with commands. This solution can be set up online.""The Smart Dashboard allows for rule creation and administration and management and is user-friendly.""By far, it's the best security solution one can adopt for their organization."

More Check Point NGFW Pros →

"It has firewall and VPN capabilities, which are very valuable features.""The system in general is quite flexible.""OPNsense is easy to use and open source.""The solution has high availability.""It is a very good solution. I like the dashboard. I can see what is going on and manage it as I like it.""The IDS and IPS features are valuable. From the usability perspective, there is a lot of good documentation. As IT professionals, we found it very easy to configure the firewall. It was easy to configure and use.""URL blocking, Wireguard, Tail Scale, Engine Blocker, and VPN are the most valuable features for me.""The most valuable features in OPNsense are reporting and visibility."

More OPNsense Pros →

Cons
"They've become quite expensive.""I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security.""I would like to have logs, monitoring, and reporting for a month without extra fees.""The solution could be more evenly structured.""Fortinet FortiGate is a stable solution. However, my issue is the performance only. When I use all the profiles, this affects the performance. From the beginning, I should have had a better sizing of the box.""A sandbox would be good in order to be able to inspect the emails containing spam and be able to validate the emails that contain malware, prior to delivering to the customer.""The inability to scale the FortiAnalyzer to match our growth necessitates the purchase of new hardware.""Fortinet FortiGate can be integrated with different platforms. They have integrations in place, but I can't say they're 100%."

More Fortinet FortiGate Cons →

"The upgrading process takes too much time.""Check Point products have many places that need to be improved, but they are constantly upgrading.""The URL objects take significant time in processing compared to other products like Cisco FTD; it would be better if they could improve it.""Sometimes we need to find a resolution by ourselves as the solution's knowledge base is not enough.""For the user or anyone else who is using Check Point, they are more into the GUI stuff. Check Point has its SmartConsole. On the console, you have to log into the MDS or CMS. Then, from there, you have to go onto that particular firewall and put in the changes. If the management console could be integrated onto the GUI itself, that would be one thing that I would recommend.""It should be user-friendly from an implementation point of view. Its setup is a little bit difficult.""We have run into an interface expansion limitation, and thus it would be helpful if products lower in the stack would offer more interface expansion options.""We'd like an option that can convert other vendors' NGFW configurations to supported Check Point NGFW config for ease of migration."

More Check Point NGFW Cons →

"The scalability needs improvement.""The only thing that I would like to see improved is the Insight or the NetFlow analysis part. It would be good to have the possibility to dig down on the Insight platform. Right now, we can easily do only a few analyses. If this page becomes more powerful, it surely will be a well-adopted platform.""An area for improvement in OPNsense is the hardware, which needs to be updated more frequently. DNS blocking is another good feature I want to be added to the solution. pfSense has a peer-blocking feature that I also want to see in OPNsense.""Given that OPNsense plays a pivotal role as a firewall, safeguarding against various threats, having a reliable backup ensures uninterrupted protection even if unforeseen events impact the primary virtual machine.""I think the most important thing is that it should be easily accessible, but currently, that doesn't seem to be the case. We need a hardware platform that's based on common standards and open computing principles, which would be like a commodity and benefit us greatly.""There are a few weaknesses. For example, there is a lack of some features that I have in certain commercial products.""The solution could be more secure.""I would like better documentation concerning the provided packages and their integration."

More OPNsense Cons →

Pricing and Cost Advice
  • "Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make."
  • "These boxes are not that expensive compared to what they can do, their functionality, and the reporting you receive. Fortinet licensing is straightforward and less confusing compared to Cisco."
  • "Go for long term pricing negotiated at the time of purchase."
  • "Work through partners for the best pricing."
  • "The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors."
  • "Easy to understand licensing requirements."
  • "​We saved a bundle by not needing all the past appliances from an NGFW.​"
  • "The cost is too high... They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost."

    • More Fortinet FortiGate Pricing and Cost Advice →

  • "I don't think the product's pricing is a good value. I feel it's very overpriced. I feel a lot of the features for a next gen firewall are there. But I feel it's overpriced, because of the stability issues. As far as support goes, I really can't speak to direct Check Point support, but the third-party was pretty terrible... As far as the licensing goes, it's pretty complex. If anybody was to purchase the Check Point product, definitely make sure they have an account rep come on site, and explain it line by line, what each thing is. It's not straightforward. It's very convoluted. There's no way you could just figure it out by looking at it."
  • "Check Point solutions are very expensive here. They're good, but they're expensive... Check Point is only useful for customers that have a big IT budget."
  • "The price is high in comparison to other solutions."
  • "We pay $5,000-$6,000 a year."
  • "Maybe the pricing is a bit high but you get the durability and the duration."
  • "Licensing issues may be confusing at times."
  • "It is quite an expensive product, although security is a top priority."
  • "This product is not cheap and there are additional costs that depend on what model or package that you buy."

    • More Check Point NGFW Pricing and Cost Advice →

  • "We are not paying any licensing fees. OPNsense is completely free for us."
  • "It costs about $1000."
  • "There are no licensing costs for OPNsence."
  • "OPNsense is open source software so at this time it is free for us to use."
  • "OPNsense is a well known open-source tool."
  • "It is not an expensive product. Basically, I deployed it because it was the fastest solution to satisfy our needs in open source."
  • "OPNsense is an open-source solution and it is free to use."
  • "The solution is not expensive."

    • More OPNsense Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    See Recommendations
    771,212 professionals have used our research since 2012.
    Questions from the Community
    Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and usage at… more »
    Read all 3 answers   →
    What is the biggest difference between Sophos XG and FortiGate?
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Read all 13 answers   →
    What are the biggest technical differences between Sophos UTM and Fortine...
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Read all 11 answers   →
    How does Check Point NGFW compare with Fortinet Fortigate?
    Top Answer:I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such)… more »
    Read all 5 answers   →
    Which would you recommend - Azure Firewall or Check Point NGFW?
    Top Answer:Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall… more »
    Read all 2 answers   →
    What do you like most about Check Point NGFW?
    Top Answer:Check Point NGFW provides essential security, featuring no-obligation access for secure connections, strong intrusion… more »
    Read all 165 answers   →
    What is the difference between PfSense and OPNsense?
    Top Answer:Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
    What do you like most about OPNsense?
    Top Answer:What I like the most about OPNsense is that it offers an easy-to-use dashboard for device management and control.
    Read all 32 answers   →
    What is your experience regarding pricing and costs for OPNsense?
    Top Answer:It is free.
    Read all 27 answers   →
    Comparisons
    Also Known As
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    Check Point NG Firewall, Check Point Next Generation Firewall
    Learn More
    Fortinet
    Check Point Software Technologies
    OPNsense
    Video Not Available
    Overview

    Fortinet FortiGate enhances network security, prevents unauthorized access, and offers robust firewall protection. Valued features include advanced threat protection, reliable performance, and a user-friendly interface. It improves efficiency, streamlines processes, and boosts collaboration, providing valuable insights for informed decision-making and growth.

    Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.

    Check Point NGFW includes 23 firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance.

    Benefits of Check Point's Next Generation Firewall

    • Robust security: Check Point NGFW delivers the best possible threat prevention with SandBlast Zero Day protection. The SandBlast protection agent constantly inspects passing network traffic for exploits and vulnerabilities. Suspicious files are then emulated in a virtual sandbox in order to detect and report malicious behavior.

    • Security at hyperscale: On-demand hyperscale threat prevention performance provides cloud level expansion and resiliency on premises.

    • Unified management: Check Point's SmartConsole makes it easy to manage and configure network security environments and policies. With the SmartConsole, users can manage all the firewall gateways and access logs and install databases from one location. Unified management control across the network increases the efficiency of security operations and reduces IT costs.
    • Continuous logging: Check Point NGFW’s Threat Management feature detects vulnerabilities and logs them. Using the logged data, users can easily create and implement efficient security policies.

    • Remote access: The remote access VPN provides a seamless connection for remote users.

    Check Point NGFW is suitable for organizations of all sizes, from small businesses to larger enterprises.

    Reviews from Real Users

    Check Point NGFW stands out among its competitors for a number of reasons. Two major ones are its intrusion prevention feature as well as its centralized management, which makes it very easy to deploy firewall policies to many firewalls with one click.

    Shivani J., a network security administrator, writes, "Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention."

    G., a network administrator at Secretaría de Finanzas de Aguascalientes, writes, “Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution. The configuration of policies has allowed us to maintain control of access and users for each institution that is incorporated into our headquarters.”

    Arun J., a senior network engineer, notes, “The nicest feature is the centralized management of multiple firewalls. With the centralized management, we can easily use and operate multiple firewalls as well as create a diagram of them.”

    OPNsense is a user-friendly, fast-track, open-source FreeBSD-based firewall and routing platform. This software offers features that are generally available from costly commercial firewalls, with the added benefit of open and verifiable sources. The firewall provides users, developers, and organizations with an advantageous environment through transparency. The development of this project is driven by a strong focus on security and code quality.

    The solution offers a variety of components, such as:

    • Weekly security updates. These updates provide the user with the ability to reach new emerging threats in a timely manner through small increments.

    • Two major releases every year. These yearly releases are on a fixed release cycle and provide organizations with the ability to plan ahead of an upcoming upgrade.

    • A roadmap of instructions. Each major release provides a guide and a set of clear goals.

    A team of professionals developed OPNsense. Other professional and experienced software architects, engineers, and developers are encouraged to join in the development of the solution to make it as successful as possible. OPNsense offers a variety of rich features with each release. Each upgrade is based on FreeBSD for continual, long-term support and utilizes a freshly advanced MVC framework based on Phalcon. OPNsense is committed to helping businesses, school networks, remote offices, hotels, and other markets in keeping their data protected.

    OPNsense Core Features

    OPNsense continually offers a free, complete, high-end security platform with new releases and features. With each release, OPNsense focuses on providing more unique and better security features in a timely manner. These features include:

    • Captive Portal
    • Built-in reporting and monitoring tools including RRD Graphs
    • Network Flow Monitoring
    • Traffic Shaper
    • Support for Plugins
    • Granular Control Over State Table
    • Dynamic DNS
    • Two-factor authentication throughout the system
    • Netflow Exporter
    • Encrypted Configuration Backup to Google Drive
    • Forward Caching Proxy (transparent) with Blacklist Support
    • Stateful inspection firewall
    • DNS Server & DNS Forwarder
    • High Availability & Hardware Failover (with configuration synchronization & synchronized state tables)
    • DHCP Server and Relay
    • Virtual Private Network (site to site & road warrior, IPsec, OpenVPN & legacy PPTP support)
    • Intrusion Detection and Prevention
    • 802.1Q VLAN support

    Reviews from Real Users

    OPNsense is a favorite security solution among reviewers for a number of reasons. Two of those reasons include the user-friendliness of the solution, which makes it easy to use, and its ability to easily scale.

    For many, a user-friendly solution is essential. FiorindoDi A., a system administration specialist at a tech vendor, says, "The graphic user interface is very good and it is user-friendly, which makes the product easy-to-use."

    Peerspot reviewers speak of the scalability of the solution. For example, an anonymous cloud and infrastructure manager at a venture capital and private equity firm reviewer notes, "OPNsense is easy to scale when running on the hardware."

    Sample Customers
    1. Amazon Web Services 2. Microsoft 3. IBM 4. Cisco 5. Dell 6. HP 7. Oracle 8. Verizon 9. AT&T 10. T-Mobile 11. Sprint 12. Vodafone 13. Orange 14. BT Group 15. Telstra 16. Deutsche Telekom 17. Comcast 18. Time Warner Cable 19. CenturyLink 20. NTT Communications 21. Tata Communications 22. SoftBank 23. China Mobile 24. Singtel 25. Telus 26. Rogers Communications 27. Bell Canada 28. Telkom Indonesia 29. Telkom South Africa 30. Telmex 31. Telia Company 32. Telkom Kenya
    Control Southern, Optimal Media
    1. Deciso B.V. 2. iXsystems, Inc.  3. EuroBSDCon  4. Netgate  5. Claranet  6. Voleatech  7. Open Systems AG  8. Securebit AG  9. Proxmox Server Solutions GmbH  10. AVM Computersysteme Vertriebs GmbH  Additional customers include: T-Systems International GmbH, Deutsche Telekom AG, Vodafone GmbH, 1&1 IONOS SE, OVHcloud, Hetzner Online GmbH, Strato AG, PlusServer GmbH, Host Europe GmbH, United Internet AG, 1&1 Versatel Deutschland GmbH, QSC AG, Bechtle AG, Cancom SE, Computacenter AG & Co. oHG, T-Systems Multimedia Solutions GmbH, Atos SE, Capgemini SE, Accenture plc, IBM Corporation, Hewlett Packard Enterprise Company, Cisco Systems, Inc.
    Top Industries
    REVIEWERS
    Comms Service Provider16%
    Computer Software Company9%
    Financial Services Firm8%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Educational Organization20%
    Computer Software Company15%
    Comms Service Provider8%
    Manufacturing Company6%
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company15%
    Comms Service Provider7%
    Manufacturing Company6%
    VISITORS READING REVIEWS
    Educational Organization50%
    Computer Software Company8%
    Financial Services Firm5%
    Comms Service Provider4%
    REVIEWERS
    Comms Service Provider24%
    Financial Services Firm18%
    Logistics Company12%
    Government6%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Comms Service Provider14%
    Government9%
    Educational Organization6%
    Company Size
    REVIEWERS
    Small Business48%
    Midsize Enterprise23%
    Large Enterprise30%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise32%
    Large Enterprise40%
    REVIEWERS
    Small Business32%
    Midsize Enterprise19%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise58%
    Large Enterprise27%
    REVIEWERS
    Small Business71%
    Midsize Enterprise12%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business34%
    Midsize Enterprise18%
    Large Enterprise48%
    Buyer's Guide
    Check Point NGFW vs. OPNsense
    May 2024
    Free Report: Check Point NGFW vs. OPNsense
    Find out what your peers are saying about Check Point NGFW vs. OPNsense and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    771,212 professionals have used our research since 2012.

    Check Point NGFW is ranked 5th in Firewalls with 277 reviews while OPNsense is ranked 3rd in Firewalls with 36 reviews. Check Point NGFW is rated 8.8, while OPNsense is rated 8.4. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of OPNsense writes "Robust network security and management offering a user-friendly interface, open-source flexibility, and cost-effectiveness, with challenges regarding initial setup and the absence of official support". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Juniper SRX Series Firewall, whereas OPNsense is most compared with Netgate pfSense, Sophos XG, Untangle NG Firewall, Sophos UTM and KerioControl. See our Check Point NGFW vs. OPNsense report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.