We performed a comparison between Kerio Control and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: pfSense has the winning edge in this comparison because it received higher marks in the features, pricing, and service and support categories.
"The SD-WAN is the most valuable feature."
"The feature I like most is the SD-WAN. It allows you to manage more than one ISP at the same time. And there is a high-availability mode, so if one of your ISPs is down, you still have a backup."
"The ability to set up remote systems is the most valuable feature."
"The features that we have found most valuable are the SSL VPN and the User Portal."
"The most valuable feature of this solution is Quota."
"Its user interface is good, and it is always working fine."
"It performs very well."
"We use the FortiGate Sandbox to detect zero-day vulnerabilities, such as anomalies or malware, that are unknown and have not yet been discovered."
"Kerio is a lot clearer to set up to do particular things, whereas when I do it on a Cisco or a FortiGate I have to go fight with it per week sometimes to do something I can do in 20 minutes on Kerio."
"Technical support is good. They respond right away."
"It prevents people from visiting undesirable sites and ensures that they use the internet for their designated jobs."
"The firewall appliance itself is the most valuable feature."
"The interface control manager where we can allocate LAN connections to certain VLANs is the most valuable feature. The other feature that's important for us is because obviously everything is remote with MyKerio, as long as the boat has an internet connection, we can log onto the Kerio and get statistics, as well as provide support."
"Its support is very good, and it is stable product."
"The solution provides feasibility regarding cyber privacy."
"Kerio Control can be scaled easily."
"The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network."
"Easy to deploy and easy to use."
"The product’s documentation is good."
"I use pfSense because it gives me the flexibility to greatly expand basic firewall features."
"My company mainly works in the health and educational domain, schools and universities. I prevent the improper use of content from schools and universities. I defend the medical records for the patients in our hospitals. That is the main use case for me for the firewall."
"It is a stable solution."
"We can run it on any hardware."
"I have found the most valuable features to be antivirus and malware protection."
"Quality control on their firmware versions needs improvement. When they introduce new firmware, there tend to be bugs."
"Fortinet Fortigate could benefit by simplifying some of their processes."
"The room for improvement is about the global delivery time period. Usually I need to wait for almost one month to deliver it overseas. So if you can shorten the deliver time it'd be great."
"Fortinet FortiGate can be integrated with different platforms. They have integrations in place, but I can't say they're 100%."
"It does not have key authentication for admin access."
"One area for improvement is the performance on the bandwidth demands for smaller devices, as well as better web filtering."
"Stability and technical support are the two major issues I have found with Fortinet."
"The Web-filter in this solution is not very good."
"The solution can be improved to create the capability for larger bandwidths that support our business needs."
"I have had a few issues with HTTPS decryption. The solution also does not show the actual user's Internet usage."
"There's also room for improvement in the Traffic Rules. We define networks to use a specific outgoing interface, say VSAT, shore, or marine WiFi, which is okay. But then all we have is a checkbox that says "Use other internet interfaces if this one is unavailable." What we would prefer would be to have a priority list. So if VSAT is unavailable, try to use 4G, etc. We haven't really found a reliable way of doing that in the current release."
"The reporting needs to be improved. It is hard to get a domain."
"The Kerio hardware devices look cheap and could be improved. Some of our clients are switching to Sophos because their hardware has a more sleek design."
"They should add wireless features."
"They should improve the remote connectivity feature for users."
"I would like to see a little improvement in their technical support when you have a problem. I may be a little jaded because I came from Kerio when we could call and get a person on the phone who worked on the product. Every tech had their own demo setup. They had instant messaging capability with the developers. If we found a problem, then we could get a result for it quickly. Now, the product seems to be 24 hours. They have also gone to the model that if you need quicker support, then they now charge you additional for the exact same level of support that they used to give. I am assuming it's the exact same level of support that they say it is. I'm not paying extra for it. That's the biggest flaw with the product."
"The user interface can be improved to make it easier to add more features. And pfSense could be better integrated with other solutions, like antivirus."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
"The main problem with pfSense is that it lacks adequate ransomware protection."
"We are at the moment looking to use it as a proxy service so that we can limit what websites people go and view and that sort of thing. That's an area I've struggled with a little bit at the moment and it could be a bit easier to set up."
"The interface is not very shiny and attractive."
"It should integrate with LDAP, Active Directory, etc, to improve the way in which the traces and connections of each IP, or user connected through the firewall, are shown."
"It's just not listed as FIPS compliant for where we're at now in government, which is an issue."
"One concern I have with Netgate pfSense is related to packet filtering. Specifically, issues can arise with certain functionalities like GP, and, at times, there may be bugs."
KerioControl is ranked 29th in Firewalls with 54 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. KerioControl is rated 8.0, while Netgate pfSense is rated 8.6. The top reviewer of KerioControl writes "With VPN, any of our guys can log in to the system and effectively be on board; helps with our customers all over the world". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". KerioControl is most compared with OPNsense, Sophos UTM, Sophos XG, Cisco Secure Firewall and WatchGuard Firebox, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, Cisco Secure Firewall and WatchGuard Firebox. See our KerioControl vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.