We performed a comparison between Fortinet FortiGate, Juniper SRX Series Firewall, and OPNsense based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."We can use our devices to check all of the perimeters. It secures email websites."
"The most valuable features of Fortinet FortiGate are the ease of use and there are several operating systems that can include the hardware capacities. In the newer releases, the resources were more useful because they were included in the operating system."
"The most valuable feature is the web filter."
"It is a good source for firewall protection."
"Their proxy-based inspection is responsive and secure."
"The performance is good."
"I think that the UTM features are the most value, as it truly protects my infrastructure."
"We are using the FortiGate 100D series. VPN, firewall, anti-malware, OTM, and intrusion prevention are useful features."
"From a protection perspective, it provides a network perimeter security function for our company."
"We think they have a good interface, the operating system is good, it's robust. It has plenty of great features, and the relation between the cost and benefits works for our business."
"The product provides good performance and has features comparable to other leading products in the market."
"On a scale from one to ten, one being the worst and ten being the best I'd give Juniper SRX an overall rating of eight because of its' competitive price."
"It helps us perform our daily jobs."
"Technical support is good. They quickly respond, and they even have local help here. They can actually give you an answer very quickly."
"The setup is pretty straightforward."
"The GUI is simple to use."
"The most valuable feature is the Dual WAN in OPNSense, which offers advanced capabilities."
"I find the solution to be user-friendly. It has a lot of reports and easy settings."
"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."
"We have been operating here in our lab for several months, and everything appears to be extremely stable."
"The interface and the dashboard are the most valuable features of this solution."
"The most valuable features are reporting, the Sensei plugin, and firewall capabilities."
"The DNS-level filtering is impressive for thwarting time scanners."
"It's open source."
"It could use more templates for third-party site-to-site VPN setups other than FortiGate and Cisco."
"The web-cache feature which was previously on the FortiGate device, but was deleted with the recent upgrade should be returned. It was a very valuable feature for us."
"The solution could be more secure and stable."
"I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE."
"The cloud features can be improved."
"FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and that presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate."
"Fortinet FortiGate could improve by having better visibility. Palo Alto has better visibility."
"The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. When I have used the Sophos solution it is a complete solution, in Fortinet FortiGate you have to use additional tools to have the features needed."
"It did not improve our safety because the IDS does not detect some attacks, but our anti-virus software did."
"It does have its nuances in terms of deployment. There are always areas to make something easier or more intuitive or make the system auto-negotiate more with existing hardware."
"Juniper SRX Series Firewall has to improve its web content site, like web filtration."
"The visibility/reporting could be better. To see something, you have to export the log to a syslog and then process with another product."
"The configuration is difficult and it should be easier."
"it would be more powerful if Juniper brought out a security product other than the firewall, like anti-spam, endpoint protection, etc. Customers who want to deploy security solutions are not just thinking about firewalls... Juniper should have an end-to-end solution, from the endpoint to the network level."
"In some cases, customers encounter issues related to network interfaces, while others prioritize security concerns."
"I've noticed that the management interface could use some updates and upgrades."
"There is room for improvement in SSL inspection."
"OPNsense showed me some problems when using it in different environments. The problem is integration with a virtual server."
"The solution could be more secure."
"Its interface should be a little bit better."
"The support for OPNsense is good because we have documents available on the internet. The support could improve a little."
"I would like better documentation concerning the provided packages and their integration."
"We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much."
"They should improve IPEs for security in the future."