We performed a comparison between Check Point CloudGuard Network Security and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Check Point CloudGuard Network Security provides valuable features like VPN Blade, IPS Blade, URL filtering, and Applications Control Blade. pfSense is appreciated for its capacity to block IP addresses, user-friendly dashboards, and open-source nature.
Check Point could enhance its support system, cluster creation on AWS, data protection visibility, DLP feature, user interface, integration with other security solutions, cost reduction, documentation, and on-prem deployment flexibility. pfSense could improve instructional videos, stability, mobile application, GUI usability, updates, threat handling, FIPs compliance, log analysis, VPN capacity, documentation, user-friendliness, configuration processes, and SD-WAN integration.
Service and Support: Some customers appreciate the technical support provided by Check Point, while others express dissatisfaction with response time and global support. pfSense's customer service garners both positive and negative reviews. Some users commend the technical support they receive, while others rely on community resources for assistance.
Ease of Deployment: Check Point CloudGuard Network Security is praised for its easy, simple, and straightforward initial setup. Users find it interactive, user-friendly, and effortless to configure. However, it may require technical expertise and proper guidelines from customer support. pfSense is generally regarded as easy and straightforward to set up, with a simple installation process. The timeframe for completion varies from as little as 15 minutes to a few days, depending on the user's familiarity with firewall and network concepts.
Pricing: Check Point CloudGuard Network Security is recognized for its high price, however, it provides strong security measures and good value. pfSense is an open-source option that offers reasonable pricing and no extra expenses. However, there is a lack of available information concerning the exact costs associated with pfSense's licensing.
ROI: Check Point CloudGuard Network Security provides improved performance and benefits for organizations, resulting in a higher ROI range of 80% to 85%. pfSense is highly regarded for its cost-effectiveness and affordability, enabling substantial savings.
Comparison Results: Check Point CloudGuard Network Security is the preferred option when compared to pfSense. Users find the initial setup of Check Point CloudGuard Network Security to be straightforward, and user-friendly. Check Point CloudGuard Network Security offers more valuable features including VPN, IPS, URL filtering, and Applications Control Blade, which are highly appreciated for their compliance, intrusion protection, and productivity enhancement.
"This is a quality product with ok support, and it is better than the competition we've tried."
"The GUI is good."
"Its stability is the most valuable."
"The web filtering feature and the intrusion protection system are the most valuable. It is a resilient appliance. I never had an issue with it in terms of any security breaches."
"Fortinet FortiGate is easy to use. Anyone can easily maintain it."
"The scalability is good in Fortinet FortiGate."
"Overall security features and performance routing is good."
"The wireless control is helpful."
"We have unified management. It is one of the advantages of this product."
"The product has allowed us to develop applications from the cloud - even with large environments and well-segmented security lines."
"We consolidated from three management consoles and three clusters to only one, which is a big improvement."
"The most valuable feature for us is the simplicity of creating this environment. Even though our current cloud usage is limited, the process of setting up machines in the product and establishing an HR system was straightforward."
"The most valuable feature for us is the scale set, which allows us to scale horizontally, vertically and dynamically depending on the traffic load."
"The most valuable feature for us is the ability to run the gateways as virtual machines in our virtual data center. The tool protects the virtual data centers."
"It is scalable. It's a cloud solution, so it's easy to implement and manage."
"The most valuable feature is that we can use the same manager server that we use on our own Check Point firewalls. We integrated CloudGuard on that manager and we can use the same kind of protections that we use on the on-prem firewalls, like the IPS and antivirus policy. We can have the same kind of protection on the Cloud environment that we have on-premise."
"The solution has good customization abilities and plenty of features."
"I like pfSense's security features."
"The documentation is very good."
"I like pfSense's reports and how I can control access to the policies on the firewall."
"I especially like the VPN part. It works like a charm."
"We generally use it because it's cheap. When we need something more robust we use Barracuda and Sony Wireless Routers. For certain clients, we use pfSense because it's compatible with the VoIP platform."
"It is a better firewall than others and it has better features."
"The initial setup is easy."
"The stability of Fortinet FortiGate could improve."
"Usually, we sell the bundle with the UTM or threat management piece with IPS, IDS. Other providers, such as Palo Alto, are ahead in terms of safe functionality. So, for me, delivering truly safe service is probably something that still needs to be improved."
"One of the features that I would like to have is to do with endpoint production, it should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not."
"The solution's framework needs to be frequently updated in order to have a stable solution."
"They are doing good, but they can improve the distributor assignment. The availability of the product and the timeline of delivery are the main things. The distribution should be swift, and the distributor should not reach out to end customers directly. They should work as a distributor. There should also be one more local distributor. Currently, there is only one distributor in Pakistan, and the rest of them are in UAE. It is difficult to work with only one distributor. Sometimes, you don't get along with the same distributor, and that's why they should have one more distributor. Their licensing should also be improved. The activation or renewal of the product should be done from the date of renewal, not from the date on which the license expired."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"In the next release, I would like to see the interface simplified to be more user-friendly."
"I would prefer to have more detailed logs within the FortiGate products themselves rather than relying on a separate tool."
"We utilize logging systems, and geolocation is crucial for us as some applications must only be accessible from our country. However, there have been occasional issues with this feature."
"Our biggest complaint concerns the high resource usage for IDP/IPS, as we cannot turn on all of the features even with new hardware."
"The challenge mainly revolves around the slower functionality of virtual IP switching in Azure Virtual Network compared to on-premise solutions. On-premise, switching between clusters is faster, taking only a few seconds, while in Azure, it can extend up to five minutes. The downtime is a concern for us."
"I would like to see more focus on east-west traffic inspection and AWS."
"A threat categorization system can be added to give users the authority to define vulnerable attacks and classify areas that can threaten the workflow system."
"It is somewhat problematic in the area of the cloud."
"The initial deployment using the ARM template in Azure was straightforward, but migrating to Terraform added complexity, although we managed to make it work."
"The solution could improve to have a DLP feature."
"It would be great to add more to security."
"It is not centrally managed, where you log into the website and can see all your services there. We would like to be able to see is all the configurations from a central interface on all our pfSenses."
"A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion."
"For the third-party packages, I'd rather have it built-in, like a core feature of pfSense, part of the core model."
"It requires more attention to provide a better alternative for open source to small government or educational institutions with reduced budgets in terms of technology."
"Layer 7 advanced firewall features are not included in the solution."
"I would like to see multiple DNS servers running on individual interfaces."
"The integration could be improved."
More Check Point CloudGuard Network Security Pricing and Cost Advice →
Check Point CloudGuard Network Security is ranked 8th in Firewalls with 120 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Check Point CloudGuard Network Security is rated 8.6, while Netgate pfSense is rated 8.6. The top reviewer of Check Point CloudGuard Network Security writes "The solution has good threat emulation, threat extraction, and reporting features". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Check Point CloudGuard Network Security is most compared with Azure Firewall, VMware NSX, Akamai Guardicore Segmentation, Cisco Secure Firewall and Palo Alto Networks VM-Series, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and Cisco Secure Firewall. See our Check Point CloudGuard Network Security vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.