We performed a comparison between Check Point NGFW and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The main difference between these two products is that Check Point users feel that the tool’s VPN is hard to integrate. In addition, Check Point does not have an open-source version like pfSense does.
"The product is very stable, easy to troubleshoot, and configure, so it has reduced the time it takes for support."
"FortiGate has a very strong unified threat management system."
"Initial setup is straightforward. There weren't too many issues with setting it up. It takes one hour or so."
"The most valuable features of Fortinet FortiGate are the rules and quality of service."
"I like Fortinet FortiGate's antispam filter, SPN, and clustering features."
"The SD-WAN function is very developed. It has SD-WAN functionality with security features in one device. We can manage from one single console SD-WAN and the security policy."
"FortiGate Secure SD-WAN includes best-of-breed next-generation firewall (NGFW) security, SD-WAN, advanced routing, and WAN optimization capabilities, delivering a security-driven networking WAN edge transformation in a unified offering."
"Some of the valuable features are the firewall, IPS, web filter, and gateway capabilities. Additionally, it is easy to use and flexible."
"It offers a range of models to enhance network security and it can be customized to secure endpoint client machines or user devices by deploying features like malware detection, antivirus, and mail security blades."
"The technical services always replied in a very fast and effective way."
"Check Point's Quantum helps our clients in their overall cybersecurity practice."
"It provides end-to-end resolution."
"We like the centralized management for configuring multiple firewalls. It also gives us the Antivirus, threat prevention, and vulnerability tests. These four features protect the environment with security checks. Vulnerability tests allow us to configure changes that can protect the environment."
"Admins and executives are more at ease with the compliance engine within the software as it measures how many of the security requirements we're compliant with, making their work much more accessible from that standpoint."
"Objects search and tracker logs are useful."
"It provides a central station where it is very easy to deploy our firewall policy in one click to many firewalls. This is one of the leading perks. It saves time by having one central station because I can deploy the same kind of policy to many firewalls at once."
"Easy to deploy and easy to use."
"The GUI is easy to understand."
"I like the connectivity to the open VPN. It's very smooth."
"We like the fact that the product is open-source. It's free to use. There are no costs associated with it."
"A valuable feature is that the solution is open source."
"I'm the expert when it comes to Linux systems, however, with the pfSense, due to the web interface, the rest of the staff can actually make changes to it as required without me worrying about whether they've opened up ports incorrectly or not. The ease of use for non-expert staff is very good."
"The ability to create a VPN allows me to monitor branch offices from a central location."
"Sophos Intercept X is scalable. Currently, we have almost 30 people using it in our company."
"Some of the software stability could improve."
"The cloud features and integration could be improved."
"The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. When I have used the Sophos solution it is a complete solution, in Fortinet FortiGate you have to use additional tools to have the features needed."
"The room for improvement is about the global delivery time period. Usually I need to wait for almost one month to deliver it overseas. So if you can shorten the deliver time it'd be great."
"The pricing could be a bit better, especially when you consider how they have the most basic offering priced."
"The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are."
"They should improve high CPU and memory usage that occurs."
"It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features."
"I would like there to be a way to run packets that capture more easily in the GUI environment. Right now, if we want to read packet captures, we have to do so from the command line."
"The naming in the inline layers and ordered layers needs improvement. It makes things very complicated. I've seen quite a lot of people saying that. For audit policies, it is okay since it's very simple to see. However, this area is for very large organizations, which have too many policies, and they need to share all these policies. For small to medium-sized businesses, they don't need it. Even if somebody has 500 rules, if they try to use it, it can be very confusing."
"Check Point products have many places that need to be improved, but they are constantly upgrading."
"The predefined reports are limited and should provide more information. Check Point should provide a greater number of defined reports and produce reports for each division of the organization."
"One of the biggest disappointments is the GUI."
"The exterior of the physical device can be improved with the use of a display and not just simple lights."
"Although the GUI is simple to use and fairly comprehensive, more support via CLI would be beneficial for bulk operations."
"One area that they should prioritize is enhancing security gateways for protection against cyberattacks."
"I have been using WireGuard VPN because it is a lot faster and more secure than an open VPN. However, in the latest version of pfSense, they have removed this feature, which is one of the main features that I need. They should include this feature."
"We have not had any problems with it, and we also do not have a need for any new features. If anything, its reporting can be better. Sophos has better reporting than pfSense. Sophos has more detailed information. pfSense is not as detailed. It is summarized."
"The VPN feature of the solution could improve by adding better functionality and providing easier configure ability."
"I would like to see multiple DNS servers running on individual interfaces."
"The hotspot and the portal feature in this solution are not stable for WiFi access. We use it at least once or twice every day and it crashes. Some modules can be better by improving detection and having new updates. Additionally, we have some issues with clustering and load balancing that could improve."
"Other solutions provide more scope for growth. For instance, we can have only 10 to 20 employees on VPN, but other solutions can support more users. We also have more capabilities to increase the performance of the solution."
"For the third-party packages, I'd rather have it built-in, like a core feature of pfSense, part of the core model."
"The configuration of the solution is a bit difficult."
Check Point NGFW is ranked 5th in Firewalls with 275 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Check Point NGFW is rated 8.8, while Netgate pfSense is rated 8.6. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Azure Firewall and OPNsense, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and Meraki MX. See our Check Point NGFW vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.