We performed a comparison between Check Point NGFW and OPNsense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Check Point NGFW is highly regarded for its extensive security functions, centralized control, and ability to virtualize. OPNsense is appreciated for its ability to scale, provide guest access, offer user-friendly dashboards, and provide a free version for users. Check Point NGFW needs enhancements in integration, hardware upgrades, cost, stability, load balancing, technical support, and reporting capabilities. OPNsense, on the other hand, requires improvements in its interface, bandwidth management, multi-provider internet protection, integration with Azure, a timeline for new features and updates, IPS solution, reporting capabilities, SSL inspection, and learning curve.
Service and Support: The service for Check Point NGFW has varying feedback, with certain customers appreciating its assistance and quick response, while others believe there is room for improvement. OPNsense boasts an exceptional community support network, although a few users encounter challenges in directly accessing support.
Ease of Deployment: The setup process for Check Point NGFW can be complex and challenging, especially for those who are unfamiliar with the product. It requires expertise and experience for certain configurations and migrations. The initial setup of OPNsense is described as straightforward and easy, even for clients without IT experience. It can be completed within a few hours, with slight variations depending on individual circumstances.
Pricing: The cost of setting up Check Point NGFW is deemed to be expensive, whereas OPNsense falls into the moderate range. Check Point provides flexible licensing choices, although some individuals find the procedure complex. OPNsense is a license-free open-source solution. In addition to the basic expenses, OPNsense requires additional costs for hardware, installation, and training.
ROI: Check Point NGFW provides cost savings, simplicity, and reliable security enforcement, resulting in a favorable return on investment. OPNsense achieves a return on investment in less than three months and eliminates recurring fees.
Comparison Results: Check Point NGFW is the preferred choice over OPNsense. Users appreciate its comprehensive security features, centralized management, and virtualization capabilities. It is known for its stability, ease of use, and scalability. Check Point NGFW is considered worth the price due to its superior security and reliability.
"The most valuable features of Fortinet FortiGate are it is one of the most mature firewalls in the UTM bundle."
"The stability and scalability of this solution are satisfactory. Its SD-WAN, VPN, and URL filtering features are very useful."
"It's user-friendly and easy to operate."
"Fortinet FortiGate's reliability is valuable."
"We use the FortiGate Sandbox to detect zero-day vulnerabilities, such as anomalies or malware, that are unknown and have not yet been discovered."
"The flexibility and ease of configuration are the most valuable features."
"The customization potential is quite impressive."
"We can use our devices to check all of the perimeters. It secures email websites."
"We have all the features we want or need in this appliance. It's been good so far."
"After introducing this NGFW, we have improved our security posture, and now, have peace of mind."
"The simplicity of the access control is the most valuable feature for us. It gives us the ability to easily identify traffic that is either being allowed or denied to our network."
"Check Point is more expensive but easier to manage, and their presales and after-sale support are way better than Fortinet's."
"It gives us centralized management for multiple firewalls. For example, if I want to push the same configuration in 10 firewalls, I can push it all at once with the help of the centralized management system."
"The most valuable features are application control, regulation, and threat prevention."
"We can build the new firewalls with minimum efforts."
"Now we can add application signature in the same rule base & don't have to create a different policy for that."
"The VPN server feature is the most valuable. It is integrated with Radius and AAA for doing accounting and authentication. Insight view is also an important feature for me at this time. It allows me to assess our network traffic. I also like the firewall feature. The BSD kernel has a packet filter. It is one of the most solid frameworks for firewalls. Its user interface is one of the best interfaces I have used."
"The DNS-level filtering is impressive for thwarting time scanners."
"OPNsense is easy to use and open source."
"It's open source."
"The interface and the dashboard are the most valuable features of this solution."
"The most valuable features of OPNsense are the GUI and frequent updates."
"We can open a new VPN connection easily. It's much easier than with Fortinet in our experience."
"The feature I find most valuable, is that the program helped me to realize all the requested functionality that was needed."
"I would like Fortinet to add more automation to FortiGate."
"It should have a better pricing plan. It is too expensive. It should also have a more granular view of the attack. I don't have FortiAnalyzer, and it is difficult for me to have a complete view when there is an attack on my server."
"Improvement is needed in the Web Filter quotas to restrict users with allocated quotas."
"In the next release, maybe the documentation on how to use this solution could be improved."
"There are some license issues. Not every feature must have a separate license. There must be some of kind synergy between the license so we don't have to pay for every individual license that we would like to have."
"One issue that I have had is that sometimes I need to monitor the traffic, so I need to filter it according to the user and which user is using it the most. I experience a bottleneck most of the time, particularly at the peak time when the number of contracts and users are at maximum."
"Fortinet FortiGate should improve the VPN tokens."
"Fortinet needs to overhaul its documentation."
"We need east/west Check Point firewalls in order to do micro-segmentation."
"It should allow more than two internet providers in its configuration of "ISP Redundancy"."
"Right now, with a larger user database and a high number of rules, it takes a bit of time for policy installation."
"Their technical support can be better. In addition, when we need to use it in a government environment, we face a lot of legal issues related to different types of certifications. It would be better to improve it for these issues. Check Point doesn't have a SOAR system. They work with Siemplify, but it is an integration with another vendor. It would be great if Check Point has an integrated SOAR system."
"I have had some issues in the past with the desktop client being slow to come up for logging in, and then slow to respond to screen changes, however, overall, it really hasn't been too bad."
"The predefined reports are limited and should provide more information. Check Point should provide a greater number of defined reports and produce reports for each division of the organization."
"Check Point doesn't warn us when rules are about to expire. It was also inconvenient that we had to change hardware when we upgraded. It would be nice if they made the new version compatible with current hardware or if it only required a minor upgrade."
"The firewall throughput or performance reduces drastically after enabling each module/blade."
"We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much."
"Its interface should be a little bit better."
"The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs."
"The support for OPNsense is good because we have documents available on the internet. The support could improve a little."
"OPNsense showed me some problems when using it in different environments. The problem is integration with a virtual server."
"While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet."
"I would like to see better SD-WAN performance."
"They should improve IPEs for security in the future."
Check Point NGFW is ranked 5th in Firewalls with 275 reviews while OPNsense is ranked 3rd in Firewalls with 36 reviews. Check Point NGFW is rated 8.8, while OPNsense is rated 8.4. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of OPNsense writes "Robust network security and management offering a user-friendly interface, open-source flexibility, and cost-effectiveness, with challenges regarding initial setup and the absence of official support". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Juniper SRX Series Firewall, whereas OPNsense is most compared with Netgate pfSense, Sophos XG, Untangle NG Firewall, Sophos UTM and Sophos XGS. See our Check Point NGFW vs. OPNsense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.