We performed a comparison between Netgate pfSense and Sophos UTM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features of the solution are SD-WAN, filtering testing applications, web filtering, and the new VPN."
"The virtual firewall feature is the most valuable. We have around 1,500 firewalls. We did not buy individual hardware, and the virtual firewalls made sense because we don't have to keep on buying the hardware. FortiGate is easier to use as compared to Checkpoint devices. It is user friendly and has a good UI. You don't need much expertise to work on this firewall. You don't need to worry much about DCLA, commands, and things like that."
"Secure, user-friendly, stable, and scalable network security solution. Installation is straightforward."
"Easy to use support and licensing portal as well as activation process."
"Fortinet FortiGate is easy to use."
"It is a safe product."
"The ability to set up remote systems is the most valuable feature."
"I have found Fortinet FortiGate to be scalable."
"Good basic firewall features."
"The most valuable features are the VPN and the capture photo."
"It is much simpler than other solutions such as Fortinet."
"It is a stable solution. It is also easy to install and can be deployed and maintained by one team member."
"Great extensibility of the platform."
"The features I have found best are ease of use, GUI, and performance."
"I mostly like all of it. Whatever we use is valuable."
"The solution is very easy to use and has a very nice GUI."
"Sophos has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewall from one place."
"Sophos SG UTM had all the basic functionality that you needed. It is user-friendly and easy to manage for any integrator."
"The isolation of infected machines is a big feature. Also, the ability to detect external sources that change files on a file server is really big."
"Sophos UTM provides security for our network here and access through a VPN connection for our remote users. It also offers the flexibility to create different tools for accessibility."
"Sophos integrates seamlessly, and we don't even feel it is running in the background."
"It allows our developers to be able to securely log into servers to deploy and manage software."
"The solution's sandboxing, application center, and database engine are good."
"It allows me to easily connect with more than forty-five remote sites and more than fifty remote users between IPsec and SSL VPN, applying the web filter and application filter to ensure a secure connection."
"With the reports, you can see it, and you can get good feelings so upper management can go, "Oh, wow. That looks pretty." However, it's very basic."
"The platform's interface could improve."
"The firewall engine is not so strong as of now, in my opinion... My second concern is that, while they have Zero-day vulnerability and anti-malware features, the threat engine needs to be strengthened, its efficiency can be increased."
"Tunnel flapping was one of the major things I had seen wherein your internet link remains but your VPN tunnel is down. However, since I got a fix from the TAC team, I have not noticed it, but the customer complained a few times that they couldn't access the internet because of this problem."
"Fortinet FortiGate could improve by having more capabilities for troubleshooting VPN connections. For example, I do get some feedback about the current status, but I could use some history and logging of important events. The information is logged in our Syslog server, but I could use that information from the device. If they could provide a GUI to have some more insight on what's going with my VPN would be useful."
"There could be more integration between the logging and analytical platforms to make it more seamless and integrated."
"Fortinet FortiGate could improve the user interface. There should be more functionality and options through the GUI."
"It would be a benefit if Fortinet would release a one-stop solution that is better integrated with other products and an automated emergency response system."
"When I checked other packages, it seems they use different tools that are installed on the PSS for functionality. They rely on third-party tools, unlike Fortinet, for example, which has its own tools. In comparison, we also use third-party tools on pfSense. For example, we had a situation where we needed a tool to identify authorized users, and when I searched for a solution, I found a third-party tool. However, using such tools may come with additional costs."
"The solution requires a lot of administration."
"A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion."
"The integration could be improved."
"They could improve their commercial stance and be more agile when it comes to the commercial pricing of enterprise deals."
"One concern I have with Netgate pfSense is related to packet filtering. Specifically, issues can arise with certain functionalities like GP, and, at times, there may be bugs."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
"There could be a way to remote to it through a mobile app. You can always browse through your browser on your mobile phone or tablet, but it would be good to have a dedicated app. I understand that iOS and Android developers are expensive, but there should be a mobile app."
"There's an issue that when we deploy UTM on fiber, it automatically upgrades to the latest version without giving an option to stay on the current one."
"VPN needs IKEv2, but it’s in the roadmap. Also, all new, cool features will only come to the new Sophos XG Firewall."
"It would be nice if it had basic features, such as DLP (Data Loss Prevention)."
"I would like this solution to support ICAP. Also, they no longer support on-premises management, and are forcing clients to use centralized management via the cloud, which I don't agree with."
"Reporting: We have had to work manually in many of our reports."
"I would like to see the SD-WAN feature improved."
"Email spam filtering only works if you have an on-prem Exchange server. It doesn't interface with Office 365 like the XG model. That would be one feature that they could improve. They're not going to do it because they're trying to push us all to XG."
"Sophos should be more user-friendly, have more dashboards, and an easier implementation."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Netgate pfSense is rated 8.6, while Sophos UTM is rated 8.4. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Cisco Secure Firewall and WatchGuard Firebox, whereas Sophos UTM is most compared with Sophos XG, OPNsense, Palo Alto Networks NG Firewalls, Cisco Secure Firewall and Untangle NG Firewall. See our Netgate pfSense vs. Sophos UTM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
pfSense is opensource and has been the last 10 years in the top 10 best
firewall solutions in the world, it is free, stable, scalable, and easy to
administer ... and above all very safe, since it is one of the few systems
that could have been violated. It's free.
In fact, Karl, the 50-IP free version is for home use only, and not even then if it also protects business assets. You did a great job of explaining the difference, so I won't comment further.
To the original poster, it's cheaper to hire a Sophos consultant to create your original configuration. It costs twice as much to get a configuration "repaired" that wasn't correctly designed. A Sophos Solution Partner that has a Sophos Certified Architect with plenty of experience and good referrals is probably your best bet.
With Sophos is easy to configure and you have the support from the frabicant, with pfSense you have to learn from the community and learning curve is a little hard, last occasion with pfSense it don't have support for vpn dynamic, with Sophos they have RED equipment that is an extension from the core, only you need the serial number from the remote equipment and you have the vpn , both are great equipment and software, depend of the budget, pfSense is free and they have support if you pay the license very cheap
pfSense is just a basic firewall with VPN and Captive Portal functionality but does its job great. Only needs minimum resources to function. Price is right (FREE)
Sophos UTM is much more, hence the UTM. It does firewall, advance threat protection, VPN, Secure web gateway, email protection (AV, Spam, Encryption, and DLP), endpoint protection, Mobile Device control, Web Application Firewall, User Portal, built in reporting, and central management. It does require more resources but you get a lot more out of it. Two options depending on the size of your office, commercial version or the Free version that you can build on your own hardware. The free version is restricted to 50 IP addresses. (www.sophos.com)
I have used both and both have their place but using Sophos in my environment just because it offers a lot more functionality, nice dashboard, reports, and easy to use through the GUI.
One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a lool on cacheguard which is a proxy oriented product and also Linux based.
I´m afraid I am not able to help in this matter. We´ve decided to for FortiGate as services, based on our relationship with our IT security provider and the FortiGate reviews available on the net.
We used to use pfSence for one particular open network but let the full control on de FortiGate. During the investigation and analysis period we thought of Sophos but felt more comfortable going for FortiGate pretty much based on price and our relationship with our IT security provider. Hence my experience wouldn´t help in this case.
My best advice would is to refer to the article available on:
www.itcentralstation.com