pfSense vs Sophos XG
We performed a comparison between pfSense vs Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
"Its performance in fulfilling our requirements has been satisfactory."
"I appreciate FortiGate's flexibility, which allows for centralized management through FortiManager."
"Web filtering and two-factor authentication are great features."
"This is a quality product with ok support, and it is better than the competition we've tried."
"Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough."
"Unified Threat Management (UTM) features."
"The Intrusion Prevention System and the web filtering are both working well."
"Fortinet FortiGate is a scalable solution."
"The initial setup was straightforward, therefore I wanted to continue using the product."
"The interface is straightforward and easy to use."
"The product’s documentation is good."
"Its reliability and cost-effectiveness stand out."
"The ability to perform packet captures on the command line and via the GUI is useful for diagnosing problems."
"The solution is very easy to use and configure."
"The firewall sensor is highly effective, and it's easy to deploy. You can deploy pfSense with limited hardware resources. It's not necessary to have an appliance with much RAM to make it work. It's cost-effective and performs well."
"The gain in performance and security from configuring the VPN connections was significant."
"Sophos XG's price is right, and it's easy to manage. It's a good fit for our current needs at the moment."
"We get good usage out of the features. It has enabled us to gain popularity. It has great features."
"We recommend Sophos XG as a priority as it is much more reliable and has efficient technical assistance."
"I particularly like the visibility it provides into network traffic, allowing us to identify and address issues efficiently."
"The firewall functionality and unified threat management are the most useful features."
"The most valuable features are the central management, the user VPN, and communications."
"The most valuable features are the reporting, dashboards, and graphical user interface. It gives a good overall picture of what is happening over the network."
"The solution's most valuable feature stems from its ability to protect our organization's web servers."
"The UTM filtering needs improvement."
"There are just some services that aren't available. For example, the Ethernet or point-to-point protocols. They could add these services to their product offering - especially services for ISPs."
"They need faster serviceability and more security features."
"I would like to see improvements in the product's application rules."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"Quality control on their firmware versions needs improvement. When they introduce new firmware, there tend to be bugs."
"The main aspect of FortiGate that could be improved is load balancing. Our management team does not want to buy another appliance for only load balancing."
"We were not able to build a full-mesh VPN; however, I am not sure if this was the fault of Fortinet FortiGate."
"There's a bit of a learning curve during the initial implementation."
"The hotspot and the portal feature in this solution are not stable for WiFi access. We use it at least once or twice every day and it crashes. Some modules can be better by improving detection and having new updates. Additionally, we have some issues with clustering and load balancing that could improve."
"If you want to take advantage of all of the solution's options, you need to have a bit of a technical background. It's not for a layperson."
"I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner."
"There is more demand for UTMs than a simple firewall. pfSense should support real-time features for handling the latest viruses and threats. It should support real-time checks and real-time status of threats. Some other vendors, such as Fortinet, already offer this type of capability. Such capability will be good for bringing pfSense at the same level as other solutions."
"The user interface can be improved to make it easier to add more features. And pfSense could be better integrated with other solutions, like antivirus."
"It would be great to add more to security."
"Also, simplifying the rules for the GeoIP. Making it simpler to understand would be an improvement."
"The time taken by Sophos XG's support team to respond to and resolve an issue is an area of concern where improvements are required."
"There is an area that is very specific to our setup, where working tools you cannot easily establish a VPN between two internal networks."
"I would like to have remote access to clients using a static IP for a certain period of time."
"It is complicated to get the reports if you are not experienced with Sophos."
"I would like to next release to be able to support on-premise deployment. The construction of the rules within the firewall could also use some improvement."
"The SD-WAN capability is not as good as it is in FortiGate, and is something that should be improved."
"In the next release, I would like to see improvements made to the policy and simplify the policy-making, as the complexity of it makes it really tough."
"In Sophos XG, the throughput for larger networks is an area of concern where improvements are required."
Netgate pfSense is ranked 1st in Firewalls with 15 reviews while Sophos XG is ranked 7th in Firewalls with 25 reviews. Netgate pfSense is rated 8.6, while Sophos XG is rated 8.2. The top reviewer of Netgate pfSense writes "Feature-rich, well documented, and there is good support available online". On the other hand, the top reviewer of Sophos XG writes "Fined tuned web proxy, feature rich, and beneficial VPN technology". Netgate pfSense is most compared with OPNsense, Sophos UTM, Cisco Secure Firewall, KerioControl and Untangle NG Firewall, whereas Sophos XG is most compared with OPNsense, Sophos XGS, Palo Alto Networks NG Firewalls, Sophos UTM and SonicWall TZ. See our Netgate pfSense vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.