2021-08-19T07:45:00Z

How do I choose between Fortinet FortiGate and pfSense?

NC
  • 5
  • 1627
PeerSpot user
5

5 Answers

Real User
2021-10-07T14:03:28Z
Oct 7, 2021

Fortinet’s Fortigate is a firewall solution we use and are very much satisfied with its performance. We find Fortigate both cost-effective and efficient. One of the features we like most is that Fortigate can secure our infrastructure against known and unknown attacks. Unlike other firewalls we tried, it has a user-friendly interface. It is easy to create policies, and we can define security profiles and rules. Other features include a remote VPN, advanced malware protection, comprehensive logging, and IPS.


Fortigate also has some room for improvement. The command line is not easy, so it requires expertise with CLI commands. Additionally, it is not easy to configure. All told, though, it is a robust firewall and gives value for the price.


Previously we tried pfSense, and although it is a strong solution, it doesn’t combine Fortigate’s advantages. Sure, pfSense is free and open-source. You cannot be more cost-effective than that. But sometimes you get what you pay for. PfSense’s main advantage is its flexibility as a firewall and routing platform. Another advantage you get with pfSense is that it is customizable.


PfSense offers most features basic firewalls offer, like stateful packet inspection. I find it a bit stuck in time, though, with almost none of the features you find in next-generation firewalls. The interface is a bit clumsy, it has lots of bugs, and there seems to be no documentation available.



Conclusions


If you are looking for a basic firewall at a lower possible price, you may go with PfSense. It offers basic features and is easy to configure, and if you don’t mind the bugs, it is an excellent place to start. However, if you are looking for something more powerful with advanced features, I would suggest you consider Fortinet’s Fortigate. It offers advanced firewall functions and is still cost-effective for small businesses. Yes, it has a bit of a learning curve, but in my opinion, it is worth it.

Product comparison that may be of interest to you
LP
Consultant
2021-10-11T12:23:11Z
Oct 11, 2021

PFSense or Fortinet... That would depend on your used case....


We are using pfSense for the past two years and it does mostly what you would expect of a firewall... Captive portal, site-to-site VPN, TLS based VPN, IPsec VPN, SNORT, Suricata, ACME, port forwarding, NAT, CA, DHCP, DHCP relay, VLANS, Bridges, LAGG, LACP, etc... etc... 


Most of all, no paid licenses anywhere as it is open source and free... Support can be purchased but I personally never needed it so far...


The only downside is that you need to be highly technical to get it working as per your needs...  Also, a lot of docs in Google/YouTube (though a bit of scouting and navigating through bugs is required) to get things moving assuming you already know firewalls as a concept...  


With a Fortinet, in case you have the money to pay and justify the need for it, then it's worth going for because they will support you as long as they keep getting paid... In our case (in our small SMB), I have not yet come across a need to move away from pfSense because it basically does what it is supposed to do... 


It has been running with us for almost two years with no reasons for complaints... Again, it's my own personal opinion...

RB
User
2021-10-12T08:09:42Z
Oct 12, 2021

PfSense is the only product that would perform in a Symmetric NAT. Painful but OS-fingerprinting and impossible to do UDP NAT hole punching. Skype, Zoom uses that and even Kerio Operator, but that is all.


It is a very broken product and when you need IPS (the " free one" is 30 days old database) you need to pay Cisco for Snort... I would not use pfSense on its own. Period.


Fortinet is one of the best products. Lots of other things rely on one CPU to do the job. Sophos & pfSense (just to name a few) when you start adding inspection modes it is like having a 3 tonnes car with a 2 cylinder engine. The CPU goes to 90%.


Fortinet has been ultra clever from day number one to have custom chips to do the work in hardware, so throughput with all protection features can happen without suffering speed of service to users, compare to others.


The new OS7 is very good.


So, I would not touch pfSense. It Is like comparing a Toyota Yaris to a Kia K 900 car. Sort to speak.

JA
Real User
2021-10-12T15:07:21Z
Oct 12, 2021

I will choose FortIGate. It is a complete hardware and software and integrated solution for IT security and threat management

JG
Real User
2021-10-12T15:04:34Z
Oct 12, 2021

Many people said that depends on your needs, and I agree.


Fortinet and many other vendors are more than a set of level 2 or level 3 rules. They also have IPS, Antivirus, SSL Inspection, stateful inspection.


If I have to choose between Fortinet and pfSense for my company, I would think twice. Fortinet.

Find out what your peers are saying about Fortinet FortiGate vs. Netgate pfSense and other solutions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Fortinet FortiGate vs. Netgate pfSense comparison
We performed a comparison between pfSense and Fortinet Fortigate based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below. Ease of Deployment: Fortinet Fortigate users overwhelmingly agree that deployment is easy and the initial setup is straightforward. Some pfSense users say deployment is easy while others say it is rather complex. Features: Reviewers of the two solutions say they both have good stability.Valuable features...
Download Fortinet FortiGate vs. Netgate pfSense comparison ReportRead more

Related Q&As