We just raised a $30M Series A: Read our story
2021-08-19T07:45:00Z

How do I choose between Fortinet FortiGate and pfSense?

33

Which is better?

ITCS user
Guest
55 Answers

author avatar
Top 10Consultant

PFSense or Fortinet... That would depend on your used case....


We are using pfSense for the past two years and it does mostly what you would expect of a firewall... Captive portal, site-to-site VPN, TLS based VPN, IPsec VPN, SNORT, Suricata, ACME, port forwarding, NAT, CA, DHCP, DHCP relay, VLANS, Bridges, LAGG, LACP, etc... etc... 


Most of all, no paid licenses anywhere as it is open source and free... Support can be purchased but I personally never needed it so far...


The only downside is that you need to be highly technical to get it working as per your needs...  Also, a lot of docs in Google/YouTube (though a bit of scouting and navigating through bugs is required) to get things moving assuming you already know firewalls as a concept...  


With a Fortinet, in case you have the money to pay and justify the need for it, then it's worth going for because they will support you as long as they keep getting paid... In our case (in our small SMB), I have not yet come across a need to move away from pfSense because it basically does what it is supposed to do... 


It has been running with us for almost two years with no reasons for complaints... Again, it's my own personal opinion...

2021-10-11T12:23:11Z
author avatar
Top 5User

PfSense is the only product that would perform in a Symmetric NAT. Painful but OS-fingerprinting and impossible to do UDP NAT hole punching. Skype, Zoom uses that and even Kerio Operator, but that is all.


It is a very broken product and when you need IPS (the " free one" is 30 days old database) you need to pay Cisco for Snort... I would not use pfSense on its own. Period.


Fortinet is one of the best products. Lots of other things rely on one CPU to do the job. Sophos & pfSense (just to name a few) when you start adding inspection modes it is like having a 3 tonnes car with a 2 cylinder engine. The CPU goes to 90%.


Fortinet has been ultra clever from day number one to have custom chips to do the work in hardware, so throughput with all protection features can happen without suffering speed of service to users, compare to others.


The new OS7 is very good.


So, I would not touch pfSense. It Is like comparing a Toyota Yaris to a Kia K 900 car. Sort to speak.

2021-10-12T08:09:42Z
author avatar
Top 20Real User

I will choose FortIGate. It is a complete hardware and software and integrated solution for IT security and threat management

2021-10-12T15:07:21Z
author avatar
Top 5Real User

Many people said that depends on your needs, and I agree.


Fortinet and many other vendors are more than a set of level 2 or level 3 rules. They also have IPS, Antivirus, SSL Inspection, stateful inspection.


If I have to choose between Fortinet and pfSense for my company, I would think twice. Fortinet.

2021-10-12T15:04:34Z
Find out what your peers are saying about Fortinet FortiGate vs. pfSense and other solutions. Updated: September 2021.
542,721 professionals have used our research since 2012.