Comparison conclusions:
pfSense offers paid options for additional support and features (pfSense Plus), a wider range of features and a larger community, but might have a steeper learning curve.
OPNsense provides a clean interface and built-in security features, but its community and documentation are smaller
The summary above is based on 40 interviews we conducted with pfSense and OPNsense users. To access the review's full transcripts, download our report.
"Security solution with a straightforward and quick setup. It's a stable and scalable product."
"The most valuable feature of Fortinet FortiGate is load balancing. It can provide central management and VPNA. Additionally, it has enhanced our security environment."
"The most valuable features of Fortinet FortiGate are remote access, web filtering, and IPS."
"One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them."
"The signature database and zero-day detection are Fortinet FortiGate's most valuable features."
"FortiGate has a very strong unified threat management system."
"Fortinet FortiGate protects against internet-based threats, both internal and external. It is scalable, stable, easy to use, and easy to install."
"We can detect any attack of viruses or malware at the first point of contact."
"The solution has good customization abilities and plenty of features."
"The solution is fairly scalable when it comes to integrating with other applications and data sets."
"The performance and functionality are good."
"Creation of certificates and the facility to administer services are valuable features."
"I had some outages in the network and we provide services for our company. We sell mobile credits. The terminal gets access to our own server inside the network and if one internet fails, then the other one is still up and we have a back-up link on the devices."
"A valuable feature is that the solution is open source."
"We've found the stability to be very good overall."
"Technical support is perfect, excellent."
"The technical support is very good."
"The VPN server feature is the most valuable. It is integrated with Radius and AAA for doing accounting and authentication. Insight view is also an important feature for me at this time. It allows me to assess our network traffic. I also like the firewall feature. The BSD kernel has a packet filter. It is one of the most solid frameworks for firewalls. Its user interface is one of the best interfaces I have used."
"The most valuable features of OPNsense are the GUI and frequent updates."
"It is a very good solution. I like the dashboard. I can see what is going on and manage it as I like it."
"The solution has high availability."
"I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed."
"The most valuable features in OPNsense are reporting and visibility."
"The DNS-level filtering is impressive for thwarting time scanners."
"Fortinet could improve the windows opener or the virtual IP solutions for opening windows. The virtual IP settings need improvement as firewalls are trending in new development directions."
"WAN load-balancing could be a lot better at detecting when a link is poor or inconsistent, and not just flat out dead."
"I think that the infrastructure for the VPN could be improved. The way that it is bundled also made it difficult to use and sell as it is too expensive."
"Fortinet FortiGate could improve by having more capabilities for troubleshooting VPN connections. For example, I do get some feedback about the current status, but I could use some history and logging of important events. The information is logged in our Syslog server, but I could use that information from the device. If they could provide a GUI to have some more insight on what's going with my VPN would be useful."
"There are some cloud-based features that could be much more flexible than they currently are."
"The ease of use could be improved."
"The command line is complicated, and the interface could be better."
"We would like to have the ability to disable some of the security functionalities."
"The solution could always work at being more secure. It's a good idea to continue to work on security features and capabilities in order to ensure they can keep clients safe."
"It needs better parsing of logs. At the moment, you have to use an external server for this if you want a deeper analysis."
"It could use a little bit of improvement in the reporting."
"The integration should be improved."
"We have not had any problems with it, and we also do not have a need for any new features. If anything, its reporting can be better. Sophos has better reporting than pfSense. Sophos has more detailed information. pfSense is not as detailed. It is summarized."
"Also, simplifying the rules for the GeoIP. Making it simpler to understand would be an improvement."
"Reporting and real-time monitoring, since I'm used to Watchguard's reporting features, it would be nice to have an embedded solution for reporting."
"My only observation is about the quality of the IPSec logs, which are difficult to interpret and are poor in filters."
"When using the solution at the beginning was difficult. There was a steep learning curve."
"An area for improvement in OPNsense is the hardware, which needs to be updated more frequently. DNS blocking is another good feature I want to be added to the solution. pfSense has a peer-blocking feature that I also want to see in OPNsense."
"The solution would not be suitable for anything large-scale."
"The IPS solution could be more reliable."
"I think the most important thing is that it should be easily accessible, but currently, that doesn't seem to be the case. We need a hardware platform that's based on common standards and open computing principles, which would be like a commodity and benefit us greatly."
"There are a few weaknesses. For example, there is a lack of some features that I have in certain commercial products."
"I would like better documentation concerning the provided packages and their integration."
"OPNsense showed me some problems when using it in different environments. The problem is integration with a virtual server."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while OPNsense is ranked 3rd in Firewalls with 36 reviews. Netgate pfSense is rated 8.6, while OPNsense is rated 8.4. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of OPNsense writes "Robust network security and management offering a user-friendly interface, open-source flexibility, and cost-effectiveness, with challenges regarding initial setup and the absence of official support". Netgate pfSense is most compared with Sophos XG, KerioControl, Sophos UTM, Cisco Secure Firewall and WatchGuard Firebox, whereas OPNsense is most compared with Sophos XG, Untangle NG Firewall, Sophos UTM, IPFire and WatchGuard Firebox. See our Netgate pfSense vs. OPNsense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.