We just raised a $30M Series A: Read our story

Compare Fortinet FortiGate vs. OPNsense

Cancel
You must select at least 2 products to compare!
Fortinet FortiGate Logo
160,651 views|121,656 comparisons
OPNsense Logo
38,721 views|31,968 comparisons
Featured Review
Find out what your peers are saying about Fortinet FortiGate vs. OPNsense and other solutions. Updated: November 2021.
554,586 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well.""We have not had to deal with stability issues.""Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening.""The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard.""If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly.""Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports.""Provides good integrations and reporting.""I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete."

More Cisco Firepower NGFW Firewall Pros »

"I only deal with it from a security analyst's point of view. I don't really get into the features of the actual FortiGate. From the security point of view, it works, and it does its job.""The features that I have found most valuable are the SD-WAN and their IP4 policy.""The initial setup is straightforward.""It's inexpensive compared to some of the other technology out there.""Some of the valuable features are the firewall, IPS, web filter, and gateway capabilities. Additionally, it is easy to use and flexible.""The customization potential is quite impressive.""It's super reliable. I don't think I've ever had a reliability issue with it.""The ease of setting the solution up is a valuable aspect for us."

More Fortinet FortiGate Pros »

"The solution is good for a basic firewall for a small business or for home use.""The interface and the dashboard are the most valuable features of this solution.""I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed.""The most valuable features in OPNsense are reporting and visibility.""The initial implementation process is simple.""The most valuable features are reporting, the Sensei plugin, and firewall capabilities.""The graphic user interface is very good and it is user-friendly which makes the product easy-to-use.""We have found pretty much all the features of the solution to be valuable."

More OPNsense Pros »

Cons
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility.""My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement.""The initial setup could be simplified, as it can be complex for new users.""On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it.""This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI).""Cisco Firepower NGFW Firewall can be more secure.""I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here.""We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."

More Cisco Firepower NGFW Firewall Cons »

"Vulnerability scanning could be improved.""They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company.""The central management for the FortiGate Fortinet Firewall needs improvement. They have the manager to do the essential management for both SD-WAN and for the security policy. They should also improve the SD-WAN function.""The sniffing packets or packet captures, can be simplified and improved because it's a little confusing.""In terms of what could be improved, the SD-WAN is quite difficult, because if you install the new box, 15 is okay, but if you change from an old configuration, if there is already configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface.""Fortinet currently has many products bundled with FortiGate including the basic firewall and load balancer, and I think that that they need to have separate product portfolios for each of these specialized services.""There are just some services that aren't available. For example, the Ethernet or point-to-point protocols. They could add these services to their product offering - especially services for ISPs.""The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall."

More Fortinet FortiGate Cons »

"I would like to see better SD-WAN performance.""The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs.""The solution would not be suitable for anything large-scale.""There are issues with stability and reliability.""There should be more technical documentation.""The logging could improve in OPNsense.""The ability to set the VPN IP address would be a welcome addition.""The interface needs to be simplified. It is not user-friendly."

More OPNsense Cons »

Pricing and Cost Advice
"This product is expensive.""Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain.""I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way.""For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive.""The solution was chosen because of its price compared to other similar solutions.""Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed.""There are additional implementation and validation costs.""Its pricing is good and competitive. There is a maintenance cost. It includes SecureX that makes it cost-effective as compared to the other solutions where you have to pay for XDR and SOAR capabilities."

More Cisco Firepower NGFW Firewall Pricing and Cost Advice »

"Fortinet bundles FortiGate with other products and because of this, the price is a little expensive to some SMB enterprises.""The license is too expensive to renew. The license renewal process is also complex.""If you purchase a one-year subscription with the hardware and then you want to renew for the second year, it is very costly.""The price for the device and software is high. However, the solution is of good quality and has a lot of features.""For our organization, the licensing costs are approximately $7,000 per year.""The licensing costs are very low.""Pricing and licensing is a little bit complicated in FortiGate. They are always on the higher side. This is one issue that we always raise with the company that they should reduce the price according to Indian market requirements. There are no costs in addition to the standard licensing fees.""The pricing of the solution is very competitive."

More Fortinet FortiGate Pricing and Cost Advice »

"OPNsense is an open-source solution and it is free to use.""It is not an expensive product. Basically, I deployed it because it was the fastest solution to satisfy our needs in open source.""As an appliance, it's in the medium price range.""The solution is not expensive.""OPNsense is open source software so at this time it is free for us to use.""OPNsense is a well known open-source tool."

More OPNsense Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
554,586 professionals have used our research since 2012.
Questions from the Community
Top Answer:  When you compare these firewalls you can identify them with different features, advantages, practices and… more »
Top Answer:  The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
Top Answer: It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
Top Answer: As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
Top Answer: In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it… more »
Top Answer: I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such)… more »
Top Answer: Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
Top Answer: The initial implementation process is simple.
Top Answer: We're a customer and an end-user. We are using the telemetry-free version of the solution. Overall, the solution is… more »
Comparisons
Also Known As
Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
Learn More
OPNsense
Video Not Available
Overview

Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources.

Offer
Learn more about Cisco Firepower NGFW Firewall
Learn more about Fortinet FortiGate
Learn more about OPNsense
Sample Customers
Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
CompuNet Systems GmbH,
Top Industries
REVIEWERS
Comms Service Provider22%
Financial Services Firm16%
Manufacturing Company8%
Non Profit8%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company21%
Government7%
Manufacturing Company4%
REVIEWERS
Comms Service Provider14%
Computer Software Company10%
Financial Services Firm8%
Energy/Utilities Company6%
VISITORS READING REVIEWS
Comms Service Provider36%
Computer Software Company20%
Government5%
Educational Organization4%
VISITORS READING REVIEWS
Comms Service Provider46%
Computer Software Company16%
Government7%
Media Company4%
Company Size
REVIEWERS
Small Business43%
Midsize Enterprise28%
Large Enterprise29%
VISITORS READING REVIEWS
Small Business21%
Midsize Enterprise13%
Large Enterprise66%
REVIEWERS
Small Business48%
Midsize Enterprise25%
Large Enterprise28%
VISITORS READING REVIEWS
Small Business35%
Midsize Enterprise25%
Large Enterprise40%
REVIEWERS
Small Business69%
Midsize Enterprise15%
Large Enterprise15%
Find out what your peers are saying about Fortinet FortiGate vs. OPNsense and other solutions. Updated: November 2021.
554,586 professionals have used our research since 2012.

Fortinet FortiGate is ranked 1st in Firewalls with 97 reviews while OPNsense is ranked 12th in Firewalls with 11 reviews. Fortinet FortiGate is rated 8.4, while OPNsense is rated 8.0. The top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". On the other hand, the top reviewer of OPNsense writes "A solution that detects and blocks malicious content with good reporting and visibility, but the reliability needs improvement". Fortinet FortiGate is most compared with Cisco ASA Firewall, pfSense, Meraki MX, Check Point NGFW and SonicWall TZ, whereas OPNsense is most compared with pfSense, Untangle NG Firewall, Sophos XG, Sophos UTM and Cisco ASA Firewall. See our Fortinet FortiGate vs. OPNsense report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.