We just raised a $30M Series A: Read our story

pfSense Alternatives and Competitors

Get our free report covering OPNsense, Fortinet, Sophos, and other competitors of pfSense. Updated: November 2021.
553,954 professionals have used our research since 2012.

Read reviews of pfSense alternatives and competitors

Eric Barba
Senior Systems Analyst at a construction company with 1,001-5,000 employees
Real User
Top 20
Offers the right amount of control very simply; great integration and ease of management

Pros and Cons

  • "Offers the right amount of control without being incredibly convoluted and frustrating."
  • "Sonic Analyzer could be improved. It's difficult to manage and not very intuitive."

What is our primary use case?

In some cases SonicWall is used to outfit a company, replacing existing infrastructure and getting site-to-site VPN set up for easier management. It provides ease of use for VPN setups. We are customers of SonicWall and I'm a senior system analyst. 

How has it helped my organization?

The solution offers the right amount of control without being incredibly convoluted and frustrating, or without being too dumbed down where you don't have options to do certain things. It's very to the point with the controls and simplifies things for us. It's great value for money. 

What is most valuable?

The solution has a lot of robust options and it's easy to use. NSM is a good feature, a single pane of glass security center where you can monitor SonicWall for different clients and troubleshoot without it requiring individual access. The product has good integration with their SMA solution, which we deployed for one of our financial firms, and we've also provided a remote access solution for people with PCs at home who want secure access. It offers good content filtering.

What needs improvement?

I would probably say their GSM or their Sonic Analyzer could be improved. I have always found it difficult to manage and not very intuitive. I'd like to have better visibility of what each endpoint is doing. That's something Meraki has that is very easy to use.

For how long have I used the solution?

I've been using this solution for over seven years. 

What do I think about the stability of the solution?

The solution is stable. We're an MSP, so if our clients have any dated hardware, we'll make a plan to switch to SonicWall, otherwise there can be issues with the internet or configuration where we can't get in and troubleshoot. We need to know we can get into the firewalls and make sure that they're online, as opposed to having to schedule someone to come in and deal with the basic physical connections or troubleshoot.

What do I think about the scalability of the solution?

The scalability is very good because if you know how to work the base model, the old solution or the TZ 105, all the way up to the NSAs, they just scale up in terms of features and functionality and you don't change a whole lot. They have good terminology that sticks throughout, so if you work with one, you can work with them all. It means upgrading and scaling is very easy. We manage about 1300 users or so across about 100 different clients. For the most part, maybe 80% of them are on SonicWall, and we try to push that just because it makes our lives a lot easier.

How are customer service and support?

We don't use the technical support very often, but the last call I had with them, everything was resolved within the hour. I spent more time on hold than I did with the person. It was 15 minutes on hold, for 10 minutes to resolve the issue. Otherwise, it's great. 

How was the initial setup?

The initial setup was very straightforward. Deployment time depends on the client but if we're starting from scratch, you can have it updated and deployed within an afternoon without issue. We have our own techs with experience who can get things set up to the best of our ability. Implementation takes one person who knows what they're doing, but we have a team that can help out and troubleshoot if we run into issues. 

What's my experience with pricing, setup cost, and licensing?

I'm not sure of licensing costs, but the price point isn't bad. In addition, you need to buy the hardware. There is also a standard support license, and they offer an advanced security gateway with other intrusion detection, prevention, content filtering, etc. There are some additional options we usually go with, but things like content filtering are hit and miss, and depend on what the client wants.

Which other solutions did I evaluate?

I've tried Meraki, but their price points are ridiculous and feature functionality is somewhat lacking. After Dell sold SonicWall, things improved a lot, and they've come a long way. There were some things about Meraki that I liked such as endpoint visibility. You can see the list of connected devices and apply a policy. You can get very low network so that bandwidth is not eaten up if someone is watching Netflix all day but they can still receive emails. Those kinds of things are what's missing in SonicWall. I've never been able to do something like that easily on the firewall side. Unfortunately, the cost of Meraki is really prohibitive. We tried a few other solutions and they just didn't pan out. If you want a good firewall, you have to pay thousands of dollars for what SonicWall does in a way that's easier to manage.

What other advice do I have?

I would recommend trying the product, it's not too difficult, whether it's the setup or the cost. If you're looking for a really low-cost solution, you'll probably end up using something like pfSense which doesn't really compare to SonicWall. There are probably better solutions out there, but there are things that SonicWall does better, it just depends on your budget.

I rate the solution eight out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
YaserAljohani
OT/ICS Information Security Specialist at SANS
Real User
Top 20
A solution that detects and blocks malicious content with good reporting and visibility, but the reliability needs improvement

Pros and Cons

  • "The most valuable features in OPNsense are reporting and visibility."
  • "There are issues with stability and reliability."

What is our primary use case?

The primary use case of this solution is to detect and block malicious traffic, malicious files, and malicious links to protect the internal network from any external malicious website that may contain a virus or malware.

What is most valuable?

The most valuable features in OPNsense are reporting and visibility. 

The visibility is awesome. With the visibility, you can see the data source, data destination, the source port, destination port, protocols, the most used, the malicious files that have been detected and blocked, the countries the customer has visited, and the IPs based on Suricata.

OPNsense also has ClamAV, which is a great tool.

What needs improvement?

I have some issues with OPNsense. I have created a virtual machine that I've lost connection at times and I am not able to connect to the gateway or ping the internet. When I started with OPNsense, it worked right away. It may be an issue with the virtual machine itself. I am currently setting up the protection on all of the virtual machines so they will connect to OPNsense and the internet, or anywhere they need to access.

I have tried to download some malicious files or a virus and it should dump the files and prevent the download, but I don't seem to get any notification or warnings.

It may be an issue with the configuration but I am not sure.

I would like to see improvements made to connectivity and alerting.

I wanted to deploy this solution in our organization and some of the workstations from remote sites but it's not reliable enough to do that yet.

In the next release, I would like to see real traffic monitoring and more visibility. Also, for the antivirus, I would like to see the files protected by ClamAV. 

I would like to see intelligence in OPNsense and have the option to apply it or not.

They need a threat intelligence tool similar to the one they would find with Cisco. It will show you the file hashes, all of the IFCs, the niches, the address information, and more.  With all of this information, you can be proactive and block the malicious file hashes, all of the malicious IP addresses, and the public IP addresses. It should help you be proactive.

It would be helpful to have OPNsense be one of the plugins, and they should include traffic capturing. With Palo Alto, you can monitor and specify which interface you want to monitor, the source IP, or you can specify the network and see the traffic that is coming from the VLAN, the destination, and any files being transferred over the network.

If you apply security profiles you can see the signatures.

For how long have I used the solution?

I have been using OPNsense for five months.

What do I think about the stability of the solution?

There are issues with stability and reliability.

I set up two different virtual machines. I used a virtual box, I installed it and configured higher visibility for both. One was a master and the other a standby. 

I had a virtual machine installed on Windows 10 and put the gateway for it as OPNsense, which was the master. 

I tested and shut down the first one, which is the master. When I check to see if the second one would take over, it failed. 

I couldn't connect to the internet or any destination.

What do I think about the scalability of the solution?

We have not explored the scalability. We are only a small lab with two to three workstations.

I have a colleague working with me, together. We meet weekly to share the progress we have.

I use the enterprise version daily. It's scalable, stable, they have proper documentation and support. We get daily updates from the vendor.

OPNsense is a great tool but it lacks information that you need before deploying it.

How are customer service and technical support?

I have reached out to the community for support, but they haven't seen anything like the issues that I am experiencing. 

I have not contacted OPNsense directly.

How was the initial setup?

The initial setup was straightforward and easy.

It took 30 to 45 minutes to set up and deploy OPNsense.

What about the implementation team?

I did not use a vendor to implement this solution, I did it myself.

What's my experience with pricing, setup cost, and licensing?

OPNsense is a well known open-source tool.

Which other solutions did I evaluate?

I am currently evaluating and searching for open-source enterprise firewalls and doing a comparison of the features between all of them. I am assessing the pros and cons of vendors. 

I am looking for something that will give me a report on the comparison of features, capabilities, the different vendors, and the different open-source solutions that are available.

I am also doing a comparison on Palo Alto, Cisco Firepower, and Fortinet Fortigate.

What other advice do I have?

I don't have any information on the bandwidth and what it can handle, or how many workstations can work with it. This information is very important, but I can't find any resources for this information.

The reporting is amazing. You can export reports, you can set the parameters, and export reports based on your needs.

I would rate this solution a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
FedericoVillanueva
Founding Partner - Technology Director at VSN LATAM
Real User
Top 20
A reliable and user-friendly solution with good detection, antivirus, filtering, and VPN features

Pros and Cons

  • "Its detection, antivirus, and filtering features are the most valuable. The facility to connect by using the VPN connection is also a very valuable feature. It is very strong, secure, and reliable. We have implemented the Untangle solution in all hardware. It is also a user-friendly solution. It is easy to learn and easy to configure."
  • "The common center facility that Untangle provides should be available on-premises. There are great corporations here in Mexico that like the Untangle solution, but they don't like the fact that the monitoring and access to the appliance are in the cloud. They request for the common center facility to be available and installed on-premises."

What is our primary use case?

We are an implementor. Most of the use cases are for the detection and filter facility that Untangle provides. Most of the clients use VPN connection site-to-site, and in the last year, all the access has been through VPN. With the home offices becoming a new way of working, we are implementing this kind of solutions.

What is most valuable?

Its detection, antivirus, and filtering features are the most valuable. The facility to connect by using the VPN connection is also a very valuable feature. 

It is very strong, secure, and reliable. We have implemented the Untangle solution in all hardware. It is also a user-friendly solution. It is easy to learn and easy to configure.

What needs improvement?

The common center facility that Untangle provides should be available on-premises. There are great corporations here in Mexico that like the Untangle solution, but they don't like the fact that the monitoring and access to the appliance are in the cloud. They request for the common center facility to be available and installed on-premises.

For how long have I used the solution?

I have been using this solution for more than two years.

What do I think about the stability of the solution?

It is very stable. I love this solution.

What do I think about the scalability of the solution?

Its scalability is great. It is simple to scale. You just create the backup, and you can increase it as you need it. We love this facility. It is not like Fortinet where you need to change the hardware, license, and features.

In terms of the number of users, the average number of users our clients have is between 100 and 150. We have some clients with less than 50 users. We also have three clients with more than 3,000 users.

How are customer service and technical support?

We contacted them for technical support only once, and the issue was resolved in less than two hours. Their support was very good.

How was the initial setup?

It is straightforward. Our target market is the small and medium companies that don't have IT departments and a firewall specialist. We provide the Untangle solution and the management of the solution for a quote. 

Most of the implementations are simple. However, we have implemented Untangle solution to replace Fortinet in a financial group in Mexico. This was the most complex configuration that we have handled. There were 65 locations with voiceover IP and some other features. We had to create balance and recovery from the cluster. 

Our last implementation took less than a week. You need just two people for its deployment and maintenance.

What's my experience with pricing, setup cost, and licensing?

It is not expensive. It is cheaper than Fortinet.

Which other solutions did I evaluate?

Our clients evaluate Fortinet and pfSense. The flexibility to grow, the user-friendliness of the interface, and the common center facility are the advantages of Untangle NG Firewall. We can do everything in one console. 

Fortinet is very expensive. pfSense is free, but it is not as strong as Untangle. We have also experienced problems with the configuration of the HTTPS filter.  

What other advice do I have?

I would recommend this solution to others. It is a user-friendly, cheap, and strong solution. I would advise others to try this solution and not make a decision based on the information given on the paper. All vendors are going to tell you the features and the problems that their solution can solve, but the best way is by testing. Ask them to provide demos and test the solution yourself.

I would rate Untangle NG Firewall a ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
RA
Section Head Project Planning and Management. /Lead Network and Security Engineer at a government with 1,001-5,000 employees
Real User
Top 20
Quite stable with good security and holds its own against other products in terms of functionality

Pros and Cons

  • "The security is good. It's as effective as anything else on the market."
  • "The solution requires a more interactive dashboard. That would make it easier than playing with configurations the way we have to now."

What is most valuable?

We are still really just using the third party NIB and IDS for monitoring. As for the integrated platform, we haven't upgraded the new one.

We've just been playing Huawei initially. Only now are we doing the Huawei firewall call integration and we haven't actually completed that portion yet.

The security is good. It's as effective as anything else on the market.

What needs improvement?

The support could be improved. As we've gone along, we've realized the support is not effective due to the contracts we have. They need to offer more support upfront, no matter what contract you have.

The solution requires a more interactive dashboard. That would make it easier than playing with configurations the way we have to now.

It would be better if upgrading the solution was easier.

The solution needs four-way deployments and dashboard confirmation.

The product should be able to integrate with products like Ansible.

What do I think about the stability of the solution?

The stability of the solution is good. It doesn't crash or freeze, and I don't recall experiencing bugs or glitches. It's reliable. Most of our integrations have been okay.

How are customer service and technical support?

Without a proper contract in place, you can't really access the technical support you need. We haven't been satisfied with the level of service we've received.

Which solution did I use previously and why did I switch?

I'm also experienced with pfSense, Barracuda, and more of Cisco enterprise firewalls, as well as ASA.

I believe that, although Huawei seems to hold its own against most other products, there are features of Cisco Firepower in particular that don't exist on Huawei's solution.

What's my experience with pricing, setup cost, and licensing?

The pricing is okay, however, support comes as a separate contract, and, if it expires, it can cause issues like what we are facing right now, where you need support and you don't have a contract in place and therefore can't get the help you require.

It's costly, in terms of the support contract. We'd prefer a solution that allowed us toe update or upgrade incrementally and had the support there and ready to go.

In our case, as well, it's a whole setup and not just an appliance, which is maybe why the pricing is so high and why we are facing difficulties.

What other advice do I have?

I haven't worked too closely with the solution, so I don't understand its full capacity.

We have an entire Huawei architecture center. We do have equipment on the firewall side, run by Huawei, however, we haven't upgraded so far, we're just doing it to run parallel assistance with Cisco. 

We just need support from Huawei but we have not paid for the support yet, and we're lacking in that space. For that reason, we're trying to run another Cisco solution.

Due to the fact we are a government organization, we need to only use an on-premise solution, although we are planning to integrate into the public cloud.

I'd rate the solution eight out of ten. It's capabilities, at the end of the day, are quite good. However, we prefer Cisco, as it has a very good support system and users can upgrade incrementally more easily.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Pardeep Sharma
Network security engineer at a tech services company with 1,001-5,000 employees
Real User
Top 5
A simple and reliable firewall with best support and very good netting, routing, and VPN functionalities

Pros and Cons

  • "Netting is one of the best features. We can modify it in different ways. Site-to-site VPN is also an awesome feature of Cisco ASA. The biggest advantage of Cisco products is technical support. They provide the best technical support."
  • "Cisco should work on ASDM. One of the biggest drawbacks of Cisco ASA is ASDM GUI. Cisco should improve the ASDM GUI. The configuration through ASDM is really difficult as compared to CLI. Sometimes when you are doing the configuration in ASDM, it suddenly crashes. It also crashes while pushing a policy. Cisco should really work on this."

What is our primary use case?

I am using Cisco ASA 5525 for netting, routing, and site-to-site VPN. We have two sites. I am using Cisco ASA Firewall on one site and Check Point Next-Generation Firewall on another site.

How has it helped my organization?

We have integrated it with Cisco Anyconnect. This feature has been very good for us during the lockdown.

What is most valuable?

Netting is one of the best features. We can modify it in different ways. Site-to-site VPN is also an awesome feature of Cisco ASA.

The biggest advantage of Cisco products is technical support. They provide the best technical support.

What needs improvement?

Cisco should work on ASDM. One of the biggest drawbacks of Cisco ASA is ASDM GUI. Cisco should improve the ASDM GUI. The configuration through ASDM is really difficult as compared to CLI. Sometimes when you are doing the configuration in ASDM, it suddenly crashes. It also crashes while pushing a policy. Cisco should really work on this.

For how long have I used the solution?

We have been using this solution for one and a half years.

What do I think about the stability of the solution?

It is stable and reliable. If you are looking for security from Layer 1 to Layer 4, Cisco ASA is good, but if you are looking for Layer 7 security, deep security, and malware detection, this is not the right product. You have to use some other product.

What do I think about the scalability of the solution?

We have more than 400 employees. We are currently not thinking of increasing its usage because we need more security, and Cisco ASA is not good for Layer 5 to Layer 7 security.

How are customer service and technical support?

The biggest advantage of a Cisco product is technical support. They provide 24/7 support on 365 days. Their technical support is one of the best. I would rate them a ten out of ten.

How was the initial setup?

Cisco ASA is very not complex. It is a very simple firewall. If you are configuring it through CLI, it is easy. If you configuring it through ASDM, it will be more difficult for a beginner engineer.

It takes around two to three days to cover all the parameters. It is very easy to deploy in an existing network, which is one of the main advantages of Cisco ASA.

What's my experience with pricing, setup cost, and licensing?

We are happy with its price. Licensing is on a yearly basis for technical support. There is one license for technical support. There is another license for IP Version 2 VPN and IPS.

Which other solutions did I evaluate?

I considered pfSense, but when I checked the reviews, pfSense's reviews were really bad, so we purchased Cisco ASA.

What other advice do I have?

I am very happy with this product in terms of netting, routing, and VPN functionalities. If you are a small organization with around 100 people and you are not thinking of Layer 7 security, deep security, and malware detection, Cisco ASA would be very useful and cost-effective for you.

I would rate Cisco ASA Firewall an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Get our free report covering OPNsense, Fortinet, Sophos, and other competitors of pfSense. Updated: November 2021.
553,954 professionals have used our research since 2012.