TrustRadius

pfSense vs. Sophos XG Firewall

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
pfSense
Score 9.4 out of 10
N/A
pfSense is a firewall and load management product available through the open source pfSense Community Edition, as well as a the licensed edition, pfSense Plus (formerly known as pfSense Enterprise). The solution provides combined firewall, VPN, and router functionality, and can be deployed through the cloud (AWS or Azure), or on-premises with a Netgate appliance. It as scalable capacities, with functionality for SMBs. As a firewall, pfSense offers Stateful packet inspection, concurrent…
$179
per appliance
Sophos XG Firewall
Score 8.1 out of 10
N/A
Sophos XG Firewall provides comprehensive next-generation firewall protection powered by deep learning and Synchronized Security. The vendor states XG Firewall supplies unmatched insights and exposes hidden user, application, and threat risks on the network, and say the product is differentiated by its ability to respond automatically to security incidents by isolating compromised systems, with Security Heartbeat™.N/A
Pricing
pfSenseSophos XG Firewall
Editions & Modules
SG-1100
$179
per appliance
SG-2100
$229
per appliance
SG-3100
$399
per appliance
SG-5100
$699
per appliance
XG-7100-DT
$899
per appliance
XG-7100-1U
$999
per appliance
XG-1537
$1,949
per appliance
XG-1541
$2,649
per appliance
No answers on this topic
Offerings
Pricing Offerings
pfSenseSophos XG Firewall
Free Trial
NoYes
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
pfSenseSophos XG Firewall
Considered Both Products
pfSense
Chirag Deol | TrustRadius Reviewer
Chirag Deol
Chief Marketing Officer
Chose pfSense
We were using Sophos XG Firewall in our environment but when it comes to cost it's more expensive with limited features. After using [pfSense] we are getting more security features at less cost. After pfSense provides a bundle of security features such as anti-spamming, …
Pretty Varughese | TrustRadius Reviewer
Pretty Varughese
IT Executive
Chose pfSense
We were using Sophos XG Firewall in our environment before but we need a product that is customizable & provides low cost high security features. pfSense provided us high security features with customizable options as it's kernel is based on freeBSD.
Sophos XG Firewall

No answer on this topic

TrustRadius Insights
pfSenseSophos XG Firewall
Highlights

TrustRadius
Research Team Insight
Published

pfSense, from Netgate and Sophos XG Firewall serve as entry level firewalls or options for small and midsize businesses. The Sophos XG Firewall is a full-featured firewall bundling Sophos’ security software and appliances. pfSense is an open source software solution based on the FreeBSD OS. It can run on Netgate’s own SG & XG appliances, as well as deploy virtually on AWS or Azure or on commodity computers, transforming the machine into a small or home office firewall, for an almost no-cost solution.

Sophos XG Firewall appears most in the middle-market, while pfSense appears most in budget constrained small businesses. They are competing solutions, however it is possible to use the Sophos XG Firewall for security with pfSense for other features like VPN, load balancing, etc.

Sophos XG Firewall has a free “home” edition which may be useful for single branch businesses or home offices as a basic firewall on commodity hardware; this option presents a direct alternative to the open source pfSense.

Features

There are some advantages to using pfSense and Sophos XG Firewall.

It is pfSense’s ease of use for ancillary firewall features where the solution shines. It has an effective and reliable VPN, and presents great NAT functionality. Its traffic control and load balancing are also excellent for the price point.

For the middle market Sophos XG Firewalls present little downside. They are easy to set up with antivirus to lockdown malware. The UI is attractive, clear, and easy to navigate. Product users describe Sophos as a security leader that frequently updates and supports its products well. These updates  make the Sophos XG Firewall an easy to use solution.

Limitations

pfSense and Sophos XG Firewall might not be the right choice for a network, as these are both mid-tier or entry level solutions.

Additionally, pfSense is almost DIY, which can leave the administrator struggling to configure the security product as needed. There is little support aside from the open source community, and without enterprise grade support users are stuck with trial and error for complex set up and tasks. A sophisticated, patient user is a requirement to get the most out of pfSense.

In contrast, Sophos XG Firewalls have complex licensing varying by feature and region, which may be difficult to track, but it may help keep overall costs down. Sophos XG Firewall users surface more specific complaints in complex use cases and deployments. For instance, reviewers cite  lack of clear diagnostics, confusing configuration workflows, inadequate bandwidth throttling, and other general breakdown of administrator confidence. There may be a network complexity ceiling beyond which the Sophos XG Firewall is not ideal.

Pricing

pfSense is open source and doesn’t cost anything on its own. The only related costs are from associated hardware, or paying a little extra to find a sophisticated admin to get it to do what is required.

Sophos provides pricing on request but their XG Firewalls are available from VARs and online resellers, and can run a small business about $300. Most models through the 200 and 300 product lines vary in cost from about $2k to $3k, while the high end XG 750 with 3-year fully featured UTM license (3-year) can be started now for about $90k. A license of some kind is required for NGFW features. Sophos’ associated EnterpriseGuard Plus license can be started for under $2000 (3-year license, XG135), to $21.5k (3-year, for the XG-430).

For a home office, Sophos XG Firewall software can be installed on an Intel-compatible machine at no cost (it will overwrite any existing Operating System). This may be an option for small, single branch locations that want to set up basic firewall capabilities on commodity hardware, and provides a free trial to familiarize users with the product.

Features
pfSenseSophos XG Firewall
Firewall
Comparison of Firewall features of Product A and Product B
pfSense
8.0
14 Ratings
8% below category average
Sophos XG Firewall
8.5
12 Ratings
2% below category average
Identification Technologies7.512 Ratings8.012 Ratings
Visualization Tools7.410 Ratings8.212 Ratings
Content Inspection5.812 Ratings8.012 Ratings
Policy-based Controls8.314 Ratings8.912 Ratings
Active Directory and LDAP6.712 Ratings8.511 Ratings
Firewall Management Console9.613 Ratings8.912 Ratings
Reporting and Logging8.014 Ratings8.312 Ratings
VPN9.114 Ratings8.912 Ratings
High Availability9.713 Ratings8.912 Ratings
Stateful Inspection8.913 Ratings8.212 Ratings
Proxy Server7.414 Ratings8.99 Ratings
Best Alternatives
pfSenseSophos XG Firewall
Small Businesses
Sophos UTM
Sophos UTM
Score 8.9 out of 10
pfSense
pfSense
Score 9.4 out of 10
Medium-sized Companies
Quantum Firewalls and Security Gateways
Quantum Firewalls and Security Gateways
Score 9.6 out of 10
Quantum Firewalls and Security Gateways
Quantum Firewalls and Security Gateways
Score 9.6 out of 10
Enterprises
Quantum Firewalls and Security Gateways
Quantum Firewalls and Security Gateways
Score 9.6 out of 10
Quantum Firewalls and Security Gateways
Quantum Firewalls and Security Gateways
Score 9.6 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
pfSenseSophos XG Firewall
Likelihood to Recommend
9.4
(27 ratings)
8.2
(12 ratings)
Usability
9.8
(5 ratings)
10.0
(3 ratings)
Support Rating
-
(0 ratings)
9.1
(2 ratings)
User Testimonials
pfSenseSophos XG Firewall
Likelihood to Recommend
Netgate (Rubicon Communications, LLC)
pfSense is incredibly budget friendly and capable for organizations of all sizes. My specific scenario, working for a non-profit organization, requires budget consciences decisions without compromising security and function. pfSense has helped tremendously in accomplishing this. It specifically tackles advanced routing, static routing, remote access, intrusion prevention, in a single platform, mostly available for free.
Verified User
Anonymous
Read full review
Sophos
It is well-suited for small, medium, and large organizations looking for comprehensive cybersecurity protection. It will not only safeguard their network from cyberattacks but also provide them with many advanced features like deep packet inspection, centralized management, web filtering, application control, etc. in one place. It will help them optimize bandwidth and ensure continued connectivity.
BB
Baladas Bhoir
Warehouse Executive
Read full review
Pros
Netgate (Rubicon Communications, LLC)
  • Easy to use. Good user interface design! Easy to understand and easy to set up.
  • Lower hardware requirement. 3 years ago, we used an old PC to run it. Now, we have changed to a router device with Celeron CPU and 8GB RAM. It runs smoothly with a 1000G commercial broadband.
Allan Leung | TrustRadius Reviewer
Allan Leung
IT & T Manager
Read full review
Sophos
  • It provides you with advanced threat protection against cyberattacks.
  • It gives you deep visibility on risky users, applications, threats, etc.
  • It gives you an automatic response whenever threat is detected.
  • It offers many features like web filtering and application control and helps optimize bandwidth.
  • It ensures continued connectivity by providing features like load balancing, failover, etc.
BB
Baladas Bhoir
Warehouse Executive
Read full review
Cons
Netgate (Rubicon Communications, LLC)
  • I did kind of mention a Con in the Pro section with OpenVPN.
  • When I create a config for an employee other employees are able to login to that config.
  • I could be doing something wrong when I am making it - I am not afraid to admit that as I am pretty new to all of this, but it seems like it builds a key and I would think the key would be unique in some way to each employee, but I could be wrong.
  • I actually do not have a lot of Con's for this software - I did not get to set this up on our work network so I am not sure of any downfalls when installing.
  • I installed this on my personal machine in a Hyper-V environment to get a feel for it before I started working on it at work and it seemed pretty smooth. I didn't run into any issues.
Charles R. Coggins III | TrustRadius Reviewer
Charles R. Coggins III
Technical Support Specialist
Read full review
Sophos
  • If using Endpoint security and the Firewall it would be nice to have an easier back and forth between the portals rather than have two separate tabs open. Especially if using more than one in multiple locations.
  • If dealing with different revisions options are moved around and sometimes in places that doesn't normally seem like they should be there.
MG
Mike Goularte
IT Technician
Read full review
Usability
Netgate (Rubicon Communications, LLC)
The pfSense UI is easy to navigate and pretty go look at. It is much better than some high dollar firewalls that just throw menus you you. The pfSense UI is quick and responsive and makes sense 99% of the time. Changes are committed quickly and the hardware rarely requires a reboot. It just runs.
Verified User
Anonymous
Read full review
Sophos
Because this is a user-friendly interface, and anyone can use it there are multiple articles and guidelines available, it has advanced-level security features. they provide VPN solutions all the features are very practical, SSID MAC-based authentications web control, Firewall rules segregation of the rules and policies, On-premises Active directory single sign-on feature is also available.
Verified User
Anonymous
Read full review
Support Rating
Netgate (Rubicon Communications, LLC)
No answers on this topic
Sophos
As we are all addicted to graphics-oriented interfaces for all our life products. Easy to manage and access as a good way of using anything
nawas khan | TrustRadius Reviewer
nawas khan
Network Engineer
Read full review
Alternatives Considered
Netgate (Rubicon Communications, LLC)
Meraki has a unified management login for all devices, which is nice. It also has decent content filtering, both areas where pfSense is weaker. Where pfSense far ouclasses Meraki is in the ease of use and the other width of features. These include features such as better VPN interoperability, non-subscription based pricing, auditability, not relying on the infrastructure of a third party, more transparency of what's actually going on, easier to deploy replacements if hardware fails. Additionally, the NAT management for pfSense seems to be a bit better, as you can NAT between any network segment and not just the LAN segments out the WAN interfaces.
Verified User
Anonymous
Read full review
Sophos
I was a big fan of Cisco ASA products, but when I saw all of the security feature differences between both firewalls, I moved to Sophos devices. Its sandbox, IPS, and many more features are really advanced. Cisco does not provide features like this.
Rahul Verma | TrustRadius Reviewer
Rahul Verma
Network Consultant
Read full review
Return on Investment
Netgate (Rubicon Communications, LLC)
  • pfSense can be installed on commodity hardware with no licensing fees. With a simple less than 10 minute restore time, on most hardware, it's an extremely inexpensive way to achieve the same results that some of the more expensive vendors provide.
  • The easy to use interface has allowed configuration management to be preformed by lower level technicians with quick and easy training.
Aaron Smith | TrustRadius Reviewer
Aaron Smith
Information Technology Manager
Read full review
Sophos
  • True UTM device.
  • Very Active customer help for any help.
  • Easy license and cost effective.
  • Should [do] more work on logging and reporting.
Basant Gupta | TrustRadius Reviewer
Basant Gupta
Executive System Admin
Read full review
ScreenShots

Sophos XG Firewall Screenshots

Screenshot of Sophos XG Firewall v17.5 Control Center