TrustRadius

pfSense vs. Sophos XG Firewall

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
pfSense
Score 9.2 out of 10
N/A
pfSense is a firewall and load management product available through the open source pfSense Community Edition, as well as a the licensed edition, pfSense Plus (formerly known as pfSense Enterprise). The solution provides combined firewall, VPN, and router functionality, and can be deployed through the cloud (AWS or Azure), or on-premises with a Netgate appliance. It as scalable capacities, with functionality for SMBs. As a firewall, pfSense offers Stateful packet inspection, concurrent…
$179
per appliance
Sophos XG Firewall
Score 7.5 out of 10
N/A
Sophos XG Firewall provides comprehensive next-generation firewall protection powered by deep learning and Synchronized Security. The vendor states XG Firewall supplies unmatched insights and exposes hidden user, application, and threat risks on the network, and say the product is differentiated by its ability to respond automatically to security incidents by isolating compromised systems, with Security Heartbeat™.N/A
Pricing
pfSenseSophos XG Firewall
Editions & Modules
SG-1100
$179
per appliance
SG-2100
$229
per appliance
SG-3100
$399
per appliance
SG-5100
$699
per appliance
XG-7100-DT
$899
per appliance
XG-7100-1U
$999
per appliance
XG-1537
$1,949
per appliance
XG-1541
$2,649
per appliance
No answers on this topic
Offerings
Pricing Offerings
pfSenseSophos XG Firewall
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
pfSenseSophos XG Firewall
Considered Both Products
pfSense
Chirag Deol | TrustRadius Reviewer
Chirag Deol
Chief Marketing Officer
Chose pfSense
We were using Sophos XG Firewall in our environment but when it comes to cost it's more expensive with limited features. After using [pfSense] we are getting more security features at less cost. After pfSense provides a bundle of security features such as anti-spamming, …
Pretty Varughese | TrustRadius Reviewer
Pretty Varughese
IT Executive
Chose pfSense
We were using Sophos XG Firewall in our environment before but we need a product that is customizable & provides low cost high security features. pfSense provided us high security features with customizable options as it's kernel is based on freeBSD.
Sophos XG Firewall

No answer on this topic

Top Pros
Top Cons
TrustRadius Insights
pfSenseSophos XG Firewall
Highlights

TrustRadius
Research Team Insight
Published

pfSense, from Netgate and Sophos XG Firewall serve as entry level firewalls or options for small and midsize businesses. The Sophos XG Firewall is a full-featured firewall bundling Sophos’ security software and appliances. pfSense is an open source software solution based on the FreeBSD OS. It can run on Netgate’s own SG & XG appliances, as well as deploy virtually on AWS or Azure or on commodity computers, transforming the machine into a small or home office firewall, for an almost no-cost solution.

Sophos XG Firewall appears most in the middle-market, while pfSense appears most in budget constrained small businesses. They are competing solutions, however it is possible to use the Sophos XG Firewall for security with pfSense for other features like VPN, load balancing, etc.

Sophos XG Firewall has a free “home” edition which may be useful for single branch businesses or home offices as a basic firewall on commodity hardware; this option presents a direct alternative to the open source pfSense.

Features

There are some advantages to using pfSense and Sophos XG Firewall.

It is pfSense’s ease of use for ancillary firewall features where the solution shines. It has an effective and reliable VPN, and presents great NAT functionality. Its traffic control and load balancing are also excellent for the price point.

For the middle market Sophos XG Firewalls present little downside. They are easy to set up with antivirus to lockdown malware. The UI is attractive, clear, and easy to navigate. Product users describe Sophos as a security leader that frequently updates and supports its products well. These updates  make the Sophos XG Firewall an easy to use solution.

Limitations

pfSense and Sophos XG Firewall might not be the right choice for a network, as these are both mid-tier or entry level solutions.

Additionally, pfSense is almost DIY, which can leave the administrator struggling to configure the security product as needed. There is little support aside from the open source community, and without enterprise grade support users are stuck with trial and error for complex set up and tasks. A sophisticated, patient user is a requirement to get the most out of pfSense.

In contrast, Sophos XG Firewalls have complex licensing varying by feature and region, which may be difficult to track, but it may help keep overall costs down. Sophos XG Firewall users surface more specific complaints in complex use cases and deployments. For instance, reviewers cite  lack of clear diagnostics, confusing configuration workflows, inadequate bandwidth throttling, and other general breakdown of administrator confidence. There may be a network complexity ceiling beyond which the Sophos XG Firewall is not ideal.

Pricing

pfSense is open source and doesn’t cost anything on its own. The only related costs are from associated hardware, or paying a little extra to find a sophisticated admin to get it to do what is required.

Sophos provides pricing on request but their XG Firewalls are available from VARs and online resellers, and can run a small business about $300. Most models through the 200 and 300 product lines vary in cost from about $2k to $3k, while the high end XG 750 with 3-year fully featured UTM license (3-year) can be started now for about $90k. A license of some kind is required for NGFW features. Sophos’ associated EnterpriseGuard Plus license can be started for under $2000 (3-year license, XG135), to $21.5k (3-year, for the XG-430).

For a home office, Sophos XG Firewall software can be installed on an Intel-compatible machine at no cost (it will overwrite any existing Operating System). This may be an option for small, single branch locations that want to set up basic firewall capabilities on commodity hardware, and provides a free trial to familiarize users with the product.

Features
pfSenseSophos XG Firewall
Firewall
Comparison of Firewall features of Product A and Product B
pfSense
7.6
11 Ratings
11% below category average
Sophos XG Firewall
7.3
10 Ratings
15% below category average
Identification Technologies5.010 Ratings6.310 Ratings
Visualization Tools7.08 Ratings6.710 Ratings
Content Inspection4.111 Ratings6.310 Ratings
Policy-based Controls10.011 Ratings8.010 Ratings
Active Directory and LDAP7.09 Ratings7.39 Ratings
Firewall Management Console9.510 Ratings8.010 Ratings
Reporting and Logging8.011 Ratings7.010 Ratings
VPN10.011 Ratings8.010 Ratings
High Availability10.011 Ratings8.010 Ratings
Stateful Inspection7.011 Ratings6.710 Ratings
Proxy Server6.011 Ratings8.08 Ratings
Best Alternatives
pfSenseSophos XG Firewall
Small Businesses
Sophos UTM
Sophos UTM
Score 8.9 out of 10
pfSense
pfSense
Score 9.2 out of 10
Medium-sized Companies
Next-Generation Firewalls - PA Series
Next-Generation Firewalls - PA Series
Score 9.3 out of 10
Next-Generation Firewalls - PA Series
Next-Generation Firewalls - PA Series
Score 9.3 out of 10
Enterprises
Next-Generation Firewalls - PA Series
Next-Generation Firewalls - PA Series
Score 9.3 out of 10
Next-Generation Firewalls - PA Series
Next-Generation Firewalls - PA Series
Score 9.3 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
pfSenseSophos XG Firewall
Likelihood to Recommend
9.7
(24 ratings)
6.7
(10 ratings)
Usability
10.0
(1 ratings)
9.0
(1 ratings)
Support Rating
-
(0 ratings)
9.1
(2 ratings)
User Testimonials
pfSenseSophos XG Firewall
Likelihood to Recommend
Netgate (Rubicon Communications, LLC)
Because pfSense is built around open source software, it is very convenient to be able to deploy in the event of hardware failure. We once had a client with a proprietary router that failed. While the router was under warranty, the expected time for the new router to arrive was about 2 weeks. We decided to implement pfSense for the client as a stop gap and ultimately ended up deploying the full enterprise appliance. Being able to get up and running using commodity hardware was a huge win for the client. We've also had a great amount of success deploying pfSense hardware at apartment complexes. The DNS resolver works great and we've had no issues handling multiple VLANs with various DHCP scopes on it. Finally, we've had clients that require having a failover cluster. Utilizing the built in CARP capabilities, we've been able to provide a very robust failover system that requires little maintenance and no downtime in the event of equipment failure.
Verified User
Anonymous
Read full review
Sophos
This is the best product for small-size organizations with a low budget that want advanced and deep-level security features. Sandboxing and advanced malware protection are the most valuable features available on Sophos devices. Other features like applications and web content make your organization more secure, and you can put more restrictions on users.
Rahul Verma | TrustRadius Reviewer
Rahul Verma
Network Consultant
Read full review
Pros
Netgate (Rubicon Communications, LLC)
  • Easy to use. Good user interface design! Easy to understand and easy to set up.
  • Lower hardware requirement. 3 years ago, we used an old PC to run it. Now, we have changed to a router device with Celeron CPU and 8GB RAM. It runs smoothly with a 1000G commercial broadband.
Allan Leung | TrustRadius Reviewer
Allan Leung
IT & T Manager
Read full review
Sophos
  • You can scan every packet deeply through sandboxing.
  • Control the user traffic through content filtering.
  • Put the restrictions on user web traffic through web filtering.
  • Control any type of malware through anti virus.
Basant Gupta | TrustRadius Reviewer
Basant Gupta
Executive System Admin
Read full review
Cons
Netgate (Rubicon Communications, LLC)
  • I did kind of mention a Con in the Pro section with OpenVPN.
  • When I create a config for an employee other employees are able to login to that config.
  • I could be doing something wrong when I am making it - I am not afraid to admit that as I am pretty new to all of this, but it seems like it builds a key and I would think the key would be unique in some way to each employee, but I could be wrong.
  • I actually do not have a lot of Con's for this software - I did not get to set this up on our work network so I am not sure of any downfalls when installing.
  • I installed this on my personal machine in a Hyper-V environment to get a feel for it before I started working on it at work and it seemed pretty smooth. I didn't run into any issues.
Charles R. Coggins III | TrustRadius Reviewer
Charles R. Coggins III
Technical Support Specialist
Read full review
Sophos
  • If using Endpoint security and the Firewall it would be nice to have an easier back and forth between the portals rather than have two separate tabs open. Especially if using more than one in multiple locations.
  • If dealing with different revisions options are moved around and sometimes in places that doesn't normally seem like they should be there.
MG
Mike Goularte
IT Technician
Read full review
Usability
Netgate (Rubicon Communications, LLC)
The interface is simple, has sane defaults, and is consistent throughout.
Verified User
Anonymous
Read full review
Sophos
It is a good and pleasant experience to use Sophos XG firewall and it offers more then what we expect and the price is ok in the current market level
nawas khan | TrustRadius Reviewer
nawas khan
Network Engineer
Read full review
Support Rating
Netgate (Rubicon Communications, LLC)
No answers on this topic
Sophos
Honestly we didn't get the premium support from them, but our partner has been supportive. Online forums are also a good place to learn things from.
Verified User
Anonymous
Read full review
Alternatives Considered
Netgate (Rubicon Communications, LLC)
While you can get the performance out of other products, pfSense offers the unique ability to put other services on the same device. Products such as Untagle's NG Firewall and SonicWall's TZ series offer cost effective options for firewall and VPN services, having incoming load balancing and connection proxies on the same device as the firewall offers extremely easy configuration and day to day management of network services
Aaron Smith | TrustRadius Reviewer
Aaron Smith
Information Technology Manager
Read full review
Sophos
We have been a Sophos customer for the most part but i have seen some other offerings from SonicWall, Barracuda, and Cisco. While they all offer nice products, we've always been content with our Sophos XG firewalls, especially as they release more and more features/etc.
Verified User
Anonymous
Read full review
Return on Investment
Netgate (Rubicon Communications, LLC)
  • Using pfSense has allowed us to build a professional network in our small office without needing a lot of proprietary hardware, saving thousands of dollars in IT infrastructure investment.
  • The cost for using pfSense is free, so it's a great option for those who don't have a large IT budget
  • pfSense utilizes all of the industry standard services to provide all of it's functionality, so support for service-level issues is readily available
  • Because of how much work has been put into pfSense to make it rock solid and reliable, we're able to support our network with minimal IT staffing, saving us thousands of dollars/year in personnel alone.
Jim Rubenstein | TrustRadius Reviewer
Jim Rubenstein
Chief Technology Officer
Read full review
Sophos
  • Easy to integrate with Active Directory & LDAP
  • We don't need to purchase any additional 2FA & VPN Tools so the cost is saved for us
  • High Availability
Pretty Varughese | TrustRadius Reviewer
Pretty Varughese
IT Executive
Read full review
ScreenShots

Sophos XG Firewall Screenshots

Screenshot of Sophos XG Firewall v17.5 Control Center