OPNsense vs Palo Alto Networks NG Firewalls comparison

OPNsense and Palo Alto Networks are both solutions in the Firewalls category. OPNsense is ranked #3 with an average rating of 8.3, while Palo Alto Networks is ranked #7 with an average rating of 8.7. OPNsense holds a 12.8% mindshare in Firewalls, compared to Palo Alto Networks’s 3.3% mindshare. Additionally, 97% of OPNsense users are willing to recommend the solution, compared to 96% of Palo Alto Networks users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jan 5, 2025

OPNsense and Palo Alto Networks NG Firewalls are competing products in the network security sector. Palo Alto Networks NG Firewalls generally have the upper hand with their extensive feature set tailored for enterprise-level environments.

Features: OPNsense offers open-source flexibility, frequent updates, and strong community support. Its open-source nature allows for customization, making it ideal for those needing a tailored solution. Palo Alto Networks NG Firewalls provide advanced threat prevention, comprehensive network visibility, and seamless integrations. They are equipped for high-level protection, providing enterprise clients with a feature-rich security platform.

Room for Improvement: OPNsense can enhance its offering with better integration with third-party solutions, a more user-friendly interface, and expanded commercial support options to appeal to larger organizations. Palo Alto Networks NG Firewalls could benefit from simplifying deployment and offering more cost-effective pricing to attract smaller businesses. Additionally, a more intuitive user interface could enhance usability.

Ease of Deployment and Customer Service: OPNsense is praised for easy deployment and community-based support, which is beneficial for self-sufficient users or smaller organizations. In contrast, Palo Alto Networks NG Firewalls offer more complex deployment but compensate with professional customer service that ensures successful setup and optimal configuration for enterprise clients.

Pricing and ROI: OPNsense is cost-effective, offering low setup costs suitable for budget-conscious users or smaller organizations looking to maximize ROI. On the other hand, Palo Alto Networks NG Firewalls require a higher initial investment but can provide substantial returns through superior security features that address the needs of high-security environments.

To learn more, read our detailed OPNsense vs. Palo Alto Networks NG Firewalls Report (Updated: March 2025).

Buyer's Guide

OPNsense vs. Palo Alto Networks NG Firewalls

March 2025

Download the complete report

Helped 842,388 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Mindshare comparison

As of March 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 20.8%, up from 17.8% compared to the previous year. The mindshare of OPNsense is 12.8%, down from 17.3% compared to the previous year. The mindshare of Palo Alto Networks NG Firewalls is 3.3%, up from 3.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewalls

Featured Reviews

EhabAli

Sr. Cybersecurity Solutions Architect at BMB

Efficient, user-friendly, and affordable

In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.

Read full review

Eddy Ramirez

IT Security Director at a financial services firm with 1,001-5,000 employees

Good interface and firewall capabilities and overall easy to use

The security has improved as we can isolate the network. We can do attrition prevention via a tool that comes with the solution. We can have a VPN solution in place for those that work from home, outside the network, in a secure manner. We also like that it offers good authentication. It offers radius-based authentication, which has been useful for the company. The main platform is under the Open VPN firewall. The solution has high availability. When we have different ISPs, we can actually load balance those links or actually put some priority or even classify the traffic that might go into one ISP or another.

Read full review

AmjadKhan1

Head of data centers at a non-profit with 10,001+ employees

Provides inline protection with a unified view and anti-spyware capabilities

I would rate Palo Alto Networks NG Firewalls ten out of ten because it is the best. Our disaster recovery site utilizes Palo Alto Networks Next-Generation Firewalls. We are also in the process of upgrading the firewalls at our 365 sites in Pakistan to Palo Alto Networks firewalls. While budget firewalls may advertise comparable features, they often fall short of effectively detecting viruses, threats, and ransomware. In contrast, Palo Alto Networks NG Firewalls, combined with Cortex XDR, provide comprehensive threat intelligence and detection capabilities, ensuring superior security coverage. I recommend conducting a proof of concept before selecting a firewall. This will allow you to evaluate different options and determine which best suits your needs. While Palo Alto offers robust firewall solutions, it's essential to compare them with other vendors to ensure you make an informed decision.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Unified Threat Management (UTM) features."

"This is an easy solution to deploy."

"It's quite comfortable to handle the FortiGate firewall."

"FortiGate's ability to perform as expected and fulfil our needs has been the most compelling feature for network security."

"Fortinet FortiGate's ease of management is the most valuable feature."

"I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over."

"I like Fortinet's cloud management. It allows me to manage all my devices in different branches for three cloud accounts. Even though I use on-prem devices, I can manage everything on the cloud."

"We were looking for the VPN feature and controlling the inflow and outflow of all the traffic within the site and across the sites. We are also using it for the VPN and VLANs."

More Fortinet FortiGate pros

"The DNS-level filtering is impressive for thwarting time scanners."

"I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed."

"It has firewall and VPN capabilities, which are very valuable features."

"The solution is good for a basic firewall for a small business or for home use."

"It is a very good solution. I like the dashboard. I can see what is going on and manage it as I like it."

"OPNsense is easy to scale when running on the hardware."

"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."

"It's more secure and more reliable."

More OPNsense pros

"The application awareness feature that recognizes application IDs and vulnerability protection are Palo Alto Networks NG Firewalls' most valuable features."

"I can enable the features I want and configure the policies based on the user and not all users and network traffic, making firewall management much easier."

"The user ID, Wildfire, UI, and management configuration are all great features."

"The most valuable feature is the security provided by the ATP."

"Technical support is proactive in letting us know when there are updates that need to be made to the system."

"Everything is easy in Palo Alto Networks NG Firewall. It is very stable, easy to configure, and easy to upgrade. It is also very easy to create custom policies and applications. Everything can be done with the click of a button. It is also good for the protection of web services. Nowadays, they have a rather new DNS security feature, which is pretty good and functional. We did a one-month trial, and it is the best product for the firewall network."

"Compared to other firewalls from Check Point, Fortinet, and Cisco, for example, Palo Alto Networks NG Firewalls use the most advanced techniques. They have sandbox integration and others in the orchestrator. Palo Alto's security features are at a higher level than those of the competitors at the moment."

"Innovative, advanced threat protection is the most valuable feature."

More Palo Alto Networks NG Firewalls pros

Cons

"The support is the main thing that needs to be improved."

"I would like to see a more intuitive dashboard."

"Its price could be better."

"When we cluster the two Fortinet FortiGate boxes together we have some issues."

"The performance could be a bit better. Right now, I find it to be lacking. Having good performance is very important for our work."

"The UTM filtering needs improvement."

"Though the tool's GUI is user-friendly, it can be considered as an area with certain shortcomings where improvements are required."

"There are some complex administration tasks in their administration portal. That needs to be improved."

More Fortinet FortiGate cons

"They should improve IPEs for security in the future."

"I would like to see better SD-WAN performance."

"The interface needs to be simplified. It is not user-friendly."

"The only thing that I would like to see improved is the Insight or the NetFlow analysis part. It would be good to have the possibility to dig down on the Insight platform. Right now, we can easily do only a few analyses. If this page becomes more powerful, it surely will be a well-adopted platform."

"We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much."

"OPNsense showed me some problems when using it in different environments. The problem is integration with a virtual server."

"There are issues with stability and reliability."

"I think the most important thing is that it should be easily accessible, but currently, that doesn't seem to be the case. We need a hardware platform that's based on common standards and open computing principles, which would be like a commodity and benefit us greatly."

More OPNsense cons

"From a documentation standpoint, there is room for improvement. Even Palo Alto says that their documentation is terrible."

"Customers don't want to buy extra things for extra capabilities"

"Palo Alto claims their NG Firewalls are highly customizable, but this isn't always true."

"The initial configuration is complicated to set up."

"We have not taken Palo Alto's firewall management solution because it's too expensive and we don't feel it delivers significant value."

"Palo Alto Networks NG Firewalls offer best-in-breed security but could improve by reducing their pricing."

"It is probably as good as it can be in terms of being highly sophisticated but having a very small leap to learn the platform and deploy it. I do not have many complaints about the platform."

"It is a good product, but they can add some functions for port scanning and network scanning."

More Palo Alto Networks NG Firewalls cons

Pricing and Cost Advice

"The pricing for this solution is good."

"In the Asian economy in which we operate, FortiGate is expensive."

"The price could be lower."

"It is cost-effective, and provides a good value for your money. The pricing, and license renewal, is very reasonable for us."

"The price depends on the size of the company. From the beginning, you just want to know the internet bandwidths, speed, and the number of users to be able to offer the right product and model. They have a lot of products in FortiGate according to the size of the company, like 200D and 300D."

"As far as I'm aware, in our case, it's just a yearly pricing arrangement with no additional licensing costs."

"Pricing is good. They offer a lot of things, the most important is the support. Every time you upgrade your license, you also get insurance for the equipment. If you have any problem with equipment, they send in new equipment."

"Fortinet FortiGate is expensive."

More Fortinet FortiGate pricing and cost advice

"It is a free solution, and when you compare it to alternatives like FortiGate, which is quite powerful but also costly, the value becomes evident."

"OPNsense is a well known open-source tool."

"It's a free solution."

"I would rate the pricing a nine out of ten, especially considering the availability of a free community edition."

"It is open source and free."

"Its pricing is unbeatable in comparison to other firewalls. You can have a small instance that could be €80 a month with the hardware underneath. Azure Firewall and FortiGate are out of the question at this price. If you are on a public cloud, you need the underlying infrastructure. Other than that, there is no additional cost. If you have it on-prem, you have to buy the server or the appliance. The hardware cost is replaced with the infrastructure cost in the cloud. You also have costs for the public IPs and underlying VMs, but that's not related to OPNsense. It would be the same for a FortiGate deployment on Azure. You need a FortiGate license, and you need the underlying infrastructure that scales up depending on your needs."

"There are no licensing costs for OPNsence."

"It is free."

More OPNsense pricing and cost advice

"There are security licenses."

"It could be less expensive."

"Reducing costs is important, especially since Prisma can be expensive. It would be great if it were more affordable."

"Palo Alto Networks NG Firewalls are very expensive compared to other firewalls such as Fortinet. As a result, Palo Alto is losing some of its market share."

"It has a yearly subscription."

"I am not involved in the commercial side, but I believe that Palo Alto is quite expensive compared to others."

"It's too expensive."

"The price of the solution is on the higher side compared to competitors."

More Palo Alto Networks NG Firewalls pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

842,388 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

22%

Computer Software Company

14%

Comms Service Provider

Manufacturing Company

Computer Software Company

16%

Comms Service Provider

13%

Government

Educational Organization

Computer Software Company

15%

Financial Services Firm

10%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

What is the difference between PfSense and OPNsense?

Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and cl...

See all answers

What do you like most about OPNsense?

What I like the most about OPNsense is that it offers an easy-to-use dashboard for device management and control.

See all answers

What is your experience regarding pricing and costs for OPNsense?

I consider the pricing of OPNsense to be high when compared with other market products. However, as a free firewall p...

See all answers

What is a better choice, Azure Firewall or Palo Alto Networks NG Firewalls?

Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure Firew...

See all answers

Features comparison between Palo Alto and Fortinet firewalls

In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...

See all answers

Which is better - Palo Alto Networks NG Firewalls or Sophos XG?

Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...

See all answers

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 22% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 13% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 11% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

Fortinet FortiOS vs Fortinet FortiGate

Compared 2% of the time

More Fortinet FortiGate Competitors

Netgate pfSense vs OPNsense

Compared 43% of the time

IPFire vs OPNsense

Compared 11% of the time

Sophos XG vs OPNsense

Compared 8% of the time

Untangle NG Firewall vs OPNsense

Compared 4% of the time

SonicWall TZ vs OPNsense

Compared 1% of the time

More OPNsense Competitors

Azure Firewall vs Palo Alto Networks NG Firewalls

Compared 11% of the time

Check Point NGFW vs Palo Alto Networks NG Firewalls

Compared 11% of the time

Sophos XG vs Palo Alto Networks NG Firewalls

Compared 10% of the time

Meraki MX vs Palo Alto Networks NG Firewalls

Compared 10% of the time

Sophos UTM vs Palo Alto Networks NG Firewalls

Compared 5% of the time

More Palo Alto Networks NG Firewalls Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

March 2025

Download Fortinet FortiGate product report

Buyer's Guide

OPNsense

March 2025

Download OPNsense product report

Buyer's Guide

Palo Alto Networks NG Firewalls

March 2025

Download Palo Alto Networks NG Firewalls product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

No data available

Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

OPNsense is widely used for firewall functionalities, intrusion detection, VPN and IPSec, content filtering, securing network traffic, and remote access. It protects internal networks and manages servers securely, suitable for small to medium-sized businesses.

OPNsense is a comprehensive firewall solution leveraging open-source technology. It integrates with third-party modules like WireGuard and CrowdSec, enhancing its security capabilities. Offering on-premises and cloud deployment, it features an intuitive graphical interface, advanced reporting, VPN functionality, IDS/IPS features, and high scalability. Users find it ideal for small businesses and home networks due to its stability and ease of use. Frequent updates and an active community support its continuous improvement. However, it needs advancements in VPN selection, scalability, and technical documentation. Enhanced high availability, threat intelligence, and integration with virtualization platforms are required. User feedback suggests improvements in connectivity, alerting, traffic monitoring, and antivirus protection.

What are the key features of OPNsense?

Strong Firewall: Robust firewall capabilities for securing network traffic.
Intrusion Detection and Prevention: Effective IDS/IPS for threat mitigation.
VPN Functionality: Comprehensive VPN support including WireGuard.
Content Filtering: DNS-level filtering for enhanced security.
Advanced Reporting: In-depth traffic analysis and reporting features.
High Scalability: Supports growing network demands.
Integration Capabilities: Works with third-party modules like CrowdSec.
Intuitive GUI: User-friendly graphical interface enhances usability.

What benefits should users look for in OPNsense reviews?

Security: High level of protection for internal networks.
Manageability: Easy management of servers and network traffic.
Cost-Effective: Open-source nature reduces costs.
Reliability: Stable performance suitable for small and medium-sized businesses.
Community Support: Active community and frequent updates.

OPNsense is implemented across various industries to secure network infrastructure and ensure reliable connectivity. In fintech, it safeguards sensitive financial data while maintaining compliance. Educational institutions deploy it to protect student information and enable secure remote learning environments. Healthcare organizations use it to secure patient data and comply with HIPAA regulations. By integrating with tools like WireGuard and CrowdSec, businesses enhance their cybersecurity posture and streamline network management, making OPNsense a versatile choice for diverse operational needs.

OPNsense

Palo Alto Networks NG Firewalls offer comprehensive security, including application control, traffic shaping, threat prevention, and load balancing, designed to secure internal networks, perimeter protection, VPN services, and cloud environments.

Palo Alto Networks NG Firewalls are a key choice for managing and protecting data centers, securing remote access, network segmentation, malware prevention, and ensuring high availability and performance for business-critical applications. Known for stability and strong security, these firewalls use application-aware identifiers and IPS/IDS subscriptions to offer advanced threat protection. The unified platform facilitates seamless integration, while GlobalProtect and centralized management via Panorama enhance ease of use. However, there are areas for improvement, including pricing strategies, training, user support, and integration with third-party applications.

What are the essential features?

Stability: Reliable performance in different environments.
Application Control: Identifies applications to manage traffic.
Advanced Threat Protection: Includes DNS security, WildFire, and machine learning.
GlobalProtect: Secure remote access for users.
Centralized Management: Managed via the Panorama platform.

What benefits or ROI should users expect?

Security: Protects against threats with robust features.
User-Friendly: Simplified interface and easy configuration.
High Availability: Ensures performance for critical applications.
Integration: Seamless with existing systems and applications.
Support: Reliable technical support and resources.

In industries like finance, healthcare, and retail, Palo Alto Networks NG Firewalls secure sensitive data and meet regulatory requirements. These firewalls help manage large-scale networks in these sectors, providing essential security features and maintaining high-performance standards. They are implemented to ensure compliance, protect patient information, secure financial transactions, and safeguard customer data.

Palo Alto Networks

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

1. Deciso B.V. 2. iXsystems, Inc. 3. EuroBSDCon 4. Netgate 5. Claranet 6. Voleatech 7. Open Systems AG 8. Securebit AG 9. Proxmox Server Solutions GmbH 10. AVM Computersysteme Vertriebs GmbH Additional customers include: T-Systems International GmbH, Deutsche Telekom AG, Vodafone GmbH, 1&1 IONOS SE, OVHcloud, Hetzner Online GmbH, Strato AG, PlusServer GmbH, Host Europe GmbH, United Internet AG, 1&1 Versatel Deutschland GmbH, QSC AG, Bechtle AG, Cancom SE, Computacenter AG & Co. oHG, T-Systems Multimedia Solutions GmbH, Atos SE, Capgemini SE, Accenture plc, IBM Corporation, Hewlett Packard Enterprise Company, Cisco Systems, Inc.

SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments

Buyer's Guide

OPNsense vs. Palo Alto Networks NG Firewalls

March 2025

Free Report: OPNsense vs. Palo Alto Networks NG Firewalls

Find out what your peers are saying about OPNsense vs. Palo Alto Networks NG Firewalls and other solutions. Updated: March 2025.

DOWNLOAD NOW

842,388 professionals have used our research since 2012.

See our OPNsense vs. Palo Alto Networks NG Firewalls report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.