Try our new research platform with insights from 80,000+ expert users

OPNsense vs Sophos XGS comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
328
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
OPNsense
Ranking in Firewalls
3rd
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
39
Ranking in other categories
No ranking in other categories
Sophos XGS
Ranking in Firewalls
13th
Average Rating
8.0
Reviews Sentiment
6.6
Number of Reviews
83
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.1%, up from 17.7% compared to the previous year. The mindshare of OPNsense is 12.3%, down from 17.6% compared to the previous year. The mindshare of Sophos XGS is 2.4%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Eddy Ramirez - PeerSpot reviewer
Good interface and firewall capabilities and overall easy to use
The security has improved as we can isolate the network. We can do attrition prevention via a tool that comes with the solution. We can have a VPN solution in place for those that work from home, outside the network, in a secure manner. We also like that it offers good authentication. It offers radius-based authentication, which has been useful for the company. The main platform is under the Open VPN firewall. The solution has high availability. When we have different ISPs, we can actually load balance those links or actually put some priority or even classify the traffic that might go into one ISP or another.
Nassif  Kaleny - PeerSpot reviewer
Dynamic web and mail filtering contribute to improved security measures
The reporting system is very poor. I cannot trace any traffic to our site if it feels some threats. It just tells me that there is something during a certain time but does not provide information about the type of threats or how to get rid of them. This needs improvement.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I find the ease of configuring specific policies to be the most valuable feature of the Fortinet FortiGate firewall."
"One of the valuable features is a standardized OS."
"Advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless and simple integration into a large network."
"The email protection and VPN features are the most valuable."
"We can use our devices to check all of the perimeters. It secures email websites."
"The solution is very easy to understand. It's not overly complex."
"Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough."
"Application control and the web filter are the best features of Fortinet FortiGate."
"It has an open license. It works very well, and there is an update every month."
"The initial setup is easy. It only takes 15-30 minutes to deploy."
"The DNS-level filtering is impressive for thwarting time scanners."
"It is a very good solution. I like the dashboard. I can see what is going on and manage it as I like it."
"The solution has high availability."
"What I like best about OPNsense is that, as a firewall, it's pretty good. I'm quite impressed with it. I had an excellent experience with OPNsense, which helped me achieve the targets I wanted."
"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."
"One of the most valuable features is the network checking. Additionally, the firewall and web filtering functionalities are highly useful."
"Some features are free."
"The most valuable features of Sophos XGS are a set of functionalities that are quite commendable, they call it synchronized security, where all the solutions share defense lines with each other."
"Sophos XGS' best features are simplicity and its built-in reporting tool."
"I have no issues with the stability of the product and love using it."
"I recommend Sophos XGS as it is easy, reliable, has good support, and is flexible and stable."
"I think Sophos technical support's immediate response is good compared to Fortinet's. If the technical engineer is good, they get the solution immediately. If not, it might take two days. For improvement, immediate response is required, whether by email, phone call, or WhatsApp. Sometimes, we can't wait three or four days for a solution. In urgent situations, we might use a spare Sophos device while waiting for support."
"Compared to other products, Sophos XGS is a user-friendly solution."
"Sophos offers a centralized system available to everyone, even for their smaller models."
 

Cons

"We would like to have the ability to disable some of the security functionalities."
"One area for improvement is the performance on bandwidth demands for smaller devices, as well as better web filtering."
"Fortinet FortiGate is a firewall solution and once it's deployed, you can rest assured that your system is secure."
"Fortigate's hardware capacities could be improved."
"I would suggest that Fortinet add sandboxing to their solution."
"The performance could be a bit better. Right now, I find it to be lacking. Having good performance is very important for our work."
"The support is the main thing that needs to be improved."
"Fortinet currently has many products bundled with FortiGate including the basic firewall and load balancer, and I think that that they need to have separate product portfolios for each of these specialized services."
"The scalability needs improvement."
"The user interface could be improved, and the DNS section should be more intuitive."
"I would like to see better SD-WAN performance."
"I would like better documentation concerning the provided packages and their integration."
"There is room for improvement in SSL inspection."
"There should be more technical documentation."
"The only thing that I would like to see improved is the Insight or the NetFlow analysis part. It would be good to have the possibility to dig down on the Insight platform. Right now, we can easily do only a few analyses. If this page becomes more powerful, it surely will be a well-adopted platform."
"The IPS solution could be more reliable."
"We'd always like the solution to be a bit less in terms of cost."
"Sophos should work on its marketing strategy as it seems to lag behind Fortinet."
"The SD-WAN feature isn't very good. It's there, but it doesn't work properly."
"Sophos XGS could improve the price."
"The support team are helpful when you eventually get hold of them which takes a long time. They can improve how quickly you get technical support."
"Sophos pricing is very high. The last instance I purchased was for three years, around $3,700 for SDG 125."
"Sophos XGS could be improved by adding a built-in hyper-converged solution."
"The reporting could be better."
 

Pricing and Cost Advice

"Fortinet FortiGate allows you to purchase licenses for hardware and software."
"Go for long term pricing negotiated at the time of purchase."
"​We saved a bundle by not needing all the past appliances from an NGFW.​"
"It is affordable. Palo Alto is much more expensive than Fortinet."
"Fortinet is the least expensive solution."
"Our licensing costs are on a yearly basis."
"We just pay a flat monthly fee to the vendor for the support."
"It is not a very costly product if you compare it with other products. The return on investment is also good. If you compare the return of investment and money that you are spending on this product with Palo Alto, Cisco, Check Point, and other solutions, the investment is very less. We are happy with this solution. The optional licenses are there, and you can choose which one you want and which one to avoid."
"It's not expensive."
"There are no licensing costs for OPNsence."
"OPNsense is open source software so at this time it is free for us to use."
"We are using the paid version."
"We are not paying any licensing fees. OPNsense is completely free for us."
"I've used the free version. My computer with two network cards at home allows me to try as many different software options as I want. I did pay for the license, but it was for the Zenarmor license, which is the packet inspection tool. They use AI for packet inspection, which integrates with OPNsense and pfSense."
"It is free."
"The solution is not expensive."
"The price of Sophos XGS is less than competitors worldwide. However, in Turkey the solution is expensive."
"I can't recall the exact amount that was paid. It was likely around $12,000 or less - around $4,000 a year."
"Sophos XGS is priced lower than some of its competitors, such as Fortinet"
"Sophos XGS is a very expensive solution."
"The license for Sophos XGS is for three years, paid on a yearly basis. Everything is included with the license; there are no additional fees."
"Sophos XGS is competitively priced."
"Sophos XGS's pricing is very affordable."
"We paid around 17,000 pounds for a three-year package."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
21%
Computer Software Company
14%
Comms Service Provider
7%
Manufacturing Company
6%
Computer Software Company
16%
Comms Service Provider
13%
Government
7%
Educational Organization
6%
Computer Software Company
15%
Manufacturing Company
9%
Comms Service Provider
8%
Educational Organization
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
What is the difference between PfSense and OPNsense?
Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and cl...
What do you like most about OPNsense?
What I like the most about OPNsense is that it offers an easy-to-use dashboard for device management and control.
What is your experience regarding pricing and costs for OPNsense?
I consider the pricing of OPNsense to be high when compared with other market products. However, as a free firewall p...
What do you like most about Sophos XGS?
The policies are the greatest feature. They allow us to configure granular control over our network traffic.
What is your experience regarding pricing and costs for Sophos XGS?
Sophos XGS was reasonably priced initially, but the license cost has significantly increased in the last few years.
What needs improvement with Sophos XGS?
The reporting system is very poor. I cannot trace any traffic to our site if it feels some threats. It just tells me ...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
No data available
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
1. Deciso B.V. 2. iXsystems, Inc.  3. EuroBSDCon  4. Netgate  5. Claranet  6. Voleatech  7. Open Systems AG  8. Securebit AG  9. Proxmox Server Solutions GmbH  10. AVM Computersysteme Vertriebs GmbH  Additional customers include: T-Systems International GmbH, Deutsche Telekom AG, Vodafone GmbH, 1&1 IONOS SE, OVHcloud, Hetzner Online GmbH, Strato AG, PlusServer GmbH, Host Europe GmbH, United Internet AG, 1&1 Versatel Deutschland GmbH, QSC AG, Bechtle AG, Cancom SE, Computacenter AG & Co. oHG, T-Systems Multimedia Solutions GmbH, Atos SE, Capgemini SE, Accenture plc, IBM Corporation, Hewlett Packard Enterprise Company, Cisco Systems, Inc.
Information Not Available
Find out what your peers are saying about OPNsense vs. Sophos XGS and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.