OPNsense vs Sophos XGS comparison

OPNsense and Sophos are both solutions in the Firewalls category. OPNsense is ranked #3 with an average rating of 8.3, while Sophos is ranked #15 with an average rating of 8.4. OPNsense holds a 13.3% mindshare in Firewalls, compared to Sophos’s 2.0% mindshare. Additionally, 97% of OPNsense users are willing to recommend the solution, compared to 94% of Sophos users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 16, 2024

OPNsense and Sophos XGS compete in the firewall solutions category. Sophos XGS seems to have the upper hand due to its advanced security features, although OPNsense offers greater affordability and flexibility.

Features: OPNsense offers customizable firewall rules, excellent traffic management, and valuable open-source adaptability. Sophos XGS includes advanced threat protection, zero-day attack defense, and a comprehensive security suite.

Room for Improvement: OPNsense could benefit from improved documentation, better integration with third-party tools, and enhanced usability. Sophos XGS users indicate a need for streamlined updates, lower hardware costs, and less complexity during initial setup.

Ease of Deployment and Customer Service: OPNsense is easier to deploy with its straightforward setup process and active community support. Sophos XGS provides extensive professional support and managed services, beneficial but potentially complex for initial deployment.

Pricing and ROI: OPNsense has low setup costs and a favorable ROI due to its open-source model. Sophos XGS is more expensive upfront but offers long-term value through enhanced security features.

To learn more, read our detailed OPNsense vs. Sophos XGS Report (Updated: January 2025).

Buyer's Guide

OPNsense vs. Sophos XGS

January 2025

Download the complete report

Helped 838,640 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Mindshare comparison

As of February 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 20.7%, up from 17.7% compared to the previous year. The mindshare of OPNsense is 13.3%, down from 17.3% compared to the previous year. The mindshare of Sophos XGS is 2.0%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewalls

Featured Reviews

EhabAli

Sr. Cybersecurity Solutions Architect at BMB

Efficient, user-friendly, and affordable

In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.

Read full review

Eddy Ramirez

IT Security Director at a financial services firm with 1,001-5,000 employees

Good interface and firewall capabilities and overall easy to use

The security has improved as we can isolate the network. We can do attrition prevention via a tool that comes with the solution. We can have a VPN solution in place for those that work from home, outside the network, in a secure manner. We also like that it offers good authentication. It offers radius-based authentication, which has been useful for the company. The main platform is under the Open VPN firewall. The solution has high availability. When we have different ISPs, we can actually load balance those links or actually put some priority or even classify the traffic that might go into one ISP or another.

Read full review

Jaffar Ali

Director Technical Services at TechnoBIZ

Has provided stability, security, ease of management, and better reporting options

People use Sophos XGS because the overall channel support is very good, so they don't face issues. Additionally, it is competitive in pricing against Fortinet in some cases, especially when considering high availability, email subscriptions, and gateways Sophos XGS has provided stability,…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working."

"The GUI is good."

"The solution is scalable."

"I really like the captive portal feature for our guest network. It has nice VLAN features in terms of separating our network. The anti-virus is also good."

"We are very happy with the general bandwidth agility we have seen from one website to another website."

"Fortinet FortiGate has many valuable features, such as IDS, and intrusion detection. It has security features that are in part with the technologies that are available in the market."

"It is a safe product."

"Their reliability and their policy of pre-shipping replacements when a unit has failed."

More Fortinet FortiGate pros

"OPNsense is easy to scale when running on the hardware."

"The solution is user-friendly and easy to configure."

"The most valuable features of OPNsense are the GUI and frequent updates."

"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."

"The most valuable feature is the Dual WAN in OPNSense, which offers advanced capabilities."

"The solution is good for a basic firewall for a small business or for home use."

"The most valuable features in OPNsense are reporting and visibility."

"I feel that its valuable features are that it is simple and free."

More OPNsense pros

"I think Sophos technical support's immediate response is good compared to Fortinet's. If the technical engineer is good, they get the solution immediately. If not, it might take two days. For improvement, immediate response is required, whether by email, phone call, or WhatsApp. Sometimes, we can't wait three or four days for a solution. In urgent situations, we might use a spare Sophos device while waiting for support."

"The threat intelligence capabilities of the tool are good."

"We are happy and satisfied with all the features."

"Some features are free."

"I recommend Sophos XGS because it is easy to use, more secure, and scalable."

"The solution is very user-friendly, and the GUI is so good that I don't have to use the CLI. This eliminates the need for typing; clicking allows me to get to what I'm looking for."

"I like the Sophos UI. It interface has a more comfortable feel than the competitors."

"The solution is easy to use and configure, once you know how to apply the policies."

More Sophos XGS pros

Cons

"In the next release, maybe the documentation on how to use this solution could be improved."

"Fortinet FortiGate could improve if it had a cloud-managed solution."

"A sandbox would be good in order to be able to inspect the emails containing spam and be able to validate the emails that contain malware, prior to delivering to the customer."

"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."

"I would prefer to have more detailed logs within the FortiGate products themselves rather than relying on a separate tool."

"It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features."

"Lacks sufficient security options."

"As far as wanting more scalability or things in the network diagram, it's going to cost you."

More Fortinet FortiGate cons

"Its interface should be a little bit better."

"OPNsense struggles to handle large volumes of voice traffic, indicating scalability issues in that specific use case."

"The interface needs to be simplified. It is not user-friendly."

"We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much."

"OPNsense showed me some problems when using it in different environments. The problem is integration with a virtual server."

"You will need additional training before you can actually start to use it."

"While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet."

"The ability to set the VPN IP address would be a welcome addition."

More OPNsense cons

"I recommend Sophos increase the user capacity of the firewall by 1.5 times. For example, say the firewall can accommodate 1,000 users now, then it should handle a load of 1,500 users."

"Having previously worked with the Astaro Security Gateway platform (now called Sophos UTM), I can attest that the configuration and dashboard for this older platform was easier to manage than that of both Sophos XG and XGS. If it were up to me, I would prefer to go back to the older SG dashboard."

"Sophos should work on its marketing strategy as it seems to lag behind Fortinet."

"Areas for improvement in Sophos XGS include better balance when handling high availability configurations, smoother firmware upgrades without the need for turning off devices, and simplified configuration after firmware updates."

"One area for improvement would be including automatically generated certificates for HTTPS, which was available in earlier versions but might not be in the latest."

"There are some issues with conversion and user roles when upgrading to Cyberoam."

"The functionality of SD-WAN compared to other boxes is lacking."

"I feel Sophos should add more telemetry data to its products...Right now, I think there are only less than a dozen vendors or OEMs supported by Sophos."

More Sophos XGS cons

Pricing and Cost Advice

"The price is really low. It's cheap in comparison to the cost of Cisco or CheckPoint, for example."

"There is a subscription-based model to use Fortinet FortiGate. We pay annually for the solution along with the support. If you want to have all the updates, and security patches you will need to renew your support."

"The pricing for this solution is good."

"Here in Brazil, we're going through difficult economic times and the tax on the dollar is high. All the solutions from minor competitors are growing in the market. The prices have come more competitive."

"Pricing and licensing is a little bit complicated in FortiGate. They are always on the higher side. This is one issue that we always raise with the company that they should reduce the price according to Indian market requirements. There are no costs in addition to the standard licensing fees."

"The price of FortiGate is comparable to that of most other firewall solutions and is more affordable than Cisco."

"The price is fair for what we get with FortiGate."

"It's a very full-featured and it's priced well solution."

More Fortinet FortiGate pricing and cost advice

"I've used the free version. My computer with two network cards at home allows me to try as many different software options as I want. I did pay for the license, but it was for the Zenarmor license, which is the packet inspection tool. They use AI for packet inspection, which integrates with OPNsense and pfSense."

"It's not expensive."

"It is open source and free."

"I'm using the free version of OPNsense. I didn't check the pricing for the solution because I still need to test it before getting the approval to purchase OPNsense, and it isn't easy to get approval from the higher-ups."

"I would rate the pricing a nine out of ten, especially considering the availability of a free community edition."

"We are using the paid version."

"OPNsense is a well known open-source tool."

"Its pricing is unbeatable in comparison to other firewalls. You can have a small instance that could be €80 a month with the hardware underneath. Azure Firewall and FortiGate are out of the question at this price. If you are on a public cloud, you need the underlying infrastructure. Other than that, there is no additional cost. If you have it on-prem, you have to buy the server or the appliance. The hardware cost is replaced with the infrastructure cost in the cloud. You also have costs for the public IPs and underlying VMs, but that's not related to OPNsense. It would be the same for a FortiGate deployment on Azure. You need a FortiGate license, and you need the underlying infrastructure that scales up depending on your needs."

More OPNsense pricing and cost advice

"I pay close to $10,000 per year, which I find to be expensive compared to the other similar solution or equivalent solutions."

"We must purchase separate web server licenses, as they are not included in the regular device license. I would rate the product an eight out of ten in terms of price. It's relatively affordable."

"Sophos XGS is a cost-effective solution."

"It's highly effective and well-suited for medium and small companies. The pricing is attractive, and our customers find it suitable for regular license renewals."

"A central firewall on the cloud with a cluster might be 70,000 to 80,000 euros for a three-year license."

"The pricing for Sophos XGS is reasonable."

"XGS' price could be lower, though it's moderately priced in the market."

"The price of Sophos XGS is less than competitors worldwide. However, in Turkey the solution is expensive."

More Sophos XGS pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

838,640 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

22%

Computer Software Company

14%

Comms Service Provider

Manufacturing Company

Computer Software Company

16%

Comms Service Provider

12%

Government

Educational Organization

Computer Software Company

17%

Manufacturing Company

Comms Service Provider

Educational Organization

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

What is the difference between PfSense and OPNsense?

Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and cl...

See all answers

What do you like most about OPNsense?

What I like the most about OPNsense is that it offers an easy-to-use dashboard for device management and control.

See all answers

What is your experience regarding pricing and costs for OPNsense?

I consider the pricing of OPNsense to be high when compared with other market products. However, as a free firewall p...

See all answers

What do you like most about Sophos XGS?

The policies are the greatest feature. They allow us to configure granular control over our network traffic.

See all answers

What is your experience regarding pricing and costs for Sophos XGS?

The pricing is justified, and the solution is considered budget-friendly compared to other vendors.

See all answers

What needs improvement with Sophos XGS?

Hardware stability needs improvement. I have experienced multiple hardware complaints, particularly during firmware u...

See all answers

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 23% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 13% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 11% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

Sangfor NGAF vs Fortinet FortiGate

Compared 2% of the time

More Fortinet FortiGate Competitors

Netgate pfSense vs OPNsense

Compared 50% of the time

IPFire vs OPNsense

Compared 9% of the time

Sophos XG vs OPNsense

Compared 8% of the time

Untangle NG Firewall vs OPNsense

Compared 4% of the time

Sophos UTM vs OPNsense

Compared 3% of the time

More OPNsense Competitors

Sophos XG vs Sophos XGS

Compared 29% of the time

Netgate pfSense vs Sophos XGS

Compared 7% of the time

WatchGuard Firebox vs Sophos XGS

Compared 6% of the time

Check Point NGFW vs Sophos XGS

Compared 5% of the time

Palo Alto Networks NG Firewalls vs Sophos XGS

Compared 5% of the time

More Sophos XGS Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

February 2025

Download Fortinet FortiGate product report

Buyer's Guide

OPNsense

February 2025

Download OPNsense product report

Buyer's Guide

Sophos XGS

January 2025

Download Sophos XGS product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

No data available

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

OPNsense is widely used for firewall functionalities, intrusion detection, VPN and IPSec, content filtering, securing network traffic, and remote access. It protects internal networks and manages servers securely, suitable for small to medium-sized businesses.

OPNsense is a comprehensive firewall solution leveraging open-source technology. It integrates with third-party modules like WireGuard and CrowdSec, enhancing its security capabilities. Offering on-premises and cloud deployment, it features an intuitive graphical interface, advanced reporting, VPN functionality, IDS/IPS features, and high scalability. Users find it ideal for small businesses and home networks due to its stability and ease of use. Frequent updates and an active community support its continuous improvement. However, it needs advancements in VPN selection, scalability, and technical documentation. Enhanced high availability, threat intelligence, and integration with virtualization platforms are required. User feedback suggests improvements in connectivity, alerting, traffic monitoring, and antivirus protection.

What are the key features of OPNsense?

Strong Firewall: Robust firewall capabilities for securing network traffic.
Intrusion Detection and Prevention: Effective IDS/IPS for threat mitigation.
VPN Functionality: Comprehensive VPN support including WireGuard.
Content Filtering: DNS-level filtering for enhanced security.
Advanced Reporting: In-depth traffic analysis and reporting features.
High Scalability: Supports growing network demands.
Integration Capabilities: Works with third-party modules like CrowdSec.
Intuitive GUI: User-friendly graphical interface enhances usability.

What benefits should users look for in OPNsense reviews?

Security: High level of protection for internal networks.
Manageability: Easy management of servers and network traffic.
Cost-Effective: Open-source nature reduces costs.
Reliability: Stable performance suitable for small and medium-sized businesses.
Community Support: Active community and frequent updates.

OPNsense is implemented across various industries to secure network infrastructure and ensure reliable connectivity. In fintech, it safeguards sensitive financial data while maintaining compliance. Educational institutions deploy it to protect student information and enable secure remote learning environments. Healthcare organizations use it to secure patient data and comply with HIPAA regulations. By integrating with tools like WireGuard and CrowdSec, businesses enhance their cybersecurity posture and streamline network management, making OPNsense a versatile choice for diverse operational needs.

OPNsense

Sophos XGS is a comprehensive network security solution designed to protect organizations from advanced threats. It combines next-generation firewall capabilities with advanced threat protection, web filtering, and application control.

XGS has powerful deep learning technology and can detect and block even the most sophisticated malware and ransomware attacks. It also offers granular control over web access, allowing organizations to enforce policies and prevent access to malicious or inappropriate websites. Additionally, XGS provides application control features, enabling organizations to manage and prioritize network traffic based on specific applications or user groups.

With its intuitive management interface and centralized reporting, XGS offers easy deployment and monitoring of network security.

Sophos

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

1. Deciso B.V. 2. iXsystems, Inc. 3. EuroBSDCon 4. Netgate 5. Claranet 6. Voleatech 7. Open Systems AG 8. Securebit AG 9. Proxmox Server Solutions GmbH 10. AVM Computersysteme Vertriebs GmbH Additional customers include: T-Systems International GmbH, Deutsche Telekom AG, Vodafone GmbH, 1&1 IONOS SE, OVHcloud, Hetzner Online GmbH, Strato AG, PlusServer GmbH, Host Europe GmbH, United Internet AG, 1&1 Versatel Deutschland GmbH, QSC AG, Bechtle AG, Cancom SE, Computacenter AG & Co. oHG, T-Systems Multimedia Solutions GmbH, Atos SE, Capgemini SE, Accenture plc, IBM Corporation, Hewlett Packard Enterprise Company, Cisco Systems, Inc.

Information Not Available

Buyer's Guide

OPNsense vs. Sophos XGS

January 2025

Free Report: OPNsense vs. Sophos XGS

Find out what your peers are saying about OPNsense vs. Sophos XGS and other solutions. Updated: January 2025.

DOWNLOAD NOW

838,640 professionals have used our research since 2012.

See our OPNsense vs. Sophos XGS report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.