Firewall reviews from Reddit

Summary

We analyzed 280 Reddit reviews across 25 subreddits and 43 posts to rank the best Firewall brands recommended by redditors, including communities like r/sysadmin, r/networking, r/homelab, r/selfhosted, r/SmallMSP. Top-rated brands include Fortinet (4.0/5), OPNsense (4.2/5), Palo Alto Networks (4.5/5).

Stats

Reviews280

Subreddits25

Posts43

Brands59

Products51

Top communities

r/sysadmin103 r/networking53 r/homelab35 r/selfhosted13 r/SmallMSP11

280 reviews from

and

By Brand

By Product

Fortinet

4.0

(49)

"Been using FortiGate for 10 years and also have one at home (60F), feature-wise and GUI/CLI are very intuitive and clear IMHO once you get to know it a little."

"I love our Fortigates, minus SSLVPN...."

"My favorite Fortigate GUI friendly easy adaptation"

"If you are after a L7 firewall there are only 2 real options. Palo Alto and Fortinet."

"Fortigate is top tier for this size."

"FortiGate all the way. The usability and intuitiveness of a FortiGate, in my opinion, is unmatched."

"For less then 100 people, a Fortigate 60F will easily handle an average office for 500$ and 400$ a year for licensing and peace of mind."

"For SME my go-to is fortigate, but it's a step or two above the Watchguard which are ok boxes."

"If you are “only” looking for a firewall - Fortigate is your jam especially if you don’t use the SSL VPN and don’t expose management over whatever interface you use for the WAN."

"I’m running fortigate FW for my house."

OPNsense

4.2

(30)

"Both are great. You can’t go wrong with either pfSense or OPNsense."

"I have been running OPNSense for a year now and I can't think of a single instance of my network or VPN going down bc of it."

"PfSense or OpnSense Hardware Security Appliance. Can make it yourself, for free I you have a spar PC or laptop available, or if you want to run it in the VM aka Cloud or VPS."

"Install OPNSense on it. That way you can get actually good hardware, instead of what the various integrated providers offer, and you get better software than any of them."

"OpnSense is *software*, and free."

"Go with OpnSense for the firewall software, you can put it on almost any hardware but I am a big fan of Protectli."

"Install OPNsense on it, or (and this is how I do it), install Proxmox on the device and run OPNsense on a VM."

"When my last home firewall appliance died, I decided to try OpnSense this time around and while it's good, I'm much more comfortable with pf's interface."

"I use OPNsense with dual stack WAN and some v6 only LAN networks. NAT64 with Tayga works great."

"Opnsense and pfsense work just fine with ipv6"

Palo Alto Networks

4.5

(25)

"If you want layer 7 policies and application control, you should go with palo alto as their DPI is the most advanced."

"1. Palo if you can afford it."

"PA 400 series. Great product. Love mine."

"$$$ Palo"

"Palo Alto is top-tier for security but pricey."

"If you are after a L7 firewall there are only 2 real options. Palo Alto and Fortinet."

"Go for palo alto since in my use cases they've been the best when it comes to performance, reliability and feature pack."

"Palo Alto 440 in a HA pair is the only acceptable option."

"If not Watchguard and you want something more robust then Pablo alto."

"+1 for Palo."

pfSense

4.5

(25)

"Both are great. You can’t go wrong with either pfSense or OPNsense."

"PfSense is what I've used for about a decade now for both enterprise and home."

"PfSense or OpnSense Hardware Security Appliance. Can make it yourself, for free I you have a spar PC or laptop available, or if you want to run it in the VM aka Cloud or VPS."

"Pfsense. Don't look anywhere else."

"Any Dell optiplex + Intel multiport card + pfSense/opnSense community edition will be much much more powerful and cheaper."

"My vote goes for pfsense, but I will give out honorable mentions to OPNsense and OpenWRT."

"I love pfsense, its been rock solid, no issues. just a great OS."

"I would also advocate for pfSense/ OPNSense as a firewall to avoid licensing fees."

"Pfsense for firewall."

"I would recommend a PFSense with OpenVPN for your VPNs connections."

Sophos

4.5

(16)

"Second this. I have a XGS2100 HA pair at my HQ and then a XGS107 at every branch. Overall affordable and yearly subscription isn't awful."

"+1 for Sophos. It is a great product line and easy enough to configure and get running."

"Sophos is probably the way to go based on features, reliability, cost"

"We run 2 XG2100s in HA and already had some downtime with our primary circuit in production and literally no one in meetings batted in eye."

"Sophos XGS"

"We are not using their access points but we are using XG firewalls and endpoint and I agree with everything said."

"Sophos XG free home edition is really good for smaller networks."

"Get a used Sophos and slap opnsense on it."

"Sophos xg or opnsense I run sophos,"

"Sophos is great. I'm running it on a heavily upgraded Watchguard M370 I got for free from work."

FortiGate

4.2

(13)

"Fortigate is a great firewall."

"We are full Fortigate."

"Fortigate hands down."

"Fortigate firewalls regardless of environment size."

"I use FortiGates at work and I like how Fortinet does their policies."

"Fortigate is good value for money and they support the hardware for quite a few years."

"Fortigate for the firewalls and Unifi for the other infrastructure had worked well for us."

"Personally I would stick with the fortigate to protect the border."

"I would look at HP aruba Instant On for switch and AP as use the Fortigate as the firewall."

"A Fortigate or Palo Alto definitely have the features you need."

Ubiquiti

4.0

(12)

"I love uniquiti for my SOHO."

"We standardized around Unifi last year and have zero regrets about it."

"Depending on the business and requirements a UniFi UDM could work. PFsense is also a pretty good choice as well"

"Ubiquiti gateway Pro. For $500 you get a decent firewall with a starting point of all the features you would see on a fortigate or watchguard WITHOUT the yearly maintenance fee."

"Ubiquiti, their proofpoint cyberSecure offering is also reasonably priced."

"UniFi Fortress Gateway, for the simplicity of management and cost."

"Switched from sonic wall to a ubiquiti set up, been great for me. 250+ users"

"For a company that size I would go Ubiquiti"

"Personally i use all unifi gear and i love it, i swear by it so much that when i moved out of my parents... bought more"

"Ubiquiti. Stay away from Cisco, they’ll break your bank."

WatchGuard

3.6

(11)

"If Watchguard is available, I would recommend them."

"We have 150 people and we use WatchGuard. Easy to use."

"Watchguard M390 is what we would start with and go up from there depending on performance requirements."

"Watchguard all the way."

"Watchguard."

"I use Watchguard for all sites."

"Take a look at Watchguard firewalls. Big bang for the buck."

"Firewall with site to site VPNs are Watchguard."

"I would look at Watchguard and use IKEv2 vpn w/AUTH point."

"Every firewall has its quirks. The watchguard one of my customers has the most “quirks” out of all the firewalls I’ve touched."

Cisco

3.8

(9)

"You can block sites by category ie adult, drugs, shopping etc. You can also block applications like vpns and anonymizer apps that students will use to try and circumvent your blocks."

"Cisco Meraki. It's solid stuff, well maintained, and easily setup."

"If you want something in between then meraki."

"Meraki (Cisco’s lite cloud-managed offering) is quite nice for a SME."

"Keep your life easy, meraki."

"PaloAlto or Cisco would be my bet."

"I'd look into Meraki - if thats too much $$$ Maybe Sophos XGS."

"Less favorite Cisco the opposite although they are very robust."

"I switched out a Meraki MX84 for a Fortigate 60F, and it was okay, but when I had an issue, I had no backup!"

#10

Netgate

4.3

(6)

"I have settled on Netgate/pfSense because they do what I need and they’re affordable."

"Recommendation: Netgate SGW, Unifi switches, and U6 LR APs"

"The netgate appliances pack a lot of bang for the buck."

"Netgate 1100 pfSense+ Security Gateway"

"Netgate."

"You may also consider a NetGate (makers of pfsense) firewall."

#11

Rethink

4.0

(6)

"Important feature of Rethink that I didn't find on Netguard is option to set on listed app to 'bypass DNS & Firewall'."

"I appreciate the more modern interface with better options."

"It works great as an application firewall letting me block internet to certain apps"

"As firewall, both work fine. Rethink just has more options than just firewall."

"Rethink gives you more control as compared to netguard"

"Rethink has one advantage -- it can do filtering locally using block lists"

#12

SonicWall

4.0

(6)

"I have run SonicWALLs for many years and this is really not a problem."

"Sonicwall fanboy here."

"I’ve a special place for SonicWall. Ran them for over a decade and was able to achieve a lot of very interesting and robust routing, nat, and firewall situations."

"Another vote for SonicWall"

"If you don't have anything negative to say about SonicWALL, then why not go with a TZ270?"

"Sonic wall isn't really small business but it's been reliable for me for years."

#13

MikroTik

4.4

(5)

"Mikrotik firewall for the VPNs."

"Mikrotik for Layer 3 (Router / Firewall and Core Switches) and Unifi for Layer 2."

"MikroTiks are very affordable. Not the strongest L7 firewall (especially compared to the likes of FortiGate), but on a budget, it's cheap, fast, and damn reliable."

"I’m a huge fan of Mikrotik routers and switches."

"If you're on a budget I recommend MikroTik."

#14

DNSFilter

4.0

(5)

"Another vote for DNSFilter"

"+1 for DNS filter. Plus it integrates with our SOC"

"+1 for DNSFilter, especially since they just bought Zorus which is/was one of the best endpoint agents as well."

"+1 for DNSFilter."

"DNSFilter. Has both a client that can be used like GoGaurdian and a relay for all domain and LAN traffic"

#15

Palo Alto

4.5

(4)

"If you are buying a firewall and you have money you want a palo."

"Top end is palo alto"

"Palo Alto, Cisco, Fortinet are the ones I've seen used."

"Palo Alto over here."

#16

Firewalla

4.3

(4)

"They're so baller, granular control, amazing"

"I recommend the Firewalla Purple or the Protectli Vault (with OPNsense or pfSense). Both are affordable, without WiFi, ideal for individual/family users and available in Europe."

"You might try something like Firewalla a"

"If you're getting the Firewalla Gold it's already doing both of those."

#17

UFW

4.0

3.0

(1)

"Going against the grain: Arista / Untangle."

#59

Unifi

3.0

(1)

"The unifi dream router, unifi cloud gateway, and dream machine pro all have IPS at various speeds"

Discover your audience

GummySearch is an audience research toolkit for 130,000 unique communities on Reddit.

If you are looking for startup problems to solve, want to validate your idea or find your customers online, GummySearch is for you.

Tell me more

Get started