OPNsense compared to turn-key solutions from other vendors

[michmoor]

Hello All,
I am testing OPNsense in my lab looking to perhaps deploy this as a small/medium-sized business solution to my customers.
Curious as to what people think of OPNsense as it compares to others such as Palo Alto or Fortigate.

The biggest headache I've come across is the SSL inspection and A/V scanning. I have no option but to run in transparent mode and there is no option to bypass all banking sites. I can use the SSL bumplist but that doesn't help if there are dozens of banking sites.  Also I want to be granular where I want to do SSL inspection on one interface but not on my Guest network interface. Theres no way to select different policies unless Im missing something. Same issue with ClamAV and scanning. Great feature but I don't want it running on my Guest Network but I have no choice.
Now that I am writing this, I think URL filtering has the same problem.

Ive looked into ZenArmor so that seems like a bit more of a promising solution so still need to investigate.

What does the community think. Is OPNsense on par with the closed source vendors?

[allebone]

I would only use it with Zenarmor as the other (free) options are not enterprise level.