OPnsense vs Sophos vs Pfsense UTM

[Solid-Profession]

Hi,

I'm looking at different options atm. I believe OPNsense is essentially Pfsense with a nicer UI?

Sophos is Sophos which has a UTM offering for home users, presumably so that you try it out commercially.

OPnsense also has the advantage of being able to be used commercially, and we could use that on our guest network with an air gap. Can you use OPnsense as a UTM solution?

I appreciate that you might have to download various packages instead of a unified dashboard in "one single pane of glass" to use the marketing terminology

Thanks

[fabian]

Hi,

I'm looking at different options atm. I believe OPNsense is essentially Pfsense with a nicer UI?

No, that might have been true in the past but the product diverged over the years and there are lots of things that have been rewritten from scratch. OPNsense has also more plugins in count but the core has almost the same functionality. The usually used plugins are in both systems but the implementation is likely different. In some regards, pfSense is better in others OPNsense if you need some special things, you need to test both separately.

Here is a small comparison (note that an employee of that company is committing to opnsense):

https://techcorner.max-it.de/wiki/Datei:2020-04-06_15_19_18-Window.png

Sophos is Sophos which has a UTM offering for home users, presumably so that you try it out commercially.

OPNsense is an UTM as well, especially if you add the Sensei plugin.

It has a Firewall, WAF, Spam protection, malware scanning etc. if you use and combine the plugins correctly. Sadly not everything can be combined. For example the nginx plugin cannot make use of the local clamav service.

OPnsense also has the advantage of being able to be used commercially, and we could use that on our guest network with an air gap. Can you use OPnsense as a UTM solution?

As I said above, with the right plugins you have an UTM. The only thing is that commercial products often have better signatures and for that reason better detection. OPNsense also has no analysis engine for dynamic malware analysis. You only have a static scanner. So that depends on your needs.

I appreciate that you might have to download various packages instead of a unified dashboard in "one single pane of glass" to use the marketing terminology

Thanks

This paragraph confuses me.

[Patrick M. Hausen]

Solid advice from @fabian.

Just a "btw" from me: UTM is a marketing term without a precise technical definition. You can set up a similar level of protection/enforcement with OPNsense for sure.

"btw2": a firewall is a policy enforcement device. Without a policy it's worthless. Try to set up a policy in writing and then check if the products in question are capable of enforcing that.

[mimugmail]

Only thing from Sophos I'm missing is the user portal to self-enroll certificates and VPN configs.

[Solid-Profession]

Hi,

I'm looking at different options atm. I believe OPNsense is essentially Pfsense with a nicer UI?

No, that might have been true in the past but the product diverged over the years and there are lots of things that have been rewritten from scratch. OPNsense has also more plugins in count but the core has almost the same functionality. The usually used plugins are in both systems but the implementation is likely different. In some regards, pfSense is better in others OPNsense if you need some special things, you need to test both separately.

Here is a small comparison (note that an employee of that company is committing to opnsense):

https://techcorner.max-it.de/wiki/Datei:2020-04-06_15_19_18-Window.png

Sophos is Sophos which has a UTM offering for home users, presumably so that you try it out commercially.

OPNsense is an UTM as well, especially if you add the Sensei plugin.

It has a Firewall, WAF, Spam protection, malware scanning etc. if you use and combine the plugins correctly. Sadly not everything can be combined. For example the nginx plugin cannot make use of the local clamav service.

OPnsense also has the advantage of being able to be used commercially, and we could use that on our guest network with an air gap. Can you use OPnsense as a UTM solution?

As I said above, with the right plugins you have an UTM. The only thing is that commercial products often have better signatures and for that reason better detection. OPNsense also has no analysis engine for dynamic malware analysis. You only have a static scanner. So that depends on your needs.

I appreciate that you might have to download various packages instead of a unified dashboard in "one single pane of glass" to use the marketing terminology

Thanks

This paragraph confuses me.

Thanks for that. That really helps. I thought that with Opnsense not everything would immediately show as "obviously" as with a commercially backed product? Even if that commercially backed product is a free product

[franco]

To be fair, all these are commercially backed products in some way. But let me get straight to the biscuits:

You will find that OPNsense is more aligned with commercial UTM offerings than pfSense. Why? It was one of the reasons for forking it. This can also be witnessed by the mere existence of the TNSR offering that came later. ;)


Cheers,
Franco

[sorano]

You will find that OPNsense is more aligned with commercial UTM offerings than pfSense. Why? It was one of the reasons for forking it. This can also be witnessed by the mere existence of the TNSR offering that came later. ;)

Quoted for truth!

Actually, seeing Sensei available for OPNsense and netgate releasing TNSR was the main thing that made me jump over to OPNsense. TNSR release made it obvious that netgate will spend less resources on pfsense.

[Solid-Profession]

Only thing from Sophos I'm missing is the user portal to self-enroll certificates and VPN configs.

May I ask why you moved from Sophos to Opnsense?

[mimugmail]

I didnt move, I offer my customers both of them, and it depends on the use case

[Solid-Profession]

I didnt move, I offer my customers both of them, and it depends on the use case

May I ask why you'd choose one over the other?

[mimugmail]

Sophos is a commercial vendor with commercial virus scanner. And it offers a user portal and integrated WiFi. If a customer needs this, Sophos, if not, OPNsense

[Solid-Profession]

Sophos is a commercial vendor with commercial virus scanner. And it offers a user portal and integrated WiFi. If a customer needs this, Sophos, if not, OPNsense

Thanks. For a home user, does the Sophos stuff compare?

[mimugmail]

I think it's Limited to 50 devices

[Solid-Profession]

I think it's Limited to 50 devices

The XG one isn't tbh which is the replacement. Even then that seems fine. Not sure then which to go for?

[mimugmail]

Try it on your own, I dont like the XG, will stay at SG