Latvian company MikroTik offers routers and switches.
N/A
pfSense
Score 9.9 out of 10
N/A
pfSense is a firewall and load management product available through the open source pfSense Community Edition, as well as a the licensed edition, pfSense Plus (formerly known as pfSense Enterprise). The solution provides combined firewall, VPN, and router functionality, and can be deployed through the cloud (AWS or Azure), or on-premises with a Netgate appliance. It as scalable capacities, with functionality for SMBs. As a firewall, pfSense offers Stateful packet inspection, concurrent…
UBNT has more stable Wi-Fi, but the price is higher and not so flexible so it cannot be "tweaked" beyond intended use. Also Ruijie Network can perform better on high density Wi-Fi scenario with comparable price, but still it lack flexibility to be tweaked beyond factory intended …
Real competition was between Pfsense and OpnSense that integrates first the bootstrap Twitter framework. But with OpSense there are configurations that create some problems with a specific client (we've experienced that by creating an IPSec tunnel both with OpSense and …
MikroTik and pfSense both offer firewall solutions that leverage software to allow devices to function as network firewalls. MikroTik primarily provides routers and switches, but their RouterOS software acts as a software based firewall solution. pfSense is an open source firewall solution that businesses are able to access for free. Most likely due to pricing, pfSense is most popular with small businesses.
Features
MikroTik and pfSense can both be used to protect business networks through firewalls, but they also have a few standout features that set them apart from each other.
MikroTik’s RouterOS software is very low demand and flexible enough to fit on most devices or virtual machines without taking up much space. MikroTik RouterOS can also be installed on all sorts of drives, from USB to SATA. This makes MikroTik a good choice for organizations looking for software that can function on low performance machines.
pfSense firewall is an open source tool, making it highly customizable for a skilled team that can take advantage of access to the source code. Additionally, pfSense includes advanced features such as SSL encryption and customizable content filtering. pfSense is an ideal choice for businesses looking for a highly customizable, high performance firewall option.
Limitations
MikroTik and pfSense both provide essential firewall features, such as customizable routing, but they also have a few limitations that are important to consider.
MikroTik RouterOS is a proprietary firewall solution, so it isn’t as accessible, or as customizable as open source solutions like pfSense. Additionally, MikroTik provides excellent routing features but is weaker when it comes to features like SSL encryption. Businesses looking for more powerful security features may prefer a solution like pfSense.
pfSense offers significant flexibility and powerful features, but it is also a heavier piece of software compared to RouterOS. Businesses looking for the lightest possible software that can run on very low power machines may prefer Mikrotik’s firewall solution. Support for pfSense is also limited for businesses that use pfSense for free rather than purchasing hardware from pfSense.
Pricing
Pricing for bothe MikroTik firewall solutions and pfSense firewall solutions is highly dependent on how it is used. MikroTik hardware including their firewall solutions start as low as $70.00
Businesses can access and utilize pfSense firewall for free, but it is also included in their hardware and cloud packages. Cloud pricing starts as low as $0.08 per hour. In contrast, hardware packages including firewalls start as low as $150.00.
Features
MikroTik Routers and Switches
pfSense
Firewall
Comparison of Firewall features of Product A and Product B
MikroTik Routers and Switches
-
Ratings
pfSense
7.6
11 Ratings
13% below category average
Identification Technologies
00 Ratings
5.010 Ratings
Visualization Tools
00 Ratings
7.08 Ratings
Content Inspection
00 Ratings
4.011 Ratings
Policy-based Controls
00 Ratings
10.011 Ratings
Active Directory and LDAP
00 Ratings
7.09 Ratings
Firewall Management Console
00 Ratings
9.510 Ratings
Reporting and Logging
00 Ratings
8.011 Ratings
VPN
00 Ratings
10.011 Ratings
High Availability
00 Ratings
10.011 Ratings
Stateful Inspection
00 Ratings
7.011 Ratings
Proxy Server
00 Ratings
6.111 Ratings
Best Alternatives
MikroTik Routers and Switches
pfSense
Small Businesses
No answers on this topic
Sophos UTM
Score 8.1 out of 10
Medium-sized Companies
Cisco Routers
Score 9.1 out of 10
Quantum Firewalls and Security Gateways
Score 9.6 out of 10
Enterprises
Cisco Routers
Score 9.1 out of 10
Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series
MikroTik is suited for large companies that require advanced distributions in terms of contracted bandwidth, and in the same way, allows a single device to specify filtering and firewall rules without acquiring an additional device. There is a range for small companies which is more economical and less robust, but in case it's not necessary, such a strict control over the data consumption of the company is not a feasible solution.
I believe PFSense is well suited for both home lab environments as well as up to small to mid-size business environments on a tight budget. However, I would implore that anything in production requires the use of the authorized hardware that PFSense sells to receive support. However, in my experience, PFSense is a solid set-and-forget firewall solution.
Easy to use. Good user interface design! Easy to understand and easy to set up.
Lower hardware requirement. 3 years ago, we used an old PC to run it. Now, we have changed to a router device with Celeron CPU and 8GB RAM. It runs smoothly with a 1000G commercial broadband.
Some of the wiki articles have not been updated or are not accurate enough. We spent a couple of days trying to find an example of implementing a mobile IPSec client solution. But once this has been implemented, it has been solid (always worked). A bigger community would help, and I am finding it hard to find the time to contribute to these articles.
I did kind of mention a Con in the Pro section with OpenVPN.
When I create a config for an employee other employees are able to login to that config.
I could be doing something wrong when I am making it - I am not afraid to admit that as I am pretty new to all of this, but it seems like it builds a key and I would think the key would be unique in some way to each employee, but I could be wrong.
I actually do not have a lot of Con's for this software - I did not get to set this up on our work network so I am not sure of any downfalls when installing.
I installed this on my personal machine in a Hyper-V environment to get a feel for it before I started working on it at work and it seemed pretty smooth. I didn't run into any issues.
The pfSense UI is easy to navigate and pretty go look at. It is much better than some high dollar firewalls that just throw menus you you. The pfSense UI is quick and responsive and makes sense 99% of the time. Changes are committed quickly and the hardware rarely requires a reboot. It just runs.
There is no SOC, NOC, where you can contact to try to resolve any difficulties. The problems that these devices have are solved largely through the community, with workaround alternatives, or if the support team responds to a request, the response times are too high for the current needs of technological communications.
Cisco Routers are one of the best in the market, however they are also very expensive and not suitable for a small deployment or any deployment which requires just a couple of routers. MikroTik on the other hand are less expensive and provides many features that you require for a small scale deployment. they fit in with the budget and do what you need them to.
Meraki has a unified management login for all devices, which is nice. It also has decent content filtering, both areas where pfSense is weaker. Where pfSense far ouclasses Meraki is in the ease of use and the other width of features. These include features such as better VPN interoperability, non-subscription based pricing, auditability, not relying on the infrastructure of a third party, more transparency of what's actually going on, easier to deploy replacements if hardware fails. Additionally, the NAT management for pfSense seems to be a bit better, as you can NAT between any network segment and not just the LAN segments out the WAN interfaces.
pfSense can be installed on commodity hardware with no licensing fees. With a simple less than 10 minute restore time, on most hardware, it's an extremely inexpensive way to achieve the same results that some of the more expensive vendors provide.
The easy to use interface has allowed configuration management to be preformed by lower level technicians with quick and easy training.
