2023 Firewall Features Compared: pfsense | Arista | UniFi | Sophos | Fortinet | Meraki & What We Use [YouTube Release]

Additional Resources:

pfsense tutorials

UniFi Tutorials

Christian Lempa Sohpos XG & other great videoes

Stacey on IOT Firewalla Review

The Network Berg MikroTik & Other Networking videos The Network Berg - YouTube

Connecting With Us

Lawrence Systems Shirts and Swag

►👕 https://teespring.com/stores/lawrence-technology-services


Amazon Affiliate Store
:shopping_cart: Lawrence Systems's Amazon Page

Ubiquiti Affiliate
:shopping_cart: Ubiquiti Store USA – Ubiquiti Inc.

All Of Our Affiliates that help us out and can get you discounts!
:shopping_cart: Affiliates We Love - Lawrence Technology Services

Gear we use on Kit
:shopping_cart: Kit

Try ITProTV free of charge and get 30% off!
:shopping_cart: Learn technology and pass IT certifications with ITProTV

Use OfferCode LTSERVICES to get 10% off your order at
:shopping_cart: Tech Supply Direct - Refurbished Tech at Unbeatable Prices

Digital Ocean Offer Code
:shopping_cart: DigitalOcean | The Cloud for Builders

HostiFi UniFi Cloud Hosting Service
:shopping_cart: HostiFi - UniFi Cloud Hosting

Protect you privacy with a VPN from Private Internet Access
:shopping_cart: Buy VPN with Credit Card or PayPal | Private Internet Access

:moneybag: https://www.patreon.com/lawrencesystems

:stopwatch: Time Stamps :stopwatch:
00:00 :arrow_forward: Firewall Comparison Chart
00:48 :arrow_forward: How We Made The List
02:15 :arrow_forward: pfsense CE VS pfsense plus
03:02 :arrow_forward: What About OPNsense
04:28 :arrow_forward: The Chart of Firewalls, pfsense, Arista Untangle, UniFI, Fortigate, Sophos, Meraki
06:20 :arrow_forward: Virtualization support
06:51 :arrow_forward: Central Management
08:17 :arrow_forward: Web Management Interfaces
08:51 :arrow_forward: License Fees
10:36 :arrow_forward: High Availability
10:56 :arrow_forward: BGP/OSPF
11:37 :arrow_forward: SDWAN
11:54 :arrow_forward: OpenVPN, Wireguard, L2TP, & IPSEC Support
14:38 :arrow_forward: Tailscale
15:15 :arrow_forward: IDS/IPS Traffic Inspection
16:31 :arrow_forward: Web Content Filtering DPI & SSL Inspection
17:24 :arrow_forward: DNS Filtering
18:21 :arrow_forward: Traffic Shaping
18:40 :arrow_forward: Multi WAN
19:22 :arrow_forward: Active Directory Integration
19:44 :arrow_forward: Policy Routing
20:20 :arrow_forward: Firewall Rules Based on Active Directory
20:50 :arrow_forward: Reverse Proxy & Let’s Encrypt
22:52 :arrow_forward: Captive Portal
23:20 :arrow_forward: Traffic Reporting
24:00 :arrow_forward: VLAN Support

#firewall #networking #security

Very good video. I have tried pfsense, Unifi, OpnSense, and Untangle (Arista). I finally landed on Untangle over 4 years ago and have been testing each year both pfsense and OpnSense would be a good replacement when my subscription gets close to renewal. After about 8 hours of configuration and testing I always seem to land back to my $50/year plan with Arista.

I would say the ability to create multiple policies and mix and match their “apps” in the polices is my primary reason along with the reporting. I do wish they had aliases like pfsense for some things but you can use the tagging option to replicate some aliases features. Also many of the clients I support can easily be managed via the cloud dashboard. What drives me crazy is that many small businesses will initially balk at the prices for Arista licenses but then I show them price schedules from the others and they will back down.

I will admit I do see an lot of pfsense out there in the field which is a testament to their products. Like you I never ran into OpnSense in a commerical setting but have helped many friends with their OpnSense in their homes.

Always enjoy firewall discussions, I think one thing to add to the *sense line of routers is they can be extended to achieve SDWAN using tools like zerotier, Application level monitoring/filters with Zenarmor, and in the case of business OpnSense it can be centrally managed using OpnCentral to sync aliases, firewall rules, settings, etc, and provide central authentication all being self hosted.

All of these options are direct plugins provided from the OpnSense repository, and can be installed using CLI on pfsense.