Quick Notes on the differences between Sophos UTM 9 and OPNsense

Overall: Sophos UTM 9 is better, definitely worth the money.

Summary: the basic features of OPNSense work, but other important features don't work at all.

1. NTP Server doesn't work in OPNSense. The client works, looks nice in the dashboard, but try to set your Windows clients to use it, and nothing works.

2. OPNSense DNS server doesn't generate an automatic rule to allow client access. Why?

3. The IDS/IPS on OPNsense can't skip specified hosts. So if you have a host doing a lot of media streaming, like a Plex host or an Apple TV, you can't exempt it from IPS/IDS scanning, resulting in a massive slow down.

4. The IDS/IPS engine (in OPNsense) doesn't support VLAN's. The IPS requires hardware NIC's. Enabling IPS in a VM will result in total loss of response.

5. In setting up firewall rules, aggregating hosts, networks and other network objects is quite clumsy in OPNsense. Sophos has a very slick and powerful interface for aggregating objects.

6. The GeoIP blocking is a faff-around, very clumsy in OPNsense

7. The OPNsense network translator (DNAT) doesn't quite work, or isn't as good as the Sophos equivalent. It's not as sophisticated, and its feature set is relatively basic. It didn't work for me.