We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The most valuable feature is the web filter."
"Mainly the FortiGate reporting system is very good. It guides us through all the expectations of security. Fortinet provides us all that we need for security. Also, Fortinet FortiGate is a next-generation firewall. It is much more advanced than others."
"It is user friendly, and has all the features you need."
"It is useful for protecting and segregating the internal networks from the internet. Most of our customers also use the FortiGate client to connect to their offices by using the VPN client, and of course, they usually activate the antivirus, deep inspection, and intrusion prevention services. They are also using it for web filtering and implementing various policies dealing with forwardings, NAT, etc."
"Good performance, stability, and virtual domain ability."
"I think that the UTM features are the most value, as it truly protects my infrastructure."
"It's a user-friendly firewall. Most of the tasks are very simple. It's simple to configure and troubleshoot this firewall."
"The solution has very good threat and content filtering switches."
"What I like about Cisco is the security zone. By default when you configure it, it gives you a security zone, which other firewalls don't have."
"The primary benefits of using Cisco Secure solutions are time-saving, a robust API, and convenience for the security team."
"For business purposes, it's a very detailed solution, which is it's greatest benefit, as you can get almost any piece of information you need from the solution. It allows for admins to be able to troubleshoot pretty easily."
"The content filtering is good."
"Ease of configuration: It has gotten a lot easier to configure compared to the original Cisco Pix."
"Once you add Firepower onto to it and you start enabling some of its features, you get some IDS/IPS involved with it and you can even do web filtering."
"The most valuable feature is that it has the ability to divide the network into three parts; internal, external, and DMZ."
"The most valuable feature is the access control list (ACL)."
"The initial setup was straightforward, therefore I wanted to continue using the product."
"The solution has good customization abilities and plenty of features."
"The main features of this solution are customization and ease to use."
"The VPN is my favorite feature."
"The gain in performance and security from configuring the VPN connections was significant."
"I can manage it easily by myself."
"What I like about pfSense is that it works well and runs on an inexpensive appliance."
"The initial setup is easy."
"One of the features that I would like to have is to do with endpoint production, it should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not."
"The scalability could be better."
"I would like to see better pricing in the next release, as well as a simplification of the installation."
"I would like to see improvements with the antivirus and IPS as they are not working properly all the time."
"I need user-behavior analytics, to find threat scenarios from inside the organization, insider attacks. That would be very helpful for us. In addition, I would like next-generation features for small and medium businesses. These businesses require UTM, all in one product. Fortinet must include it."
"It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features."
"The cloud features and integration could be improved."
"A sandbox would be good in order to be able to inspect the emails containing spam and be able to validate the emails that contain malware, prior to delivering to the customer."
"Usually, the customers are satisfied, but I am going to recommend that all clients upgrade to FirePOWER management. I want Cisco to improve the feature called anti-spam. We use a Cisco only email solution, that's why we need the anti-spam on email facility."
"When we're looking at full-stack visibility, it can be difficult to get the right information out of Firepower."
"The artificial intelligence and machine learning (behavioral based threat detection), which I can this will be coming out in another year, these are what we need now."
"The solution's deployment is time-consuming, which should be minimized and made more user-friendly for us."
"Its configuration through GUI as well as CLI can be improved and made easier."
"The license system is also good but it's not very impressive. It's a very regular licensing system. They call it a smart license which means that your device will connect to the internet. This is a little bit of a headache for some customers. It doesn't make the customer happy because most of the customers prefer not to connect their firewall or system to the internet."
"We would like to see improvement in recovery. If there is an issue that forces us to do recovery, we have to restart or reboot. In addition, sometimes we have downtime during the maintenance windows. If Cisco could enhance this, so that upgrades would not necessarily require downtime, that would be helpful."
"You have to know the ASA command line very well because not all operations are available in the graphical interface"
"I've never tried it in large environments. All my clients are small businesses with a handful of employees, so I am not sure how it works in large environments. I keep up with recent versions, and there's nothing I'm waiting for, and nothing breaks when I get a new version."
"The GUI could use more “bells and whistles”. It's got plenty of info for a Sysadmin but some people like shiny things."
"I would like to see different graphs available in the reporting."
"I would like to see multiple DNS servers running on individual interfaces."
"Lacks instructional videos."
"The user interface can be improved to make it easier to add more features. And pfSense could be better integrated with other solutions, like antivirus."
"Netgate pfSense needs to improve the configuration for a VPN."
"pfSense is not user-friendly. I hope to have something to make the interfaces more user-friendly."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.