We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The CLI is robust and powerful, enabling rapid, consistent changes via SSH."
"It can expand easily."
"The solution is stable."
"We have found it to be very reliable and that's why our teams and various users in our company use it as our main firewall every day."
"The web filtering feature and the intrusion protection system are the most valuable. It is a resilient appliance. I never had an issue with it in terms of any security breaches."
"Fortinet FortiGate is a security device. It can optimize security on the networks of a company. It actually protects the company from attacks from outside. With FortiGate, you can categorize the users. You can create a group of users that can access all of the websites for their work. You can limit other users' access."
"It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working."
"LinkGreat firewall capabilities"
"The technical team is always available when we have problems."
"Simple to deploy, stable."
"Even in very big environments, Cisco comes in handy with configuration and offers reliability when it comes to managing multiple items on one platform."
"The firepower sensors have been great; they do a good job of dropping unwanted traffic."
"The stability of the solution is very good. We can see that it gets even better with every release."
"Cisco Secure Firewall is a good solution. In some ways, it is a reactive solution and we have it sitting in a whitelist mode rather than a blacklist mode. It seems to work fairly well for us."
"The feature I find most valuable is the Cisco VPN Interconnection."
"The solution's dashboard is fine, and in terms of support, Cisco is better than other OEMs in the market."
"The concurrent users are perfect for us."
"I like pfSense's security features."
"A very stable product that lasts over time, easy to understand, and administer."
"This solution has increased the level of security, given us more control, provided a deep insight into network traffic, and is a great VPN solution."
"Creation of certificates and the facility to administer services are valuable features."
"Routing, load balancing, Traffic Limiter and queues. Since this company relies on an Internet connection, having these features is a must."
"I have found the firewall portion for the blocking most valuable."
"We like the fact that the product is open-source. It's free to use. There are no costs associated with it."
"The stability could be a bit better."
"The way everything is set up could be easier. Currently, people need a lot of experience and knowledge to administer it and to link it to devices."
"From a reporting perspective, there's room for improvement. They're providing FortiAnalyzer through which one can get some enhancements, but the visibility and reporting still need slight improvement."
"Fortinet FortiGate is not very easy to use. The navigation could be improved to make it easier to use."
"The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are."
"I would like to see improvements with the antivirus and IPS as they are not working properly all the time."
"The captive portal could be improved."
"It should be more stable. There should be full integration within Fortinet products themselves as well as with other third-party products. Especially when you're not dealing with SIEM and the correlation of the security box, we want Fortinet to be able to share that information with as many other products as it can."
"I would like to see more integration with third-party devices in general. There is great integration with Cisco devices, but there's not much integration with third-party devices."
"The installation and integration of Cisco ASA with FirePOWER can be improved. The management with Fortigate is easier than Cisco ASA on FirePOWER. The management side of Cisco ASA can be improved so it can be more easily configured and used."
"Deploying configurations takes longer than it should."
"There's a little bit of a disconnect between Firepower’s management and the rest of the products, like DNA and Prime. The solution should have fewer admin portals for network, security, and firewalls."
"One thing that Cisco could improve is the GUI. The graphic user interface should be more user-friendly."
"It would be nice if you didn't have to configure using a command-line interface. It's a bit technical that way."
"Setting firewall network rules should be more straightforward with a clearer graphical representation. The rule-setting method seems old-fashioned. The firewall and network rules are separate from the Firepower and web access rules."
"The dashboard can be improved."
"Reporting and real-time monitoring, since I'm used to Watchguard's reporting features, it would be nice to have an embedded solution for reporting."
"My only observation is about the quality of the IPSec logs, which are difficult to interpret and are poor in filters."
"Many people have problems setting up the web cache for the web system."
"I believe improving integration with various antivirus vendors could be beneficial."
"The GUI. There are TONS of plugins for pfSense, as such, if a user wants to add quite a bit of functionality, the GUI will feel a little congested."
"It requires more attention to provide a better alternative for open source to small government or educational institutions with reduced budgets in terms of technology."
"The usage reports can be better."
"Improve analysis of logs and dashboards (control panel) with improved alert functionality."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.