We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The simplicity of the configuration and the stability of the product are most valuable. The VPN concentrator is very useful."
"The dashboard I have found the most valuable in Fortinet FortiGate."
"It is useful for protecting and segregating the internal networks from the internet. Most of our customers also use the FortiGate client to connect to their offices by using the VPN client, and of course, they usually activate the antivirus, deep inspection, and intrusion prevention services. They are also using it for web filtering and implementing various policies dealing with forwardings, NAT, etc."
"The response is very quick and they can visually resolve our problems in a short period."
"The network security and cloud security are most valuable."
"The scalability is good in Fortinet FortiGate."
"The most valuable features of Fortinet FortiGate are the rules and quality of service."
"The Fortinet FortiGate local partners were good. I did not have direct contact with Fortinet support."
"Cisco's engineer helped us with a lot of scripting to see what existed. Previously, we didn't have a proper policy. In fact, we didn't have any policy because we didn't have any firewall for the data center, so generating a policy was a big challenge. Cisco's engineer helped us to do some scripting and find out what kind of policy we can have and organize those policies. That was nice."
"Firepower has reduced our firewall operational costs by about 25 percent."
"The remote VPN and IPsec VPN or site-to-site VPN features are valuable. The clustering feature is also valuable. We have two ISP links. Whenever there is a failover, users don't even get to know. The transition is very smooth, and the users don't notice any latency. So, remote VPN, site-to-site VPN, and failover are three very powerful features of Cisco ASA."
"The most valuable feature is that the encryption is solid."
"The most valuable feature is that it has the ability to divide the network into three parts; internal, external, and DMZ."
"Cisco offers a great educational series to train users on their devices."
"The most valuable feature of Cisco Secure Firewall is its ease of configuration and that it's scalable for firewalls and VPNs."
"The return on investment is not going to be restricted to just the box... Now, these genres have been expanded to cyber, to third-party integrations, having integrated logging, having integrated micro and macro segmentations. The scope has been widened, so the ROI, eventually, has multiplied."
"Easy to deploy and easy to use."
"It's a good solution for end-users. It's pretty easy to work with."
"Good basic firewall features."
"Open source and support are valuable. I have community support."
"It works. I put pfSense in, and it works. I can't think of any trouble I ever had with it. It runs on heat-sensitive appliances. They don't need a fan, so they don't overheat. It is affordable, fast, and very high-speed. It is built on BSD Unix, and it pretty much runs on any Intel processor."
"At our peak time, we have reached more than 5,000 concurrent connections."
"The interface is straightforward and easy to use."
"The documentation is very good."
"We were not able to build a full-mesh VPN; however, I am not sure if this was the fault of Fortinet FortiGate."
"The Web-filter in this solution is not very good."
"It would be ideal if they had some sort of GUI interface for troubleshooting and diagnostics."
"Stability and technical support are the two major issues I have found with Fortinet."
"The cloud features and integration could be improved."
"The cloud management and automation capability could be improved."
"Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why."
"In terms of what could be improved, the SD-WAN is quite difficult, because if you install the new box, 15 is okay, but if you change from an old configuration, if there is already configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface."
"A feature that would allow me to load balance among multiple ISPs, especially since we have deployed it as a perimeter firewall, would be a great addition."
"The artificial intelligence and machine learning (behavioral based threat detection), which I can this will be coming out in another year, these are what we need now."
"On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."
"Changes you make in the GUI sometimes do not reflect in the command line and vice versa."
"Security must be increased when a new user connects over the LAN and an alarm must be generated."
"Virtual patching would be helpful for servers that are not able to update patches due to compatibility issues."
"You shouldn't have to use the ASDM to help manage the client."
"I would like more features in conjunction with other solutions, like Fortinet."
"Adjustment in the interfaces: I had to adjust those interfaces manually and of course that is a great feature that you can restore it but it is immediately also one point for improvement. If you don't have to adjust, if it's just stamped and it works, that's great."
"The Netgate forums and community don’t provide extensive discussions and topics related to every pfSense service."
"We have not had any problems with it, and we also do not have a need for any new features. If anything, its reporting can be better. Sophos has better reporting than pfSense. Sophos has more detailed information. pfSense is not as detailed. It is summarized."
"The solution requires a lot of administration."
"The technical support needs to be improved."
"It is not centrally managed, where you log into the website and can see all your services there. We would like to be able to see is all the configurations from a central interface on all our pfSenses."
"Needs services on additional features, such as managing inventory and generating reports."
"Could be simplified for new users."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.