We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The most valuable features of Fortinet FortiGate are the different types of profiling. It has been the most effective for me. The WAF and the antivirus profile are the most effective in network protection."
"It is very flexible to use."
"The most valuable features are the policies, filtering, and configuration."
"There is an easy process for configuring it, and it is straightforward to implement the device from scratch."
"It can expand easily."
"You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it."
"The pricing is excellent. It's much less expensive than Cisco."
"The most valuable feature is the ease of configuration."
"Integration with all the other Cisco tools is valuable."
"The most important feature is its categorization because on the site and social media you are unified in the way they are there."
"The initial setup was completely straightforward."
"The implementation is pretty straightforward."
"The initial setup is easy."
"The web interface was easy for me. The configuration is logical, so it's easy to use and easy to understand how to protect, how to open a port, how to manage and how to route a device. That's why I prefer Cisco. It's robust and I never have issues with the hardware. That's why I choose Cisco and not another vendor."
"The features I have found most valuable are the ASA firewalls. I like to have features like most integrated systems in ACI."
"We are using the Cisco AnyConnect for our end-user VPN with the ASA."
"The features I have found best are ease of use, GUI, and performance."
"The initial setup is not complex."
"The scalability is very good, where you can do an HA configuration and then bring in another box, if necessary."
"It is very easy to use. The interface is quite understandable. There is a good community, and I can take over at any time I want. If there is anything wrong with it, I could just reinstall the whole thing and start all over again, and I'll be up again in less than a few minutes"
"Its scalability is a strong point."
"Creation of certificates and the facility to administer services are valuable features."
"The most valuable feature, for instance, is the ease of migrating configurations between different Netgate devices housed in the same box."
"A very stable product that lasts over time, easy to understand, and administer."
"Lacks training for new features."
"We would like to see better pricing."
"Some of the features in the graphical user interface do not work, which requires that we used the command-line-interface."
"The license renewal process, annual renewal price, and the web application firewall features should be improved."
"The price of FortiGate should be reduced because there are some other leading products that are cheaper."
"Their software support needs improvement. I would prefer to have better support for bug fixes. Sometimes, we open a ticket, and it is very difficult to get a solution. Specifically, we are not at all happy with their support for load balancing."
"Fortinet FortiGate could improve by adding enhancements to FortiMail, FortiSOAR, and FortiDeceptor."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"If the implementation was easier, it would be a lot better for us."
"The only drawback of the user interface is when it comes to policies. When you open it and click on the policies, you have to move manually left and right if you want to see the whole field within the cell. Checkpoint has a very detailed user interface."
"I would like to see the inclusion of more advanced antivirus features in the next release of this solution."
"The initial setup was complex."
"VPNs are weak as this product still does not support route-based VPNs."
"We would like to see improvement in recovery. If there is an issue that forces us to do recovery, we have to restart or reboot. In addition, sometimes we have downtime during the maintenance windows. If Cisco could enhance this, so that upgrades would not necessarily require downtime, that would be helpful."
"I would like the ability to drill down into certain reports because currently, that cannot be done."
"The graphical interface could be improved. From what I have seen, Fortinet, for example, has a nicer GUI."
"One concern I have with Netgate pfSense is related to packet filtering. Specifically, issues can arise with certain functionalities like GP, and, at times, there may be bugs."
"The solution could be more user-friendly, and the graphical interface needs some work so that someone without an IT background can use the application. I would like the ability to manage the on-premise appliance from the cloud. When I'm not in the office, it would be great to connect to the pfSense server and administer the network remotely."
"The product must provide integration with other solutions."
"For the third-party packages, I'd rather have it built-in, like a core feature of pfSense, part of the core model."
"The GUI. There are TONS of plugins for pfSense, as such, if a user wants to add quite a bit of functionality, the GUI will feel a little congested."
"Ease of use is a problem for a user who is unfamiliar with this product because, in the interface, everything has to be set manually."
"I'd like to find something in pfSense that is more specific to URL filtering. We have customers who would like to filter their web traffic. They would like to be able to say to their employees, "You can surf the web, but you cannot get access to Facebook or other social media," or "You can surf the web, but you're not allowed to gamble or watch porn on the web." My technicians say that doing this kind of stuff with pfSense nowadays is not easy. They can implement some filters using IP addresses but not by using the names of the domains and categories. So, we are not able to exclude some categories from the allowed traffic, such as porn, gambling, etc. To do that, we have to use another product and another web filter that uses DNS. I know that there are some third-party products that could work with pfSense, but I'd like the native pfSense solution to do that."
"There's a bit of a learning curve during the initial implementation."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Juniper SRX Series Firewall and Palo Alto Networks NG Firewalls, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and Untangle NG Firewall. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.