We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"It works very well. It has a lot of different functionalities. Its cost is also fine for our customers."
"Their proxy-based inspection is responsive and secure."
"I have found Fortinet FortiGate to be scalable."
"It's inexpensive compared to some of the other technology out there."
"The SD-WAN is the most valuable feature."
"FortiGate improved our security. It's one of the best hardware firewalls."
"Fortinet FortiGate is easy to use. Anyone can easily maintain it."
"It has improved our security capabilities."
"I like the Cisco ASDM (Adaptive Security Device Manager), which is the configuration interface for the Cisco firewall."
"The transparency of the single UI to ensure security. A product has to be simple so that an administrator can use it."
"The IP filter configuration for specific political and Static NAT has been most valuable."
"The architecture of FTD is great because it has an in-depth coverage and because it uses the AVC, (Application, Visibility, and Control) and also rate limits. Also, the architecture of fast paths is great."
"The implementation is pretty straightforward."
"Their performance is most valuable."
"The most valuables feature of this product are given by the comprehensive VPN solutions it offers and its tools for troubleshooting and debugging."
"The firepower sensors have been great; they do a good job of dropping unwanted traffic."
"I like the connectivity to the open VPN. It's very smooth."
"The gain in performance and security from configuring the VPN connections was significant."
"The flexibility of adding new kinds of services without spending any money can't be beaten."
"We like the fact that the product is open-source. It's free to use. There are no costs associated with it."
"It has a very nice web interface, and it is very simple to use. The way policies are working is also good."
"The tools' most valuable feature is load balancing."
"Stability has been excellent. We have experienced no issues; it never fails."
"Sophos Intercept X is scalable. Currently, we have almost 30 people using it in our company."
"They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI."
"The firewall engine is not so strong as of now, in my opinion... My second concern is that, while they have Zero-day vulnerability and anti-malware features, the threat engine needs to be strengthened, its efficiency can be increased."
"Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."
"I don't like that anything more than very basic reporting is not included."
"The inability to scale the FortiAnalyzer to match our growth necessitates the purchase of new hardware."
"There can be more security in hybrid implementations. When a customer has a hybrid environment where some parts are in the cloud, we need a consistent security solution for such scenarios."
"They should improve high CPU and memory usage that occurs."
"Tunnel flapping was one of the major things I had seen wherein your internet link remains but your VPN tunnel is down. However, since I got a fix from the TAC team, I have not noticed it, but the customer complained a few times that they couldn't access the internet because of this problem."
"The overall licensing structure could improve to make the solution better."
"The operation of the ASA is good but the problem is that whenever you require an upgrade, there are multiple pieces of software that you have to upgrade. Extensive planning is required, because if you upgrade one piece of the software it has to be compatible with the others as well. You always need to check the compatibility metrics."
"The only con that I have really seen with it is the reporting structure. FirePOWER is good. It has been a great help because, before that, it was not good at all."
"One thing that we really would have loved to have was policy-based routing. We had a lot of connections, and sometimes, we would have liked to change the routing depending on the policies, but it was lacking this capability. We also wanted application filtering and DNS filtering."
"The licensing needs simplification."
"Cisco should improve its user interface design. There is a deep learning curve to the product if you are a newcomer."
"It is not easy to configure."
"If they want to add better features to the current Cisco ASA, they can start by increasing the encryption. That is the only thing they need to improve."
"We would like to see ready-made profiles to cover most users' needs."
"The stability could be improved."
"Many people have problems setting up the web cache for the web system."
"Also, simplifying the rules for the GeoIP. Making it simpler to understand would be an improvement."
"The GUI could use more “bells and whistles”. It's got plenty of info for a Sysadmin but some people like shiny things."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
"Web interface could be enhanced and more user friendly."
"Could be simplified for new users."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.