We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The product is easy to use and is stable. The SV1 functionality is a benefit."
"The wireless control is helpful."
"The most valuable feature of this solution is Quota."
"I really like the captive portal feature for our guest network. It has nice VLAN features in terms of separating our network. The anti-virus is also good."
"The interface is very user-friendly and I like it very much."
"The user interface (UI) is very, very good."
"Their proxy-based inspection is responsive and secure."
"It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working."
"It's very scalable. You can go to different models of the ASAs and they scale up to as big as you want to go."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"There are some hiccups here and there, but compared to the technical support from other vendors, I have had the best experience with Cisco's technical support. I would rate them at nine out of ten."
"I think that the firewall feature is the most valuable to me as it is one of the oldest features for this solution. We also appreciate how stable the VPN is."
"We can shift traffic, block certain content, or redirect policies."
"Signature-based detection; user-defined signatures with regular expressions; integrated URL and content filtering; custom URL categories filtering."
"What I like about Cisco is the security zone. By default when you configure it, it gives you a security zone, which other firewalls don't have."
"Cisco Secure Firewall is a good solution. In some ways, it is a reactive solution and we have it sitting in a whitelist mode rather than a blacklist mode. It seems to work fairly well for us."
"The most valuable features of pfSense are the reports, monitoring, filtration, and blocking incoming and outgoing traffic."
"I like pfSense's security features."
"pfSense allows us to spread the hours of connection and do the filtering on the pfSense site."
"An incomparable stability is achieved with other firewall systems."
"It is a very good solution for enterprises that need a VPN for their employees. It is the best way to provide a remote work facility to employees at a very low cost. Other solutions that I have had in the past were very expensive. Enterprises don't always have that kind of money to invest."
"The GUI is easy to understand."
"The most valuable feature, for instance, is the ease of migrating configurations between different Netgate devices housed in the same box."
"Its features rival many of the high cost solutions out there."
"I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security."
"The performance and speed are aspects of the solution that could always be improved upon."
"The solution could be more secure and stable."
"Fortinet Fortigate could benefit by simplifying some of their processes."
"Lacks sufficient security options."
"Its reporting can be improved. Sometimes, I don't get proper reports."
"We would like to see an upgrade to the VPN feature, we are using the VPN from outside of our office and there is a limitation to 10 connections, more connections would be suitable."
"It is stable, but its stability can be improved."
"They should work on making it a little more intuitive for users and not quite as complex. Still, it's a good product."
"Intrusion prevention, we currently need to apply deep bracket inspection manually to use web filtering."
"Comparing Cisco solution to others, it is expensive, it would be better for it to be cheaper."
"The initial setup could be simplified, as it can be complex for new users."
"There may have been one or two incidences of malicious threats."
"The product needs real-time logs to be able to monitor our services, so we can know if any our services have been blocked via the firewall or on the application side."
"We use the FTD management platform for the boxes. The GUI that manages multiple Firepower boxes could be improved so that the user experience is better."
"Its configuration through GUI as well as CLI can be improved and made easier."
"The GUI could use improvements, though it is manageable."
"Ultimately, we'd like something stronger, and something that can handle threats better in real-time."
"Their support could be better in terms of the response time."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
"Needs services on additional features, such as managing inventory and generating reports."
"The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them."
"If a user doesn't have a large amount of experience in Linux systems, they will have problems using this solution. Users need to be highly skilled in troubleshooting competency. Users who do not have such skills will find the product difficult to use."
"It needs better parsing of logs. At the moment, you have to use an external server for this if you want a deeper analysis."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.