We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working."
"It has improved our organization with control data."
"SSL-VPN is very useful for us and has been very reliable."
"The most valuable features are the enterprise modeling and the simple interface."
"It is useful for protecting and segregating the internal networks from the internet. Most of our customers also use the FortiGate client to connect to their offices by using the VPN client, and of course, they usually activate the antivirus, deep inspection, and intrusion prevention services. They are also using it for web filtering and implementing various policies dealing with forwardings, NAT, etc."
"The most valuable feature of this solution is the analytics."
"The security on offer is very good."
"FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features."
"Cisco Secure Firewall is reliable, which is why we opted for it during the pandemic for our remote users."
"The solution is excellent for enterprise-level networks."
"Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality."
"The main thing that I love the most is its policy and objects. Whenever I try to give access to a user, I can create an object via group creation in the object fields. This way, I am not able to enter a user in the policy repeatedly."
"The feature that I found most valuable is the overall stability of the product."
"It helped us a lot with our VPNs for the home office during COVID. There has been more security and flexibility for VPNs and other applications."
"The grouping of the solutions helps save time. If you have a problem and you have a high-level overview of the system, you can easily dig deeper into the problem. For example, I can check to see why ASA isn't working but the reason for the outage is actually because of Duo. I can spend a lot of time working in the wrong direction because I didn't have an overview."
"The information coming from Talos does a good job... I like the fact that Cisco is working with them and getting the information from them and updating the firewall."
"This solution has increased the level of security, given us more control, provided a deep insight into network traffic, and is a great VPN solution."
"I have found pfSense to be stable."
"What I found most valuable is the cost of the platform, the flexibility of the platform, and the fact that the ongoing fees are not there as they are with the competitor. Some people may think you're taking a risk with using Opensource. I think it just provides the end user, specifically for us small, medium business providers of services, the flexibility we need at the right cost to provide them a higher end, almost enterprise type service."
"The features I have found best are ease of use, GUI, and performance."
"Routing, load balancing, Traffic Limiter and queues. Since this company relies on an Internet connection, having these features is a must."
"It is a good firewall with good performance."
"The most valuable feature, for instance, is the ease of migrating configurations between different Netgate devices housed in the same box."
"The initial setup is straightforward."
"Technical support for this solution can be improved."
"They've become quite expensive."
"We would like to see an upgrade to the VPN feature, we are using the VPN from outside of our office and there is a limitation to 10 connections, more connections would be suitable."
"I would suggest that Fortinet add sandboxing to their solution."
"Backup can be improved."
"Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."
"There are some license issues. Not every feature must have a separate license. There must be some of kind synergy between the license so we don't have to pay for every individual license that we would like to have."
"The pricing could be reduced or include the first year warranty."
"The Cisco Secure Firewall could benefit from enhancements in its API, documentation, and automation tools."
"The use of it has really bogged down our response time for certain problems, given we have to go through AT&T for everything."
"The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs."
"Cisco ASDM is a problem because it is old."
"Comparing Cisco solution to others, it is expensive, it would be better for it to be cheaper."
"I'm not very familiar with the largest Firepower models, but competitors like Palo Alto seem to have a more capable engine to do, for instance, TLS/SSL decryption. As I understand, Firepower doesn't let you export the decrypted traffic so that, for instance, the security department can look at the traffic or inspect traffic. It's all in the box. I've heard rumors that this is something Cisco is working on, but it isn't yet available."
"We see a lot of vendors in the market with a lot of niche products. I understand that it's difficult to cover everything, but making it more open for integration with other vendors would be a value add for Cisco."
"One thing that we really would have loved to have was policy-based routing. We had a lot of connections, and sometimes, we would have liked to change the routing depending on the policies, but it was lacking this capability. We also wanted application filtering and DNS filtering."
"Other solutions provide more scope for growth. For instance, we can have only 10 to 20 employees on VPN, but other solutions can support more users. We also have more capabilities to increase the performance of the solution."
"This solution is good for small businesses but it is not as stable as other competitors such as Fortinet."
"There could be a way to remote to it through a mobile app. You can always browse through your browser on your mobile phone or tablet, but it would be good to have a dedicated app. I understand that iOS and Android developers are expensive, but there should be a mobile app."
"pfSense is not user-friendly. I hope to have something to make the interfaces more user-friendly."
"Web interface could be enhanced and more user friendly."
"The solution requires a lot of administration."
"If you want to take advantage of all of the solution's options, you need to have a bit of a technical background. It's not for a layperson."
"A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.