We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The solution is scalable."
"Centralized monitoring, policy management, and virtualized appliances allow us to take control over our public and private infrastructure."
"The flexibility and ease of configuration are the most valuable features."
"We've found the solution to be pretty stable."
"We are a visual effects company, and there have been a number of high profile security issues in our industry. This has brought us to a higher standard of security, which our clients are very keen on these days."
"Fortinet FortiGate is easy to use. Anyone can easily maintain it."
"The solution is highly scalable because they have devices that can handle a large amount of traffic."
"The payment function for applications is good."
"The most valuable feature for the customers is that they can control what communication is allowed and what is not allowed. That is, they can allow or deny client traffic."
"I found that setting up rules for HTTPS and SSH access to the management interface are straightforward, including setting the cypher type."
"With Cisco, there are a lot of features such as the network map. Cisco builds the whole network map of the machines you have behind your firewall and gives you insight into the vulnerabilities and attributes that the host has. Checkpoint and Fortinet don't have that functionality directly on the firewall."
"We have multiple secure internal networks linked with our plants. We are from a oil company, so we have multiple plant areas which need to have restricted network access. Therefore, we are using it for restricting access to the plant area."
"The most valuables feature of this product are given by the comprehensive VPN solutions it offers and its tools for troubleshooting and debugging."
"The features I found most valuable in this solution, are the overall security features."
"Cisco ASA provides us with very good application visibility and control."
"Cisco offers a great educational series to train users on their devices."
"Some of the terminologies were more familiar to me than it was when I first encountered Cisco."
"At our peak time, we have reached more than 5,000 concurrent connections."
"I have found the firewall portion for the blocking most valuable."
"The documentation is very good."
"The solution is very easy to use and configure."
"It is a better firewall than others and it has better features."
"A very stable product that lasts over time, easy to understand, and administer."
"The scalability is very good, where you can do an HA configuration and then bring in another box, if necessary."
"Vulnerability scanning could be improved."
"Fortigate's hardware capacities could be improved."
"Fortinet FortiGate could improve by having a frequent ask questions(FAQ) area for people to receive quick answers to popular questions. Additionally, it would be beneficial to have an SMS notification feature. For example, if you cannot access your email you could receive an SMS message."
"Due to its higher cost, Fortinet FortiGate can lead to increased operational expenses."
"Application management can be improved."
"There are problems with the custom reporting of the unique traffic. The data is there, but it is too difficult for us to extract."
"The logging details need to be improved."
"The solution could be more evenly structured."
"Also, they have a Firepower source file that I can work on the ASA device and on Firepower devices. A problem here lies in the way that you manage these devices. Some devices do not support the FMC, and some devices have to be managed through ASDM, and others have to be managed through FMC."
"The virtual firewalls don't work very well with Cisco AnyConnect."
"It doesn't have Layer 7 security."
"The Sandbox and the Web Censoring in this solution need to be improved."
"I would say that in inexperienced hands, the interface can be kind of overwhelming. There are just a lot of options. Too much, if you don't know what you are looking for or trying to do."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"The product's user interface is an area with certain shortcomings where improvements are required."
"As it’s a GenX firewall, expertise for both implementation and troubleshooting the pain points can be a challenge. This could be a concern when companies are thinking about buying this product."
"In an upcoming release, the reporting could be more user-friendly. For example, the reporting in graphs and charts for the host can be cumbersome."
"The Netgate forums and community don’t provide extensive discussions and topics related to every pfSense service."
"When I checked other packages, it seems they use different tools that are installed on the PSS for functionality. They rely on third-party tools, unlike Fortinet, for example, which has its own tools. In comparison, we also use third-party tools on pfSense. For example, we had a situation where we needed a tool to identify authorized users, and when I searched for a solution, I found a third-party tool. However, using such tools may come with additional costs."
"The solution requires a lot of administration."
"A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion."
"The solution’s interface must be improved."
"The main problem with pfSense is that we have to use proxy solutions."
"My only observation is about the quality of the IPSec logs, which are difficult to interpret and are poor in filters."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.