We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"One of the valuable features is a standardized OS."
"The solution is stable."
"The CLI is robust and powerful, enabling rapid, consistent changes via SSH."
"Fortinet FortiGate is easy to use."
"I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over."
"The most valuable feature of this solution is Quota."
"The network security and cloud security are most valuable."
"The virtual firewall feature is the most valuable. We have around 1,500 firewalls. We did not buy individual hardware, and the virtual firewalls made sense because we don't have to keep on buying the hardware. FortiGate is easier to use as compared to Checkpoint devices. It is user friendly and has a good UI. You don't need much expertise to work on this firewall. You don't need to worry much about DCLA, commands, and things like that."
"IPSec Tunnel and AnyConnect (of course), the context awareness was a good feature, but clumsy at the beginning. I think it's better now."
"So far, it has been very stable."
"URL filtering is valuable."
"There are no issues that we are aware of. It does its job silently in the background."
"The most valuable feature of this solution is its ability to integrate vertically."
"The most valuable feature of Cisco Secure Firewall is its ease of configuration and that it's scalable for firewalls and VPNs."
"Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be."
"The stability of the solution is very good. We can see that it gets even better with every release."
"The initial setup is easy."
"I handle the scanning for the finance department. I recently encountered an issue with the PCL bills, our company bills. I resolved the matter, cleared the bill, and received calls regarding it using pfsense.The user interface is extremely user-friendly, which is why we use it across various plant sites. Our IT representatives at the plants find it easy to use and manage because of its straightforward interface."
"Routing, load balancing, Traffic Limiter and queues. Since this company relies on an Internet connection, having these features is a must."
"We like the fact that the product is open-source. It's free to use. There are no costs associated with it."
"I like the connectivity to the open VPN. It's very smooth."
"Sophos Intercept X is scalable. Currently, we have almost 30 people using it in our company."
"The tools' most valuable feature is load balancing."
"It is easy to use and has integrity with other systems, such as proxies and quality of service."
"Its reporting and pricing need improvement."
"FortiGate should have a better way of detecting and managing the system memory because otherwise if the memory is too low, a system restart is required."
"The support team for Fortinet FortiGate needs to be more customer friendly."
"The cloud management and automation capability could be improved."
"The cloud features can be improved."
"A lack of integration between our data centers."
"There are mainly two areas of improvement in Fortinet FortiGate— the licensing cost and the timing of upgrading licenses for boxes."
"The setup is pretty complex and not easy to implement."
"I would like it if there was a centralized way to manage policies, then sticking with the network functions on the actual devices. That is probably the thing that frustrates me the most. I want a way that you can manage multiple policies at several different locations, all at one site. You then don't have to worry about the connectivity piece, in case you are troubleshooting because connectivity is down."
"We don't have any serious problems. The firewall models that we have are quite legacy, and they have slower performance. We are currently investigating the possibility of migrating to next-generation firewalls."
"Migration with other appliances is not easy. It has to be done manually, and this takes a long time."
"We have seen some bugs come up with Cisco Secure Firewall in terms of high availability. The solution should be improved to avoid these bugs."
"Integration aspects and traffic shaping need improvement."
"Virtual patching would be helpful for servers that are not able to update patches due to compatibility issues."
"The only con that I have really seen with it is the reporting structure. FirePOWER is good. It has been a great help because, before that, it was not good at all."
"They need to do an overhaul of the management console."
"There are some bias issues and some intrusions in our network that have to be addressed. So, we're thinking of changing this firewall to something like a professional hardware-enabled firewall."
"Other solutions provide more scope for growth. For instance, we can have only 10 to 20 employees on VPN, but other solutions can support more users. We also have more capabilities to increase the performance of the solution."
"I would like to see SD1 integration into the software. That would be fantastic."
"A way to clean squid cache from the GUI."
"I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner."
"It is not centrally managed, where you log into the website and can see all your services there. We would like to be able to see is all the configurations from a central interface on all our pfSenses."
"The interface is not very shiny and attractive."
"The solution could improve by having centralized management and API support online."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.