We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"UTM/NGFW features and FortiCloud for logs and backups are awesome."
"The web filtering feature and the intrusion protection system are the most valuable. It is a resilient appliance. I never had an issue with it in terms of any security breaches."
"Security, SD-WAN, and Streetscape are valuable features."
"Our security improved from being able to put in rules and close off unwanted traffic."
"The technical support in our region is excellent."
"The most valuable features are the enterprise modeling and the simple interface."
"Fortinet FortiGate is user-friendly and affordable."
"The customization potential is quite impressive."
"Strong in NAT and access-lists."
"It's quite a capable box for UTM."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"The interface is user-friendly."
"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."
"For business purposes, it's a very detailed solution, which is it's greatest benefit, as you can get almost any piece of information you need from the solution. It allows for admins to be able to troubleshoot pretty easily."
"We can easily track unauthorized users and see where traffic is going."
"I'm a big fan of SecureX, Cisco's platform for tying together all the different security tools. It has a lot of flexibility and even a lot of third-party or non-Cisco integration. I feel like that's a really valuable tool."
"What I like about pfSense is that it works well and runs on an inexpensive appliance."
"The most valuable feature, for instance, is the ease of migrating configurations between different Netgate devices housed in the same box."
"My technicians find the pfSense's web interface very useful. It is very easy to use. pfSense is very reliable and stable. We like the OpenVPN clients that can be deployed using pfSense very much."
"The interface is straightforward and easy to use."
"The initial setup is not complex."
"It's a good solution for end-users. It's pretty easy to work with."
"Stability has been excellent. We have experienced no issues; it never fails."
"I have found the firewall portion for the blocking most valuable."
"Bandwidth usage in reporting could be improved for Fortinet FortiGate."
"The ease of use could be improved."
"Fortinet FortiGate needs to improve the logging and reporting. Additionally, the next-generation application's policies should be improved. When they were released they had bugs."
"The room for improvement is about the global delivery time period. Usually I need to wait for almost one month to deliver it overseas. So if you can shorten the deliver time it'd be great."
"Its price could be better."
"As far as wanting more scalability or things in the network diagram, it's going to cost you."
"I would like to see better pricing in the next release, as well as a simplification of the installation."
"The stability could be a bit better."
"Deploying configurations takes longer than it should."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"The license system is also good but it's not very impressive. It's a very regular licensing system. They call it a smart license which means that your device will connect to the internet. This is a little bit of a headache for some customers. It doesn't make the customer happy because most of the customers prefer not to connect their firewall or system to the internet."
"We are still running the original ASAs. The software that you are running for the ASDM software and Java application has never been a lot of fun to operate. It would have been nice to see that change update be redesigned with modern systems, which don't play nicely with Java sometimes. Cybersecurity doesn't seem to love how that operates. For us, a fresher application, taking advantage of the hardware, would have been a better approach."
"The GUI interface could be improved when compared to other solutions."
"Bandwidth allocation needs improvement."
"It can probably provide a holistic view of different appliances because many customers do not have only one brand, besides the traditional SNMP protocols, to cover all their devices. There are some specific requirements in terms of configurations or actions that sometimes have to be done in a very manual way because of the different versions or brands in a customer's infrastructure. It could also have some additional analytics capabilities. It has some very interesting ways to monitor the traffic and identify false positives from the architecture and the environment. It would be good if there is a way to patch with some other industry-specific solutions and synchronize some of the information, such as what other customers experience in their operations and probably share some additional information that could be leveraged or shared among the industry. Such information would be something interesting to see. It could have AI capabilities related to how the appliances could benefit from learning the current environment and different exposures."
"The Cisco Secure Firewall could benefit from enhancements in its API, documentation, and automation tools."
"The product could offer more integrated plugins."
"Layer 7 advanced firewall features are not included in the solution."
"There's a bit of a learning curve during the initial implementation."
"In an upcoming release, the reporting could be more user-friendly. For example, the reporting in graphs and charts for the host can be cumbersome."
"ClamAV AntiVirus can cause some crashes. That service should be improved."
"This product needs improvements with respect to reporting and auditing."
"Needs services on additional features, such as managing inventory and generating reports."
"Ease of use is a problem for a user who is unfamiliar with this product because, in the interface, everything has to be set manually."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.