We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"We use a lot of function on the IPS and it works well for us."
"Security, SD-WAN, and Streetscape are valuable features."
"Some of the valuable features are the firewall, IPS, web filter, and gateway capabilities. Additionally, it is easy to use and flexible."
"FortiGate SD-WAN facilitated a smooth transition for our customers between their two internet service providers, ensuring uninterrupted connectivity without any downtime."
"It is a one box solution, which covers most of the edge device’s requirements."
"The user interface is relatively easy. The devices are easy to deploy and figure out when you have experience with other security appliances."
"Fortinet FortiGate appears to be scalable."
"The most valuable features of Fortinet FortiGate are the ability to work in proxy mode, which other solutions, such as Palo Alto cannot. There are some features that are better that come at no extra license or subscriptions cost, such as basic SD-WAN. The DLT is useful, other solutions have the same feature too, such as Palo Alto."
"Their performance is most valuable."
"Cisco Secure Firewall's security solutions, advanced malware protection, and DDoS communication are very good."
"Previously, our customers had to always utilize hand-to-hand delivery. Now, they are able to move completely to a secure digital method. They use a strictly dark fiber optics connection from a central location to the endpoint."
"The most valuable feature is that it has the ability to divide the network into three parts; internal, external, and DMZ."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"To be honest, all of the features that are provided, all the other vendor will also have. One feature we did find valuable was the CLI, it is more accurate. Additionally, I was happy with the customization, dashboards, access lists and interface."
"Clustering architecture which offers zero downtime upgrades, keeping uptime close to 99.999%."
"IPSec Tunnel and AnyConnect (of course), the context awareness was a good feature, but clumsy at the beginning. I think it's better now."
"I especially like the VPN part. It works like a charm."
"We like the fact that the product is open-source. It's free to use. There are no costs associated with it."
"Creation of certificates and the facility to administer services are valuable features."
"The solution is fairly scalable when it comes to integrating with other applications and data sets."
"I use pfSense because it gives me the flexibility to greatly expand basic firewall features."
"It is a stable solution. It is also easy to install and can be deployed and maintained by one team member."
"The intrusion detection feature is the most valuable. It is an open-source firewall, so there is a lot of material on it. I also find the open VPN capability very nice. It is pretty customizable. The clustering and the high availability are the two biggest things to be able to get out of a firewall."
"The ability to create a VPN allows me to monitor branch offices from a central location."
"There are some license issues. Not every feature must have a separate license. There must be some of kind synergy between the license so we don't have to pay for every individual license that we would like to have."
"To some degree, it's almost a question as to why some of this stuff isn't simpler. For example, for an AP deployment, while it's integrated, the number of steps that you have to go through in order to get the AP up, seems like a lot."
"The pricing could be a bit better, especially when you consider how they have the most basic offering priced."
"The graphical user interface of Fortinet's FortiGate product does not function well with text-based interfaces."
"Fortinet FortiGate could improve the user interface. There should be more functionality and options through the GUI."
"Fortinet currently has many products bundled with FortiGate including the basic firewall and load balancer, and I think that that they need to have separate product portfolios for each of these specialized services."
"The Wi-Fi controller needs a lot of improvement."
"They should offer special pricing to premium partners and customers."
"Cisco ASA Firewall could improve by adding more advanced features such as web filtering, which is available in the next-generation firewalls. However, the Cisco ASA Firewall I am using could be old and these features have been updated."
"As it’s a GenX firewall, expertise for both implementation and troubleshooting the pain points can be a challenge. This could be a concern when companies are thinking about buying this product."
"Intrusion prevention, we currently need to apply deep bracket inspection manually to use web filtering."
"I would like for them to develop better integration with other security platforms."
"The ASAs are being replaced with the new Firepowers and they have a different type of structure in the configuration to be able to migrate from one to the other."
"We would like to see MS Word BPM as a feature."
"The inclusion of an autofill feature would improve the ease of commands."
"The initial setup was complex."
"There could be a way to remote to it through a mobile app. You can always browse through your browser on your mobile phone or tablet, but it would be good to have a dedicated app. I understand that iOS and Android developers are expensive, but there should be a mobile app."
"The router monitoring needs improvement when compared with Sonicwall."
"When I checked other packages, it seems they use different tools that are installed on the PSS for functionality. They rely on third-party tools, unlike Fortinet, for example, which has its own tools. In comparison, we also use third-party tools on pfSense. For example, we had a situation where we needed a tool to identify authorized users, and when I searched for a solution, I found a third-party tool. However, using such tools may come with additional costs."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
"A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion."
"The solution could always work at being more secure. It's a good idea to continue to work on security features and capabilities in order to ensure they can keep clients safe."
"The solution’s interface must be improved."
"If a user doesn't have a large amount of experience in Linux systems, they will have problems using this solution. Users need to be highly skilled in troubleshooting competency. Users who do not have such skills will find the product difficult to use."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.