We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"Fortinet FortiGate is user-friendly and affordable."
"What's most important is the ease of use."
"Consolidated our network environment at all locations, but mainly at our datacenter."
"The most valuable feature of FortiGate is FortiView which provides proactive monitoring."
"I'm pretty happy with its reliability. It is also very scalable."
"UTM/NGFW features and FortiCloud for logs and backups are awesome."
"Easy to implement, and it is also reliable."
"The solution is very user-friendly."
"Cisco ASA NGFW significantly improves our bank. It protects any high-value products that we use from hackers, viruses, malware, and script-bots. It gives us metrics on network traffic as well as what kind of attacks we are getting from the outside."
"The most stable firewall I’ve ever worked with. Once you get the ASA set up properly, it can run for a whole year without any major issues, apart from the normal daily administration."
"If configured, Firepower provides us with application visibility and control."
"It's very scalable. You can go to different models of the ASAs and they scale up to as big as you want to go."
"It is scalable and stable."
"I am used to the ASA syntax, therefore it is quite easy to make up new rules. I have found that DNS doctoring rules are useful."
"The most important feature is its categorization because on the site and social media you are unified in the way they are there."
"With Cisco, there are a lot of features such as the network map. Cisco builds the whole network map of the machines you have behind your firewall and gives you insight into the vulnerabilities and attributes that the host has. Checkpoint and Fortinet don't have that functionality directly on the firewall."
"I have found the most valuable features to be antivirus and malware protection."
"The scalability is very good, where you can do an HA configuration and then bring in another box, if necessary."
"It is a very good solution for enterprises that need a VPN for their employees. It is the best way to provide a remote work facility to employees at a very low cost. Other solutions that I have had in the past were very expensive. Enterprises don't always have that kind of money to invest."
"Centralized administration with multiple services, which allows for execution in several important functionalities of information security."
"The initial setup is not complex."
"Super easy to manage. Anyone who has been working with firewalls can handle it."
"The main features of this solution are customization and ease to use."
"I use pfSense because it gives me the flexibility to greatly expand basic firewall features."
"In the balance between links feature normally you can just choose one option to balance. It would be better for the solution to have more than one option, preferably three."
"The stability could be a bit better."
"It is very expensive, and their support is not very good. I hope that their technical support will be better in the future."
"The visibility of the network can be better. The GUI can be improved for better visibility of the network flow. Other solutions have better GUI in terms of network visibility."
"Monitoring and reporting could be better."
"If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement."
"I think they need to improve more in order to be a competitor with the leaders of the field."
"Fortinet needs more memory to save the log files. We need it to save the logs on the hardware and not in the cloud. I know this feature is available in FortiCloud, but if we need this log locally, it is not available."
"It is surprising that you need to have a virtual appliance for the Firepower Management Center. It is not good if you have to setup a VMware server just for it."
"Cisco is still catching up with its Firepower Next-Generation firewalls."
"My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement."
"Integration aspects and traffic shaping need improvement."
"The relatively new Firepower Threat Defense image (mix of ASA and Sourcefire network security) fills a lot of gaps and features that were missing on ASA."
"It is a good firewall, though not NextGen."
"It is my understanding that they are in the process of discontinuing this device."
"It's not unexpected, but it's a common scenario where customers request dual layers of security. For instance, when dealing with regulatory compliance, especially in financial sectors regulated by entities like the Central Bank, having two distinct units is often mandated. If a client predominantly uses a solution like Palo Alto, they may need to incorporate another vendor such as Cisco or Forti. Importantly, there's a significant disparity in interfaces and management platforms between these vendors, necessitating careful consideration when integrating them into the overall security architecture"
"I would like to see SD1 integration into the software. That would be fantastic."
"If you want to take advantage of all of the solution's options, you need to have a bit of a technical background. It's not for a layperson."
"It needs to be more secure."
"In terms of areas of improvement, the interface seemed like it had a lot. The GUI interface that I had gotten into was rather elaborate. I don't know if they could zero in on some markets and potentially for small, medium businesses specifically, give them a stripped-down version of the GUI for pfSense."
"If a user doesn't have a large amount of experience in Linux systems, they will have problems using this solution. Users need to be highly skilled in troubleshooting competency. Users who do not have such skills will find the product difficult to use."
"pfSense is not user-friendly. I hope to have something to make the interfaces more user-friendly."
"I would like to see multiple DNS servers running on individual interfaces."
"Many people have problems setting up the web cache for the web system."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.