We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The most valuable feature is the bundled subscription, which is IPS, TV and web filtering."
"It has improved our organization with control data."
"I think that the UTM features are the most value, as it truly protects my infrastructure."
"The most valuable features of Fortinet FortiGate are the different types of profiling. It has been the most effective for me. The WAF and the antivirus profile are the most effective in network protection."
"The solution is stable."
"Reliability is the best feature. We faced some issues when we were setting it up, but the service, portal, and administration are good."
"The most valuable feature is the ease of configuration."
"This is a quality product with ok support, and it is better than the competition we've tried."
"Cisco Secure Firewall made it easier so that more than one person can handle things. We are able to have a bigger team that can handle simple tasks and have a smaller team focus on the deep-dive needs."
"On the network side, where you create your rules for allowing traffic — what can come inside and what can go out — that works perfectly, if you know what you want to achieve. It protects you."
"They wanted to leverage something which is equivalent that can give them the next gen features like application awareness and intrusion protection. So that is a major reason they were looking forward to this. The original ASA firewall did not have these features. This was the major reason the customer moved on to Cisco Firepower Threat Defense (FTD). Now they can go ahead and leverage those functionalities."
"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."
"Cisco Secure Firewall is a scalable solution."
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"So far, it has been very stable."
"The information coming from Talos does a good job... I like the fact that Cisco is working with them and getting the information from them and updating the firewall."
"The tools' most valuable feature is load balancing."
"The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network."
"Good basic firewall features."
"Routing, load balancing, Traffic Limiter and queues. Since this company relies on an Internet connection, having these features is a must."
"The solution has good customization abilities and plenty of features."
"The intrusion detection feature is the most valuable. It is an open-source firewall, so there is a lot of material on it. I also find the open VPN capability very nice. It is pretty customizable. The clustering and the high availability are the two biggest things to be able to get out of a firewall."
"I can manage it easily by myself."
"An incomparable stability is achieved with other firewall systems."
"The UI could be improved."
"The support system could be improved."
"The monitor and the visibility, in this proxy, is very weak."
"The Web-filter in this solution is not very good."
"There are a lot of bugs I have found in the solution and it is difficult to upgrade. These areas need improvement."
"The support costs and licensing are sometimes so expensive."
"I need user-behavior analytics, to find threat scenarios from inside the organization, insider attacks. That would be very helpful for us. In addition, I would like next-generation features for small and medium businesses. These businesses require UTM, all in one product. Fortinet must include it."
"The pricing could always be better."
"In terms of what could be improved, I would say the UTM part should be more integrated for one price, because if you buy ASA from Cisco, you need to buy another contract service from Cisco as a filter for the dictionary of attacks. In Fortinet, you buy a firewall and you have it all."
"They should allow customers to talk to them directly instead of having to go through the reseller."
"I would like to see an IE version of the solution where it is ruggedized."
"It should have packets, deep level inspections and controls, like the features which other IPS solutions used to have."
"The integration between different tools could be improved. For example, with SecureX, I am yet to find out how to forward security events to different tools such as Microsoft Sentinel, which is what we use for log detection."
"It seems very clunky and slow. I would like to be able to tune it to be a more efficient product."
"The scalability is a bit limiting, to be honest. In terms of when you look to changing landscape in terms of threats, I think to me, my personal it's a bit limiting."
"The Cisco Secure Firewall could benefit from enhancements in its API, documentation, and automation tools."
"The solution could improve by having centralized management and API support online."
"I tried pfSense, and it has a big issue with file system consistency, and this is what drove me to OPNsense. The file system stability is quite a big issue for us. We have a lot of outages related to power issues, and OPNsense is much more stable on this side."
"There are several levels of firewall configuration such as beginner, advanced, and expert configurations. At each level, it becomes more complex and more tricky to set up the firewall. For example, if you want to install the firewall on your computer system, it would be a lot easier if it just tells you that this is the internet NIC and this is the Wi-Fi NIC."
"Also, simplifying the rules for the GeoIP. Making it simpler to understand would be an improvement."
"The stability could be improved."
"Ultimately, we'd like something stronger, and something that can handle threats better in real-time."
"The VPN feature of the solution could improve by adding better functionality and providing easier configure ability."
"It needs better parsing of logs. At the moment, you have to use an external server for this if you want a deeper analysis."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.