We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The most valuable features of the solution are SD-WAN, filtering testing applications, web filtering, and the new VPN."
"The Intrusion Prevention System and the web filtering are both working well."
"The next-gen features, the unified threat management capabilities are something that just about everybody is interested in at this point."
"The solution is extremely reliable."
"The signature database and zero-day detection are Fortinet FortiGate's most valuable features."
"Fortigate is very scalable to serve our customers' needs. We have scaled already from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers."
"We use a southern institution that's audited for IT security and the reporting that automatically comes off the unit makes it much easier to meet compliance standards and makes it easier as far as the amount of time that has to be spent to compile that information. If you get your reporting set up correctly when you initially set it up, you just select the one you want and hit print. The auditing trail on it is the best feature."
"It is simple to manage, and there are a lot of functionalities in the same box."
"Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be."
"The GUI is among the most valuable features,"
"We use the solution for deep packet inspection, Internet Edge functionality, IDS, and IDP."
"URL filtering is valuable."
"Cisco tech is always good and helpful. I would rate them as 10 out of 10."
"The AnyConnect remote access VPN gives us an easy way to deploy remote working for our users."
"Their performance is most valuable."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"Great extensibility of the platform."
"A very stable product that lasts over time, easy to understand, and administer."
"An incomparable stability is achieved with other firewall systems."
"The features I have found best are ease of use, GUI, and performance."
"I have found pfSense to be stable."
"For everyday tasks, we just get alerts. It's anything that's suspicious, including from our Netgate. So, it's part of how we maintain cybersecurity in our school. This is working alongside our endpoint security solution."
"It is very easy to use. The interface is quite understandable. There is a good community, and I can take over at any time I want. If there is anything wrong with it, I could just reinstall the whole thing and start all over again, and I'll be up again in less than a few minutes"
"Stability has been excellent. We have experienced no issues; it never fails."
"Fortinet needs to overhaul its documentation."
"Lacks sufficient security options."
"I would like to see improvements made to the dashboard and UI, as well as to the reporting."
"I would like to see improvements in the product's application rules."
"FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and that presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate."
"Application management can be improved."
"Due to its higher cost, Fortinet FortiGate can lead to increased operational expenses."
"If they could extend their fabric towards other vendor environments for integration, that would be great."
"There may have been one or two incidences of malicious threats."
"It doesn't have Layer 7 security."
"Cisco suffers from some integration issues with other products... There is a problem with the Cisco Catalyst Switches in terms of assembling bursts and having them interact properly with the Cisco Firepower."
"I don't have to see all the object groups that have been created on that firewall. That's just something that I would really appreciate on the CLA, even though it already exists on the GUI."
"MSSP oriented interface: I would like a single console which would allow me to manage settings creating consistency across all customers."
"They need to do an overhaul of the management console."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"It seems very clunky and slow. I would like to be able to tune it to be a more efficient product."
"Could be simplified for new users."
"It needs better parsing of logs. At the moment, you have to use an external server for this if you want a deeper analysis."
"Ultimately, we'd like something stronger, and something that can handle threats better in real-time."
"The solution’s interface must be improved."
"The product must provide integration with other solutions."
"The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time."
"We would like to see ready-made profiles to cover most users' needs."
"In an upcoming release, the reporting could be more user-friendly. For example, the reporting in graphs and charts for the host can be cumbersome."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Juniper SRX Series Firewall and Palo Alto Networks NG Firewalls, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and Untangle NG Firewall. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.