We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"It is easy to manage, and it doesn't need much knowledge from the team. It is a stable device, and there are many features that are included out of the box."
"The virtual firewall feature is the most valuable. We have around 1,500 firewalls. We did not buy individual hardware, and the virtual firewalls made sense because we don't have to keep on buying the hardware. FortiGate is easier to use as compared to Checkpoint devices. It is user friendly and has a good UI. You don't need much expertise to work on this firewall. You don't need to worry much about DCLA, commands, and things like that."
"I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over."
"The most valuable feature is the FortiManager for centralized management."
"The scalability is good in Fortinet FortiGate."
"FortiGate is on the cheaper end, and it offers good value."
"Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough."
"All of the features of Fortinet FortiGate are useful and the security protection is good."
"We moved from a legacy firewall to the ASA with FirePOWER, increasing our Internet Edge defense dramatically."
"Everything is all documented in the file or in the command line script that gets uploaded to the device. It gives us great visibility."
"The VPN is our most widely used feature for Cisco Secure Firewall. Since we were forced into a hybrid working situation by COVID a few years back, VPN is the widely used feature because everybody is working remotely for our agency. So it came in very handy."
"It is a highly stable product. We rarely receive any serious outdates, so it works quite well."
"This solution is easy to use if you know how to set it up."
"The IP filter configuration for specific political and Static NAT has been most valuable."
"You can also put everything into a nice, neat, little package, as far as configuration goes. I was formerly a command-line guy with the ASA, and I was a little nervous about dealing with a GUI interface versus a command line, but after I did my first deployment, I got a lot more comfortable with doing it GUI based."
"They wanted to leverage something which is equivalent that can give them the next gen features like application awareness and intrusion protection. So that is a major reason they were looking forward to this. The original ASA firewall did not have these features. This was the major reason the customer moved on to Cisco Firepower Threat Defense (FTD). Now they can go ahead and leverage those functionalities."
"Centralized administration with multiple services, which allows for execution in several important functionalities of information security."
"I like pfSense's security features."
"The most valuable feature, for instance, is the ease of migrating configurations between different Netgate devices housed in the same box."
"It is easy to use and has integrity with other systems, such as proxies and quality of service."
"The most valuable features are the VPN and the capture photo."
"There is good documentation with a fantastic community and enterprise support."
"Open source and support are valuable. I have community support."
"The performance and functionality are good."
"The cloud features and integration could be improved."
"Due to its higher cost, Fortinet FortiGate can lead to increased operational expenses."
"The integration with third-party tools may be something that they should work on."
"In the future, I would like to see improvements made to cloud-based management."
"Its reporting can be improved. Sometimes, I don't get proper reports."
"A couple of things I've seen that need improvement, especially in terms of a hard coding. The driver-level active moment really is out-of-the-box and we have to have contact the customer support and sometimes it is difficult to resolve."
"The renewal price and the availability could be improved."
"It could use better throughput on some of the smaller boxes for the branch offices."
"Initial setup was fairly complex."
"If Cisco could stop rebranding, combine all the CLIs/GUIs, and give a consistent experience, this would be great."
"The SSL VPN is, and always has been, painful to configure and the Java plugin does not guarantee a uniform deployment."
"They need to do an overhaul of the management console."
"I would like the ability to drill down into certain reports because currently, that cannot be done."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"It would be nice if you didn't have to configure using a command-line interface. It's a bit technical that way."
"Setting firewall network rules should be more straightforward with a clearer graphical representation. The rule-setting method seems old-fashioned. The firewall and network rules are separate from the Firepower and web access rules."
"The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time."
"This product needs improvements with respect to reporting and auditing."
"Their support could be better in terms of the response time."
"The GUI could use improvements, though it is manageable."
"The access control aspect of the product could be improved."
"There could be a way to remote to it through a mobile app. You can always browse through your browser on your mobile phone or tablet, but it would be good to have a dedicated app. I understand that iOS and Android developers are expensive, but there should be a mobile app."
"The integration could be improved."
"In terms of areas of improvement, the interface seemed like it had a lot. The GUI interface that I had gotten into was rather elaborate. I don't know if they could zero in on some markets and potentially for small, medium businesses specifically, give them a stripped-down version of the GUI for pfSense."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.