We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"We can detect any attack of viruses or malware at the first point of contact."
"The web filtering feature and the intrusion protection system are the most valuable. It is a resilient appliance. I never had an issue with it in terms of any security breaches."
"Their proxy-based inspection is responsive and secure."
"The most valuable feature is the SSL VPN, as it allows us to connect and it separates this product from other firewalls."
"The solution can scale well."
"The stability of the solution is excellent, as it is with other Fortinet products."
"The VPN is the most valuable feature."
"The inspection and web security features are most valuable."
"The features I found most valuable in this solution, are the overall security features."
"If configured, Firepower provides us with application visibility and control."
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"They wanted to leverage something which is equivalent that can give them the next gen features like application awareness and intrusion protection. So that is a major reason they were looking forward to this. The original ASA firewall did not have these features. This was the major reason the customer moved on to Cisco Firepower Threat Defense (FTD). Now they can go ahead and leverage those functionalities."
"The feature my customers find the most valuable is the exportability."
"It's pretty reliable and allows for isolation capabilities within the network."
"All the features except IPS are valuable. IPS is not a part of my job."
"It is a secure product."
"The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network."
"We can run it on any hardware."
"The product’s documentation is good."
"pfSense helped us during COVID-19 because we used OpenVPN to connect from home."
"A very stable product that lasts over time, easy to understand, and administer."
"The flexibility of adding new kinds of services without spending any money can't be beaten."
"It is easy to use and has integrity with other systems, such as proxies and quality of service."
"An incomparable stability is achieved with other firewall systems."
"Some of the filtering is not robust, you can escape it with a VPN. Some of the users bypass some of the filters. It catches some but it also misses some, that area could be improved. It's functioning reasonably but there's room for improvement in that area."
"We were not able to build a full-mesh VPN; however, I am not sure if this was the fault of Fortinet FortiGate."
"The setup is pretty complex and not easy to implement."
"Application management can be improved."
"Pricing for it is a bit high. It could be cheaper."
"Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN."
"At first glance, the interface for the device is very confusing."
"The ease of use could be improved."
"With the new FTD, there is a little bit of a learning curve."
"I see room for improvement when it comes to integrating all the devices into a central management system. Cisco doesn't provide this, but there are some good products in the market that can provide it."
"In today's world, cyberattacks have become a common occurrence. However, so far, we have not faced any issues with our systems. I hope the situation remains the same in the future. If Cisco introduces even more advanced security measures, it would be beneficial."
"Other products are becoming easier to access and configure. They are providing UI interfaces to configure, take backup, synchronize redundant machines, and so on. It is very easy to take backup and upgrade the images in those products. Cisco ASA should have such features. If one redundant machine is getting upgraded, the technology and support should be there to upgrade other redundant machines. In a single window, we should be able to do more in terms of backups, restores, and upgrades."
"It would be nice if you didn't have to configure using a command-line interface. It's a bit technical that way."
"The product needs real-time logs to be able to monitor our services, so we can know if any our services have been blocked via the firewall or on the application side."
"We use the FTD management platform for the boxes. The GUI that manages multiple Firepower boxes could be improved so that the user experience is better."
"The user interface is a little clunky and difficult to work with. Some things aren't as easy as they should be."
"It would be great to add more to security."
"I would like to see different graphs available in the reporting."
"It could use a little bit of improvement in the reporting."
"User interface is a little clumsy."
"The product must provide integration with other solutions."
"Needs services on additional features, such as managing inventory and generating reports."
"Netgate pfSense needs to improve the configuration for a VPN."
"Network monitoring and device inventory could use some improvements. I'm using SpiceWorks for this because it never really worked in pfSense."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.