We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors."
"The dashboard I have found the most valuable in Fortinet FortiGate."
"The Fortinet FortiGate local partners were good. I did not have direct contact with Fortinet support."
"The stability of the solution is excellent, as it is with other Fortinet products."
"It's very fast and easy to configure."
"The reporting and monitoring are very good."
"We use a southern institution that's audited for IT security and the reporting that automatically comes off the unit makes it much easier to meet compliance standards and makes it easier as far as the amount of time that has to be spent to compile that information. If you get your reporting set up correctly when you initially set it up, you just select the one you want and hit print. The auditing trail on it is the best feature."
"The VPN is the most valuable feature."
"IPSec Tunnel and AnyConnect (of course), the context awareness was a good feature, but clumsy at the beginning. I think it's better now."
"Management Console and user profiling to define activities."
"Collaboration with other Cisco products such as ISE and others is the most valuable feature."
"Cisco Firepower NGFW is really easy to use right now to determine when my file requires a shift from primary to secondary status, and it can be done with automation. Earlier we used to do this with patching."
"The stability of the product is good."
"Cybersecurity resilience has been paramount. Because there is a threat of losing everything if ransomware or another sort of attack were to happen, the cybersecurity resilience has been top-notch."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"The initial setup is easy."
"It is a good firewall with good performance."
"I had some outages in the network and we provide services for our company. We sell mobile credits. The terminal gets access to our own server inside the network and if one internet fails, then the other one is still up and we have a back-up link on the devices."
"I like the connectivity to the open VPN. It's very smooth."
"Its scalability is a strong point."
"The features I have found best are ease of use, GUI, and performance."
"The solution is fairly scalable when it comes to integrating with other applications and data sets."
"Easy to deploy and easy to use."
"I can manage it easily by myself."
"There are a lot of bugs I have found in the solution and it is difficult to upgrade. These areas need improvement."
"Fortinet FortiGate could improve by having more storage in the hardware for log data."
"With the addition of some features, it is possible that FortiGate can be used in all verticals."
"WAN load-balancing could be a lot better at detecting when a link is poor or inconsistent, and not just flat out dead."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"The setup is pretty complex and not easy to implement."
"The main aspect of FortiGate that could be improved is load balancing. Our management team does not want to buy another appliance for only load balancing."
"MTBF: Hardware failure is more common when compared to SonicWall or Cisco ASA."
"It integrates with other security products from Cisco, but sometimes, there can be glitches or errors."
"One big pain point I have is the ASDM interface because it's Java, and sometimes, it's a bit buggy and has low performance. That's something that probably won't be improved because of backward compatibility."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"It is confusing to have two management interfaces, e.g., ASDM and Firepower Management Center."
"The stability is not the best."
"One of the problems that we have had is the solution requires Java to work. This has caused some problems with the application visibility and control. When the Java works, it is good, but Java wasn't a good choice. I don't like the Java implementation. It can be difficult to work with sometimes."
"Cisco ASA should be easier to use. It is a bit tough to navigate and see what is going on."
"It seems very clunky and slow. I would like to be able to tune it to be a more efficient product."
"The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them."
"It's just not listed as FIPS compliant for where we're at now in government, which is an issue."
"One concern I have with Netgate pfSense is related to packet filtering. Specifically, issues can arise with certain functionalities like GP, and, at times, there may be bugs."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
"Ultimately, we'd like something stronger, and something that can handle threats better in real-time."
"This solution is good for small businesses but it is not as stable as other competitors such as Fortinet."
"Also, the GUI is helpful, but it's not user-friendly. It's complicated. It should be more intuitive for the average user and have an excellent graphical view. Of course, the user will typically know about network administration, but it still should be easy to understand."
"I tried pfSense, and it has a big issue with file system consistency, and this is what drove me to OPNsense. The file system stability is quite a big issue for us. We have a lot of outages related to power issues, and OPNsense is much more stable on this side."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.