We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The most valuable features of Fortinet FortiGate are remote access, web filtering, and IPS."
"Good load balancing feature."
"I only deal with it from a security analyst's point of view. I don't really get into the features of the actual FortiGate. From the security point of view, it works, and it does its job."
"Easy to use support and licensing portal as well as activation process."
"Allows for firewall rules to be programmed and named in a way that makes it “readable”"
"The simplicity of the product is great. It's very easy to use, which is a compliment we get all the time in terms of feedback."
"It's very good and very stable for businesses. It works very well."
"Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough."
"VPN and firewall are good features."
"It's a flexible solution."
"Basic firewalling is obviously the most valuable. In addition to that, secure access and remote access are also very useful for us."
"The most valuable feature would be the IP blocking. It gets rid of things that you don't need in your environment."
"Implementing Cisco Secure Firewall has saved us time because we rely on most of the out-of-the-box signatures. It has reduced the time and effort spent in configuration within the security network."
"It's the VPN side of things that has been most useful for us. It allows us to secure our users even when they're working from home. They are able to access all of our resources, no matter where they are in the world."
"I like the IPS feature, it is the most valuable."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"The ability to create a VPN allows me to monitor branch offices from a central location."
"I use pfSense because it gives me the flexibility to greatly expand basic firewall features."
"A very stable product that lasts over time, easy to understand, and administer."
"Easy to deploy and easy to use."
"We like the fact that the product is open-source. It's free to use. There are no costs associated with it."
"The interface is straightforward and easy to use."
"The initial setup was simple and fast."
"It is easy to use and has integrity with other systems, such as proxies and quality of service."
"It is very expensive, and their support is not very good. I hope that their technical support will be better in the future."
"The performance could be a bit better. Right now, I find it to be lacking. Having good performance is very important for our work."
"The user interface could be improved to make it less confusing and easier to set up."
"Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."
"I would like to see improvements made to the dashboard and UI, as well as to the reporting."
"The support is the main thing that needs to be improved."
"There are mainly two areas of improvement in Fortinet FortiGate— the licensing cost and the timing of upgrading licenses for boxes."
"We'd like more management across other integrations."
"The Cisco Firewall UI could be improved."
"I would like it if there was a centralized way to manage policies, then sticking with the network functions on the actual devices. That is probably the thing that frustrates me the most. I want a way that you can manage multiple policies at several different locations, all at one site. You then don't have to worry about the connectivity piece, in case you are troubleshooting because connectivity is down."
"For what we use it for, it ends up being the perfect product for us, but it would help if they could expand it into some of the other areas and other use cases working with speeding up and the reliability of the pushes from the policy manager."
"We are Cisco partners, and when we recommend Cisco FirePower to customers, they always think that FirePower is bad. For a single installation of FirePower, if I have to write about 18 tickets to Cisco, it's a big problem. There was an issue was related to Azure. We had Active Directory in Azure. The clients had to connect to FirePower through Azure. We had a lot of group policies. After two group policies, we had to make groups in Azure, and they had to sign in and sign back. It was a triple-layer authentication, and there was a big problem, so we didn't use it."
"The performance should be improved."
"The solution has not had any layer upgrades. It does not have layer five and upwards, it only has up to layer four. This has caused some problems for us."
"For the new line of FTDs, the performance could be improved. We sometimes have issues with the 41 series, depending what we activate. If we activate too many intrusion policies, it affects the CPU."
"I needed to be well-versed with all the command lines for Cisco ASA in order to fully utilize it. I missed this info and wasted some operational costs."
"Layer 7 advanced firewall features are not included in the solution."
"Improve analysis of logs and dashboards (control panel) with improved alert functionality."
"I've never tried it in large environments. All my clients are small businesses with a handful of employees, so I am not sure how it works in large environments. I keep up with recent versions, and there's nothing I'm waiting for, and nothing breaks when I get a new version."
"A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion."
"Also, simplifying the rules for the GeoIP. Making it simpler to understand would be an improvement."
"There are some bias issues and some intrusions in our network that have to be addressed. So, we're thinking of changing this firewall to something like a professional hardware-enabled firewall."
"I expect a better interface with more log analysis because I create my own interface."
"The integration should be improved."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Juniper SRX Series Firewall and Palo Alto Networks NG Firewalls, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and Untangle NG Firewall. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.