We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The stability of the solution is excellent, as it is with other Fortinet products."
"The user interface is relatively easy. The devices are easy to deploy and figure out when you have experience with other security appliances."
"The SD-WAN feature is the most valuable. This feature evolved from link load balancing. It has helped us in terms of our uptime and privatizing applications whenever we experience an outage. The SD-WAN feature has been a plus for us. Two-factor authentication has allowed us to add more users in terms of remote working. We have two-factor authentication for remote workers to authenticate them before they get on the network."
"It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware."
"The solution is very user-friendly."
"Some of the valuable features are the firewall, IPS, web filter, and gateway capabilities. Additionally, it is easy to use and flexible."
"Whenever we raise a complaint with FortiGate, their response and resolution times are minimal."
"This version is stable. I don't have any issues with this solution, in our environment, it works well."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"The most valuable features are the flexibility and level of security that this solution provides."
"For our very specific use case, for remote access for VPN, ASAs are very good."
"The remote VPN and IPsec VPN or site-to-site VPN features are valuable. The clustering feature is also valuable. We have two ISP links. Whenever there is a failover, users don't even get to know. The transition is very smooth, and the users don't notice any latency. So, remote VPN, site-to-site VPN, and failover are three very powerful features of Cisco ASA."
"The most valuable feature is the ability to block almost all of the ports."
"It's very stable and mature."
"It's a flexible solution and is well-known in the community."
"There are some hiccups here and there, but compared to the technical support from other vendors, I have had the best experience with Cisco's technical support. I would rate them at nine out of ten."
"It is a better firewall than others and it has better features."
"The ability to create a VPN allows me to monitor branch offices from a central location."
"This solution has helped our organization by protecting our network from attacks."
"The initial setup is straightforward."
"It is a stable solution. It is also easy to install and can be deployed and maintained by one team member."
"I can manage it easily by myself."
"Firewall system for small, medium, and large data networks. It allows you to provide security to your environment: DMZ networks, LAN, WAN, etc."
"A valuable feature is that the solution is open source."
"While FortiGate is cheaper than most other solutions, we're seeing increased license renewal costs. Most of our clients are asking for more significant discounts because the price is going up."
"The logs need to be better. They need to be more visible and easier to access."
"I would like to see better pricing in the next release, as well as a simplification of the installation."
"Some of the web policy reports could be improved."
"There are some cloud-based features that could be much more flexible than they currently are."
"We would like to see an upgrade to the VPN feature, we are using the VPN from outside of our office and there is a limitation to 10 connections, more connections would be suitable."
"Tunnel flapping was one of the major things I had seen wherein your internet link remains but your VPN tunnel is down. However, since I got a fix from the TAC team, I have not noticed it, but the customer complained a few times that they couldn't access the internet because of this problem."
"The feedback that I have received is that the performance could be better, and the user experience is not as good compared to a previous solution we used. It could be more user-friendly. Of course, it still works fine for our operations."
"The process of procuring modern-day technology within the DOD needs to improve."
"If you need to reschedule a call with the support team when you face a new issue with the product, then it may get a bit of a problem to get a hold of someone from the support team of Cisco."
"Cisco ASA is not a next-generation firewall product."
"In terms of what could be improved, I would say the UTM part should be more integrated for one price, because if you buy ASA from Cisco, you need to buy another contract service from Cisco as a filter for the dictionary of attacks. In Fortinet, you buy a firewall and you have it all."
"Make the IPS baked-in."
"If the implementation was easier, it would be a lot better for us."
"Antivirus features must be integrated for end user security."
"Cisco is not cheap, however, it is worth investing in these technologies."
"The main problem with pfSense is that we have to use proxy solutions."
"This solution is good for small businesses but it is not as stable as other competitors such as Fortinet."
"They could improve their commercial stance and be more agile when it comes to the commercial pricing of enterprise deals."
"We would like to see ready-made profiles to cover most users' needs."
"It would be great to add more to security."
"If you want to take advantage of all of the solution's options, you need to have a bit of a technical background. It's not for a layperson."
"I have been using WireGuard VPN because it is a lot faster and more secure than an open VPN. However, in the latest version of pfSense, they have removed this feature, which is one of the main features that I need. They should include this feature."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.