We performed a comparison between Cisco Secure Firewall and OPNsense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco Secure Firewall is highly regarded for its robust threat defense, comprehensive application visibility, effective troubleshooting capabilities, seamless integration with other Cisco products, and reliable high-availability capabilities. OPNsense is praised for its impressive scalability, excellent guest access capabilities, impressive flexibility, unwavering stability, and commendable IDS/IPS features.
Secure Firewall could benefit from enhancements in network performance, policy administration, customization options, and rule creation. It also requires better licensing flexibility, support for standard interfaces, and advanced features like web filtering. The management interface, deployment times, reporting, and logging functionalities should be enhanced as well. OPNsense needs improvements in its user-friendly interface, bandwidth management, multi-provider internet protection, high availability feature, logging, IPS solution, peer-blocking features, installation and deployment process, reporting capabilities, SSL inspection, and learning curve.
Service and Support: The feedback on customer service for Cisco Secure Firewall varies, with certain customers appreciating their technical assistance while others encountered delays and challenges. OPNsense's support has received both positive and negative assessments, with some customers finding it outstanding while others believe there is room for improvement.
Ease of Deployment: The setup process for Cisco Secure Firewall can be complex, relying on the user's knowledge and environment. OPNsense's initial setup is straightforward and does not present major challenges.
Pricing: Cisco Secure Firewall has a costly setup, involving additional expenses for licensing, support, and hardware. OPNsense is more budget-friendly, as the software itself is free, with expenses primarily related to hardware and deployment choices. Additionally, OPNsense provides a free version, whereas Cisco necessitates licensing.
ROI: Cisco Secure Firewall offers varying ROI depending on the use case and organization's architecture. It brings reduced operational costs and enhanced security, leading to positive ROI. OPNsense delivers ROI in under three months by eliminating recurring fees and recouping savings within that timeframe.
Comparison Results: Cisco Secure Firewall is the preferred choice when comparing it to OPNsense. The initial setup for Cisco Secure Firewall was generally considered straightforward and easy, thanks to the availability of Cisco's resources and documentation. Cisco Secure Firewall offers more valuable features such as threat defense, intensive troubleshooting capabilities, integration with other Cisco products, and advanced features like IPS and web filtering.
"The most valuable features are the enterprise modeling and the simple interface."
"The solution is very user friendly. The user interface in particular is quite nice."
"The ability to set up remote systems is the most valuable feature."
"SSL-VPN is very useful for us and has been very reliable."
"The response is very quick and they can visually resolve our problems in a short period."
"From the firewall perspective, the rules and policies are very sufficient and easy to use."
"FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features."
"The feature I like most is the SD-WAN. It allows you to manage more than one ISP at the same time. And there is a high-availability mode, so if one of your ISPs is down, you still have a backup."
"Cisco offers a great educational series to train users on their devices."
"The most valuable feature is the access control list (ACL)."
"Cisco Secure Firewall has improved our customers' security posture because it offers Next-Gen features, granularity, and reporting on the back of it. You can see the amount of users accessing Office 365, for example, and whether they're having a good or bad experience. You can see the threats that are coming into your network. You can see anyone who is compromised from within your network."
"The deep packet inspection is useful, but the most useful feature is application awareness. You can filter on the app rather than on a static TCP port."
"Cisco has the best documentation. You can easily find multiple documents by searching the web. Even a child can go online and find the required information."
"The content filtering is good."
"Cisco ASA NGFW significantly improves our bank. It protects any high-value products that we use from hackers, viruses, malware, and script-bots. It gives us metrics on network traffic as well as what kind of attacks we are getting from the outside."
"We are mostly using it for remote access, so the remote access feature is the most valuable, but all other features are also needed and required. It is also a very straightforward and reliable solution."
"What I like best about OPNsense is that, as a firewall, it's pretty good. I'm quite impressed with it. I had an excellent experience with OPNsense, which helped me achieve the targets I wanted."
"URL blocking, Wireguard, Tail Scale, Engine Blocker, and VPN are the most valuable features for me."
"I find the solution to be user-friendly. It has a lot of reports and easy settings."
"The most valuable feature is the Dual WAN in OPNSense, which offers advanced capabilities."
"The DNS-level filtering is impressive for thwarting time scanners."
"The solution is user-friendly and easy to configure."
"OPNsense is easy to scale when running on the hardware."
"OPNsense is highly stable."
"It should come integrated or have its own type of network monitor tool in a module. There should just be one package, and you are good to go."
"Some of the software stability could improve."
"There is room for improvement related to the logging and reporting aspect."
"The cloud features can be improved."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"The logs need to be better. They need to be more visible and easier to access."
"The updates Fortinet provides are sometimes unstable."
"Technical support needs to be improved."
"The process of procuring modern-day technology within the DOD needs to improve."
"The initial setup was complex."
"Initial setup can be complex. It is complex. We have to set up ASA, SFR module, and FMC separately, which sometimes requires extensive troubleshooting, even for smaller issues."
"Some of the features, like the stability, need to be improved."
"With the new FTD, there is a little bit of a learning curve."
"As it’s a GenX firewall, expertise for both implementation and troubleshooting the pain points can be a challenge. This could be a concern when companies are thinking about buying this product."
"Recently, we have been having an issue with the ASA firewall. We haven't found the root cause yet and are still working on it. We failed over the firewall from active to passive and suddenly that resolved the issue. We are now working to find the root cause."
"I would like to see them add more next-generation features so that you don't need a lot of appliances to do just one task. It should be a single solution."
"The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs."
"When using the solution at the beginning was difficult. There was a steep learning curve."
"There should be more technical documentation."
"An area for improvement in OPNsense is the hardware, which needs to be updated more frequently. DNS blocking is another good feature I want to be added to the solution. pfSense has a peer-blocking feature that I also want to see in OPNsense."
"The solution would not be suitable for anything large-scale."
"The IPS solution could be more reliable."
"There are some add-ons that need enhancements to make management easier for users, especially the reporting features. Some reports don't show the level of detail I'm looking for, and I've had trouble installing certain add-ons, especially for Internet bandwidth shaping within my company."
"Given that OPNsense plays a pivotal role as a firewall, safeguarding against various threats, having a reliable backup ensures uninterrupted protection even if unforeseen events impact the primary virtual machine."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while OPNsense is ranked 3rd in Firewalls with 36 reviews. Cisco Secure Firewall is rated 8.2, while OPNsense is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of OPNsense writes "Robust network security and management offering a user-friendly interface, open-source flexibility, and cost-effectiveness, with challenges regarding initial setup and the absence of official support". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and SonicWall TZ, whereas OPNsense is most compared with Netgate pfSense, Sophos XG, Untangle NG Firewall, Sophos UTM and WatchGuard Firebox. See our Cisco Secure Firewall vs. OPNsense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.