We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The solution can scale well."
"What I like the most is the configuration and that it's simple, and straightforward to maintain."
"Security, SD-WAN, and Streetscape are valuable features."
"The email protection and VPN features are the most valuable."
"Allows for firewall rules to be programmed and named in a way that makes it “readable”"
"Offers good security and filtering."
"All of the features of Fortinet FortiGate are useful and the security protection is good."
"We use a lot of function on the IPS and it works well for us."
"It is a very stable product. I've not had any issues with it. It is a super product, and I won't need to change it anytime soon."
"The benefits we see from the ASA are connected to teleworking as well as, of course, having the basic functionality of a firewall in place and the prevention of attacks."
"The feature my customers find the most valuable is the exportability."
"A good intrusion prevention system and filtering."
"The feature that I found most valuable is the overall stability of the product."
"ASDM provides GUI for configurations. The ASDM has made configuring ASA easy. No need to memorize CLI commands."
"Signature-based detection; user-defined signatures with regular expressions; integrated URL and content filtering; custom URL categories filtering."
"It is very stable compared to other firewall products."
"Technical support is perfect, excellent."
"The classic features such as content inspection, content protection, and the application-level firewall, are the most important."
"We like the fact that the product is open-source. It's free to use. There are no costs associated with it."
"The VPN is my favorite feature."
"The initial setup is straightforward."
"The scalability is very good, where you can do an HA configuration and then bring in another box, if necessary."
"For everyday tasks, we just get alerts. It's anything that's suspicious, including from our Netgate. So, it's part of how we maintain cybersecurity in our school. This is working alongside our endpoint security solution."
"Its scalability is a strong point."
"There could be more integration between the logging and analytical platforms to make it more seamless and integrated."
"It should be more stable. There should be full integration within Fortinet products themselves as well as with other third-party products. Especially when you're not dealing with SIEM and the correlation of the security box, we want Fortinet to be able to share that information with as many other products as it can."
"The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall."
"To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution."
"They need to improve their technical support."
"Improvement is needed in the Web Filter quotas to restrict users with allocated quotas."
"I would like to see more advanced developments of a wireless controller in the future."
"The logging details need to be improved."
"The inclusion of an autofill feature would improve the ease of commands."
"Recently, we have been having an issue with the ASA firewall. We haven't found the root cause yet and are still working on it. We failed over the firewall from active to passive and suddenly that resolved the issue. We are now working to find the root cause."
"I have worked with the new FTD models and they have more features than the ASA line."
"If they want to add better features to the current Cisco ASA, they can start by increasing the encryption. That is the only thing they need to improve."
"The content filtering on an application level is not as good as other solutions such as Palo Alto."
"The reporting and other features are nice, but there is an issue with applying the configuration. That part needs some improvement."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"The worst part of the entire solution, and this is kind of trivial at times, is that management of the solution is difficult. You manage FireSIGHT through an internet browser. I've had Cisco tell me to manage it through Firefox because that's how they develop it. The problem is, depending on the page you're on, they don't function in the same way. The pages can be very buggy, or you can't resize columns in this one, or you can't do certain things in that one. It causes a headache in managing it."
"ClamAV AntiVirus can cause some crashes. That service should be improved."
"Layer 7 advanced firewall features are not included in the solution."
"Reporting and real-time monitoring, since I'm used to Watchguard's reporting features, it would be nice to have an embedded solution for reporting."
"The hotspot and the portal feature in this solution are not stable for WiFi access. We use it at least once or twice every day and it crashes. Some modules can be better by improving detection and having new updates. Additionally, we have some issues with clustering and load balancing that could improve."
"Also, the GUI is helpful, but it's not user-friendly. It's complicated. It should be more intuitive for the average user and have an excellent graphical view. Of course, the user will typically know about network administration, but it still should be easy to understand."
"I would like to see SD1 integration into the software. That would be fantastic."
"The VPN feature of the solution could improve by adding better functionality and providing easier configure ability."
"The integration could be improved."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.