We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"FortiGate firewalls are user-friendly, and I like the security profiling features."
"The most valuable features of the solution are SD-WAN, filtering testing applications, web filtering, and the new VPN."
"The GUI is good."
"The most valuable feature is the policy routing and application control."
"Unified Threat Management (UTM) features."
"The secure web gateway module and the application control module are valuable. HA operations are very easy."
"The solution is very user friendly. The user interface in particular is quite nice."
"The solution has very good threat and content filtering switches."
"The best solutions for our company are those we have yet to implement so it will be even better in the future for us than it already is."
"What I found the most valuable about Cisco Secure Firewall is that if a client is educated about the solution, it can help him or her avoid many problems and mistakes."
"The most valuable features are the provision of internet access, AnyConnect, and VPN capabilities."
"I like the way Firepower presents the data. It gives you two classifications for the evidence, something based on the priority of the evidence and another classification based on the impact of the evidence in your environment. This makes it very easy to spot the evidence that is most impactful to my environment. Instead of having to go through all the evidence based on that priority, I can focus on the evidence that has the most impact on my environment."
"Implementing Cisco Secure Firewall has saved us time because we rely on most of the out-of-the-box signatures. It has reduced the time and effort spent in configuration within the security network."
"The most valuable features are the IPsec VPN and web filtering."
"The information coming from Talos does a good job... I like the fact that Cisco is working with them and getting the information from them and updating the firewall."
"The remote access, VPN, and ACL features are valuable. We are using role-based access for individuals."
"The solution is very easy to use and has a very nice GUI."
"I have found the firewall portion for the blocking most valuable."
"I mostly like all of it. Whatever we use is valuable."
"Creation of certificates and the facility to administer services are valuable features."
"The GUI is easy to understand."
"It's a good solution for end-users. It's pretty easy to work with."
"Easy to deploy and easy to use."
"The scalability is very good, where you can do an HA configuration and then bring in another box, if necessary."
"For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial."
"Fortinet FortiGate could improve the user interface. There should be more functionality and options through the GUI."
"It would be nice if FortiGate incorporated some built-in endpoint protection features. I would also like a built-in SOC dashboard for managing multiple Fortinet firewalls."
"Currently, without the additional reporting module, we only have access to basic reporting."
"It's my understanding that more of the current generation features could be brought in. There could be more integration with EDRs, for example."
"The main aspect of FortiGate that could be improved is load balancing. Our management team does not want to buy another appliance for only load balancing."
"In terms of what could be improved, the SD-WAN is quite difficult, because if you install the new box, 15 is okay, but if you change from an old configuration, if there is already configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface."
"MTBF: Hardware failure is more common when compared to SonicWall or Cisco ASA."
"Security generally requires integration with many devices, and the management side of that process could be enhanced somewhat. It would help if there was a clear view of the integrations and what the easiest way to do them is."
"We have more than one Cisco firewall and it is difficult for me to integrate both on the single UI."
"One thing that we really would have loved to have was policy-based routing. We had a lot of connections, and sometimes, we would have liked to change the routing depending on the policies, but it was lacking this capability. We also wanted application filtering and DNS filtering."
"Multiple WAN connections: Even though you can implement more than one interface to outside connections, it is lacking on load balances, etc."
"When we first got it, we were doing individual configuring. Now, there is a way to manage from one location."
"There is room for improvement in the stability or software quality of the product. There were a few things in the past where we had a little bit of a problem with the product, so there is room for improvement."
"It needs more tunneling capabilities."
"They need to do an overhaul of the management console."
"Needs services on additional features, such as managing inventory and generating reports."
"The integration could be improved."
"The router monitoring needs improvement when compared with Sonicwall."
"It's just not listed as FIPS compliant for where we're at now in government, which is an issue."
"One concern I have with Netgate pfSense is related to packet filtering. Specifically, issues can arise with certain functionalities like GP, and, at times, there may be bugs."
"In an upcoming release, the reporting could be more user-friendly. For example, the reporting in graphs and charts for the host can be cumbersome."
"This product needs improvements with respect to reporting and auditing."
"We have not had any problems with it, and we also do not have a need for any new features. If anything, its reporting can be better. Sophos has better reporting than pfSense. Sophos has more detailed information. pfSense is not as detailed. It is summarized."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.