We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The next-generation firewall is great."
"The most valuable features are simplicity, management, and that it's constantly evolving."
"The features that prevent internet connections, the filtering are the most valuable because we did not have any internet protection before."
"User-friendly and affordable security solution that's recommended for SMB customers. This solution has good technical support."
"FortiGate is very simple to manage and easy to use."
"Unified Threat Management (UTM) features."
"The application control features, such as Facebook blocking and Spotify blocking, are the most valuable."
"The security fabric is excellent."
"The remote access, VPN, and ACL features are valuable. We are using role-based access for individuals."
"The most valuables feature of this product are given by the comprehensive VPN solutions it offers and its tools for troubleshooting and debugging."
"This product is pretty stable."
"I found that setting up rules for HTTPS and SSH access to the management interface are straightforward, including setting the cypher type."
"There are some hiccups here and there, but compared to the technical support from other vendors, I have had the best experience with Cisco's technical support. I would rate them at nine out of ten."
"The technical team is always available when we have problems."
"IPS and Snort are very important because they also differentiate Cisco from other vendors and competitors."
"I am used to the ASA syntax, therefore it is quite easy to make up new rules. I have found that DNS doctoring rules are useful."
"Stability has been excellent. We have experienced no issues; it never fails."
"Creation of certificates and the facility to administer services are valuable features."
"Is good at blocking IP addresses."
"Its features rival many of the high cost solutions out there."
"Good basic firewall features."
"The ability to perform packet captures on the command line and via the GUI is useful for diagnosing problems."
"I use pfSense because it gives me the flexibility to greatly expand basic firewall features."
"The redundancy and scalability ARE very nice."
"Fortinet FortiGate could improve by adding enhancements to FortiMail, FortiSOAR, and FortiDeceptor."
"WAN load-balancing could be a lot better at detecting when a link is poor or inconsistent, and not just flat out dead."
"The debugging and troubleshooting has room for improvement."
"With the reports, you can see it, and you can get good feelings so upper management can go, "Oh, wow. That looks pretty." However, it's very basic."
"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files."
"There were quite a few problems with the stability of the system."
"The support structure needs to be improved because every time we contact them, there is a delay in the response."
"The solution lacks multi-language support."
"In terms of what could be improved, I would say the UTM part should be more integrated for one price, because if you buy ASA from Cisco, you need to buy another contract service from Cisco as a filter for the dictionary of attacks. In Fortinet, you buy a firewall and you have it all."
"The most valuable features of the product are the VPN and the NextGen firewall features such as application control, URL filtering, etc."
"We have encountered problems when implementing new signatures and new versions on our firewall. Sometimes, there is a short outage of our services, and we have not been able to understand what's going on. This is an area for improvement, and it would be good to have a way to monitor and understand why there is an outage."
"Some of the features, like the stability, need to be improved."
"In Firepower, there is an ability to search and dig into a search, which is nice. However, I'm not a super fan of the way it scrolls. If you want to look at something live, it's a lot different. You're almost waiting. With the ASDM, where it just flows, you can really see it. The second someone clicks something or does something, you'll see it. The refresh rate on the events in Firepower is not as smooth."
"Cisco's inspection visibility could be better."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"The security features in the URL category need more improvement."
"As an open-source solution, there are so many loopholes happening within the product. By design, no one is taking ownership of it, and that is worrisome to me."
"The solution could improve by having centralized management and API support online."
"The VPN feature of the solution could improve by adding better functionality and providing easier configure ability."
"Needs services on additional features, such as managing inventory and generating reports."
"The product must provide integration with other solutions."
"The technical support needs to be improved."
"I have been using WireGuard VPN because it is a lot faster and more secure than an open VPN. However, in the latest version of pfSense, they have removed this feature, which is one of the main features that I need. They should include this feature."
"Network monitoring and device inventory could use some improvements. I'm using SpiceWorks for this because it never really worked in pfSense."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.