We performed a comparison between Cisco Secure Firewall and OPNsense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco Secure Firewall is highly regarded for its robust threat defense, comprehensive application visibility, effective troubleshooting capabilities, seamless integration with other Cisco products, and reliable high-availability capabilities. OPNsense is praised for its impressive scalability, excellent guest access capabilities, impressive flexibility, unwavering stability, and commendable IDS/IPS features.
Secure Firewall could benefit from enhancements in network performance, policy administration, customization options, and rule creation. It also requires better licensing flexibility, support for standard interfaces, and advanced features like web filtering. The management interface, deployment times, reporting, and logging functionalities should be enhanced as well. OPNsense needs improvements in its user-friendly interface, bandwidth management, multi-provider internet protection, high availability feature, logging, IPS solution, peer-blocking features, installation and deployment process, reporting capabilities, SSL inspection, and learning curve.
Service and Support: The feedback on customer service for Cisco Secure Firewall varies, with certain customers appreciating their technical assistance while others encountered delays and challenges. OPNsense's support has received both positive and negative assessments, with some customers finding it outstanding while others believe there is room for improvement.
Ease of Deployment: The setup process for Cisco Secure Firewall can be complex, relying on the user's knowledge and environment. OPNsense's initial setup is straightforward and does not present major challenges.
Pricing: Cisco Secure Firewall has a costly setup, involving additional expenses for licensing, support, and hardware. OPNsense is more budget-friendly, as the software itself is free, with expenses primarily related to hardware and deployment choices. Additionally, OPNsense provides a free version, whereas Cisco necessitates licensing.
ROI: Cisco Secure Firewall offers varying ROI depending on the use case and organization's architecture. It brings reduced operational costs and enhanced security, leading to positive ROI. OPNsense delivers ROI in under three months by eliminating recurring fees and recouping savings within that timeframe.
Comparison Results: Cisco Secure Firewall is the preferred choice when comparing it to OPNsense. The initial setup for Cisco Secure Firewall was generally considered straightforward and easy, thanks to the availability of Cisco's resources and documentation. Cisco Secure Firewall offers more valuable features such as threat defense, intensive troubleshooting capabilities, integration with other Cisco products, and advanced features like IPS and web filtering.
"The most valuable features are the enterprise modeling and the simple interface."
"Secure, user-friendly, stable, and scalable network security solution. Installation is straightforward."
"The CLI and GUI do a good job of putting a lot at your fingertips."
"The most important features with FortiGate are the web filter and application controls. We can control our internet usage and use the web filter for application purposes."
"I like Fortinet FortiGate's antispam filter, SPN, and clustering features."
"The payment function for applications is good."
"Customers want to load balance more than eight lines or six internet lines. FortiGate is the only solution that can accomplish this."
"I really like the captive portal feature for our guest network. It has nice VLAN features in terms of separating our network. The anti-virus is also good."
"Firepower has reduced our firewall operational costs by about 25 percent."
"The best solutions for our company are those we have yet to implement so it will be even better in the future for us than it already is."
"The stability is good. Very simple. Upgrades are great."
"The content filtering is good."
"VPN, firewall, and IDS/IPS allow us to deliver services to meet client needs across various industry verticals."
"AnyConnect has been very helpful, along with the ability to use LDAP for authentication."
"On the network side, where you create your rules for allowing traffic — what can come inside and what can go out — that works perfectly, if you know what you want to achieve. It protects you."
"The primary benefits of using Cisco Secure solutions are time-saving, a robust API, and convenience for the security team."
"The solution is good for a basic firewall for a small business or for home use."
"The most valuable feature is the Dual WAN in OPNSense, which offers advanced capabilities."
"The VPN server feature is the most valuable. It is integrated with Radius and AAA for doing accounting and authentication. Insight view is also an important feature for me at this time. It allows me to assess our network traffic. I also like the firewall feature. The BSD kernel has a packet filter. It is one of the most solid frameworks for firewalls. Its user interface is one of the best interfaces I have used."
"It's more secure and more reliable."
"URL blocking, Wireguard, Tail Scale, Engine Blocker, and VPN are the most valuable features for me."
"The initial setup is easy. It only takes 15-30 minutes to deploy."
"The solution is user-friendly and easy to configure."
"OPNsense is easy to scale when running on the hardware."
"The integration with third-party tools may be something that they should work on."
"Scalability for Fortinet FortiGate needs to be improved. SD-WAN security for this solution also needs some improvement."
"Fortinet FortiGate is a firewall solution and once it's deployed, you can rest assured that your system is secure."
"It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features."
"The support we receive when we need to upgrade is not satisfactory and has room for improvement."
"While FortiGate is cheaper than most other solutions, we're seeing increased license renewal costs. Most of our clients are asking for more significant discounts because the price is going up."
"The pricing could be reduced or include the first year warranty."
"The performance could be a bit better. Right now, I find it to be lacking. Having good performance is very important for our work."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"The ASAs are being replaced with the new Firepowers and they have a different type of structure in the configuration to be able to migrate from one to the other."
"The stability and the product features have to really be worked on."
"Cisco wasn't first-to-market with NGFWs... they should look at what other vendors are doing and try not only to be on the same wavelength but a little bit better."
"I would like it if there was a centralized way to manage policies, then sticking with the network functions on the actual devices. That is probably the thing that frustrates me the most. I want a way that you can manage multiple policies at several different locations, all at one site. You then don't have to worry about the connectivity piece, in case you are troubleshooting because connectivity is down."
"It would be great if some of the load times were faster."
"I would like it to have faster deployment times. A typical deployment could take two to three minutes. Sometimes, it depends on the situation. It is better than it was in the past, but it could always use improvement."
"Cisco ASA is starting to get old and Firepower is taking over. All the good things happening are with Firepower."
"The user interface could be improved, and the DNS section should be more intuitive."
"The solution could be more secure."
"I would like better documentation concerning the provided packages and their integration."
"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."
"An area for improvement in OPNsense is the hardware, which needs to be updated more frequently. DNS blocking is another good feature I want to be added to the solution. pfSense has a peer-blocking feature that I also want to see in OPNsense."
"Its interface should be a little bit better."
"The ability to set the VPN IP address would be a welcome addition."
"The only thing that I would like to see improved is the Insight or the NetFlow analysis part. It would be good to have the possibility to dig down on the Insight platform. Right now, we can easily do only a few analyses. If this page becomes more powerful, it surely will be a well-adopted platform."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while OPNsense is ranked 3rd in Firewalls with 36 reviews. Cisco Secure Firewall is rated 8.2, while OPNsense is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of OPNsense writes "Robust network security and management offering a user-friendly interface, open-source flexibility, and cost-effectiveness, with challenges regarding initial setup and the absence of official support". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and SonicWall TZ, whereas OPNsense is most compared with Netgate pfSense, Sophos XG, Untangle NG Firewall, Sophos UTM and WatchGuard Firebox. See our Cisco Secure Firewall vs. OPNsense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.