We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The most valuable feature is the ease of use."
"Our security improved from being able to put in rules and close off unwanted traffic."
"The usage in general is pretty good."
"Fortinet FortiGate is user-friendly and affordable."
"FortiGate has a very strong unified threat management system."
"The management console is pretty simple, so anyone who understands networking can initially deploy the solution."
"FortiGate is on the cheaper end, and it offers good value."
"The security features that they have are quite good. On top of that, their licensing model is quite nice where they don't charge you anything for the SD-WAN functionality for the firewall."
"Cisco ASA is very strong."
"One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now."
"VPN, firewall, and IDS/IPS allow us to deliver services to meet client needs across various industry verticals."
"Being able to use it as a policy-based VPN is valuable. It's very easy to understand. It's very easy to troubleshoot."
"It is very stable."
"The greatest benefit that this has provided to our organization is that we've been able to adjust the time that it takes to implement firewall changes. It's gone from a week to less than half a day to implement a change, which means that our DevOps team can be much more agile, and there is much less overhead on the firewall team."
"We have not had to deal with stability issues."
"It makes it very easy to have delineated roles and responsibilities between network engineering and network security."
"The gain in performance and security from configuring the VPN connections was significant."
"The solution is fairly scalable when it comes to integrating with other applications and data sets."
"I had some outages in the network and we provide services for our company. We sell mobile credits. The terminal gets access to our own server inside the network and if one internet fails, then the other one is still up and we have a back-up link on the devices."
"We can run it on any hardware."
"The VPN is my favorite feature."
"I especially like the VPN part. It works like a charm."
"We like the fact that the product is open-source. It's free to use. There are no costs associated with it."
"I use pfSense because it gives me the flexibility to greatly expand basic firewall features."
"Fortinet FortiGate can improve the integration with Active Directory. Additionally, I would like to have a Cloud Controller, such as they do in the Cisco Meraki solution."
"The feature which gives us a lot of pain is ASIC architecture."
"The logs need to be better. They need to be more visible and easier to access."
"Security is a continuous process. In every product, there is a requirement for improvement. Its pricing should also be improved according to Indian market requirements. They must also improve on the reporting part. Its reporting can be more precise. If we can get a real-time report in a specific format, it will be helpful for customers to know about the current status of their security."
"The inability to scale the FortiAnalyzer to match our growth necessitates the purchase of new hardware."
"Technical support for this solution can be improved."
"It does not have key authentication for admin access."
"The feedback that I have received is that the performance could be better, and the user experience is not as good compared to a previous solution we used. It could be more user-friendly. Of course, it still works fine for our operations."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"In Firepower, there is an ability to search and dig into a search, which is nice. However, I'm not a super fan of the way it scrolls. If you want to look at something live, it's a lot different. You're almost waiting. With the ASDM, where it just flows, you can really see it. The second someone clicks something or does something, you'll see it. The refresh rate on the events in Firepower is not as smooth."
"We have more than one Cisco firewall and it is difficult for me to integrate both on the single UI."
"I'm not a big fan of the FDM (Firepower Device Manager) that comes with Firepower. I found out that you need to use the Firepower Management Center, the FMC, to manage the firewalls a lot better. You can get a lot more granular with the configuration in the FMC, versus the FDM that comes out-of-the-box with it. FDM is like Firepower for dummies."
"As it’s a GenX firewall, expertise for both implementation and troubleshooting the pain points can be a challenge. This could be a concern when companies are thinking about buying this product."
"The dashboard can be improved."
"Cisco should redo their website so it's actually usable in a faster way."
"For what we use it for, it ends up being the perfect product for us, but it would help if they could expand it into some of the other areas and other use cases working with speeding up and the reliability of the pushes from the policy manager."
"The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them."
"The solution could be more user-friendly, and the graphical interface needs some work so that someone without an IT background can use the application. I would like the ability to manage the on-premise appliance from the cloud. When I'm not in the office, it would be great to connect to the pfSense server and administer the network remotely."
"The main problem with pfSense is that we have to use proxy solutions."
"More documentation would be great, especially on new features because sometimes, when new features come out, you don't get to understand them right off the bat. You have to really spend a lot of time understanding them. So, more documentation would be awesome."
"Their support could be better in terms of the response time."
"I expect a better interface with more log analysis because I create my own interface."
"It was difficult to configure our web printer through the solution. This process could be easier. Additionally, integration with SD-WAN solution."
"The security could be improved."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.