We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The most important feature, normally for small business customers, is link load balancing."
"The threat prevention is the solution's most valuable aspect."
"The most valuable feature of this solution is the analytics."
"You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it."
"User-friendly and affordable security solution that's recommended for SMB customers. This solution has good technical support."
"It blocks the vulnerabilities that can negatively impact us."
"The most valuable feature of Fortinet FortiGate is the simple configuration."
"Reliability is the best feature. We faced some issues when we were setting it up, but the service, portal, and administration are good."
"Cisco Secure Firewall has improved our customers' security posture because it offers Next-Gen features, granularity, and reporting on the back of it. You can see the amount of users accessing Office 365, for example, and whether they're having a good or bad experience. You can see the threats that are coming into your network. You can see anyone who is compromised from within your network."
"This solution made our organization more secure and gave us better control."
"Simple to deploy, stable."
"Beats sophisticated cyber attacks with a superior security appliance."
"The best features are stability and scalability."
"We can easily track unauthorized users and see where traffic is going."
"The benefits we see from the ASA are connected to teleworking as well as, of course, having the basic functionality of a firewall in place and the prevention of attacks."
"In v9.8 you are able to do active/backup HA with ASAv (Adaptive Security Virtual Appliance) deployed on MS Azure."
"We generally use it because it's cheap. When we need something more robust we use Barracuda and Sony Wireless Routers. For certain clients, we use pfSense because it's compatible with the VoIP platform."
"The initial setup was simple and fast."
"pfSense helped us during COVID-19 because we used OpenVPN to connect from home."
"I am happy with the EPLS, the radius, and I am happy with the captive portal."
"The flexibility of adding new kinds of services without spending any money can't be beaten."
"Sophos Intercept X is scalable. Currently, we have almost 30 people using it in our company."
"The gain in performance and security from configuring the VPN connections was significant."
"The tools' most valuable feature is load balancing."
"The command line is complicated, and the interface could be better."
"They need to improve their technical support."
"Performance and technical support are the main issues with this solution."
"The solution could have licensing fees reduced in the future."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"Fortigate's hardware capacities could be improved."
"I use the FortiGate 60D model and realized the 300Mbps bandwidth limitation. Because it is a product that offers many services, I think it could have greater bandwidth capacity."
"Fortinet could improve the windows opener or the virtual IP solutions for opening windows. The virtual IP settings need improvement as firewalls are trending in new development directions."
"The ASA needs to incorporate the different modules you have to integrate to achieve UTM functions, especially for small businesses."
"I think that the solution can be improved with the integration of application-centric infrastructure. It could be used to have better solutions in one box."
"A major area of improvement would be to have more functionality in public clouds, especially in terms of simplifying it. The high availability doesn't work right now because of the limitations in the cloud."
"It is my understanding that they are in the process of discontinuing this device."
"In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard."
"We don't have any serious problems. The firewall models that we have are quite legacy, and they have slower performance. We are currently investigating the possibility of migrating to next-generation firewalls."
"I would like to see the inclusion of more advanced antivirus features in the next release of this solution."
"10Gb interfaces should be available on more models."
"I expect a better interface with more log analysis because I create my own interface."
"As an open-source solution, there are so many loopholes happening within the product. By design, no one is taking ownership of it, and that is worrisome to me."
"It requires more attention to provide a better alternative for open source to small government or educational institutions with reduced budgets in terms of technology."
"I believe improving integration with various antivirus vendors could be beneficial."
"One concern I have with Netgate pfSense is related to packet filtering. Specifically, issues can arise with certain functionalities like GP, and, at times, there may be bugs."
"The integration could be improved."
"The technical support needs to be improved."
"I would like to see SD1 integration into the software. That would be fantastic."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Juniper SRX Series Firewall and Palo Alto Networks NG Firewalls, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and Untangle NG Firewall. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.