We performed a comparison between Cisco Secure Firewall and OPNsense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco Secure Firewall is highly regarded for its robust threat defense, comprehensive application visibility, effective troubleshooting capabilities, seamless integration with other Cisco products, and reliable high-availability capabilities. OPNsense is praised for its impressive scalability, excellent guest access capabilities, impressive flexibility, unwavering stability, and commendable IDS/IPS features.
Secure Firewall could benefit from enhancements in network performance, policy administration, customization options, and rule creation. It also requires better licensing flexibility, support for standard interfaces, and advanced features like web filtering. The management interface, deployment times, reporting, and logging functionalities should be enhanced as well. OPNsense needs improvements in its user-friendly interface, bandwidth management, multi-provider internet protection, high availability feature, logging, IPS solution, peer-blocking features, installation and deployment process, reporting capabilities, SSL inspection, and learning curve.
Service and Support: The feedback on customer service for Cisco Secure Firewall varies, with certain customers appreciating their technical assistance while others encountered delays and challenges. OPNsense's support has received both positive and negative assessments, with some customers finding it outstanding while others believe there is room for improvement.
Ease of Deployment: The setup process for Cisco Secure Firewall can be complex, relying on the user's knowledge and environment. OPNsense's initial setup is straightforward and does not present major challenges.
Pricing: Cisco Secure Firewall has a costly setup, involving additional expenses for licensing, support, and hardware. OPNsense is more budget-friendly, as the software itself is free, with expenses primarily related to hardware and deployment choices. Additionally, OPNsense provides a free version, whereas Cisco necessitates licensing.
ROI: Cisco Secure Firewall offers varying ROI depending on the use case and organization's architecture. It brings reduced operational costs and enhanced security, leading to positive ROI. OPNsense delivers ROI in under three months by eliminating recurring fees and recouping savings within that timeframe.
Comparison Results: Cisco Secure Firewall is the preferred choice when comparing it to OPNsense. The initial setup for Cisco Secure Firewall was generally considered straightforward and easy, thanks to the availability of Cisco's resources and documentation. Cisco Secure Firewall offers more valuable features such as threat defense, intensive troubleshooting capabilities, integration with other Cisco products, and advanced features like IPS and web filtering.
"The response is very quick and they can visually resolve our problems in a short period."
"The management console is pretty simple, so anyone who understands networking can initially deploy the solution."
"The features that prevent internet connections, the filtering are the most valuable because we did not have any internet protection before."
"This is a quality product with ok support, and it is better than the competition we've tried."
"Mainly the FortiGate reporting system is very good. It guides us through all the expectations of security. Fortinet provides us all that we need for security. Also, Fortinet FortiGate is a next-generation firewall. It is much more advanced than others."
"The solution is extremely reliable."
"Our project needs to link two sides through the internet. One of these was in Cairo and the other in another city. We used FortiGate as the integrating solution between the two locations, i.e. the Fortinet 30E & 100E."
"We have been able to offer several services to customers in a single box."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"I like the user interface because the navigation is very easy, straightforward on your left side pane you have all the sites that you need to browse. Unlike any other firewalls, it's pretty straightforward."
"The feature I find most valuable is the Cisco VPN Interconnection."
"The greatest benefit that this has provided to our organization is that we've been able to adjust the time that it takes to implement firewall changes. It's gone from a week to less than half a day to implement a change, which means that our DevOps team can be much more agile, and there is much less overhead on the firewall team."
"The most valuable features for my client are the ASDM and monitoring."
"I found that setting up rules for HTTPS and SSH access to the management interface are straightforward, including setting the cypher type."
"Management Console and user profiling to define activities."
"The web interface was easy for me. The configuration is logical, so it's easy to use and easy to understand how to protect, how to open a port, how to manage and how to route a device. That's why I prefer Cisco. It's robust and I never have issues with the hardware. That's why I choose Cisco and not another vendor."
"The solution is user-friendly and easy to configure."
"We can open a new VPN connection easily. It's much easier than with Fortinet in our experience."
"One of the most valuable features is the network checking. Additionally, the firewall and web filtering functionalities are highly useful."
"The solution has high availability."
"The DNS-level filtering is impressive for thwarting time scanners."
"The most valuable features of OPNsense are the GUI and frequent updates."
"The most valuable features are reporting, the Sensei plugin, and firewall capabilities."
"The initial implementation process is simple."
"From a reporting perspective, there's room for improvement. They're providing FortiAnalyzer through which one can get some enhancements, but the visibility and reporting still need slight improvement."
"For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial."
"Some configuration elements cannot be easily altered once created."
"NGN, reporting and controls."
"It should be more stable. There should be full integration within Fortinet products themselves as well as with other third-party products. Especially when you're not dealing with SIEM and the correlation of the security box, we want Fortinet to be able to share that information with as many other products as it can."
"The captive portal could be improved."
"Fortinet needs more memory to save the log files. We need it to save the logs on the hardware and not in the cloud. I know this feature is available in FortiCloud, but if we need this log locally, it is not available."
"Due to its higher cost, Fortinet FortiGate can lead to increased operational expenses."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"Also, they have a Firepower source file that I can work on the ASA device and on Firepower devices. A problem here lies in the way that you manage these devices. Some devices do not support the FMC, and some devices have to be managed through ASDM, and others have to be managed through FMC."
"MSSP oriented interface: I would like a single console which would allow me to manage settings creating consistency across all customers."
"Cisco Secure Firewall’s customer support could be improved."
"Most users do not have awareness of this product's functionality and features. Cisco should do something to make them aware of them. That would be quite excellent and useful to organizations that are still using legacy data-center-security products."
"ASDM can be improved."
"One big pain point I have is the ASDM interface because it's Java, and sometimes, it's a bit buggy and has low performance. That's something that probably won't be improved because of backward compatibility."
"The ASA needs to incorporate the different modules you have to integrate to achieve UTM functions, especially for small businesses."
"There are issues with stability and reliability."
"The ability to set the VPN IP address would be a welcome addition."
"The IPS solution could be more reliable."
"The logging could improve in OPNsense."
"There are a few weaknesses. For example, there is a lack of some features that I have in certain commercial products."
"I would like to see better SD-WAN performance."
"The support for OPNsense is good because we have documents available on the internet. The support could improve a little."
"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while OPNsense is ranked 3rd in Firewalls with 35 reviews. Cisco Secure Firewall is rated 8.2, while OPNsense is rated 8.2. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of OPNsense writes "Good interface and firewall capabilities and overall easy to use". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and SonicWall TZ, whereas OPNsense is most compared with Netgate pfSense, Sophos XG, Untangle NG Firewall, Sophos UTM and Palo Alto Networks NG Firewalls. See our Cisco Secure Firewall vs. OPNsense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.