Most Helpful Review
Find out what your peers are saying about Cisco Firepower NGFW Firewall vs. pfSense and other solutions. Updated: September 2020.
441,478 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"At this point, we find that this product has high productivity and high availability and there is no need for improvement."
"It is a highly stable product. We rarely receive any serious outdates, so it works quite well."
"It is a secure product."
"It is scalable and stable."
"Cisco ASA is very strong."
"It protects our network."
"The stability of the product is good."
"It is a comprehensive suite and complete package."
"The architecture of FTD is great because it has an in-depth coverage and because it uses the AVC, (Application, Visibility, and Control) and also rate limits. Also, the architecture of fast paths is great."
"Stability is perfect. I haven't had any problems."
"We chose Cisco because it had the full package that we were looking for."
"Because of the deeper inspection it provides we have better security and sections that allow users broader access."
"An eight because it's a good security solution. It's more mature than its competitors."
"Cisco Firepower NGFW is really easy to use right now to determine when my file requires a shift from primary to secondary status, and it can be done with automation. Earlier we used to do this with patching."
"I like the way Firepower presents the data. It gives you two classifications for the evidence, something based on the priority of the evidence and another classification based on the impact of the evidence in your environment. This makes it very easy to spot the evidence that is most impactful to my environment. Instead of having to go through all the evidence based on that priority, I can focus on the evidence that has the most impact on my environment."
"The most valuable feature of the Firepower solution is FireSIGHT, which can be easily managed and is user-friendly."
"We generally use it because it's cheap. When we need something more robust we use Barracuda and Sony Wireless Routers. For certain clients, we use pfSense because it's compatible with the VoIP platform."
"My company mainly works in the health and educational domain, schools and universities. I prevent the improper use of content from schools and universities. I defend the medical records for the patients in our hospitals. That is the main use case for me for the firewall."
"I had some outages in the network and we provide services for our company. We sell mobile credits. The terminal gets access to our own server inside the network and if one internet fails, then the other one is still up and we have a back-up link on the devices."
"This solution has helped our organization by protecting our network from attacks."
"This solution has increased the level of security, given us more control, provided a deep insight into network traffic, and is a great VPN solution."
"The scalability is very good, where you can do an HA configuration and then bring in another box, if necessary."
"The most valuable features are the VPN and the capture photo."
"The solution is very robust."
"<p>If there is old hardware, or appliances, it does not necessarily work with the new Cisco generation firewalls."
"It is not easy to configure."
"The scalability is a bit limiting, to be honest. In terms of when you look to changing landscape in terms of threats, I think to me, my personal it's a bit limiting."
"Tech support could not answer all of our questions. I had to do research on the web to solve my issues."
"Migration with other appliances is not easy. It has to be done manually, and this takes a long time."
"The pricing is a bit high."
"Cisco ASA should be easier to use. It is a bit tough to navigate and see what is going on."
"Even on a smaller scale, people are finding you need HA pairs, and there's no way that the ASA can do that, at least in the virtual version."
"The license system is also good but it's not very impressive. It's a very regular licensing system. They call it a smart license which means that your device will connect to the internet. This is a little bit of a headache for some customers. It doesn't make the customer happy because most of the customers prefer not to connect their firewall or system to the internet."
"I would like for them to develop better integration with other security platforms."
"The stability and the product features have to really be worked on."
"Cisco should redo their website so it's actually usable in a faster way."
"The security features in the URL category need more improvement."
"One feature lacking is superior anti-virus protection, which must be added."
"Also, they have a Firepower source file that I can work on the ASA device and on Firepower devices. A problem here lies in the way that you manage these devices. Some devices do not support the FMC, and some devices have to be managed through ASDM, and others have to be managed through FMC."
"I would like to see the inclusion of more advanced antivirus features in the next release of this solution."
"I would like to see SD1 integration into the software. That would be fantastic."
"pfSense is not user-friendly. I hope to have something to make the interfaces more user-friendly."
"Adjustment in the interfaces: I had to adjust those interfaces manually and of course that is a great feature that you can restore it but it is immediately also one point for improvement. If you don't have to adjust, if it's just stamped and it works, that's great."
"This product needs improvements with respect to reporting and auditing."
"We would like to see ready-made profiles to cover most users' needs."
"I would like to see different graphs available in the reporting."
"If a user doesn't have a large amount of experience in Linux systems, they will have problems using this solution. Users need to be highly skilled in troubleshooting competency. Users who do not have such skills will find the product difficult to use."
"The solution requires a lot of administration."
Pricing and Cost Advice
"The cost is a bit higher than other competitive solutions on the market."
"It is considered on the "high end" of the spectrum."
"Cisco recently has become very expensive."
"The cost is a bit high compared to other solutions in the market."
"Purchasing from the AWS Marketplace was easy. It was just point and click."
"It is pay-as-you-go, so it much cheaper than buying in the plants."
"Our individual release cycle has been quicker because the entire development and testing environment has been automated because of these virtual instances. It has aligned our development workflow. This is where we have seen the ROI increase."
"With the Cisco ASA, you do get what you pay for. What would really be awesome is to see Cisco blow out a real cheap version where you can use the sandbox, but leave it step-wise and go to another product relatively easily, like getting you hooked on candy."
"Based on the services that you will get, especially the AMP license, the price is very reasonable."
"It's more expensive than Fortinet and Juniper. The price is high compared to other vendors. In general, for the license, it's not that expensive."
"The Cisco licensing agreement in Bangladesh is different than the one in India and in Dubai. It is not a problem, but if you want to subscribe to the yearly subscription, the original cost is really high. Also, if you go for an anti-virus, you pay for an additional yearly subscription."
"The price of this solution is not good or bad."
"The Firepower series of appliances is not cheap. I just got a quote recently for six firewalls that was in the range of over half-a-million dollars. That's what could push us to look to other vendors..."
"Our subscription costs, just for the firewalls, is between $400,000 and $500,000 a year."
"Cisco's pricing is high, at times, for what they provide."
"The one-time cost is affordable, but the maintenance cost and the Smart Net costs need to be reduced. They're too high."
"This solution provides enterprise-level features at a fraction of the cost of an enterprise firewall."
"It is an open source firewall."
Questions from the Community
Top Answer: Fortinet FGs: Great devices, relatively easy to deploy and maintain. Cheaper than most devices of their kind. If you're… more »
Top Answer: They provide DDoS protection and multi-factor authentication. That is a good option as it enables work-from-home… more »
Top Answer: In terms of costs, other solutions are more expensive than Cisco. Palo Alto is more expensive than Cisco.
Top Answer: Palo Alto was the first company to tackle perimeter protection via applications instead of port blocking their install… more »
Top Answer: We are partners for both products and as a security practice, we recommend Fortinet over Cisco for security. Fortinet… more »
Top Answer: I'd agree with Karl's comment above. PfSense is a great product but treat it like a firewall and the big bonus is it's… more »
Top Answer: Basically the major difference between Sophos XG Firewall and PFsense is that Sophos is a nextgen firewall based on… more »
Compared 34% of the time.
Compared 8% of the time.
Compared 5% of the time.
Compared 5% of the time.
Compared 4% of the time.
Compared 24% of the time.
Compared 14% of the time.
Compared 8% of the time.
Compared 5% of the time.
Compared 2% of the time.
Compared 21% of the time.
Compared 17% of the time.
Compared 15% of the time.
Compared 10% of the time.
Compared 1% of the time.
Also Known As
|Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv||Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv|
Cisco ASA firewalls deliver enterprise-class firewall functionality with highly scalable and flexible VPN capabilities to meet diverse needs, from small/branch offices to high performance data centers and service providers. Available in a wide range of models, Cisco ASA can be deployed as a physical or virtual appliance. Flexible VPN capabilities include support for remote access, site-to-site, and clientless VPN. Also, select appliances support clustering for increased performance, VPN load balancing to optimize available resources, advanced high availability configurations, and more.
Cisco ASAv is the virtualized version of the Cisco ASA firewall. Widely deployed in leading private and public clouds, Cisco ASAv is ideal for remote worker and multi-tenant environments. The solution scales up/down to meet performance requirements and high availability provides resilience. Also, Cisco ASAv can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables greater simplicity, visibility, and efficiency.
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
|Providing comprehensive network security solutions for the enterprise, large business and SOHO, pfSense solutions bring together the most advanced technology available to make protecting your network easier than ever before. Our products are built on the most reliable platforms and are engineered to provide the highest levels of performance, stability and confidence.|
Learn more about Cisco ASA Firewall
Learn more about Cisco Firepower NGFW Firewall
Learn more about pfSense
|There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.||Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield||Nerds On Site Inc., RKC Development Inc., Expertech, Fisher's Technology, Ncisive, Consulting, CPURX, Vaughn's Computer House Calls, Imeretech LLC, Digital Crisis, Carolina Digital Phone, Technigogo Technology Services, The Simple Solution, SwiftecITInc, Rocky Mountain Tech Team, Free Range Geeks, Alaska Computer Geeks, Lark Information Technology, Renaissance Systems Inc., Cutting Edge Computers, Caretech LLC, GoVanguard, Network Touch Ltd, P.C. Solutions.Net, Vision Voice and Data Systems LLC, Montgomery Technologies, Techforce, Concero Networks, ASONInc, CPS Electronics and Consulting, Darkwire.net LLC, IT Specialists, MBS-Net Inc., VOICE1 LLC, Advantage Networking Inc., Powerhouse Systems, Doxa Multimedia Inc., Pro Computer Service, Virtual IT Services, A&J Computers Inc., Envision IT LLC, CommunicaONE Inc., Bone Computer Inc., Amax Engineering Corporation, QPG Ltd. Co., IT 101 Inc., Perfect Cloud Solutions, Applied Technology Group Inc., The Digital Sun Group LLC, Firespring|
Financial Services Firm20%
Comms Service Provider13%
Computer Software Company27%
Comms Service Provider26%
Financial Services Firm36%
Comms Service Provider21%
Comms Service Provider33%
Computer Software Company27%
Comms Service Provider14%
Comms Service Provider27%
Computer Software Company20%
See our list of best Firewalls vendors.