We performed a comparison between Cisco Secure Firewall and OPNsense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco Secure Firewall is highly regarded for its robust threat defense, comprehensive application visibility, effective troubleshooting capabilities, seamless integration with other Cisco products, and reliable high-availability capabilities. OPNsense is praised for its impressive scalability, excellent guest access capabilities, impressive flexibility, unwavering stability, and commendable IDS/IPS features.
Secure Firewall could benefit from enhancements in network performance, policy administration, customization options, and rule creation. It also requires better licensing flexibility, support for standard interfaces, and advanced features like web filtering. The management interface, deployment times, reporting, and logging functionalities should be enhanced as well. OPNsense needs improvements in its user-friendly interface, bandwidth management, multi-provider internet protection, high availability feature, logging, IPS solution, peer-blocking features, installation and deployment process, reporting capabilities, SSL inspection, and learning curve.
Service and Support: The feedback on customer service for Cisco Secure Firewall varies, with certain customers appreciating their technical assistance while others encountered delays and challenges. OPNsense's support has received both positive and negative assessments, with some customers finding it outstanding while others believe there is room for improvement.
Ease of Deployment: The setup process for Cisco Secure Firewall can be complex, relying on the user's knowledge and environment. OPNsense's initial setup is straightforward and does not present major challenges.
Pricing: Cisco Secure Firewall has a costly setup, involving additional expenses for licensing, support, and hardware. OPNsense is more budget-friendly, as the software itself is free, with expenses primarily related to hardware and deployment choices. Additionally, OPNsense provides a free version, whereas Cisco necessitates licensing.
ROI: Cisco Secure Firewall offers varying ROI depending on the use case and organization's architecture. It brings reduced operational costs and enhanced security, leading to positive ROI. OPNsense delivers ROI in under three months by eliminating recurring fees and recouping savings within that timeframe.
Comparison Results: Cisco Secure Firewall is the preferred choice when comparing it to OPNsense. The initial setup for Cisco Secure Firewall was generally considered straightforward and easy, thanks to the availability of Cisco's resources and documentation. Cisco Secure Firewall offers more valuable features such as threat defense, intensive troubleshooting capabilities, integration with other Cisco products, and advanced features like IPS and web filtering.
"It's super reliable. I don't think I've ever had a reliability issue with it."
"I only deal with it from a security analyst's point of view. I don't really get into the features of the actual FortiGate. From the security point of view, it works, and it does its job."
"The most valuable feature is the interface, which is very user friendly. We are utilizing most of the features, like content filtering. The firewall is powerful."
"Provides good firewall security and has great VPN features."
"The solution is very easy to understand. It's not overly complex."
"Web filtering and two-factor authentication are great features."
"The most valuable feature is the policy routing and application control."
"The solution is stable."
"ASA integrates with FirePOWER, IPS functionality, malware filtering, etc. This functionality wasn't there in the past. With its cloud architecture, Cisco can filter traffic at the engine layer. Evasive encryptions can be entered into the application, like BitTorrent or Skype. This wasn't possible to control through a traditional firewall."
"I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete."
"The greatest benefit for the organization is the confidence that we are secured."
"An eight because it's a good security solution. It's more mature than its competitors."
"To be honest, all of the features that are provided, all the other vendor will also have. One feature we did find valuable was the CLI, it is more accurate. Additionally, I was happy with the customization, dashboards, access lists and interface."
"The remote VPN and IPsec VPN or site-to-site VPN features are valuable. The clustering feature is also valuable. We have two ISP links. Whenever there is a failover, users don't even get to know. The transition is very smooth, and the users don't notice any latency. So, remote VPN, site-to-site VPN, and failover are three very powerful features of Cisco ASA."
"The most valuable feature is the access control list (ACL)."
"It's a flexible solution."
"We have found pretty much all the features of the solution to be valuable."
"The initial setup is easy. It only takes 15-30 minutes to deploy."
"I feel that its valuable features are that it is simple and free."
"The most valuable features are reporting, the Sensei plugin, and firewall capabilities."
"I find the solution to be user-friendly. It has a lot of reports and easy settings."
"The solution is user-friendly and easy to configure."
"The most valuable feature is the Dual WAN in OPNSense, which offers advanced capabilities."
"The solution has high availability."
"Fortinet FortiGate could improve by having a frequent ask questions(FAQ) area for people to receive quick answers to popular questions. Additionally, it would be beneficial to have an SMS notification feature. For example, if you cannot access your email you could receive an SMS message."
"Due to its higher cost, Fortinet FortiGate can lead to increased operational expenses."
"Scalability is one of the disadvantages. When it comes to scalability, you have to actually change the box. If you want to upgrade it, you need to actually change the existing box and probably you take the system off to other sites."
"I would like to see improvements with the antivirus and IPS as they are not working properly all the time."
"You do need some IT knowledge in order to effectively work with the solution."
"The solution is very expensive."
"From a reporting perspective, there's room for improvement. They're providing FortiAnalyzer through which one can get some enhancements, but the visibility and reporting still need slight improvement."
"The UTM filtering needs improvement."
"The product's user interface is an area with certain shortcomings where improvements are required."
"A memory leakage issue which literally freeze the nodes (we have an HA environment). The issue is still not solved and the only recommendation from Cisco is to reboot the node."
"Cisco ASA is not a next-generation firewall product."
"It is hard to control the bandwidth of end-users with a Cisco Firewall. That is the main issue I've faced. I used Mikrotik for many years for this very reason. Mikrotik has the option to set a bandwidth restriction for a single IP or complete segments. Cisco should add this option to their firewall."
"We have more than one Cisco firewall and it is difficult for me to integrate both on the single UI."
"An area of improvement for this solution is the console visualization."
"One feature lacking is superior anti-virus protection, which must be added."
"In general, they can make it easier to manage the solutions. They can make it easier in terms of administration and provide a single tool for different firewalling solutions. They have different tools to manage different firewalls, such as Firepower or ASA. Sometimes, both are on the same thing. You have ASA with Firepower modules, so you manage some of the things via HTML, and then you manage some of the things via another management tool. It's not seamless."
"The ability to set the VPN IP address would be a welcome addition."
"There are a few weaknesses. For example, there is a lack of some features that I have in certain commercial products."
"There are some add-ons that need enhancements to make management easier for users, especially the reporting features. Some reports don't show the level of detail I'm looking for, and I've had trouble installing certain add-ons, especially for Internet bandwidth shaping within my company."
"Its interface should be a little bit better."
"On the customer-side, because I'm a small business, I need a cheaper or free solution option."
"Given that OPNsense plays a pivotal role as a firewall, safeguarding against various threats, having a reliable backup ensures uninterrupted protection even if unforeseen events impact the primary virtual machine."
"They should improve IPEs for security in the future."
"I would like to see better SD-WAN performance."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while OPNsense is ranked 3rd in Firewalls with 36 reviews. Cisco Secure Firewall is rated 8.2, while OPNsense is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of OPNsense writes "Robust network security and management offering a user-friendly interface, open-source flexibility, and cost-effectiveness, with challenges regarding initial setup and the absence of official support". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and SonicWall TZ, whereas OPNsense is most compared with Netgate pfSense, Sophos XG, Untangle NG Firewall, Sophos UTM and WatchGuard Firebox. See our Cisco Secure Firewall vs. OPNsense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.