We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The most valuable feature is the ease of use."
"The solution has very good threat and content filtering switches."
"The user interface is relatively easy. The devices are easy to deploy and figure out when you have experience with other security appliances."
"Its user interface is good, and it is always working fine."
"The UTM feature is quite good. FortiAP is easy to deploy because both Fortigate and FortiAP are under the same brand. Otherwise, you need to do more work on the configuration."
"The most valuable feature of Fortinet FortiGate is the simple configuration."
"With FortiClient, you can easily connect when you are home, check out what you want to do, and connect to your network when you are not at work. You can switch on servers and you can check what is wrong."
"The multi-tenancy feature is most valuable. It integrates very well with FortiManager and FortiAnalyzer."
"The most valuable features of this solution are advanced malware protection, IPS, and IDS."
"For our very specific use case, for remote access for VPN, ASAs are very good."
"We feel that we can trust the security, and our assets and business are well protected. We need to have trust in it, but we also see that it works. We have a security company that has tested that it works."
"I like the Cisco ASDM (Adaptive Security Device Manager), which is the configuration interface for the Cisco firewall."
"The high-availability features, the VPN and the IPSec, are our top three features."
"ASA integrates with FirePOWER, IPS functionality, malware filtering, etc. This functionality wasn't there in the past. With its cloud architecture, Cisco can filter traffic at the engine layer. Evasive encryptions can be entered into the application, like BitTorrent or Skype. This wasn't possible to control through a traditional firewall."
"IPS and Snort are very important because they also differentiate Cisco from other vendors and competitors."
"Cisco Secure Firewall is robust and reliable."
"The intrusion detection feature is the most valuable. It is an open-source firewall, so there is a lot of material on it. I also find the open VPN capability very nice. It is pretty customizable. The clustering and the high availability are the two biggest things to be able to get out of a firewall."
"It is a better firewall than others and it has better features."
"The classic features such as content inspection, content protection, and the application-level firewall, are the most important."
"The initial setup is easy."
"Sophos Intercept X is scalable. Currently, we have almost 30 people using it in our company."
"This solution has increased the level of security, given us more control, provided a deep insight into network traffic, and is a great VPN solution."
"I use pfSense because it gives me the flexibility to greatly expand basic firewall features."
"Great extensibility of the platform."
"The solution could be more secure and stable."
"Fortinet Fortigate could benefit by simplifying some of their processes."
"Technical support could be better. You don't always get the level of help you need right away."
"Quality control on their firmware versions needs improvement. When they introduce new firmware, there tend to be bugs."
"The logs need to be better. They need to be more visible and easier to access."
"Scalability for Fortinet FortiGate needs to be improved. SD-WAN security for this solution also needs some improvement."
"Fortinet FortiGate is not very easy to use. The navigation could be improved to make it easier to use."
"Fortinet needs more memory to save the log files. We need it to save the logs on the hardware and not in the cloud. I know this feature is available in FortiCloud, but if we need this log locally, it is not available."
"Most users do not have awareness of this product's functionality and features. Cisco should do something to make them aware of them. That would be quite excellent and useful to organizations that are still using legacy data-center-security products."
"Third-party integrations could be improved."
"In Firepower, there is an ability to search and dig into a search, which is nice. However, I'm not a super fan of the way it scrolls. If you want to look at something live, it's a lot different. You're almost waiting. With the ASDM, where it just flows, you can really see it. The second someone clicks something or does something, you'll see it. The refresh rate on the events in Firepower is not as smooth."
"I would like to see more integration with third-party devices in general. There is great integration with Cisco devices, but there's not much integration with third-party devices."
"The ability to better integrate with other tools would be an improvement."
"The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team."
"The throughput highlighted on the datasheet (10Gbps) should be reviewed. This throughput is only for a UDP running environment, which you will never find in the real world. Rather consider a multiprotocol throughput."
"I would like to see an IE version of the solution where it is ruggedized."
"There's a bit of a learning curve during the initial implementation."
"The solution’s interface must be improved."
"The integration could be improved."
"The VPN feature of the solution could improve by adding better functionality and providing easier configure ability."
"User interface is a little clumsy."
"The access control aspect of the product could be improved."
"Layer 7 advanced firewall features are not included in the solution."
"Many people have problems setting up the web cache for the web system."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.