We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"The solution offers very easy configurations."
"We have not had to deal with stability issues."
"The most valuable feature is stability."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"The most valuable feature is the access control list (ACL)."
"The system in general is quite flexible."
"OPNsense is easy to scale when running on the hardware."
"The most valuable features in OPNsense are reporting and visibility."
"The VPN server feature is the most valuable. It is integrated with Radius and AAA for doing accounting and authentication. Insight view is also an important feature for me at this time. It allows me to assess our network traffic. I also like the firewall feature. The BSD kernel has a packet filter. It is one of the most solid frameworks for firewalls. Its user interface is one of the best interfaces I have used."
"The most valuable features are reporting, the Sensei plugin, and firewall capabilities."
"We have found pretty much all the features of the solution to be valuable."
"The graphic user interface is very good and it is user-friendly which makes the product easy-to-use."
"The initial implementation process is simple."
"The initial setup was straightforward."
"The VM series has an advantage over the physical version because we are able to change the sources that the machine has, such as the amount of available RAM."
"The most valuable feature is that you can launch it in a very short time. You don't have to wait for the hardware to arrive and get it staged and installed. From that perspective, it is easy to launch. It is also scalable."
"The most valuable features are web control and IPS/IDS."
"The most valuable feature is that you can control your traffic flowing out and coming it, allowing you to apply malware and threat protection, as well as vulnerability checks."
"What I like about the VM-Series is that you can launch them in a very short time."
"The most valuable feature is the Posture Assessment."
"The feature that I have found the most useful is that it meets all our requirements technically."
"The product line does not address the SMB market as it is supposed to do. Cisco already has an on-premises sandbox solution."
"It would be great if some of the load times were faster."
"Cisco Firepower NGFW Firewall can be more secure."
"Report generation is an area that should be improved."
"Implementations require the use of a console. It would help if the console was embedded."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"Web filtering needs improvement because sometimes the URL is miscategorized."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"I would like to see better SD-WAN performance."
"While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet."
"The solution could be more secure."
"The logging could improve in OPNsense."
"There are issues with stability and reliability."
"The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs."
"There should be more technical documentation."
"The ability to set the VPN IP address would be a welcome addition."
"Its web interface is a bit outdated, and it needs to be updated. They can also improve the NAT functionality. We have had issues with the NAT setup."
"The command-line interface is something that some people struggle with and I think that they should have an option to go straight to the GUI."
"In the next release, I would like to see better integration between the endpoints and the firewalls."
"They made only a halfhearted attempt to put in DLP (Data Loss Prevention)."
"The implementation should be simplified."
"Integrative capabilities with other solutions should be addressed."
"At the beginning of the implementation, we had some difficulties with the scripts, but Palo Alto Networks support together with a local partner finally fixed it."
"In the next release, I would like for them to develop an anti-malware functionality in which it checks for malicious files like Cisco has."
"The solution was chosen because of its price compared to other similar solutions."
"The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case."
"The price of Firepower is not bad compared to other products."
"Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
"The price is comparable."
"This product is expensive."
"As an appliance, it's in the medium price range."
"It is not an expensive product. Basically, I deployed it because it was the fastest solution to satisfy our needs in open source."
"The solution is not expensive."
"OPNsense is open source software so at this time it is free for us to use."
"OPNsense is a well known open-source tool."
"OPNsense is an open-source solution and it is free to use."
"The VM series is licensed annually."
"The price of this solution is very high for some parts of Africa, which makes it a challenge."
"The cost of this product varies from customer to customer and the relationship with IBM, including how many offerings from IBM are already being used."
"It is not the cheapest on the market. The total cost for two firewall instances is $75,000. This includes licenses, deployment fees, and support for two years."
"Palo Alto can be as much as two times the price of competing products that have twice the capabilities."
"Because I work for a university and the URL is for the institution, it's a free license for us."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources.
The VM-Series is a virtualized form factor of our next-generation firewall that can be deployed in a range of private and public cloud computing environments based on technologies from VMware, Amazon Web Services, Microsoft, Citrix and KVM.
The VM-Series natively analyzes all traffic in a single pass to determine the application identity, the content within, and the user identity. These core elements of your business can then be used as integral components of your security policy, enabling you to improve your security efficacy through a positive control model and reduce your incident response time though complete visibility into applications across all ports.
In both private and public cloud environments, the VM-Series can be deployed as a perimeter gateway, an IPsec VPN termination point, and a segmentation gateway, protecting your workloads with application enablement and threat prevention policies.
OPNsense is ranked 19th in Firewalls with 11 reviews while Palo Alto Networks VM-Series is ranked 11th in Firewalls with 16 reviews. OPNsense is rated 8.0, while Palo Alto Networks VM-Series is rated 8.6. The top reviewer of OPNsense writes "A solution that detects and blocks malicious content with good reporting and visibility, but the reliability needs improvement". On the other hand, the top reviewer of Palo Alto Networks VM-Series writes "An excellent solution for the right situations and businesses". OPNsense is most compared with pfSense, Untangle NG Firewall, Sophos XG, Sophos UTM and Fortinet FortiGate, whereas Palo Alto Networks VM-Series is most compared with Azure Firewall, Fortinet FortiGate, Cisco ASA Firewall, Juniper SRX and Palo Alto Networks NG Firewalls. See our OPNsense vs. Palo Alto Networks VM-Series report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.