We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them."
"There are great templates, so you don't have to customize them if you don't want to. You do have the option to custom create some folders and some reports, however, with what is there, you don't really need to go through extra effort, as they already give you a lot of predefined views of reports and so forth."
"Its performance in fulfilling our requirements has been satisfactory."
"We use a lot of function on the IPS and it works well for us."
"From the firewall perspective, the rules and policies are very sufficient and easy to use."
"Good load balancing feature."
"The web filtering feature and the intrusion protection system are the most valuable. It is a resilient appliance. I never had an issue with it in terms of any security breaches."
"The security on offer is very good."
"One thing I like about the product is the logging features, the way it logs, the way it forwards the logs in Syslog."
"The most valuable feature is the ability to block almost all of the ports."
"The AnyConnect remote access VPN gives us an easy way to deploy remote working for our users."
"The greatest benefit for the organization is the confidence that we are secured."
"The most important feature is its categorization because on the site and social media you are unified in the way they are there."
"It is a secure product."
"Previously, our customers had to always utilize hand-to-hand delivery. Now, they are able to move completely to a secure digital method. They use a strictly dark fiber optics connection from a central location to the endpoint."
"I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete."
"An incomparable stability is achieved with other firewall systems."
"The built-in open VPN and the VPN Client Export are the solution's most valuable aspects."
"It works. I put pfSense in, and it works. I can't think of any trouble I ever had with it. It runs on heat-sensitive appliances. They don't need a fan, so they don't overheat. It is affordable, fast, and very high-speed. It is built on BSD Unix, and it pretty much runs on any Intel processor."
"It is very easy to use. The interface is quite understandable. There is a good community, and I can take over at any time I want. If there is anything wrong with it, I could just reinstall the whole thing and start all over again, and I'll be up again in less than a few minutes"
"The documentation is very good."
"The main features of this solution are customization and ease to use."
"I especially like the VPN part. It works like a charm."
"It is a stable solution."
"The performance and speed are aspects of the solution that could always be improved upon."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"The cloud features and integration could be improved."
"It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features."
"The solution can have more features in a single box that can be multi-applied to integrate everything."
"It would be nice if backups could more easily migrate between different models."
"Its reporting and pricing need improvement."
"I don't like that anything more than very basic reporting is not included."
"We don't have any serious problems. The firewall models that we have are quite legacy, and they have slower performance. We are currently investigating the possibility of migrating to next-generation firewalls."
"The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."
"I would like to see the inclusion of more advanced antivirus features in the next release of this solution."
"In terms of functionality, there isn't much to improve. There could be more bandwidth and better interface speed."
"One of my colleagues is using the firewall as an IPS, but he is worried about Firepower's performance... With the 10 Gb devices, when it gets to 5 Gbps, the CPU usage goes up a lot and he cannot manage the IPS."
"Cisco should redo their website so it's actually usable in a faster way."
"It is hard to control the bandwidth of end-users with a Cisco Firewall. That is the main issue I've faced. I used Mikrotik for many years for this very reason. Mikrotik has the option to set a bandwidth restriction for a single IP or complete segments. Cisco should add this option to their firewall."
"They should improve their interface."
"ClamAV AntiVirus can cause some crashes. That service should be improved."
"I would like to see SD1 integration into the software. That would be fantastic."
"We would like to see ready-made profiles to cover most users' needs."
"A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion."
"It should integrate with LDAP, Active Directory, etc, to improve the way in which the traces and connections of each IP, or user connected through the firewall, are shown."
"I would like to see different graphs available in the reporting."
"Other solutions provide more scope for growth. For instance, we can have only 10 to 20 employees on VPN, but other solutions can support more users. We also have more capabilities to increase the performance of the solution."
"A way to clean squid cache from the GUI."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.