Cisco Secure Firewall vs OPNsense Comparison 2024

Sponsored

Fortinet FortiGate

Read 306 Fortinet FortiGate reviews

120,425 views|88,209 comparisons

Cisco Secure Firewall

Read 404 Cisco Secure Firewall reviews

56,401 views|31,700 comparisons

OPNsense

Read 36 OPNsense reviews

105,864 views|93,109 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

Cisco Secure Firewall vs. OPNsense

May 2024

Executive Summary

Updated on Jul 11, 2023

We performed a comparison between Cisco Secure Firewall and OPNsense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

Features: Cisco Secure Firewall is highly regarded for its robust threat defense, comprehensive application visibility, effective troubleshooting capabilities, seamless integration with other Cisco products, and reliable high-availability capabilities. OPNsense is praised for its impressive scalability, excellent guest access capabilities, impressive flexibility, unwavering stability, and commendable IDS/IPS features.

Secure Firewall could benefit from enhancements in network performance, policy administration, customization options, and rule creation. It also requires better licensing flexibility, support for standard interfaces, and advanced features like web filtering. The management interface, deployment times, reporting, and logging functionalities should be enhanced as well. OPNsense needs improvements in its user-friendly interface, bandwidth management, multi-provider internet protection, high availability feature, logging, IPS solution, peer-blocking features, installation and deployment process, reporting capabilities, SSL inspection, and learning curve.

Service and Support: The feedback on customer service for Cisco Secure Firewall varies, with certain customers appreciating their technical assistance while others encountered delays and challenges. OPNsense's support has received both positive and negative assessments, with some customers finding it outstanding while others believe there is room for improvement.

Ease of Deployment: The setup process for Cisco Secure Firewall can be complex, relying on the user's knowledge and environment. OPNsense's initial setup is straightforward and does not present major challenges.

Pricing: Cisco Secure Firewall has a costly setup, involving additional expenses for licensing, support, and hardware. OPNsense is more budget-friendly, as the software itself is free, with expenses primarily related to hardware and deployment choices. Additionally, OPNsense provides a free version, whereas Cisco necessitates licensing.

ROI: Cisco Secure Firewall offers varying ROI depending on the use case and organization's architecture. It brings reduced operational costs and enhanced security, leading to positive ROI. OPNsense delivers ROI in under three months by eliminating recurring fees and recouping savings within that timeframe.

Comparison Results: Cisco Secure Firewall is the preferred choice when comparing it to OPNsense. The initial setup for Cisco Secure Firewall was generally considered straightforward and easy, thanks to the availability of Cisco's resources and documentation. Cisco Secure Firewall offers more valuable features such as threat defense, intensive troubleshooting capabilities, integration with other Cisco products, and advanced features like IPS and web filtering.

To learn more, read our detailed Cisco Secure Firewall vs. OPNsense Report (Updated: May 2024).

Download the complete report

770,141 professionals have used our research since 2012.

Featured Review

Will Alfaro

IT Consultant at Escuela de Comunicación Mónica Herrera

Researched Cisco Secure Firewall but chose Fortinet FortiGate: Nice GUI, easy to configure, and has a reasonably priced licensing model

Josh Schmookler

Network Engineer at Aton Computing

Provides excellent visibility, helps to respond to threats faster, and their support is also fantastic

We've seen a lot of improvements in terms of cybersecurity resilience and securing our infrastructure from end to end so that we can detect and... Read more →

Ralf Wenzel

Cloud Architect at infotek-software GmbH

Unbeatable pricing and easy to configure and use, but it can be configured only through the GUI, and the integration...

We are onboarding cloud solutions for customers. We are on Azure. Especially on Azure, when the customers start, they always have small... Read more →

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"The scalability of Fortinet FortiGate is good.""The most valuable features of Fortinet FortiGate are the different types of profiling. It has been the most effective for me. The WAF and the antivirus profile are the most effective in network protection.""It's very easy to set up, it's very easy to make policies and, for an organization, that means you don't need IT expert in firewalls. You just need to have somebody who knows a little bit of IT, and that's it. With other products, you need someone with a "Masters" degree in firewalls.""The most important features with FortiGate are the web filter and application controls. We can control our internet usage and use the web filter for application purposes.""We have found it to be very reliable and that's why our teams and various users in our company use it as our main firewall every day.""We've found the solution to be pretty stable.""The most valuable features are the possibility of having one fabric for switching on security.""Our project needs to link two sides through the internet. One of these was in Cairo and the other in another city. We used FortiGate as the integrating solution between the two locations, i.e. the Fortinet 30E & 100E."

More Fortinet FortiGate Pros →

"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable.""The most valuable features of this solution are the integrations and IPS throughput.""Logging is great. It will show when it reaches its capacity before it is too late, unless you have bursts of traffic.""For companies prioritizing security, the optimal choice is one that offers a range of feeds to cater to diverse needs. This is particularly crucial for organizations implementing DDoS mitigation. The preferred solutions typically align with the top server vendors, with Cisco, Forti, and Barracuda consistently ranking among the top three vendors we collaborate with.""The AnyConnect remote access VPN gives us an easy way to deploy remote working for our users.""The command line is the same as it is on the Cisco iOS router.""It's pretty reliable and allows for isolation capabilities within the network.""One of the most valuable features is the GUI front end, which is very easy to use. But I'm also a command-line guy, and being able to access the device via command-line for advanced troubleshooting is quite important."

More Cisco Secure Firewall Pros →

"The initial setup is easy. It only takes 15-30 minutes to deploy.""It has an open license. It works very well, and there is an update every month.""The DNS-level filtering is impressive for thwarting time scanners.""It's more secure and more reliable.""The IDS and IPS features are valuable. From the usability perspective, there is a lot of good documentation. As IT professionals, we found it very easy to configure the firewall. It was easy to configure and use.""I feel that its valuable features are that it is simple and free.""The interface and the dashboard are the most valuable features of this solution.""The most valuable features of OPNsense are the GUI and frequent updates."

More OPNsense Pros →

Cons

"Due to its higher cost, Fortinet FortiGate can lead to increased operational expenses.""The sniffing packets or packet captures, can be simplified and improved because it's a little confusing.""Fortinet FortiGate is a stable solution. However, my issue is the performance only. When I use all the profiles, this affects the performance. From the beginning, I should have had a better sizing of the box.""The user interface could be improved.""Performance and technical support are the main issues with this solution.""In some cases, its initial setup could be hard for customers.""Web security solutions can be improved.""There can be more security in hybrid implementations. When a customer has a hybrid environment where some parts are in the cloud, we need a consistent security solution for such scenarios."

More Fortinet FortiGate Cons →

"We wanted to integrate Firepower with our solution, but it didn't have the capability to accommodate our bandwidth since they only had two 10 gig interfaces on the box. We run way more than that through our network because we are a service provider, providing Internet to our customers.""Cisco wasn't first-to-market with NGFWs... they should look at what other vendors are doing and try not only to be on the same wavelength but a little bit better.""The stability is not the best.""Cisco Secure Firewall’s customer support could be improved.""I would like it to be easier to work with and have a better user interface. It is not straightforward. You need to know the Cisco command-line interface.""Cisco ASA Firewall could improve by adding more advanced features such as web filtering, which is available in the next-generation firewalls. However, the Cisco ASA Firewall I am using could be old and these features have been updated.""I would like the ability to drill down into certain reports because currently, that cannot be done.""We were also not too thrilled when Cisco announced that in the upcoming new-gen ASA, iOS was not going to be supported, or if you install them, they will not be able to be managed through the Sourcefire. However, it seems like Cisco is moving away from the ASA iOS to the Sourcefire FireSIGHT firmware for the ASA. We haven't had a chance to test it out."

More Cisco Secure Firewall Cons →

"OPNsense showed me some problems when using it in different environments. The problem is integration with a virtual server.""The ability to set the VPN IP address would be a welcome addition.""The interface of the solution is an area with shortcomings.""An area for improvement in OPNsense is the hardware, which needs to be updated more frequently. DNS blocking is another good feature I want to be added to the solution. pfSense has a peer-blocking feature that I also want to see in OPNsense.""The user interface could be improved, and the DNS section should be more intuitive.""The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs.""The IPS solution could be more reliable.""I would like to see better SD-WAN performance."

More OPNsense Cons →

Pricing and Cost Advice

"Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make."

"These boxes are not that expensive compared to what they can do, their functionality, and the reporting you receive. Fortinet licensing is straightforward and less confusing compared to Cisco."

"Go for long term pricing negotiated at the time of purchase."

"Work through partners for the best pricing."

"The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors."

"Easy to understand licensing requirements."

"We saved a bundle by not needing all the past appliances from an NGFW."

"The cost is too high... They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost."

More Fortinet FortiGate Pricing and Cost Advice →

"Always plan ahead for three years. In other words, do not buy a firewall on what your needs are today, but try to predict where you will be three years from now in terms of bandwidth, security requirements, and changes in organizational design."

"I have to admit that the price is high. But I think it's worth it if the stability of your solution counts for you."

"It has a great performance-to-price value, compared to competitive solutions."

"Spec the right hardware model and choose the right license for your needs."

"Everything with Cisco is expensive. My advice is that there are a lot better options out in the market now."

"To discuss with Cisco Systems or their partners to gain the optimal price and to not consider, without verifying, the false information that Cisco ASA is very expensive."

"Cisco devices are for sure costly and budget could be an important constrain on selecting them as our security solution."

"Price point is too high for features and throughput available."

More Cisco Secure Firewall Pricing and Cost Advice →

"We are not paying any licensing fees. OPNsense is completely free for us."

"It costs about $1000."

"There are no licensing costs for OPNsence."

"OPNsense is open source software so at this time it is free for us to use."

"OPNsense is a well known open-source tool."

"It is not an expensive product. Basically, I deployed it because it was the fastest solution to satisfy our needs in open source."

"OPNsense is an open-source solution and it is free to use."

"The solution is not expensive."

More OPNsense Pricing and Cost Advice →

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See Recommendations

770,141 professionals have used our research since 2012.

Comparison Review

Anonymous User

Security Consultant at Webernetz.net - Network Security Consulting

Cisco ASA vs. Palo Alto Networks

Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning the management options: How to add and rename objects. How to update a device. How to find log entries. Etc. Cisco ASA Fast Management Suite: The ASDM GUI is really fast. You do not have to wait for the next window if you click on a certain button. It simply appears directly. On the Palo, each entry to add, e.g., an application inside a security rule, takes a few seconds. Better “Preview CLI Commands”: I am always checking the CLI commands before I send them to the firewall. On the Cisco ASA, they are quite easy to understand. I know, Palo Alto also offers the “Preview Changes”, but it takes a bit more time to recognize all XML paths. Better CLI Commands at all: For Cisco admins it is very easy to parse a “show run” and to paste some commands into another device. This is not that easy on a Palo Alto firewall. First, you must change the config-output format, and second, you cannot simply paste many lines into another device, since the ordering of these lines is NOT correct by default. That is, it simply doesn’t work. ACL Hit Count: I like the hit counts per access list entry in the GUI. It quickly reveals which entries are used very often and which ones are never used. On the… Read more →

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and usage at… more »

Read all 3 answers →

What is the biggest difference between Sophos XG and FortiGate?

Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »

Read all 13 answers →

What are the biggest technical differences between Sophos UTM and Fortine...

Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »

Read all 11 answers →

Which is better - Fortinet FortiGate or Cisco ASA Firewall?

Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »

Read all 4 answers →

How does Cisco's ASA firewall compare with the Firepower NGFW?

Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »

Which is better - Meraki MX or Cisco ASA Firewall?

Top Answer: Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports… more »

Read all 2 answers →

What is the difference between PfSense and OPNsense?

Top Answer:Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »

What do you like most about OPNsense?

Top Answer:What I like the most about OPNsense is that it offers an easy-to-use dashboard for device management and control.

Read all 32 answers →

What is your experience regarding pricing and costs for OPNsense?

Top Answer:It is free.

Read all 27 answers →

Comparisons

Sophos XG vs. Fortinet FortiGate

Compared 19% of the time.

Netgate pfSense vs. Fortinet FortiGate

Compared 12% of the time.

Meraki MX vs. Fortinet FortiGate

Compared 7% of the time.

WatchGuard Firebox vs. Fortinet FortiGate

Compared 5% of the time.

Juniper SRX Series Firewall vs. Fortinet FortiGate

Compared 2% of the time.

More Fortinet FortiGate Competitors →

Palo Alto Networks WildFire vs. Cisco Secure Firewall

Compared 8% of the time.

Netgate pfSense vs. Cisco Secure Firewall

Compared 6% of the time.

Meraki MX vs. Cisco Secure Firewall

Compared 5% of the time.

Sophos XG vs. Cisco Secure Firewall

Compared 4% of the time.

SonicWall TZ vs. Cisco Secure Firewall

Compared 2% of the time.

More Cisco Secure Firewall Competitors →

Netgate pfSense vs. OPNsense

Compared 79% of the time.

Sophos XG vs. OPNsense

Compared 4% of the time.

Untangle NG Firewall vs. OPNsense

Compared 2% of the time.

Sophos UTM vs. OPNsense

Compared 2% of the time.

Palo Alto Networks NG Firewalls vs. OPNsense

Compared 1% of the time.

More OPNsense Competitors →

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate

Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall

Learn More

Fortinet

Cisco

OPNsense

Video Not Available

Overview

Fortinet FortiGate enhances network security, prevents unauthorized access, and offers robust firewall protection. Valued features include advanced threat protection, reliable performance, and a user-friendly interface. It improves efficiency, streamlines processes, and boosts collaboration, providing valuable insights for informed decision-making and growth.

Cisco Secure Firewall stands as a robust and adaptable security solution, catering to organizations of all sizes. It's designed to shield networks from a diverse array of cyber threats, such as ransomware, malware, and phishing attacks. Beyond mere protection, it also offers secure access to corporate resources, beneficial for employees, partners, and customers alike. One of its key functions includes network segmentation, which serves to isolate critical assets and minimize the risk of lateral movement within the network.

The core features of Cisco Secure Firewall are multifaceted:

Advanced threat protection is achieved through a combination of intrusion prevention, malware detection, and URL filtering technologies.
For secure access, the firewall presents multiple options, including VPN, remote access, and single sign-on.
Its network segmentation capability is vital in creating barriers within the network to safeguard critical assets.
The firewall is scalable, effectively serving small businesses to large enterprises.
Management is streamlined through Cisco DNA Center, a central management system.

The benefits of deploying Cisco Secure Firewall are substantial. It significantly reduces the risk of cyberattacks, thereby enhancing the security posture of an organization. This security also translates into increased productivity, as secure access means uninterrupted work. Compliance with industry regulations is another advantage, as secure access and network segmentation align with many regulatory standards. Additionally, it helps in reducing IT costs by automating security tasks and simplifying management processes.

In practical scenarios, Cisco Secure Firewall finds diverse applications. It's instrumental in protecting branch offices from cyberattacks, securing remote access for various stakeholders, safeguarding cloud workloads, and segmenting networks to isolate sensitive areas.

User reviews from PeerSpot reflect an overall positive experience with the Cisco Secure Firewall. Users appreciate its ease of configuration, good management capabilities, robust protection, user-friendly interface, and scalability. However, some areas for improvement include better integration capabilities with other vendors, maturity, control over bandwidth for end-users, and addressing software bugs.

In summary, Cisco Secure Firewall is a comprehensive, versatile, and reliable security solution that effectively meets the security needs of various organizations. It offers a balance of advanced protection, user-friendly management, and scalability, making it a valuable asset in the realm of network security.

OPNsense is a user-friendly, fast-track, open-source FreeBSD-based firewall and routing platform. This software offers features that are generally available from costly commercial firewalls, with the added benefit of open and verifiable sources. The firewall provides users, developers, and organizations with an advantageous environment through transparency. The development of this project is driven by a strong focus on security and code quality.

The solution offers a variety of components, such as:

Weekly security updates. These updates provide the user with the ability to reach new emerging threats in a timely manner through small increments.
Two major releases every year. These yearly releases are on a fixed release cycle and provide organizations with the ability to plan ahead of an upcoming upgrade.
A roadmap of instructions. Each major release provides a guide and a set of clear goals.

A team of professionals developed OPNsense. Other professional and experienced software architects, engineers, and developers are encouraged to join in the development of the solution to make it as successful as possible. OPNsense offers a variety of rich features with each release. Each upgrade is based on FreeBSD for continual, long-term support and utilizes a freshly advanced MVC framework based on Phalcon. OPNsense is committed to helping businesses, school networks, remote offices, hotels, and other markets in keeping their data protected.

OPNsense Core Features

OPNsense continually offers a free, complete, high-end security platform with new releases and features. With each release, OPNsense focuses on providing more unique and better security features in a timely manner. These features include:

Captive Portal
Built-in reporting and monitoring tools including RRD Graphs
Network Flow Monitoring
Traffic Shaper
Support for Plugins
Granular Control Over State Table
Dynamic DNS
Two-factor authentication throughout the system
Netflow Exporter
Encrypted Configuration Backup to Google Drive
Forward Caching Proxy (transparent) with Blacklist Support
Stateful inspection firewall
DNS Server & DNS Forwarder
High Availability & Hardware Failover (with configuration synchronization & synchronized state tables)
DHCP Server and Relay
Virtual Private Network (site to site & road warrior, IPsec, OpenVPN & legacy PPTP support)
Intrusion Detection and Prevention
802.1Q VLAN support

Reviews from Real Users

OPNsense is a favorite security solution among reviewers for a number of reasons. Two of those reasons include the user-friendliness of the solution, which makes it easy to use, and its ability to easily scale.

For many, a user-friendly solution is essential. FiorindoDi A., a system administration specialist at a tech vendor, says, "The graphic user interface is very good and it is user-friendly, which makes the product easy-to-use."

Peerspot reviewers speak of the scalability of the solution. For example, an anonymous cloud and infrastructure manager at a venture capital and private equity firm reviewer notes, "OPNsense is easy to scale when running on the hardware."

Sample Customers

1. Amazon Web Services 2. Microsoft 3. IBM 4. Cisco 5. Dell 6. HP 7. Oracle 8. Verizon 9. AT&T 10. T-Mobile 11. Sprint 12. Vodafone 13. Orange 14. BT Group 15. Telstra 16. Deutsche Telekom 17. Comcast 18. Time Warner Cable 19. CenturyLink 20. NTT Communications 21. Tata Communications 22. SoftBank 23. China Mobile 24. Singtel 25. Telus 26. Rogers Communications 27. Bell Canada 28. Telkom Indonesia 29. Telkom South Africa 30. Telmex 31. Telia Company 32. Telkom Kenya

There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.

1. Deciso B.V. 2. iXsystems, Inc. 3. EuroBSDCon 4. Netgate 5. Claranet 6. Voleatech 7. Open Systems AG 8. Securebit AG 9. Proxmox Server Solutions GmbH 10. AVM Computersysteme Vertriebs GmbH Additional customers include: T-Systems International GmbH, Deutsche Telekom AG, Vodafone GmbH, 1&1 IONOS SE, OVHcloud, Hetzner Online GmbH, Strato AG, PlusServer GmbH, Host Europe GmbH, United Internet AG, 1&1 Versatel Deutschland GmbH, QSC AG, Bechtle AG, Cancom SE, Computacenter AG & Co. oHG, T-Systems Multimedia Solutions GmbH, Atos SE, Capgemini SE, Accenture plc, IBM Corporation, Hewlett Packard Enterprise Company, Cisco Systems, Inc.

Top Industries

REVIEWERS

Comms Service Provider16%

Computer Software Company9%

Financial Services Firm8%

Manufacturing Company7%

VISITORS READING REVIEWS

Educational Organization20%

Computer Software Company15%

Comms Service Provider8%

Manufacturing Company6%

REVIEWERS

Financial Services Firm15%

Computer Software Company12%

Comms Service Provider12%

Government8%

VISITORS READING REVIEWS

Educational Organization21%

Computer Software Company16%

Comms Service Provider9%

Government6%

REVIEWERS

Comms Service Provider24%

Financial Services Firm18%

Logistics Company12%

Aerospace/Defense Firm6%

VISITORS READING REVIEWS

Comms Service Provider15%

Computer Software Company15%

Government8%

Educational Organization6%

Company Size

REVIEWERS

Small Business48%

Midsize Enterprise23%

Large Enterprise30%

VISITORS READING REVIEWS

Small Business27%

Midsize Enterprise32%

Large Enterprise41%

REVIEWERS

Small Business35%

Midsize Enterprise24%

Large Enterprise42%

VISITORS READING REVIEWS

Small Business24%

Midsize Enterprise31%

Large Enterprise45%

REVIEWERS

Small Business71%

Midsize Enterprise12%

Large Enterprise18%

VISITORS READING REVIEWS

Small Business33%

Midsize Enterprise18%

Large Enterprise48%

Buyer's Guide

Cisco Secure Firewall vs. OPNsense

May 2024

Free Report: Cisco Secure Firewall vs. OPNsense

Find out what your peers are saying about Cisco Secure Firewall vs. OPNsense and other solutions. Updated: May 2024.

DOWNLOAD NOW

770,141 professionals have used our research since 2012.

Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while OPNsense is ranked 3rd in Firewalls with 36 reviews. Cisco Secure Firewall is rated 8.2, while OPNsense is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of OPNsense writes "Robust network security and management offering a user-friendly interface, open-source flexibility, and cost-effectiveness, with challenges regarding initial setup and the absence of official support". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and SonicWall TZ, whereas OPNsense is most compared with Netgate pfSense, Sophos XG, Untangle NG Firewall, Sophos UTM and Palo Alto Networks NG Firewalls. See our Cisco Secure Firewall vs. OPNsense report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Cisco Secure Firewall vs OPNsense comparison