Azure Firewall vs OPNsense comparison

Cancel
You must select at least 2 products to compare!
Cisco Logo
96,842 views|63,474 comparisons
Microsoft Logo
27,910 views|22,619 comparisons
OPNsense Logo
85,126 views|74,260 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Azure Firewall and OPNsense based on real PeerSpot user reviews.

Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Azure Firewall vs. OPNsense Report (Updated: January 2023).
672,411 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection.""Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be.""Its security and filtering are most valuable. Every layer of data that comes into the organization goes through it. After setting up the criteria, it automatically filters the traffic. We don't have to check it often.""The most valuable features of this solution are advanced malware protection, IPS, and IDS.""The whole firewall functionality, including firewall policies and IPS policies, is valuable. It has all kinds of functionalities. It has IPS, VPN, and other features. They are doing quite a lot of stuff with their devices.""The TAC is always very helpful. We pay for Tier 1 support, so we get whatever we need from them. They always give us a solution. If they can't give us an answer that day, they get back to us within at least 24 hours with a solution or fix. I have never had a problem with the TAC. I would rate them as 10 out of 10.""They are easy to maintain.""I like the IPS feature, it is the most valuable."

More Cisco Secure Firewall Pros →

"I think that one of the best features is definitely the premium version, along with the IDPs in terms of the intrusion detection and prevention system.""I like its order management feature. It doesn't have the kind of threat intelligence that Palo Alto has, but the order management makes it much simpler to know the difference.""The firewall policy control, URL content control, and antivirus are all the most valuable aspects. Threat prevention is as well quite good.""I can easily configure it.""Azure's cost-effectiveness is its major advantage.""Among the most valuable features are the DDoS protection that protects your virtual machines, the threat intelligence, and traffic filtering.""The solution is stable.""It's auto-scalable, which is a great feature."

More Azure Firewall Pros →

"It's more secure and more reliable.""We have found pretty much all the features of the solution to be valuable.""OPNsense is easy to scale when running on the hardware.""What I like best about OPNsense is that, as a firewall, it's pretty good. I'm quite impressed with it. I had an excellent experience with OPNsense, which helped me achieve the targets I wanted.""The technical support is very good.""The system in general is quite flexible.""It has an open license. It works very well, and there is an update every month.""The IDS and IPS features are valuable. From the usability perspective, there is a lot of good documentation. As IT professionals, we found it very easy to configure the firewall. It was easy to configure and use."

More OPNsense Pros →

Cons
"The one thing that the ASAs don't have is a central management point. We have a lot of our environments on FTD right now. So, we are using a Firewall Management Center (FMC) to manage all those. The ASAs don't really have that, but they are easy to use if you physically go into them and manage them.""The ASAs are being replaced with the new Firepowers and they have a different type of structure in the configuration to be able to migrate from one to the other.""We have more than one Cisco firewall and it is difficult for me to integrate both on the single UI.""The main problem we have is that things work okay until we upgrade the firmware, at which point, everything changes, and the net stops working.""I'm not a big fan of the FDM (Firepower Device Manager) that comes with Firepower. I found out that you need to use the Firepower Management Center, the FMC, to manage the firewalls a lot better. You can get a lot more granular with the configuration in the FMC, versus the FDM that comes out-of-the-box with it. FDM is like Firepower for dummies.""When we first got it, we were doing individual configuring. Now, there is a way to manage from one location.""They should work on making it a little more intuitive for users and not quite as complex. Still, it's a good product.""When comparing the graphical interface of this solution to other vendors it is more difficult to configure. There is a higher learning curve for administrators in this solution."

More Cisco Secure Firewall Cons →

"For large organizations, a third-party firewall would be an added advantage, because it would have more advanced features, things that are not in Azure Firewall.""It has fewer features than you can get from other firewalls, like anti-spam and anti-phishing. Those kinds of things are not included. It only includes IDS and IDB.""Azure Firewall has limited visibility for IDPS, no TLS inspection, no app ID, no user ID, no content ID, no device ID. There is no antivirus or anti-spyware. Azure Firewall doesn't scan traffic for malware unless it triggers an IDPS signature. There is no sandbox or machine learning functionality, meaning we are not protected from Zero-day threats. There is no DNS security and limited web categories.""The development area and QA area could be improved. With those improvements, we can improve projects and take even less time to implement them.""You have to have a defined IP range within your network to associate it with your network. The problem is you have to plan ahead of time if you expect to use the firewall in the future so that you don't have to reconfigure your subnets or that specific IP range. Other than that, I don't any issues. I use it for basic configuration for a single application, so I really don't try to leverage it for multiple applications where I might find some complexity or challenges.""Azure Firewall should have a free trial version for new users so that they can evaluate it before deploying it.""It is a cloud service, but the lending speed for each region is not always the same. For example, in China, the speed is slow. They need to think about how to make sure that the service pace or speed is always the same in all regions. It would be a great improvement if they can provide the same pace worldwide.""For larger enterprises, they need to adjust the scalability."

More Azure Firewall Cons →

"The interface needs to be simplified. It is not user-friendly.""The IPS solution could be more reliable.""They should improve IPEs for security in the future.""The solution could be more secure.""Its interface should be a little bit better.""OPNsense could improve by making the configuration more web-based rather than shell or command-line-based.""While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet.""We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much."

More OPNsense Cons →

Pricing and Cost Advice
  • "The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case."
  • "I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
  • "It is affordable. The hardware is not that expensive anymore. It is a matter of licensing these days."
  • "Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
  • "I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
  • "We are happy with its price. Licensing is on a yearly basis for technical support. There is one license for technical support. There is another license for IP Version 2 VPN and IPS."
  • "I am happy with the product in general, including the pricing."
  • "Their pricing is very aggressive and good. Even a small company can afford it. I am happy with its pricing. Its licensing is on a yearly basis."
  • More Cisco Secure Firewall Pricing and Cost Advice →

  • "Azure Firewall is quite an expensive product."
  • "The licensing module is good."
  • "The total cost of ownership is much less than Palo Alto, Cisco, or any other brand."
  • "It is pay-as-you-go. So, you pay based on the usage. If I remember it well, there is a basic fee, and there is a traffic fee. It is not per month. It is per hour or something like that. It is not so expensive."
  • "Azure Firewalls operate on a pay-as-you-go model, similar to cloud services."
  • "The solution is cheaper than other brands. My company has an enterprise contract and we finally got a good price with Azure."
  • "Azure Firewall comes with Azure native services. We did not buy any kind of license for it. Whether you have a free subscription or a pay-as-you-go model, you can deploy the Azure Firewall service... The amount that you use will determine how much you pay."
  • "It is expensive, especially with the premium functions. For one of the clients, it was very expensive. You have to use it more at an enterprise level, and there, it was not at an enterprise level. So, it was very costly, but security-wise, it was a very wise decision to use it that way."
  • More Azure Firewall Pricing and Cost Advice →

  • "The solution is not expensive."
  • "As an appliance, it's in the medium price range."
  • "Its pricing is unbeatable in comparison to other firewalls. You can have a small instance that could be €80 a month with the hardware underneath. Azure Firewall and FortiGate are out of the question at this price. If you are on a public cloud, you need the underlying infrastructure. Other than that, there is no additional cost. If you have it on-prem, you have to buy the server or the appliance. The hardware cost is replaced with the infrastructure cost in the cloud. You also have costs for the public IPs and underlying VMs, but that's not related to OPNsense. It would be the same for a FortiGate deployment on Azure. You need a FortiGate license, and you need the underlying infrastructure that scales up depending on your needs."
  • "It is open source and free."
  • "The price of OPNsense is good."
  • "I'm using the free version of OPNsense. I didn't check the pricing for the solution because I still need to test it before getting the approval to purchase OPNsense, and it isn't easy to get approval from the higher-ups."
  • More OPNsense Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    672,411 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer:Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure… more »
    Top Answer:Both products are very stable and easily scalable. The setup of Azure Firewall is easy and very user-friendly and the… more »
    Top Answer:Both of these solutions are excellent options that provide flexible scalability and solid security. Fortinet Fortigate… more »
    Top Answer:Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
    Top Answer:What I like best about OPNsense is that, as a firewall, it's pretty good. I'm quite impressed with it. I had an… more »
    Top Answer:I'm using the free version of OPNsense. I didn't check the pricing for the solution because I still need to test it… more »
    Comparisons
    Also Known As
    Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
    Learn More
    OPNsense
    Video Not Available
    Overview

    The Cisco Secure Firewall portfolio delivers greater protections for your network against an increasingly evolving and complex set of threats. With Cisco, you’re investing in a foundation for security that is both agile and integrated- leading to the strongest security posture available today and tomorrow.

      From your data center, branch offices, cloud environments, and everywhere in between, you can leverage the power of Cisco to turn your existing network infrastructure into an extension of your firewall solution, resulting in world class security controls everywhere you need them.

      Investing in a Secure Firewall appliance today gives you robust protections against even the most sophisticated threats without compromising performance when inspecting encrypted traffic. Further, integrations with other Cisco and 3rd party solutions provides you with a broad and deep portfolio of security products, all working together to correlate previously disconnected events, eliminate noise, and stop threats faster.

      Azure Firewall is a user-friendly, intuitive, cloud-native firewall security solution that provides top-of-the-industry threat protection for all your Azure Virtual Network resources. Azure Firewall is constantly and thoroughly analyzing all traffic and data packets, making it a very valuable and secure fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. Azure Firewall allows users to create virtual IP addresses and provides for secure DDoS protection for the virtual machines on your network. It also provides fast and efficient east-west and north-south traffic security.

      Azure Firewall is a managed, cloud-based network security service built to protect your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.

      Azure Firewall has two significant offerings, Standard and Premium.

      Azure Firewall Standard works directly with Microsoft Cyber Security and supplies excellent L3-L7 filtering and threat awareness. The proactive real-time threat awareness will quickly alert you and immediately deny all traffic to and from any known problematic or suspicious domains or IP addresses. Microsoft Cyber Security is updated continually to protect against all new and known potential threats at all times. To learn more about Azure Firewall Standard, click here.

      Azure Firewall Premium provides everything the standard version does, and additionally adds extra levels of data encryption, network intrusion detection, extended URL filtering, and Web category filters. To learn more about the added features of Azure Firewall Premium, click here.

      Key Benefits and Features of Azure Firewall:

      • High availability - You do not need load balancers with Azure Firewall; it's already built in and ready to go.
      • Self-scalability - Azure Firewall is intuitive and will auto-scale as needed based on traffic flow to be ready for peak traffic times.
      • Threat awareness - Using Microsoft Cyber Security to filter traffic, Azure Firewall will deny any known problematic threats to keep your network safe.
      • Additional IP addresses - You can securely add up to 250 public IP addresses with Azure Firewall
      • Improved web category filtering - You can set up specific protocols to allow or deny categories within websites that are deemed inappropriate for use within your network. You have the ability to organize categories based on a defined set of descriptions.

      What our real users have to say:

      Many PeerSpot users found Azure Firewall to be very user-friendly and easy to use. They liked that it offers seamless integration to the cloud and were especially pleased with the threat filtering options.

      Regarding integration and threat intelligence, our users wrote:

      “The most valuable feature is the integration into the overall cloud platform.”

      The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats.”

      I think that one of the best features is definitely the premium version, along with the IDPs in terms of the intrusion detection and prevention system.”



      OPNsense is a user-friendly, fast-track, open-source FreeBSD-based firewall and routing platform. This software offers features that are generally available from costly commercial firewalls, with the added benefit of open and verifiable sources. The firewall provides users, developers, and organizations with an advantageous environment through transparency. The development of this project is driven by a strong focus on security and code quality.

      The solution offers a variety of components, such as:

      • Weekly security updates. These updates provide the user with the ability to reach new emerging threats in a timely manner through small increments.

      • Two major releases every year. These yearly releases are on a fixed release cycle and provide organizations with the ability to plan ahead of an upcoming upgrade.

      • A roadmap of instructions. Each major release provides a guide and a set of clear goals.

      A team of professionals developed OPNsense. Other professional and experienced software architects, engineers, and developers are encouraged to join in the development of the solution to make it as successful as possible. OPNsense offers a variety of rich features with each release. Each upgrade is based on FreeBSD for continual, long-term support and utilizes a freshly advanced MVC framework based on Phalcon. OPNsense is committed to helping businesses, school networks, remote offices, hotels, and other markets in keeping their data protected.

      OPNsense Core Features

      OPNsense continually offers a free, complete, high-end security platform with new releases and features. With each release, OPNsense focuses on providing more unique and better security features in a timely manner. These features include:

      • Captive Portal
      • Built-in reporting and monitoring tools including RRD Graphs
      • Network Flow Monitoring
      • Traffic Shaper
      • Support for Plugins
      • Granular Control Over State Table
      • Dynamic DNS
      • Two-factor authentication throughout the system
      • Netflow Exporter
      • Encrypted Configuration Backup to Google Drive
      • Forward Caching Proxy (transparent) with Blacklist Support
      • Stateful inspection firewall
      • DNS Server & DNS Forwarder
      • High Availability & Hardware Failover (with configuration synchronization & synchronized state tables)
      • DHCP Server and Relay
      • Virtual Private Network (site to site & road warrior, IPsec, OpenVPN & legacy PPTP support)
      • Intrusion Detection and Prevention
      • 802.1Q VLAN support

      Reviews from Real Users

      OPNsense is a favorite security solution among reviewers for a number of reasons. Two of those reasons include the user-friendliness of the solution, which makes it easy to use, and its ability to easily scale.

      For many, a user-friendly solution is essential. FiorindoDi A., a system administration specialist at a tech vendor, says, "The graphic user interface is very good and it is user-friendly, which makes the product easy-to-use."

      Peerspot reviewers speak of the scalability of the solution. For example, an anonymous cloud and infrastructure manager at a venture capital and private equity firm reviewer notes, "OPNsense is easy to scale when running on the hardware."

      Offer
      Learn more about Cisco Secure Firewall
      Learn more about Azure Firewall
      Learn more about OPNsense
      Sample Customers
      There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
      Information Not Available
      CompuNet Systems GmbH,
      Top Industries
      REVIEWERS
      Financial Services Firm16%
      Comms Service Provider13%
      Computer Software Company9%
      Government8%
      VISITORS READING REVIEWS
      Computer Software Company20%
      Comms Service Provider17%
      Government8%
      Educational Organization5%
      REVIEWERS
      Financial Services Firm29%
      Government14%
      Manufacturing Company14%
      Computer Software Company14%
      VISITORS READING REVIEWS
      Computer Software Company22%
      Comms Service Provider10%
      Financial Services Firm8%
      Government7%
      REVIEWERS
      Comms Service Provider30%
      Logistics Company20%
      Renewables & Environment Company10%
      Hospitality Company10%
      VISITORS READING REVIEWS
      Comms Service Provider22%
      Computer Software Company16%
      Government9%
      Educational Organization6%
      Company Size
      REVIEWERS
      Small Business35%
      Midsize Enterprise25%
      Large Enterprise40%
      VISITORS READING REVIEWS
      Small Business28%
      Midsize Enterprise18%
      Large Enterprise53%
      REVIEWERS
      Small Business18%
      Midsize Enterprise29%
      Large Enterprise54%
      VISITORS READING REVIEWS
      Small Business23%
      Midsize Enterprise17%
      Large Enterprise60%
      REVIEWERS
      Small Business67%
      Midsize Enterprise10%
      Large Enterprise24%
      VISITORS READING REVIEWS
      Small Business27%
      Midsize Enterprise20%
      Large Enterprise53%
      Buyer's Guide
      Azure Firewall vs. OPNsense
      January 2023
      Find out what your peers are saying about Azure Firewall vs. OPNsense and other solutions. Updated: January 2023.
      672,411 professionals have used our research since 2012.

      Azure Firewall is ranked 14th in Firewalls with 17 reviews while OPNsense is ranked 7th in Firewalls with 12 reviews. Azure Firewall is rated 7.0, while OPNsense is rated 8.2. The top reviewer of Azure Firewall writes "Good value for your money, good URL filtering, supports intrusion prevention, and is stable". On the other hand, the top reviewer of OPNsense writes "Unbeatable pricing and easy to configure and use, but it can be configured only through the GUI, and the integration with Azure cloud is difficult". Azure Firewall is most compared with Palo Alto Networks NG Firewalls, Fortinet FortiGate-VM, Palo Alto Networks VM-Series, Check Point NGFW and Check Point CloudGuard Network Security, whereas OPNsense is most compared with pfSense, Untangle NG Firewall, Sophos XG, Fortinet FortiGate and Palo Alto Networks NG Firewalls. See our Azure Firewall vs. OPNsense report.

      See our list of best Firewalls vendors.

      We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.