Azure Firewall vs pfSense comparison

Cancel
You must select at least 2 products to compare!
Cisco Logo
96,842 views|63,474 comparisons
Microsoft Logo
27,910 views|22,619 comparisons
Netgate Logo
129,071 views|109,339 comparisons
Comparison Buyer's Guide
Executive Summary
Updated on Aug 31, 2022

We performed a comparison between Azure Firewall and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Azure Firewall users report that the initial setup is straightforward. Most pfSense users say its setup is straightforward, but several users feel that it is complex.
  • Features: Users of both products are happy with their stability and scalability.

    Azure Firewall users like its reporting features and say it integrates well with other Azure products but has limited visibility.

    pfSense users like its intrusion detection feature and VPN and say it is a powerful and reliable solution but that it needs a better user interface.

  • Pricing: Most Azure Firewall users feel that it is fairly priced. pfSense is an open-source solution and is free of charge.
  • ROI: Users of both solutions report being satisfied with the ROI.
  • Service and Support: Some Azure Firewall feel that the support response times should be faster. Most pfSense users report being satisfied with the level of support they receive.

Comparison Results: pfSense comes out on top in this comparison. It is high performing and, according to reviews, it is a more comprehensive solution than Azure Firewall. pfSense also received higher marks in the support category.

To learn more, read our detailed Azure Firewall vs. pfSense Report (Updated: January 2023).
672,411 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches.""It just works for us.""So far, it has been very stable.""One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful.""The remote access, VPN, and ACL features are valuable. We are using role-based access for individuals.""I like that Cisco Firepower NGFW Firewall is reliable. Support is also good.""I have found the most valuable feature to be the access control and IPsec VPN.""I love the ASDM (Adaptive Security Device Manager) which is the management suite. It's a GUI and you're able to see everything at a glance without using the command line. There are those who love the CLI, but with ASDM it is easier to see where everything is going and where the problems are."

More Cisco Secure Firewall Pros →

"The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats.""I like its order management feature. It doesn't have the kind of threat intelligence that Palo Alto has, but the order management makes it much simpler to know the difference.""The firewall policy control, URL content control, and antivirus are all the most valuable aspects. Threat prevention is as well quite good.""Azure's cost-effectiveness is its major advantage.""It's auto-scalable, which is a great feature.""It provided ease of maintenance. If a new firewall was needed, we only had to run the pipelines for this. So, the maintenance was very easy.""The solution should be capable of self-scaling, which is one of the features we like about it.""I can easily configure it."

More Azure Firewall Pros →

"It is a very good solution for enterprises that need a VPN for their employees. It is the best way to provide a remote work facility to employees at a very low cost. Other solutions that I have had in the past were very expensive. Enterprises don't always have that kind of money to invest.""It is a better firewall than others and it has better features.""The VPN is my favorite feature.""The features I have found best are ease of use, GUI, and performance.""The classic features such as content inspection, content protection, and the application-level firewall, are the most important.""We like the fact that the product is open-source. It's free to use. There are no costs associated with it.""pfSense is a nice product, and I find that there's a lot of information out there. There are some good tutorials on YouTube and other websites with helpful information.""pfSense allows us to spread the hours of connection and do the filtering on the pfSense site."

More pfSense Pros →

Cons
"The user interface is a little clunky and difficult to work with. Some things aren't as easy as they should be.""Other products are becoming easier to access and configure. They are providing UI interfaces to configure, take backup, synchronize redundant machines, and so on. It is very easy to take backup and upgrade the images in those products. Cisco ASA should have such features. If one redundant machine is getting upgraded, the technology and support should be there to upgrade other redundant machines. In a single window, we should be able to do more in terms of backups, restores, and upgrades.""I would like more features in conjunction with other solutions, like Fortinet.""The only drawback of the user interface is when it comes to policies. When you open it and click on the policies, you have to move manually left and right if you want to see the whole field within the cell. Checkpoint has a very detailed user interface.""There is huge scope for improvement in URL filtering. The database that they have is not accurate. Their content awareness and categorization for URL filtering are not that great. We faced many challenges with their categorization and content awareness. They should improve these categorization issues.""One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically.""I would like to see them update the GUI so that it doesn't look like it was made in 1995.""When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."

More Cisco Secure Firewall Cons →

"Azure Firewall should have a free trial version for new users so that they can evaluate it before deploying it.""It has fewer features than you can get from other firewalls, like anti-spam and anti-phishing. Those kinds of things are not included. It only includes IDS and IDB.""Azure Firewall has limited visibility for IDPS, no TLS inspection, no app ID, no user ID, no content ID, no device ID. There is no antivirus or anti-spyware. Azure Firewall doesn't scan traffic for malware unless it triggers an IDPS signature. There is no sandbox or machine learning functionality, meaning we are not protected from Zero-day threats. There is no DNS security and limited web categories.""For large organizations, a third-party firewall would be an added advantage, because it would have more advanced features, things that are not in Azure Firewall.""It is a cloud service, but the lending speed for each region is not always the same. For example, in China, the speed is slow. They need to think about how to make sure that the service pace or speed is always the same in all regions. It would be a great improvement if they can provide the same pace worldwide.""For larger enterprises, they need to adjust the scalability.""You have to have a defined IP range within your network to associate it with your network. The problem is you have to plan ahead of time if you expect to use the firewall in the future so that you don't have to reconfigure your subnets or that specific IP range. Other than that, I don't any issues. I use it for basic configuration for a single application, so I really don't try to leverage it for multiple applications where I might find some complexity or challenges.""It would be nice to be able to create groupings for servers and offer groups of IP addresses."

More Azure Firewall Cons →

"In terms of areas of improvement, the interface seemed like it had a lot. The GUI interface that I had gotten into was rather elaborate. I don't know if they could zero in on some markets and potentially for small, medium businesses specifically, give them a stripped-down version of the GUI for pfSense.""The stability could be improved.""Web interface could be enhanced and more user friendly.""The usage reports can be better.""This solution is good for small businesses but it is not as stable as other competitors such as Fortinet.""It would be great to add more to security.""I expect a better interface with more log analysis because I create my own interface.""We had training from an advisor for the configuring of this solution and it was not difficult. However, if we were not trained it would have been not as easy."

More pfSense Cons →

Pricing and Cost Advice
  • "The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case."
  • "I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
  • "It is affordable. The hardware is not that expensive anymore. It is a matter of licensing these days."
  • "Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
  • "I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
  • "We are happy with its price. Licensing is on a yearly basis for technical support. There is one license for technical support. There is another license for IP Version 2 VPN and IPS."
  • "I am happy with the product in general, including the pricing."
  • "Their pricing is very aggressive and good. Even a small company can afford it. I am happy with its pricing. Its licensing is on a yearly basis."
  • More Cisco Secure Firewall Pricing and Cost Advice →

  • "Azure Firewall is quite an expensive product."
  • "The licensing module is good."
  • "The total cost of ownership is much less than Palo Alto, Cisco, or any other brand."
  • "It is pay-as-you-go. So, you pay based on the usage. If I remember it well, there is a basic fee, and there is a traffic fee. It is not per month. It is per hour or something like that. It is not so expensive."
  • "Azure Firewalls operate on a pay-as-you-go model, similar to cloud services."
  • "The solution is cheaper than other brands. My company has an enterprise contract and we finally got a good price with Azure."
  • "Azure Firewall comes with Azure native services. We did not buy any kind of license for it. Whether you have a free subscription or a pay-as-you-go model, you can deploy the Azure Firewall service... The amount that you use will determine how much you pay."
  • "It is expensive, especially with the premium functions. For one of the clients, it was very expensive. You have to use it more at an enterprise level, and there, it was not at an enterprise level. So, it was very costly, but security-wise, it was a very wise decision to use it that way."
  • More Azure Firewall Pricing and Cost Advice →

  • "We are using the open-source version which is free. We are testing the solution to see if we are going to go to the enterprise version which requires a license and is not free."
  • "There is no license. You don't have to pay anything. It's completely free."
  • "It's open-source and it's free. Anything for free is good."
  • "pfSense is a free solution."
  • "The solution software does not require a license, it is free. The support contract is about $600 dollars."
  • "Its price is pretty fair."
  • "The solution is free. However, you need to pay for support."
  • "Looking at what it does, I think that it is fairly priced."
  • More pfSense Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    672,411 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer:Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure… more »
    Top Answer:Both products are very stable and easily scalable. The setup of Azure Firewall is easy and very user-friendly and the… more »
    Top Answer:Both of these solutions are excellent options that provide flexible scalability and solid security. Fortinet Fortigate… more »
    Top Answer:You don't really specify what type of router you are looking for but if you are talking about a gateway router I… more »
    Top Answer:Fortinet’s Fortigate is a firewall solution we use and are very much satisfied with its performance. We find Fortigate… more »
    Top Answer:Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
    Comparisons
    Also Known As
    Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
    Learn More
    Netgate
    Video Not Available
    Overview

    The Cisco Secure Firewall portfolio delivers greater protections for your network against an increasingly evolving and complex set of threats. With Cisco, you’re investing in a foundation for security that is both agile and integrated- leading to the strongest security posture available today and tomorrow.

      From your data center, branch offices, cloud environments, and everywhere in between, you can leverage the power of Cisco to turn your existing network infrastructure into an extension of your firewall solution, resulting in world class security controls everywhere you need them.

      Investing in a Secure Firewall appliance today gives you robust protections against even the most sophisticated threats without compromising performance when inspecting encrypted traffic. Further, integrations with other Cisco and 3rd party solutions provides you with a broad and deep portfolio of security products, all working together to correlate previously disconnected events, eliminate noise, and stop threats faster.

      Azure Firewall is a user-friendly, intuitive, cloud-native firewall security solution that provides top-of-the-industry threat protection for all your Azure Virtual Network resources. Azure Firewall is constantly and thoroughly analyzing all traffic and data packets, making it a very valuable and secure fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. Azure Firewall allows users to create virtual IP addresses and provides for secure DDoS protection for the virtual machines on your network. It also provides fast and efficient east-west and north-south traffic security.

      Azure Firewall is a managed, cloud-based network security service built to protect your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.

      Azure Firewall has two significant offerings, Standard and Premium.

      Azure Firewall Standard works directly with Microsoft Cyber Security and supplies excellent L3-L7 filtering and threat awareness. The proactive real-time threat awareness will quickly alert you and immediately deny all traffic to and from any known problematic or suspicious domains or IP addresses. Microsoft Cyber Security is updated continually to protect against all new and known potential threats at all times. To learn more about Azure Firewall Standard, click here.

      Azure Firewall Premium provides everything the standard version does, and additionally adds extra levels of data encryption, network intrusion detection, extended URL filtering, and Web category filters. To learn more about the added features of Azure Firewall Premium, click here.

      Key Benefits and Features of Azure Firewall:

      • High availability - You do not need load balancers with Azure Firewall; it's already built in and ready to go.
      • Self-scalability - Azure Firewall is intuitive and will auto-scale as needed based on traffic flow to be ready for peak traffic times.
      • Threat awareness - Using Microsoft Cyber Security to filter traffic, Azure Firewall will deny any known problematic threats to keep your network safe.
      • Additional IP addresses - You can securely add up to 250 public IP addresses with Azure Firewall
      • Improved web category filtering - You can set up specific protocols to allow or deny categories within websites that are deemed inappropriate for use within your network. You have the ability to organize categories based on a defined set of descriptions.

      What our real users have to say:

      Many PeerSpot users found Azure Firewall to be very user-friendly and easy to use. They liked that it offers seamless integration to the cloud and were especially pleased with the threat filtering options.

      Regarding integration and threat intelligence, our users wrote:

      “The most valuable feature is the integration into the overall cloud platform.”

      The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats.”

      I think that one of the best features is definitely the premium version, along with the IDPs in terms of the intrusion detection and prevention system.”



      pfSense is a free and open-source operating system for routers and firewalls, and is typically configured as DHCP server, DNS server, WiFi access point, VPN server, all running on the same hardware device. It is operated through a user-friendly web interface, making administration easy even for users with limited networking knowledge.

      In addition, pfSense is feature-rich, has a mature platform, is customizable, is flexible by design, and can be used on a small home router as well as run the entire network of a large corporation. pfSense puts you in control of your networking, is regularly updated, and works to promptly patch security issues. pfSense has recently become the favored alternative to the industry leader, Cisco.

      pfSense is:

      • Robust
      • Powerful
      • Easy to use
      • Secure
      • Scalable

      pfSense Key Features

      pfSense has many key features and capabilities, including:

      • Strength and accuracy: pfSense is able to always follow either default or custom rules, making it a stronger firewall than some of its competitors. It also filters traffic separately, whether it’s coming from your internal network of devices or the open internet, allowing you to set different rules and policies for each.

      • Flexibility: pfSense can work both as a basic firewall and as a complete security system because it gives you the flexibility to integrate additional features as code where necessary.

      • Open-source: Because it is open-source, not only is pfSense free to use, but community members can contribute to the code to make it a better software.

      • User-friendly: Usually firewall products are not user-friendly because they often include complex settings, options, and features that require fine-tuning. pfSense’s interface is simple, direct, and easy to use.

      • WireGuard Support: Instead of building your own VPN using pfSense, or settling for a commercial VPN provider, you can directly integrate WireGuard with the pfSense firewall.

      • Speed Management and Fault Tolerance: pfSense’s multi-WAN feature allows your system to continue operating in case components fail.

      • Well-supported: pfSense regularly has security and feature updates. It also has a documentation site and a well-informed and knowledgeable support forum.

      Reviews from Real Users

      Below is some feedback from PeerSpot Users who are currently using the solution.

      Bojan O., CEO at In.sist d.o.o., says, “The classic features, such as content inspection, content protection, and the application-level firewall, are the most important."

      Another PeerSpot user, a chef at a media company, explains what he finds most valuable about pfSense: "The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is."

      T.O., a VP of Business Development at a tech services company, mentions, "What I found most valuable is the cost of the platform, the flexibility of the platform, and the fact that the ongoing fees are not there as they are with the competitor."



      Offer
      Learn more about Cisco Secure Firewall
      Learn more about Azure Firewall
      Learn more about pfSense
      Sample Customers
      There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
      Information Not Available
      Nerds On Site Inc., RKC Development Inc., Expertech, Fisher's Technology, Ncisive, Consulting, CPURX, Vaughn's Computer House Calls, Imeretech LLC, Digital Crisis, Carolina Digital Phone, Technigogo Technology Services, The Simple Solution, SwiftecITInc, Rocky Mountain Tech Team, Free Range Geeks, Alaska Computer Geeks, Lark Information Technology, Renaissance Systems Inc., Cutting Edge Computers, Caretech LLC, GoVanguard, Network Touch Ltd, P.C. Solutions.Net, Vision Voice and Data Systems LLC, Montgomery Technologies, Techforce, Concero Networks, ASONInc, CPS Electronics and Consulting, Darkwire.net LLC, IT Specialists, MBS-Net Inc., VOICE1 LLC, Advantage Networking Inc., Powerhouse Systems, Doxa Multimedia Inc., Pro Computer Service, Virtual IT Services, A&J Computers Inc., Envision IT LLC, CommunicaONE Inc., Bone Computer Inc., Amax Engineering Corporation, QPG Ltd. Co., IT 101 Inc., Perfect Cloud Solutions, Applied Technology Group Inc., The Digital Sun Group LLC, Firespring
      Top Industries
      REVIEWERS
      Financial Services Firm16%
      Comms Service Provider13%
      Computer Software Company9%
      Government8%
      VISITORS READING REVIEWS
      Computer Software Company20%
      Comms Service Provider17%
      Government8%
      Educational Organization5%
      REVIEWERS
      Financial Services Firm29%
      Government14%
      Manufacturing Company14%
      Computer Software Company14%
      VISITORS READING REVIEWS
      Computer Software Company22%
      Comms Service Provider10%
      Financial Services Firm8%
      Government7%
      REVIEWERS
      University11%
      Marketing Services Firm9%
      Comms Service Provider9%
      Manufacturing Company6%
      VISITORS READING REVIEWS
      Comms Service Provider22%
      Computer Software Company15%
      Government8%
      Educational Organization5%
      Company Size
      REVIEWERS
      Small Business35%
      Midsize Enterprise25%
      Large Enterprise40%
      VISITORS READING REVIEWS
      Small Business28%
      Midsize Enterprise18%
      Large Enterprise53%
      REVIEWERS
      Small Business18%
      Midsize Enterprise29%
      Large Enterprise54%
      VISITORS READING REVIEWS
      Small Business23%
      Midsize Enterprise17%
      Large Enterprise60%
      REVIEWERS
      Small Business70%
      Midsize Enterprise18%
      Large Enterprise13%
      VISITORS READING REVIEWS
      Small Business29%
      Midsize Enterprise20%
      Large Enterprise51%
      Buyer's Guide
      Azure Firewall vs. pfSense
      January 2023
      Find out what your peers are saying about Azure Firewall vs. pfSense and other solutions. Updated: January 2023.
      672,411 professionals have used our research since 2012.

      Azure Firewall is ranked 14th in Firewalls with 17 reviews while pfSense is ranked 3rd in Firewalls with 46 reviews. Azure Firewall is rated 7.0, while pfSense is rated 8.4. The top reviewer of Azure Firewall writes "Good value for your money, good URL filtering, supports intrusion prevention, and is stable". On the other hand, the top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". Azure Firewall is most compared with Palo Alto Networks NG Firewalls, Fortinet FortiGate-VM, Palo Alto Networks VM-Series, Check Point NGFW and Fortinet FortiGate, whereas pfSense is most compared with OPNsense, Fortinet FortiGate, Sophos XG, Untangle NG Firewall and Meraki MX. See our Azure Firewall vs. pfSense report.

      See our list of best Firewalls vendors.

      We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.