We performed a comparison between Azure Firewall and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: pfSense comes out on top in this comparison. It is high performing and, according to reviews, it is a more comprehensive solution than Azure Firewall. pfSense also received higher marks in the support category.
"Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."
"It just works for us."
"So far, it has been very stable."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"The remote access, VPN, and ACL features are valuable. We are using role-based access for individuals."
"I like that Cisco Firepower NGFW Firewall is reliable. Support is also good."
"I have found the most valuable feature to be the access control and IPsec VPN."
"I love the ASDM (Adaptive Security Device Manager) which is the management suite. It's a GUI and you're able to see everything at a glance without using the command line. There are those who love the CLI, but with ASDM it is easier to see where everything is going and where the problems are."
"The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats."
"I like its order management feature. It doesn't have the kind of threat intelligence that Palo Alto has, but the order management makes it much simpler to know the difference."
"The firewall policy control, URL content control, and antivirus are all the most valuable aspects. Threat prevention is as well quite good."
"Azure's cost-effectiveness is its major advantage."
"It's auto-scalable, which is a great feature."
"It provided ease of maintenance. If a new firewall was needed, we only had to run the pipelines for this. So, the maintenance was very easy."
"The solution should be capable of self-scaling, which is one of the features we like about it."
"I can easily configure it."
"It is a very good solution for enterprises that need a VPN for their employees. It is the best way to provide a remote work facility to employees at a very low cost. Other solutions that I have had in the past were very expensive. Enterprises don't always have that kind of money to invest."
"It is a better firewall than others and it has better features."
"The VPN is my favorite feature."
"The features I have found best are ease of use, GUI, and performance."
"The classic features such as content inspection, content protection, and the application-level firewall, are the most important."
"We like the fact that the product is open-source. It's free to use. There are no costs associated with it."
"pfSense is a nice product, and I find that there's a lot of information out there. There are some good tutorials on YouTube and other websites with helpful information."
"pfSense allows us to spread the hours of connection and do the filtering on the pfSense site."
"The user interface is a little clunky and difficult to work with. Some things aren't as easy as they should be."
"Other products are becoming easier to access and configure. They are providing UI interfaces to configure, take backup, synchronize redundant machines, and so on. It is very easy to take backup and upgrade the images in those products. Cisco ASA should have such features. If one redundant machine is getting upgraded, the technology and support should be there to upgrade other redundant machines. In a single window, we should be able to do more in terms of backups, restores, and upgrades."
"I would like more features in conjunction with other solutions, like Fortinet."
"The only drawback of the user interface is when it comes to policies. When you open it and click on the policies, you have to move manually left and right if you want to see the whole field within the cell. Checkpoint has a very detailed user interface."
"There is huge scope for improvement in URL filtering. The database that they have is not accurate. Their content awareness and categorization for URL filtering are not that great. We faced many challenges with their categorization and content awareness. They should improve these categorization issues."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"I would like to see them update the GUI so that it doesn't look like it was made in 1995."
"When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."
"Azure Firewall should have a free trial version for new users so that they can evaluate it before deploying it."
"It has fewer features than you can get from other firewalls, like anti-spam and anti-phishing. Those kinds of things are not included. It only includes IDS and IDB."
"Azure Firewall has limited visibility for IDPS, no TLS inspection, no app ID, no user ID, no content ID, no device ID. There is no antivirus or anti-spyware. Azure Firewall doesn't scan traffic for malware unless it triggers an IDPS signature. There is no sandbox or machine learning functionality, meaning we are not protected from Zero-day threats. There is no DNS security and limited web categories."
"For large organizations, a third-party firewall would be an added advantage, because it would have more advanced features, things that are not in Azure Firewall."
"It is a cloud service, but the lending speed for each region is not always the same. For example, in China, the speed is slow. They need to think about how to make sure that the service pace or speed is always the same in all regions. It would be a great improvement if they can provide the same pace worldwide."
"For larger enterprises, they need to adjust the scalability."
"You have to have a defined IP range within your network to associate it with your network. The problem is you have to plan ahead of time if you expect to use the firewall in the future so that you don't have to reconfigure your subnets or that specific IP range. Other than that, I don't any issues. I use it for basic configuration for a single application, so I really don't try to leverage it for multiple applications where I might find some complexity or challenges."
"It would be nice to be able to create groupings for servers and offer groups of IP addresses."
"In terms of areas of improvement, the interface seemed like it had a lot. The GUI interface that I had gotten into was rather elaborate. I don't know if they could zero in on some markets and potentially for small, medium businesses specifically, give them a stripped-down version of the GUI for pfSense."
"The stability could be improved."
"Web interface could be enhanced and more user friendly."
"The usage reports can be better."
"This solution is good for small businesses but it is not as stable as other competitors such as Fortinet."
"It would be great to add more to security."
"I expect a better interface with more log analysis because I create my own interface."
"We had training from an advisor for the configuring of this solution and it was not difficult. However, if we were not trained it would have been not as easy."
Azure Firewall is ranked 14th in Firewalls with 17 reviews while pfSense is ranked 3rd in Firewalls with 46 reviews. Azure Firewall is rated 7.0, while pfSense is rated 8.4. The top reviewer of Azure Firewall writes "Good value for your money, good URL filtering, supports intrusion prevention, and is stable". On the other hand, the top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". Azure Firewall is most compared with Palo Alto Networks NG Firewalls, Fortinet FortiGate-VM, Palo Alto Networks VM-Series, Check Point NGFW and Fortinet FortiGate, whereas pfSense is most compared with OPNsense, Fortinet FortiGate, Sophos XG, Untangle NG Firewall and Meraki MX. See our Azure Firewall vs. pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.