We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The performance is good."
"It is a safe product."
"The solution is stable."
"The most valuable feature is the FortiManager for centralized management."
"Fortinet FortiGate protects against internet-based threats, both internal and external. It is scalable, stable, easy to use, and easy to install."
"Their interface is very easy to use, it is without bugs."
"It is simple to manage, and there are a lot of functionalities in the same box."
"The features that we have found most valuable are the SSL VPN and the User Portal."
"I like its integration with the AnyConnect client. I also like how modular it is. For example, I can easily integrate the Umbrella add-on into it. We are planning on adding Umbrella. We haven't added it yet, but we have researched."
"The initial setup is easy."
"Clustering architecture which offers zero downtime upgrades, keeping uptime close to 99.999%."
"Cisco ASA NGFW significantly improves our bank. It protects any high-value products that we use from hackers, viruses, malware, and script-bots. It gives us metrics on network traffic as well as what kind of attacks we are getting from the outside."
"Cisco Secure Firewall made it easier so that more than one person can handle things. We are able to have a bigger team that can handle simple tasks and have a smaller team focus on the deep-dive needs."
"The configuration was kind of straightforward from the command line and also from the ASDM. It was very easy to manage by using their software in Java."
"Valuable features include DMZ segmentation, and IDS and IPS."
"Cybersecurity resilience has been paramount. Because there is a threat of losing everything if ransomware or another sort of attack were to happen, the cybersecurity resilience has been top-notch."
"The built-in open VPN and the VPN Client Export are the solution's most valuable aspects."
"The solution has good customization abilities and plenty of features."
"The initial setup is not complex."
"I mostly like all of it. Whatever we use is valuable."
"A free firewall that is a good network security appliance."
"The initial setup is straightforward."
"At our peak time, we have reached more than 5,000 concurrent connections."
"The most valuable feature, for instance, is the ease of migrating configurations between different Netgate devices housed in the same box."
"The updates Fortinet provides are sometimes unstable."
"Its reporting can be improved. Sometimes, I don't get proper reports."
"Its reporting and pricing need improvement."
"WAN load-balancing could be a lot better at detecting when a link is poor or inconsistent, and not just flat out dead."
"The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are."
"Fortinet FortiGate can be integrated with different platforms. They have integrations in place, but I can't say they're 100%."
"Web security solutions can be improved."
"FortiGate should have a better way of detecting and managing the system memory because otherwise if the memory is too low, a system restart is required."
"Deploying configurations takes longer than it should."
"The product crashes. We have a cluster of firewalls and we regularly get failovers."
"The software was very buggy, to the point it had to be removed."
"It doesn't have a proper GUI to do troubleshooting, so most people have to rely on the command line."
"The user interface is a little clunky and difficult to work with. Some things aren't as easy as they should be."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"If you need to reschedule a call with the support team when you face a new issue with the product, then it may get a bit of a problem to get a hold of someone from the support team of Cisco."
"Cisco Secure Firewall’s customer support could be improved."
"The GUI could use more “bells and whistles”. It's got plenty of info for a Sysadmin but some people like shiny things."
"There are several levels of firewall configuration such as beginner, advanced, and expert configurations. At each level, it becomes more complex and more tricky to set up the firewall. For example, if you want to install the firewall on your computer system, it would be a lot easier if it just tells you that this is the internet NIC and this is the Wi-Fi NIC."
"We would like to see ready-made profiles to cover most users' needs."
"The Netgate forums and community don’t provide extensive discussions and topics related to every pfSense service."
"The VPN feature of the solution could improve by adding better functionality and providing easier configure ability."
"The solution could improve by having centralized management and API support online."
"The hotspot and the portal feature in this solution are not stable for WiFi access. We use it at least once or twice every day and it crashes. Some modules can be better by improving detection and having new updates. Additionally, we have some issues with clustering and load balancing that could improve."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.