"The feature set is fine and is rarely a problem."
"A good intrusion prevention system and filtering."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"The customer service/technical support is very good with this solution."
"We have not had to deal with stability issues."
"If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"Unfortunately in Cisco, only the hardware was good."
"The management aspect of the product is very straightforward."
"The remote access, VPN, and ACL features are valuable. We are using role-based access for individuals."
"The configuration was kind of straightforward from the command line and also from the ASDM. It was very easy to manage by using their software in Java."
"It is extremely stable I would say — at least after you deploy it."
"VPN and firewall are good features."
"It's pretty reliable and allows for isolation capabilities within the network."
"This product is pretty stable."
"The most valuable features of pfSense are the reports, monitoring, filtration, and blocking incoming and outgoing traffic."
"The solution has good customization abilities and plenty of features."
"My technicians find the pfSense's web interface very useful. It is very easy to use. pfSense is very reliable and stable. We like the OpenVPN clients that can be deployed using pfSense very much."
"The solution is very robust."
"I especially like the VPN part. It works like a charm."
"The initial setup is straightforward."
"What I like about pfSense is that it works well and runs on an inexpensive appliance."
"The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network."
"The price and SD-WAN capabilities are the areas that need improvement."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"Cisco makes horrible UIs, so the interface is something that should be improved."
"The performance should be improved."
"The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team."
"The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."
"Report generation is an area that should be improved."
"The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs."
"They need to do an overhaul of the management console."
"If they want to add better features to the current Cisco ASA, they can start by increasing the encryption. That is the only thing they need to improve."
"Other products are becoming easier to access and configure. They are providing UI interfaces to configure, take backup, synchronize redundant machines, and so on. It is very easy to take backup and upgrade the images in those products. Cisco ASA should have such features. If one redundant machine is getting upgraded, the technology and support should be there to upgrade other redundant machines. In a single window, we should be able to do more in terms of backups, restores, and upgrades."
"The annual subscription cost is a bit high. They should try to make it comparable to other offerings. We have a number of Chinese products here in Pakistan, which are already, very cheap and have less annual maintenance costs compared to Cisco."
"You shouldn't have to use the ASDM to help manage the client."
"The user interface isn't as good as it could be. They should work to improve it. It would make it easier for customer management if it was easier to use."
"It doesn't have Layer 7 security."
"In the next release, I would like to see the VPN and UTM features included."
"I've never tried it in large environments. All my clients are small businesses with a handful of employees, so I am not sure how it works in large environments. I keep up with recent versions, and there's nothing I'm waiting for, and nothing breaks when I get a new version."
"Also, simplifying the rules for the GeoIP. Making it simpler to understand would be an improvement."
"pfSense has some limitations in detecting site sessions. We want to control internet usage based on sites and their content, and pfSense doesn't perform this function."
"The integration could be improved."
"There could be a way to remote to it through a mobile app. You can always browse through your browser on your mobile phone or tablet, but it would be good to have a dedicated app. I understand that iOS and Android developers are expensive, but there should be a mobile app."
"The main problem with pfSense is that it lacks adequate ransomware protection."
"The main problem with pfSense is that we have to use proxy solutions."
"The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
Cisco ASA Firewall is ranked 6th in Firewalls with 62 reviews while pfSense is ranked 3rd in Firewalls with 60 reviews. Cisco ASA Firewall is rated 8.0, while pfSense is rated 8.6. The top reviewer of Cisco ASA Firewall writes "Robust solution that integrates well with both Cisco products and products from other vendors". On the other hand, the top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". Cisco ASA Firewall is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, Meraki MX, Juniper SRX and SonicWall TZ, whereas pfSense is most compared with OPNsense, Fortinet FortiGate, Sophos UTM, Sophos XG and Zyxel Unified Security Gateway. See our Cisco ASA Firewall vs. pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
