We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The scalability of Fortinet FortiGate is good."
"Its performance in fulfilling our requirements has been satisfactory."
"What I like the most is the configuration and that it's simple, and straightforward to maintain."
"Consolidated our network environment at all locations, but mainly at our datacenter."
"We purchased Fortinet because of the pricing, its functionality, because it met our requirements, and the total cost of ownership over five years was quite reasonable. In the market, Fortinet is rated quite well."
"Their proxy-based inspection is responsive and secure."
"We have been able to offer several services to customers in a single box."
"The signature database and zero-day detection are Fortinet FortiGate's most valuable features."
"The most valuable feature is the anti-malware protection. It protects the endpoints on my network."
"ASA integrates with FirePOWER, IPS functionality, malware filtering, etc. This functionality wasn't there in the past. With its cloud architecture, Cisco can filter traffic at the engine layer. Evasive encryptions can be entered into the application, like BitTorrent or Skype. This wasn't possible to control through a traditional firewall."
"VPN load balancing has been particularly essential for my connections to integrate via multiple time zones."
"REST API offering with rich capabilities which makes the product very robust."
"The most important feature is the VPN connection."
"Their performance is most valuable."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"The Packet Tracer is a really good tool. If someone calls because they're having problems, you can easily create fake traffic without having to do an extended packet capture. You can see, straight away, if there's a firewall rule allowing that traffic in the direction you're trying to troubleshoot."
"pfSense helped us during COVID-19 because we used OpenVPN to connect from home."
"Its scalability is a strong point."
"The solution has good customization abilities and plenty of features."
"The redundancy and scalability ARE very nice."
"Content protection, content inspection, and the application level firewall."
"Stability has been excellent. We have experienced no issues; it never fails."
"I especially like the VPN part. It works like a charm."
"The most valuable features of pfSense are security, user-friendliness, and helpful online management."
"It would be ideal if they had some sort of GUI interface for troubleshooting and diagnostics."
"The renewal price and the availability could be improved."
"If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement."
"Performance and technical support are the main issues with this solution."
"With the addition of some features, it is possible that FortiGate can be used in all verticals."
"Fortinet FortiGate could improve by adding FortiAnalyzer to its solution, we should not have to use another solution. FortiAnalyzer can provide more detailed information."
"The security of Fortinet FortiGate could improve."
"The solution could be more user friendly."
"In general, they can make it easier to manage the solutions. They can make it easier in terms of administration and provide a single tool for different firewalling solutions. They have different tools to manage different firewalls, such as Firepower or ASA. Sometimes, both are on the same thing. You have ASA with Firepower modules, so you manage some of the things via HTML, and then you manage some of the things via another management tool. It's not seamless."
"Report generation is an area that should be improved."
"The worst part of the entire solution, and this is kind of trivial at times, is that management of the solution is difficult. You manage FireSIGHT through an internet browser. I've had Cisco tell me to manage it through Firefox because that's how they develop it. The problem is, depending on the page you're on, they don't function in the same way. The pages can be very buggy, or you can't resize columns in this one, or you can't do certain things in that one. It causes a headache in managing it."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"Also, they have a Firepower source file that I can work on the ASA device and on Firepower devices. A problem here lies in the way that you manage these devices. Some devices do not support the FMC, and some devices have to be managed through ASDM, and others have to be managed through FMC."
"When we first got it, we were doing individual configuring. Now, there is a way to manage from one location."
"The security features in the URL category need more improvement."
"They should work on making it a little more intuitive for users and not quite as complex. Still, it's a good product."
"I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner."
"Could be simplified for new users."
"It needs better parsing of logs. At the moment, you have to use an external server for this if you want a deeper analysis."
"This product needs improvements with respect to reporting and auditing."
"I have been using WireGuard VPN because it is a lot faster and more secure than an open VPN. However, in the latest version of pfSense, they have removed this feature, which is one of the main features that I need. They should include this feature."
"Netgate pfSense needs to improve the configuration for a VPN."
"The product could offer more integrated plugins."
"The usage reports can be better."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.