Cisco IOS Security vs pfSense comparison

Cancel
You must select at least 2 products to compare!
Cisco Logo
99,561 views|66,518 comparisons
Cisco Logo
2,574 views|2,145 comparisons
Netgate Logo
122,947 views|104,381 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Cisco IOS Security and pfSense based on real PeerSpot user reviews.

Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Cisco IOS Security vs. pfSense Report (Updated: November 2022).
657,397 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"We definitely feel more secure. We have more control over things going in and out of our network.""All the rules are secure and we haven't had a significant malware attack in the five years that we've been using ASA Firewall. It has been a tremendous improvement for our network. However, I can't quantify the benefits in monetary terms.""The configuration capabilities and the integration with other tools are the most valuable features. I really like this product. Cisco is one of my favorite brands, and I always think Cisco solutions are very reliable, easy to configure, and very secure.""It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective.""The configuration was kind of straightforward from the command line and also from the ASDM. It was very easy to manage by using their software in Java.""I like all of the features.""It is pretty stable. I haven't seen many issues during the past four years.""The clusters in data centers are great."

More Cisco Secure Firewall Pros →

"The most valuable features of Cisco IOS Security are the plenty of functionality it provides, many people are IT certified the usage, and the user interface is good.""It is less expensive than alternative firewalls.""The security is very good.""One of the main features is that the hardware is extremely reliable.""Cisco IOS Security has many good features, but compared to other solutions, it has a more user-friendly interface with steps to apply and manage rules. Another good part of the solution is that it's more straightforward.""Cisco Technical Assistance Center works on a follow-the-sun concept and gives real 24x7 customer support, which is a great advantage when you have a service contract with them.""The most valuable feature of Cisco IOS Security is posturing.""One of the valuable features of the solution is its flexibility and it performs great."

More Cisco IOS Security Pros →

"Content protection, content inspection, and the application level firewall.""I'm the expert when it comes to Linux systems, however, with the pfSense, due to the web interface, the rest of the staff can actually make changes to it as required without me worrying about whether they've opened up ports incorrectly or not. The ease of use for non-expert staff is very good.""Technical support is perfect, excellent.""The initial setup is straightforward.""The main features of this solution are customization and ease to use.""The initial setup is not complex.""Some of the terminologies were more familiar to me than it was when I first encountered Cisco.""The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network."

More pfSense Pros →

Cons
"I think the ASA layer is thin. It's always Layer 3 or Layer 4 source controller and doesn't control the Layer 7 traffic. It's important, and you'll need an additional firewall.""Sometimes my customers say that Cisco Firewalls are a bit more difficult compared to Fortigate or Palo Alto. There is complexity in the configuration and the GUI could be improved.""One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue.""The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough.""It is my understanding that they are in the process of discontinuing this device.""The reporting and other features are nice, but there is an issue with applying the configuration. That part needs some improvement.""Licensing is complex, and I'd like it to be simplified. This is an area for improvement.""It is hard to control the bandwidth of end-users with a Cisco Firewall. That is the main issue I've faced. I used Mikrotik for many years for this very reason. Mikrotik has the option to set a bandwidth restriction for a single IP or complete segments. Cisco should add this option to their firewall."

More Cisco Secure Firewall Cons →

"Cisco IOS Security could improve by having more compatibility with other Cisco solutions.""The configuration should be easier in the solution.""While Cisco IOS Security is stable and scalable, I would like to see it improved to be even better.""It takes too much time to deploy a policy to FMC. It takes around eight minutes. You can't afford any downtime when you're changing policies.""It would be ideal if the solution had more capacity.""The graphical user interface or the GUI could be better. Beginners can use some devices with the GUI, but some security devices are configured using CLI. It would also be better if it had its own Intrusion Protection Service and Intrusion Detection Service on the server.""Cisco IOS Security could improve its security features. There are competitors that have some additional security features, such as Fortinet FortiGate. Additionally, there should be better synchronization with Cisco IOS Security and other vendors, and improved AI features would be beneficial.""The configuration and reporting interfaces need a lot of improvement. It needs to be more accessible forsolide without a strong technical background. If you had a simplified dashboard, the lower-level techs could manage the solution and provide services. Cisco IOS Security requires someone who is highly trained to operate it."

More Cisco IOS Security Cons →

"It could use a little bit of improvement in the reporting.""The access control aspect of the product could be improved.""It's just not listed as FIPS compliant for where we're at now in government, which is an issue.""Their support could be better in terms of the response time.""The solution could be more user-friendly, and the graphical interface needs some work so that someone without an IT background can use the application. I would like the ability to manage the on-premise appliance from the cloud. When I'm not in the office, it would be great to connect to the pfSense server and administer the network remotely.""The usage reports can be better.""I tried pfSense, and it has a big issue with file system consistency, and this is what drove me to OPNsense. The file system stability is quite a big issue for us. We have a lot of outages related to power issues, and OPNsense is much more stable on this side.""Also, the GUI is helpful, but it's not user-friendly. It's complicated. It should be more intuitive for the average user and have an excellent graphical view. Of course, the user will typically know about network administration, but it still should be easy to understand."

More pfSense Cons →

Pricing and Cost Advice
  • "They seem to be at the top end in terms of pricing, but they are worth the price. They are probably a little bit lower than Palo Alto. If the customers are relying on Cisco products and they are thinking more in terms of scaling to another layer in a year, it is pretty much in a good price range."
  • "We're using the smart license for this firewall. The models that we have require licensing for remote access."
  • "There are licensing costs."
  • "I just bought it off the shelf, and I'm using it with my previous one, so I have not spent that much."
  • "The price is fair. It's not the cheapest, but it's not bad."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The product is very expensive."
  • "This is an expensive product, although when you buy this solution, you can do many things so it provides good value for the investment."
  • More Cisco Secure Firewall Pricing and Cost Advice →

  • "It is necessary to pay for a license in order to use the solution. It is on a yearly basis and the price is high."
  • "Palo Alto networks are more expensive than this solution and this is why you will see more products like this one in Mexico."
  • "The price of the solution should be cheaper, and the license is purchase annually."
  • "They have smart licenses that can be provided for one year, two years, three years, five years, and seven years. Alternatively, they have perpetual licenses available."
  • "Cisco IOS Security price could be reduced, it is more expensive than many of the other solutions, such as Sophos and Fortinet FortiGate."
  • "Cisco IOS Security is not very expensive, and pricing depends on where you live. It's affordable for both individuals and institutions. On a scale from one to five, I would give Cisco's pricing a four."
  • "The cost may be around $5,000 to $10,000 a year. If you want support you have to pay at least this price."
  • "The pricing for Cisco IOS Security is reasonable compared to other Cisco products."
  • More Cisco IOS Security Pricing and Cost Advice →

  • "I spent a couple of $1,000 on hardware, and the OS was free. A comparable firewall would cost me probably 20 grand. It saved a lot of money."
  • "I like the fact that it is open-source."
  • "The pricing is lower than some of its competitors."
  • "pfSense is open-source."
  • "We are using the open-source version which is free. We are testing the solution to see if we are going to go to the enterprise version which requires a license and is not free."
  • "There is no license. You don't have to pay anything. It's completely free."
  • "It's open-source and it's free. Anything for free is good."
  • "pfSense is a free solution."
  • More pfSense Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    657,397 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer:One of the main features is that the hardware is extremely reliable.
    Top Answer:Palo Alto networks are more expensive than this solution and this is why you will see more products like this one in… more »
    Top Answer:I think they should bring back remote VPN for users. However, I understand the attempt is to have these functions inside… more »
    Top Answer:You don't really specify what type of router you are looking for but if you are talking about a gateway router I… more »
    Top Answer:Fortinet’s Fortigate is a firewall solution we use and are very much satisfied with its performance. We find Fortigate… more »
    Top Answer:Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
    Comparisons
    Also Known As
    Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
    IOS Security
    Learn More
    Netgate
    Video Not Available
    Overview

    The Cisco Secure Firewall portfolio delivers greater protections for your network against an increasingly evolving and complex set of threats. With Cisco, you’re investing in a foundation for security that is both agile and integrated- leading to the strongest security posture available today and tomorrow.

      From your data center, branch offices, cloud environments, and everywhere in between, you can leverage the power of Cisco to turn your existing network infrastructure into an extension of your firewall solution, resulting in world class security controls everywhere you need them.

      Investing in a Secure Firewall appliance today gives you robust protections against even the most sophisticated threats without compromising performance when inspecting encrypted traffic. Further, integrations with other Cisco and 3rd party solutions provides you with a broad and deep portfolio of security products, all working together to correlate previously disconnected events, eliminate noise, and stop threats faster.

      Cisco IOS Software delivers a sophisticated set of security capabilities for a comprehensive, layered security approach throughout your network infrastructure. Cisco IOS security technologies help to defend critical business processes against attack and disruption, protect privacy, and support policy and regulatory compliance controls.

      pfSense is a free and open-source operating system for routers and firewalls, and is typically configured as DHCP server, DNS server, WiFi access point, VPN server, all running on the same hardware device. It is operated through a user-friendly web interface, making administration easy even for users with limited networking knowledge.

      In addition, pfSense is feature-rich, has a mature platform, is customizable, is flexible by design, and can be used on a small home router as well as run the entire network of a large corporation. pfSense puts you in control of your networking, is regularly updated, and works to promptly patch security issues. pfSense has recently become the favored alternative to the industry leader, Cisco.

      pfSense is:

      • Robust
      • Powerful
      • Easy to use
      • Secure
      • Scalable

      pfSense Key Features

      pfSense has many key features and capabilities, including:

      • Strength and accuracy: pfSense is able to always follow either default or custom rules, making it a stronger firewall than some of its competitors. It also filters traffic separately, whether it’s coming from your internal network of devices or the open internet, allowing you to set different rules and policies for each.

      • Flexibility: pfSense can work both as a basic firewall and as a complete security system because it gives you the flexibility to integrate additional features as code where necessary.

      • Open-source: Because it is open-source, not only is pfSense free to use, but community members can contribute to the code to make it a better software.

      • User-friendly: Usually firewall products are not user-friendly because they often include complex settings, options, and features that require fine-tuning. pfSense’s interface is simple, direct, and easy to use.

      • WireGuard Support: Instead of building your own VPN using pfSense, or settling for a commercial VPN provider, you can directly integrate WireGuard with the pfSense firewall.

      • Speed Management and Fault Tolerance: pfSense’s multi-WAN feature allows your system to continue operating in case components fail.

      • Well-supported: pfSense regularly has security and feature updates. It also has a documentation site and a well-informed and knowledgeable support forum.

      Reviews from Real Users

      Below is some feedback from PeerSpot Users who are currently using the solution.

      Bojan O., CEO at In.sist d.o.o., says, “The classic features, such as content inspection, content protection, and the application-level firewall, are the most important."

      Another PeerSpot user, a chef at a media company, explains what he finds most valuable about pfSense: "The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is."

      T.O., a VP of Business Development at a tech services company, mentions, "What I found most valuable is the cost of the platform, the flexibility of the platform, and the fact that the ongoing fees are not there as they are with the competitor."



      Offer
      Learn more about Cisco Secure Firewall
      Learn more about Cisco IOS Security
      Learn more about pfSense
      Sample Customers
      There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
      Arup Group, Brunel University London, City of Biel, Gobierno de Castilla-La Mancha, K&L Gates , New South Wales Rural Fire Service, Offshore Northern Seas, Transplace
      Nerds On Site Inc., RKC Development Inc., Expertech, Fisher's Technology, Ncisive, Consulting, CPURX, Vaughn's Computer House Calls, Imeretech LLC, Digital Crisis, Carolina Digital Phone, Technigogo Technology Services, The Simple Solution, SwiftecITInc, Rocky Mountain Tech Team, Free Range Geeks, Alaska Computer Geeks, Lark Information Technology, Renaissance Systems Inc., Cutting Edge Computers, Caretech LLC, GoVanguard, Network Touch Ltd, P.C. Solutions.Net, Vision Voice and Data Systems LLC, Montgomery Technologies, Techforce, Concero Networks, ASONInc, CPS Electronics and Consulting, Darkwire.net LLC, IT Specialists, MBS-Net Inc., VOICE1 LLC, Advantage Networking Inc., Powerhouse Systems, Doxa Multimedia Inc., Pro Computer Service, Virtual IT Services, A&J Computers Inc., Envision IT LLC, CommunicaONE Inc., Bone Computer Inc., Amax Engineering Corporation, QPG Ltd. Co., IT 101 Inc., Perfect Cloud Solutions, Applied Technology Group Inc., The Digital Sun Group LLC, Firespring
      Top Industries
      REVIEWERS
      Financial Services Firm16%
      Comms Service Provider13%
      Computer Software Company9%
      Government8%
      VISITORS READING REVIEWS
      Comms Service Provider20%
      Computer Software Company19%
      Government7%
      Educational Organization5%
      REVIEWERS
      Financial Services Firm17%
      Computer Software Company17%
      Comms Service Provider17%
      Security Firm11%
      VISITORS READING REVIEWS
      Computer Software Company24%
      Comms Service Provider15%
      Government6%
      Financial Services Firm5%
      REVIEWERS
      University12%
      Marketing Services Firm10%
      Comms Service Provider10%
      Computer Software Company6%
      VISITORS READING REVIEWS
      Comms Service Provider26%
      Computer Software Company15%
      Government8%
      Educational Organization5%
      Company Size
      REVIEWERS
      Small Business35%
      Midsize Enterprise24%
      Large Enterprise41%
      VISITORS READING REVIEWS
      Small Business28%
      Midsize Enterprise19%
      Large Enterprise53%
      REVIEWERS
      Small Business38%
      Midsize Enterprise31%
      Large Enterprise31%
      VISITORS READING REVIEWS
      Small Business23%
      Midsize Enterprise18%
      Large Enterprise59%
      REVIEWERS
      Small Business70%
      Midsize Enterprise17%
      Large Enterprise13%
      VISITORS READING REVIEWS
      Small Business29%
      Midsize Enterprise21%
      Large Enterprise50%
      Buyer's Guide
      Cisco IOS Security vs. pfSense
      November 2022
      Find out what your peers are saying about Cisco IOS Security vs. pfSense and other solutions. Updated: November 2022.
      657,397 professionals have used our research since 2012.

      Cisco IOS Security is ranked 20th in Firewalls with 14 reviews while pfSense is ranked 3rd in Firewalls with 52 reviews. Cisco IOS Security is rated 7.8, while pfSense is rated 8.4. The top reviewer of Cisco IOS Security writes "Great security and automation with helpful technical assistance". On the other hand, the top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". Cisco IOS Security is most compared with Fortinet FortiGate, Meraki MX, Zyxel Unified Security Gateway, Fortinet FortiManager and OPNsense, whereas pfSense is most compared with OPNsense, Fortinet FortiGate, Sophos XG, Untangle NG Firewall and Sophos UTM. See our Cisco IOS Security vs. pfSense report.

      See our list of best Firewalls vendors.

      We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.