Cisco Secure Firewall vs Netgate pfSense comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo
124,801 views|91,789 comparisons
Cisco Logo
70,601 views|39,905 comparisons
Netgate Logo
140,787 views|117,657 comparisons
Comparison Buyer's Guide
Executive Summary
Updated on Nov 23, 2022

We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Users of both solutions say their setup between straightforward to medium in complexity, depending on the user’s IT experience.
  • Features: Users of both products are happy with their stability and scalability.

    Cisco Secure Firewall users say that the remote access, VPN, and ACL features are the most valuable features. Several users note that its interface could be better and that additional features would make it more worthwhile.

    pfSense users say its reliability, intrusion detection, content protection, content inspection, and the application level firewall are some of its best features. Some users note that the solution’s GUI is not user friendly and that customers may need to use proxy services.
  • Pricing: Cisco Secure Firewall users note that the licensing fee is expensive, as are all the add ons. pfSense, on the other hand, is open source and free, but customers can opt to pay for support.
  • ROI: Users of both solutions are pleased with the ROI.
  • Service and Support: Cisco Secure Firewall users largely rate its 24/7 support as 10 out of 10, whereas pfSense users mention below-average to average support.

Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.

To learn more, read our detailed Cisco Secure Firewall vs. Netgate pfSense Report (Updated: September 2023).
734,678 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable features of Fortinet FortiGate are the ability to work in proxy mode, which other solutions, such as Palo Alto cannot. There are some features that are better that come at no extra license or subscriptions cost, such as basic SD-WAN. The DLT is useful, other solutions have the same feature too, such as Palo Alto.""The most valuable features of Fortinet FortiGate are the rules and quality of service.""The most valuable features of Fortinet FortiGate are the ease of use and the UI. It has always provided me with what I needed. I have no need for additional costs that other solutions have, such as Sophos.""The signature database and zero-day detection are Fortinet FortiGate's most valuable features.""It's a user-friendly firewall. Most of the tasks are very simple. It's simple to configure and troubleshoot this firewall.""FortiGate improved our security. It's one of the best hardware firewalls.""FortiGate has a very strong unified threat management system.""The UTM feature is quite good. FortiAP is easy to deploy because both Fortigate and FortiAP are under the same brand. Otherwise, you need to do more work on the configuration."

More Fortinet FortiGate Pros →

"The greatest benefit that this has provided to our organization is that we've been able to adjust the time that it takes to implement firewall changes. It's gone from a week to less than half a day to implement a change, which means that our DevOps team can be much more agile, and there is much less overhead on the firewall team.""It integrates with various Cisco security portfolios and products, and there is an easy and seamless integration for building a complete security framework for our customers.""We definitely feel more secure. We have more control over things going in and out of our network.""Implementing Cisco Secure Firewall has saved us time because we rely on most of the out-of-the-box signatures. It has reduced the time and effort spent in configuration within the security network.""The management aspect of the product is very straightforward.""All the features except IPS are valuable. IPS is not a part of my job.""One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now.""We feel that we can trust the security, and our assets and business are well protected. We need to have trust in it, but we also see that it works. We have a security company that has tested that it works."

More Cisco Secure Firewall Pros →

"The GUI is easy to understand.""The product’s documentation is good.""Sophos Intercept X is scalable. Currently, we have almost 30 people using it in our company.""What I like about pfSense is that it works well and runs on an inexpensive appliance.""The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network.""The initial setup was simple and fast.""I like pfSense's reports and how I can control access to the policies on the firewall.""Some of the terminologies were more familiar to me than it was when I first encountered Cisco."

More Netgate pfSense Pros →

Cons
"The cloud features and integration could be improved.""Bandwidth usage in reporting could be improved for Fortinet FortiGate.""Lacks training for new features.""The support we receive when we need to upgrade is not satisfactory and has room for improvement.""We would like to have the ability to disable some of the security functionalities.""Fortinet FortiGate could improve the user interface. There should be more functionality and options through the GUI.""Fortinet FortiGate could improve by having more storage in the hardware for log data.""FortiGate should have a better way of detecting and managing the system memory because otherwise if the memory is too low, a system restart is required."

More Fortinet FortiGate Cons →

"The process of procuring modern-day technology within the DOD needs to improve.""The integration between different tools could be improved. For example, with SecureX, I am yet to find out how to forward security events to different tools such as Microsoft Sentinel, which is what we use for log detection.""The main problem we have is that things work okay until we upgrade the firmware, at which point, everything changes, and the net stops working.""It would be nice if you didn't have to configure using a command-line interface. It's a bit technical that way.""I would like to see more configurable feature parity with Cisco ASA, which is the legacy product that Cisco is moving away from. When configuring remote access VPN, not all of the options are there. You have to download another tool, which means that the configuration takes a little bit longer with Cisco Secure Firewall. Though it's getting there, there are still some features lagging behind.""While this applies to all vendors, pricing can be always lower. In my opinion, Cisco is the most expensive. The pricing can be reduced.""Other products are becoming easier to access and configure. They are providing UI interfaces to configure, take backup, synchronize redundant machines, and so on. It is very easy to take backup and upgrade the images in those products. Cisco ASA should have such features. If one redundant machine is getting upgraded, the technology and support should be there to upgrade other redundant machines. In a single window, we should be able to do more in terms of backups, restores, and upgrades.""The maturity needs to be better."

More Cisco Secure Firewall Cons →

"It was difficult to configure our web printer through the solution. This process could be easier. Additionally, integration with SD-WAN solution.""I'd like to find something in pfSense that is more specific to URL filtering. We have customers who would like to filter their web traffic. They would like to be able to say to their employees, "You can surf the web, but you cannot get access to Facebook or other social media," or "You can surf the web, but you're not allowed to gamble or watch porn on the web." My technicians say that doing this kind of stuff with pfSense nowadays is not easy. They can implement some filters using IP addresses but not by using the names of the domains and categories. So, we are not able to exclude some categories from the allowed traffic, such as porn, gambling, etc. To do that, we have to use another product and another web filter that uses DNS. I know that there are some third-party products that could work with pfSense, but I'd like the native pfSense solution to do that.""I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner.""It's just not listed as FIPS compliant for where we're at now in government, which is an issue.""Ultimately, we'd like something stronger, and something that can handle threats better in real-time.""The solution’s interface must be improved.""The solution could be more user-friendly, and the graphical interface needs some work so that someone without an IT background can use the application. I would like the ability to manage the on-premise appliance from the cloud. When I'm not in the office, it would be great to connect to the pfSense server and administer the network remotely.""In terms of areas of improvement, the interface seemed like it had a lot. The GUI interface that I had gotten into was rather elaborate. I don't know if they could zero in on some markets and potentially for small, medium businesses specifically, give them a stripped-down version of the GUI for pfSense."

More Netgate pfSense Cons →

Pricing and Cost Advice
  • "I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost."
  • "It is more expensive than Sophos. Fortinet is overall more expensive than Sophos. The small range of Fortinet, such as 60F and 80F, is more expensive than the small range of Sophos. Sophos is cheaper. In addition, if you jump from 80F Series to 100F Series, the price doubles."
  • "The license is yearly. We pay for the top end. It's called 360."
  • "Here in Brazil, we're going through difficult economic times and the tax on the dollar is high. All the solutions from minor competitors are growing in the market. The prices have come more competitive."
  • "Licensing for Fortinet FortiGate is on a yearly basis. Pricing for it is a bit high. It could be cheaper."
  • "The licensing scheme of Fortinet is better than Cisco. It is more logical."
  • "The solution requires a license annually, it is not a user license, you can have as many users as your want. I must renew the license regularly per device."
  • "It was probably about $2,500 per firewall. It was all included. It included support, services, threat management software, and 24/7 FortiCare on it. Cisco products are more expensive."
  • More Fortinet FortiGate Pricing and Cost Advice →

  • "It is expensive. There is a cost for everything. There is per year license cost and support cost. There is also a cost for any training, any application, and any resource. Things are very costly to do with Cisco. Other brands are cheaper. They are also more flexible in terms of training, subscription, and licensing. They give lots and lots of years free. They provide more than Cisco."
  • "When we bought it, it was really expensive. I'm not aware of the current pricing. We had problems with licensing. After our IPS subscription ended, we couldn't renew it because Cisco was moving to the next-generation firewall platform. So, they didn't provide us with the new license."
  • "Its price is moderate. It is not too expensive."
  • "I like its licensing because you buy the license once, and it is yours. We don't have to go for a subscription. So, I liked how they licensed Cisco ASA. Our clients are also very satisfied with its licensing model."
  • "Its price is in the middle range. Both Firepower and FortiGate are not cheap. Palo Alto and Check Point are the cheapest ones. I don't remember any costs in addition to the standard licensing fees."
  • "When we purchased the firewall, we had to take the security license for IPS, malware protection, and VPN. If we are using high availability, we have to take a license for that. We also have to pay for hardware support and technical support. Its licensing is on a yearly basis."
  • "Pricing for Cisco is expensive. There are additional costs for the licensing part, support, and even the hardware part. The device cost is very high. I would be very happy with an improvement on the price."
  • "The pricing was pretty comparable to other solutions when we purchased it."
  • More Cisco Secure Firewall Pricing and Cost Advice →

  • "Our customers must pay for an annual license."
  • "I would recommend it for a small business or a startup as a starting point. It's also good for companies that are on a tight budget."
  • "The price of pfSense is reasonable. However, there is a free version available."
  • "It is about €1,000. It is a one-time payment. I do not have a monthly or yearly subscription. I don't subscribe to any subscription because I hate cloud services. There are no additional costs."
  • "It is an open source firewall."
  • "It is very suitable in terms of the price. If a client cannot acquire a Netgate appliance, I provide a custom-made appliance, and I install the Community edition of pfSense. It is a very good and affordable solution for enterprises. Some of the clients pay monthly but usually, it is annually."
  • "We are using its Community Edition, which is free. My company is a government school, and we don't have much budget."
  • "pfSense is open-source, but the support is something that the customer pays for."
  • More Netgate pfSense Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    734,678 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer: Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports… more »
    Top Answer:You don't really specify what type of router you are looking for but if you are talking about a gateway router I… more »
    Top Answer:Fortinet’s Fortigate is a firewall solution we use and are very much satisfied with its performance. We find Fortigate… more »
    Top Answer:Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
    Comparisons
    Also Known As
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
    Learn More
    Netgate
    Video Not Available
    Overview

    Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

    Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.

    Benefits of Fortinet FortiGate

    Some of the benefits of using Fortinet FortiGate include:

    • The ability to manage your firewalls from a centralized automated control console. Fortinet FortiGate’s FortiManager enables administrators to exercise control of their firewalls in a streamlined manner. Administrators have full visibility and control over their system from a single location. It utilizes automation that collects information in real time, which greatly simplifies and reduces the cost of running various types of workflows. Administrators can free up resources by automating the most basic tasks.
    • The ability to produce uniform, appropriate, and coordinated responses to threats across networks. Fortinet FortiGate’s FortiGuard feature generates system protections in near real time. This allows administrators to address threats to the system with custom-made solutions that can be uniformly enforced.
    • The ability to scale up your security to fit your changing security needs. Fortinet FortiGate’s design allows users to accelerate the transfer of data between users and escalate the number of users that are covered without compromising security of performance. This means that users can grow their networks and continue to collaborate without worrying about the system slowing down or coming under attack.

    Reviews from Real Users

    Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.

    PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”

    PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”

    Cisco Secure Firewall, including Firepower, is a powerful perimeter security solution used for network security, data center protection, advanced malware protection, and site-to-site VPNs. Its most valuable features include NGIPS, application visibility and control, VLAN implementations, intrusion prevention, threat defense, and NAT. 

    The solution has helped organizations discover their environment, improve security, implement dynamic policies, reduce operational costs, and protect against threats from outside and within the data center. Overall, Cisco Secure Firewall is a valuable tool for securing organizations and providing visibility into threats.

    pfSense is a powerful and reliable network security appliance primarily used for security purposes such as firewall and VPN or traffic shaping, network management, and web filtering. It is commonly used by small businesses and managed service providers to protect their customers' networks and enable remote access through VPNs. 

    The solution is praised for its stability, user-friendly interface, scalability potential, open-source nature, free cost, easy installation, firewall capabilities, security features, flexibility, and simplicity. Overall, pfSense is a cost-effective solution for enterprises that need a VPN for their employees.

    pfSense Key Features

    pfSense has many key features and capabilities, including:

    • Strength and accuracy: pfSense is able to always follow either default or custom rules, making it a stronger firewall than some of its competitors. It also filters traffic separately, whether it’s coming from your internal network of devices or the open internet, allowing you to set different rules and policies for each.

    • Flexibility: pfSense can work both as a basic firewall and as a complete security system because it gives you the flexibility to integrate additional features as code where necessary.

    • Open-source: Because it is open-source, not only is pfSense free to use, but community members can contribute to the code to make it a better software.

    • User-friendly: Usually firewall products are not user-friendly because they often include complex settings, options, and features that require fine-tuning. pfSense’s interface is simple, direct, and easy to use.

    • WireGuard Support: Instead of building your own VPN using pfSense, or settling for a commercial VPN provider, you can directly integrate WireGuard with the pfSense firewall.

    • Speed Management and Fault Tolerance: pfSense’s multi-WAN feature allows your system to continue operating in case components fail.

    • Well-supported: pfSense regularly has security and feature updates. It also has a documentation site and a well-informed and knowledgeable support forum.

    Reviews from Real Users

    Below is some feedback from PeerSpot Users who are currently using the solution.

    Bojan O., CEO at In.sist d.o.o., says, “The classic features, such as content inspection, content protection, and the application-level firewall, are the most important."

    Another PeerSpot user, a chef at a media company, explains what he finds most valuable about pfSense: "The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is."

    T.O., a VP of Business Development at a tech services company, mentions, "What I found most valuable is the cost of the platform, the flexibility of the platform, and the fact that the ongoing fees are not there as they are with the competitor."



    Offer
    Learn more about Fortinet FortiGate
    Learn more about Cisco Secure Firewall
    Learn more about Netgate pfSense
    Sample Customers
    Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
    There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
    Nerds On Site Inc., RKC Development Inc., Expertech, Fisher's Technology, Ncisive, Consulting, CPURX, Vaughn's Computer House Calls, Imeretech LLC, Digital Crisis, Carolina Digital Phone, Technigogo Technology Services, The Simple Solution, SwiftecITInc, Rocky Mountain Tech Team, Free Range Geeks, Alaska Computer Geeks, Lark Information Technology, Renaissance Systems Inc., Cutting Edge Computers, Caretech LLC, GoVanguard, Network Touch Ltd, P.C. Solutions.Net, Vision Voice and Data Systems LLC, Montgomery Technologies, Techforce, Concero Networks, ASONInc, CPS Electronics and Consulting, Darkwire.net LLC, IT Specialists, MBS-Net Inc., VOICE1 LLC, Advantage Networking Inc., Powerhouse Systems, Doxa Multimedia Inc., Pro Computer Service, Virtual IT Services, A&J Computers Inc., Envision IT LLC, CommunicaONE Inc., Bone Computer Inc., Amax Engineering Corporation, QPG Ltd. Co., IT 101 Inc., Perfect Cloud Solutions, Applied Technology Group Inc., The Digital Sun Group LLC, Firespring
    Top Industries
    REVIEWERS
    Comms Service Provider16%
    Computer Software Company10%
    Financial Services Firm9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Educational Organization22%
    Computer Software Company15%
    Comms Service Provider9%
    Government5%
    REVIEWERS
    Financial Services Firm15%
    Comms Service Provider13%
    Computer Software Company12%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Educational Organization17%
    Computer Software Company17%
    Comms Service Provider9%
    Government7%
    REVIEWERS
    University11%
    Comms Service Provider9%
    Marketing Services Firm9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Comms Service Provider14%
    Government9%
    Educational Organization6%
    Company Size
    REVIEWERS
    Small Business48%
    Midsize Enterprise23%
    Large Enterprise30%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise33%
    Large Enterprise41%
    REVIEWERS
    Small Business35%
    Midsize Enterprise23%
    Large Enterprise42%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise28%
    Large Enterprise47%
    REVIEWERS
    Small Business69%
    Midsize Enterprise18%
    Large Enterprise13%
    VISITORS READING REVIEWS
    Small Business32%
    Midsize Enterprise18%
    Large Enterprise50%
    Buyer's Guide
    Cisco Secure Firewall vs. Netgate pfSense
    September 2023
    Find out what your peers are saying about Cisco Secure Firewall vs. Netgate pfSense and other solutions. Updated: September 2023.
    734,678 professionals have used our research since 2012.

    Cisco Secure Firewall is ranked 3rd in Firewalls with 118 reviews while Netgate pfSense is ranked 2nd in Firewalls with 22 reviews. Cisco Secure Firewall is rated 8.4, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". On the other hand, the top reviewer of Netgate pfSense writes "Feature-rich, well documented, and there is good support available online". Cisco Secure Firewall is most compared with Meraki MX, Palo Alto Networks WildFire, Juniper SRX Series Firewall, Sophos XG and Check Point NGFW, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Untangle NG Firewall, Sophos UTM and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.