Cisco Secure Firewall vs OPNsense comparison

Cancel
You must select at least 2 products to compare!
Cisco Logo
92,028 views|56,036 comparisons
OPNsense Logo
92,215 views|80,413 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Cisco Secure Firewall and OPNsense based on real PeerSpot user reviews.

Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Cisco Secure Firewall vs. OPNsense Report (Updated: May 2023).
708,830 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The main thing that I love the most is its policy and objects. Whenever I try to give access to a user, I can create an object via group creation in the object fields. This way, I am not able to enter a user in the policy repeatedly.""Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches.""The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands.""Our company operates in Saudi Arabia, primarily working with government sectors. If any hardware malfunctions, the defective device is removed, and we receive a replacement from the reseller. We have not encountered any issues related to delays in receiving replacements for malfunctioning devices which has been beneficial.""I like its integration with the AnyConnect client. I also like how modular it is. For example, I can easily integrate the Umbrella add-on into it. We are planning on adding Umbrella. We haven't added it yet, but we have researched.""The most valuable feature is the Intrusion Prevention System.""It's the VPN side of things that has been most useful for us. It allows us to secure our users even when they're working from home. They are able to access all of our resources, no matter where they are in the world.""One of the most valuable features is the GUI front end, which is very easy to use. But I'm also a command-line guy, and being able to access the device via command-line for advanced troubleshooting is quite important."

More Cisco Secure Firewall Pros →

"The initial implementation process is simple.""OPNsense is highly stable.""The solution has high availability.""It's more secure and more reliable.""The IDS and IPS features are valuable. From the usability perspective, there is a lot of good documentation. As IT professionals, we found it very easy to configure the firewall. It was easy to configure and use.""OPNsense could improve by making the configuration more web-based rather than shell or command-line-based.""The technical support is very good.""We have been operating here in our lab for several months, and everything appears to be extremely stable."

More OPNsense Pros →

Cons
"One of my colleagues is using the firewall as an IPS, but he is worried about Firepower's performance... With the 10 Gb devices, when it gets to 5 Gbps, the CPU usage goes up a lot and he cannot manage the IPS.""Cisco wasn't first-to-market with NGFWs... they should look at what other vendors are doing and try not only to be on the same wavelength but a little bit better.""It is hard to control the bandwidth of end-users with a Cisco Firewall. That is the main issue I've faced. I used Mikrotik for many years for this very reason. Mikrotik has the option to set a bandwidth restriction for a single IP or complete segments. Cisco should add this option to their firewall.""We would like to be able to manage a set of firewalls rather than individual firewalls. We haven't really looked into it or yet implemented it, but a single pane of glass would be helpful. We also use another vendor's firewalls, and they have a centralized management infrastructure that we have implemented, which makes it a little bit easier when you're managing lots of firewalls.""I don't have any specific improvements to recommend. However, when you compare the throughput of a Cisco firewall to the competitors, especially Fortinet, what you find is that Cisco has lagged a little bit behind in terms of firewall throughput, especially for the price that you pay for that throughput.""I would like it if there was a centralized way to manage policies, then sticking with the network functions on the actual devices. That is probably the thing that frustrates me the most. I want a way that you can manage multiple policies at several different locations, all at one site. You then don't have to worry about the connectivity piece, in case you are troubleshooting because connectivity is down.""The most valuable features of the product are the VPN and the NextGen firewall features such as application control, URL filtering, etc.""One thing that we really would have loved to have was policy-based routing. We had a lot of connections, and sometimes, we would have liked to change the routing depending on the policies, but it was lacking this capability. We also wanted application filtering and DNS filtering."

More Cisco Secure Firewall Cons →

"The interface needs to be simplified. It is not user-friendly.""OPNsense could improve by making the configuration more web-based rather than shell or command-line-based.""I think the most important thing is that it should be easily accessible, but currently, that doesn't seem to be the case. We need a hardware platform that's based on common standards and open computing principles, which would be like a commodity and benefit us greatly.""They should improve IPEs for security in the future.""The reporting part could be better.""Its interface should be a little bit better.""We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much.""There is room for improvement in SSL inspection."

More OPNsense Cons →

Pricing and Cost Advice
  • "This solution is expensive and other solutions, such as FortiGate, are cheaper."
  • "Its pricing is good and competitive. There is a maintenance cost. It includes SecureX that makes it cost-effective as compared to the other solutions where you have to pay for XDR and SOAR capabilities."
  • "When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today."
  • "Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."
  • "It is expensive. There is a cost for everything. There is per year license cost and support cost. There is also a cost for any training, any application, and any resource. Things are very costly to do with Cisco. Other brands are cheaper. They are also more flexible in terms of training, subscription, and licensing. They give lots and lots of years free. They provide more than Cisco."
  • "When we bought it, it was really expensive. I'm not aware of the current pricing. We had problems with licensing. After our IPS subscription ended, we couldn't renew it because Cisco was moving to the next-generation firewall platform. So, they didn't provide us with the new license."
  • "Its price is moderate. It is not too expensive."
  • "I like its licensing because you buy the license once, and it is yours. We don't have to go for a subscription. So, I liked how they licensed Cisco ASA. Our clients are also very satisfied with its licensing model."
  • More Cisco Secure Firewall Pricing and Cost Advice →

  • "The solution is not expensive."
  • "As an appliance, it's in the medium price range."
  • "Its pricing is unbeatable in comparison to other firewalls. You can have a small instance that could be €80 a month with the hardware underneath. Azure Firewall and FortiGate are out of the question at this price. If you are on a public cloud, you need the underlying infrastructure. Other than that, there is no additional cost. If you have it on-prem, you have to buy the server or the appliance. The hardware cost is replaced with the infrastructure cost in the cloud. You also have costs for the public IPs and underlying VMs, but that's not related to OPNsense. It would be the same for a FortiGate deployment on Azure. You need a FortiGate license, and you need the underlying infrastructure that scales up depending on your needs."
  • "It is open source and free."
  • "The price of OPNsense is good."
  • "I'm using the free version of OPNsense. I didn't check the pricing for the solution because I still need to test it before getting the approval to purchase OPNsense, and it isn't easy to get approval from the higher-ups."
  • More OPNsense Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    708,830 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and usage at large. In my opinion, Fortinet would be the best option and l use… more »
    Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fortigate is very stable, reliable, and consistent. We like that we can manage the… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco ecosystem, it is very simple to handle. This solution has traffic inspection and… more »
    Top Answer:Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and client, Open VPN and client, and PPTP client. Both also have intrusion detection and… more »
    Top Answer:The most valuable features of OPNsense are the GUI and frequent updates.
    Top Answer:We are using the free open-source version of the solution. There is a paid version that has additional features. I rate the price of OPNsense a five out of ten.
    Ranking
    2nd
    out of 50 in Firewalls
    Views
    92,028
    Comparisons
    56,036
    Reviews
    102
    Average Words per Review
    759
    Rating
    8.3
    6th
    out of 50 in Firewalls
    Views
    92,215
    Comparisons
    80,413
    Reviews
    15
    Average Words per Review
    502
    Rating
    8.4
    Comparisons
    Also Known As
    Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
    Learn More
    OPNsense
    Video Not Available
    Overview

    Cisco Secure Firewall, including Firepower, is a powerful perimeter security solution used for network security, data center protection, advanced malware protection, and site-to-site VPNs. Its most valuable features include NGIPS, application visibility and control, VLAN implementations, intrusion prevention, threat defense, and NAT. 

    The solution has helped organizations discover their environment, improve security, implement dynamic policies, reduce operational costs, and protect against threats from outside and within the data center. Overall, Cisco Secure Firewall is a valuable tool for securing organizations and providing visibility into threats.

    OPNsense is a user-friendly, fast-track, open-source FreeBSD-based firewall and routing platform. This software offers features that are generally available from costly commercial firewalls, with the added benefit of open and verifiable sources. The firewall provides users, developers, and organizations with an advantageous environment through transparency. The development of this project is driven by a strong focus on security and code quality.

    The solution offers a variety of components, such as:

    • Weekly security updates. These updates provide the user with the ability to reach new emerging threats in a timely manner through small increments.

    • Two major releases every year. These yearly releases are on a fixed release cycle and provide organizations with the ability to plan ahead of an upcoming upgrade.

    • A roadmap of instructions. Each major release provides a guide and a set of clear goals.

    A team of professionals developed OPNsense. Other professional and experienced software architects, engineers, and developers are encouraged to join in the development of the solution to make it as successful as possible. OPNsense offers a variety of rich features with each release. Each upgrade is based on FreeBSD for continual, long-term support and utilizes a freshly advanced MVC framework based on Phalcon. OPNsense is committed to helping businesses, school networks, remote offices, hotels, and other markets in keeping their data protected.

    OPNsense Core Features

    OPNsense continually offers a free, complete, high-end security platform with new releases and features. With each release, OPNsense focuses on providing more unique and better security features in a timely manner. These features include:

    • Captive Portal
    • Built-in reporting and monitoring tools including RRD Graphs
    • Network Flow Monitoring
    • Traffic Shaper
    • Support for Plugins
    • Granular Control Over State Table
    • Dynamic DNS
    • Two-factor authentication throughout the system
    • Netflow Exporter
    • Encrypted Configuration Backup to Google Drive
    • Forward Caching Proxy (transparent) with Blacklist Support
    • Stateful inspection firewall
    • DNS Server & DNS Forwarder
    • High Availability & Hardware Failover (with configuration synchronization & synchronized state tables)
    • DHCP Server and Relay
    • Virtual Private Network (site to site & road warrior, IPsec, OpenVPN & legacy PPTP support)
    • Intrusion Detection and Prevention
    • 802.1Q VLAN support

    Reviews from Real Users

    OPNsense is a favorite security solution among reviewers for a number of reasons. Two of those reasons include the user-friendliness of the solution, which makes it easy to use, and its ability to easily scale.

    For many, a user-friendly solution is essential. FiorindoDi A., a system administration specialist at a tech vendor, says, "The graphic user interface is very good and it is user-friendly, which makes the product easy-to-use."

    Peerspot reviewers speak of the scalability of the solution. For example, an anonymous cloud and infrastructure manager at a venture capital and private equity firm reviewer notes, "OPNsense is easy to scale when running on the hardware."

    Offer
    Learn more about Cisco Secure Firewall
    Learn more about OPNsense
    Sample Customers
    There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
    CompuNet Systems GmbH,
    Top Industries
    REVIEWERS
    Financial Services Firm15%
    Comms Service Provider13%
    Computer Software Company12%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Comms Service Provider11%
    Educational Organization10%
    Government7%
    REVIEWERS
    Comms Service Provider25%
    Logistics Company17%
    Financial Services Firm17%
    Aerospace/Defense Firm8%
    VISITORS READING REVIEWS
    Comms Service Provider16%
    Computer Software Company16%
    Government9%
    Educational Organization6%
    Company Size
    REVIEWERS
    Small Business35%
    Midsize Enterprise24%
    Large Enterprise41%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise21%
    Large Enterprise51%
    REVIEWERS
    Small Business64%
    Midsize Enterprise12%
    Large Enterprise24%
    VISITORS READING REVIEWS
    Small Business29%
    Midsize Enterprise19%
    Large Enterprise52%
    Buyer's Guide
    Cisco Secure Firewall vs. OPNsense
    May 2023
    Find out what your peers are saying about Cisco Secure Firewall vs. OPNsense and other solutions. Updated: May 2023.
    708,830 professionals have used our research since 2012.

    Cisco Secure Firewall is ranked 2nd in Firewalls with 115 reviews while OPNsense is ranked 6th in Firewalls with 16 reviews. Cisco Secure Firewall is rated 8.2, while OPNsense is rated 8.4. The top reviewer of Cisco Secure Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". On the other hand, the top reviewer of OPNsense writes "There are lots of capabilities built-in: Few would be High Availability, Proxy, DNS, Intrusion detection/prevention, content filtering, traffic and bandwidth management with 2factor autn. ". Cisco Secure Firewall is most compared with Fortinet FortiGate, Meraki MX, Palo Alto Networks WildFire, pfSense and SonicWall TZ, whereas OPNsense is most compared with pfSense, Untangle NG Firewall, Sophos XG, Fortinet FortiGate and Check Point NGFW. See our Cisco Secure Firewall vs. OPNsense report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.