We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The license management is very valuable. You can get a new license each year, or you can enroll every two to four years. You can get the logs, and you will get the information on the risk in your network and the entire organization. With this information, you can take action on your actives, computers, or devices. You can bring your own device as an SSE."
"Fortinet FortiGate is easy to use. Anyone can easily maintain it."
"The next-generation firewall is great."
"The features that I have found most valuable are that it is good to use, and most importantly, the pricing. The customer especially likes the discount when they trade up or something like that."
"It's inexpensive compared to some of the other technology out there."
"It increases security posture and is helpful for firewall reporting, intrusion protection, web filtering, and SD-WAN implementation."
"The initial installation is very straightforward."
"Virtual Domains (VDOMs) are a feature that we found valuable."
"The product is quite robust and durable."
"It's easy to integrate ASA with other Cisco security products. When you understand the technology, it's not a big deal. It's very simple."
"They wanted to leverage something which is equivalent that can give them the next gen features like application awareness and intrusion protection. So that is a major reason they were looking forward to this. The original ASA firewall did not have these features. This was the major reason the customer moved on to Cisco Firepower Threat Defense (FTD). Now they can go ahead and leverage those functionalities."
"The most valuable feature is zone segmentation, which we utilize through the Firepower management console."
"The information coming from Talos does a good job... I like the fact that Cisco is working with them and getting the information from them and updating the firewall."
"The initial setup was completely straightforward."
"I like the user interface because the navigation is very easy, straightforward on your left side pane you have all the sites that you need to browse. Unlike any other firewalls, it's pretty straightforward."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"The concurrent users are perfect for us."
"A very stable product that lasts over time, easy to understand, and administer."
"It is much simpler than other solutions such as Fortinet."
"It is effective. We have not had any problems."
"I'm the expert when it comes to Linux systems, however, with the pfSense, due to the web interface, the rest of the staff can actually make changes to it as required without me worrying about whether they've opened up ports incorrectly or not. The ease of use for non-expert staff is very good."
"Content protection, content inspection, and the application level firewall."
"Improved service performance and availability through redundancy."
"pfSense allows us to spread the hours of connection and do the filtering on the pfSense site."
"The room for improvement is about the global delivery time period. Usually I need to wait for almost one month to deliver it overseas. So if you can shorten the deliver time it'd be great."
"I use the FortiGate 60D model and realized the 300Mbps bandwidth limitation. Because it is a product that offers many services, I think it could have greater bandwidth capacity."
"The pricing could be reduced or include the first year warranty."
"Fortinet FortiGate is not very easy to use. The navigation could be improved to make it easier to use."
"I would like to see improvements in the support from Fortinet. Here in the Philippines, whenever we have problems with a Fortinet product, we mostly ask for support from distributors and resellers and not directly from Fortinet."
"Palo Alto has a feature called WildFire Analysis that is unavailable in FortiGate. WildFire is better than a sandbox because it can address zero-day threats and vulnerabilities. It can immediately identify zero-day threats from the cloud."
"The feature which gives us a lot of pain is ASIC architecture."
"I would like Fortinet to add more automation to FortiGate."
"There is huge scope for improvement in URL filtering. The database that they have is not accurate. Their content awareness and categorization for URL filtering are not that great. We faced many challenges with their categorization and content awareness. They should improve these categorization issues."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"The reporting and other features are nice, but there is an issue with applying the configuration. That part needs some improvement."
"You have to know the ASA command line very well because not all operations are available in the graphical interface"
"UTM features would be nice or some NextGen features."
"The ability to integrate (as options) all-in-one features -- like anti-spam, anti-virus, etc."
"We have to rely on Cisco ASDM to access the firewall interface. This needs improvement. Because we have a web-based interface, and it is a lot more user-friendly."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"The integration could be improved."
"Layer 7 advanced firewall features are not included in the solution."
"The VPN feature of the solution could improve by adding better functionality and providing easier configure ability."
"The technical support needs to be improved."
"The solution’s interface must be improved."
"My only observation is about the quality of the IPSec logs, which are difficult to interpret and are poor in filters."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
"When I checked other packages, it seems they use different tools that are installed on the PSS for functionality. They rely on third-party tools, unlike Fortinet, for example, which has its own tools. In comparison, we also use third-party tools on pfSense. For example, we had a situation where we needed a tool to identify authorized users, and when I searched for a solution, I found a third-party tool. However, using such tools may come with additional costs."
Cisco Secure Firewall is ranked 4th in Firewalls with 112 reviews while Netgate pfSense is ranked 1st in Firewalls with 15 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Includes multiple tools that help manage and troubleshoot, but needs SD-WAN for load balancing". On the other hand, the top reviewer of Netgate pfSense writes "Feature-rich, well documented, and there is good support available online". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Juniper SRX Series Firewall and Palo Alto Networks NG Firewalls, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and Untangle NG Firewall. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.