We performed a comparison between OPNsense and Palo Alto Networks NG Firewalls based on real PeerSpot user reviews.Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The technical support is excellent. I would rate it as 10 out of 10. When there has been an issue, we have had a good response from them."
"The remote VPN and IPsec VPN or site-to-site VPN features are valuable. The clustering feature is also valuable. We have two ISP links. Whenever there is a failover, users don't even get to know. The transition is very smooth, and the users don't notice any latency. So, remote VPN, site-to-site VPN, and failover are three very powerful features of Cisco ASA."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"The content filtering is good."
"One of the best features is the ease of use. It's also easy to teach new engineers to use the ASA CLI."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"Even in very big environments, Cisco comes in handy with configuration and offers reliability when it comes to managing multiple items on one platform."
"One of the most valuable features is the GUI front end, which is very easy to use. But I'm also a command-line guy, and being able to access the device via command-line for advanced troubleshooting is quite important."
"OPNsense is highly stable."
"It's more secure and more reliable."
"The system in general is quite flexible."
"What I like best about OPNsense is that, as a firewall, it's pretty good. I'm quite impressed with it. I had an excellent experience with OPNsense, which helped me achieve the targets I wanted."
"We have found pretty much all the features of the solution to be valuable."
"The initial implementation process is simple."
"I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed."
"The IDS and IPS features are valuable. From the usability perspective, there is a lot of good documentation. As IT professionals, we found it very easy to configure the firewall. It was easy to configure and use."
"DNS Security is a good feature because, in the real world with web threats, you can block all web threats and bad sites. DNS Security helps to prevent those threats. It's also very helpful with Zero-day attacks because DNS Security blocks all DNS requests before any antivirus would know that such requests contain a virus or a threat to your PC or your network."
"I'm using most of its features such as antivirus, anti-spam, and WAF. I'm also using its DNS Security and DNS sinkhole features, as well as the URL filtering and application security features."
"It has a unique approach to packet processing. It has single-pass architecture. We can easily perform policy lookups, application decoding, and integration or merging. This can be all done with a single pass. It effectively reduces the amount of processing required to perform multiple actions. This is the main advantage of using Palo Alto."
"It has a solid network security with some robust tools. We can block unexpected attacks, especially zero-day attacks. Since they use the Pan-OS engine, they can collect attacks from all over the world and analyze them. They can then protect against zero-day attacks and unexpected attacks."
"The solution is user-friendly. It's secure and easy to understand your network visibility, control the network, and prevent attacks."
"The most valuable features are the power of the threat prevention and the WildFire service. Its strength comes from the huge number of sensors all over the world. The firewalls have a rich library of signatures."
"IoT security is most valuable in the current version. Content IDs, DDoS protection, zone protection, and DLP are the most prominent features in Palo Alto Networks NG Firewall. It is easier to configure than other solutions."
"I like the sandbox feature, and it's very good. It kills each malware deployment in the sense of signatures within five minutes. So, we can secure our network and infrastructure very well within the stipulated time. The WildFire functionality is very good because a few files are also getting blocked. It's critical as malware attacks are also getting ignored, and the logging is very well maintained in this firewall. The most valuable solutions in this field are application-based firewalls. That is the main criteria of the firewall and functionality. We can get all the logs related to this and each and every packet. I like that the firewall is working as an application. The application-based entity we have deployed is well maintained and working very well. We were able to find lots of vulnerabilities when we deployed it, but we could not disclose all. But there were vulnerabilities we could block by updating the firewall and taking actions on clientside machines. So, we got to know that we have lots of vulnerabilities inside the organization too, and we took lots of steps and resolved the number of vulnerabilities. Palo Alto Networks NG Firewalls is an all-in-one solution. It provides every entity log, which is a very good functionality of this firewall. It gives every packet and aspect that the firewall is performing through its logs, and it does it very well. This firewall's unified platform helped eliminate multiple network security tools. If anyone uses P2P sites, cryptocurrency websites, or any illegal sites, we can block it easily. It gives us a proper alert for these kinds of sites, and it properly secures our network. Monitoring is the best thing we are doing here, and we can block this kind of vulnerability as soon as it comes to us."
"We have more than one Cisco firewall and it is difficult for me to integrate both on the single UI."
"Nowadays, nobody is in the office, so I need to figure out how to put the firewall outside. If I could have a centralized firewall that also receives information from external locations, like peoples' home offices, that would help us consolidate everything into one appliance."
"There is huge scope for improvement in URL filtering. The database that they have is not accurate. Their content awareness and categorization for URL filtering are not that great. We faced many challenges with their categorization and content awareness. They should improve these categorization issues."
"Most of the features don't work well, and some features are missing as well."
"The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs."
"I would like to see them update the GUI so that it doesn't look like it was made in 1995."
"The maturity needs to be better."
"Other products are becoming easier to access and configure. They are providing UI interfaces to configure, take backup, synchronize redundant machines, and so on. It is very easy to take backup and upgrade the images in those products. Cisco ASA should have such features. If one redundant machine is getting upgraded, the technology and support should be there to upgrade other redundant machines. In a single window, we should be able to do more in terms of backups, restores, and upgrades."
"We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much."
"The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs."
"The IPS solution could be more reliable."
"Its interface should be a little bit better."
"The support for OPNsense is good because we have documents available on the internet. The support could improve a little."
"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."
"While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet."
"The solution could be more secure."
"The areas that need to improve are network protection and user identification."
"There are some advanced features that we aren't able to use, which include active IP authentication and app ID. We are facing challenges with implementing those two features."
"Over the past one or two years, Palo Alto Networks has added a lot of features into the NG Firewall products. I think this is becoming more complicated for our customers. Therefore, we could use some best practices, best practice tools, and implementation guides for some of the complicated features."
"Unfortunately, Palo Alto Networks products aren't cheap, but you have to pay the price for good security technology. I don't know the exact price, but it's about $10,000 to $15,000 without a subscription. Cisco is priced similarly. FortiGate is inexpensive in Poland, so a lot of customers prefer that."
"Support should be improved, wait times can be long."
"The solution has normal authentication, but does not have two-factor or multi-factor authentication. There is room for development there."
"The price could be more friendly, which would be good for Palo Alto and us. If the price were a little lower, then it would be a viable option for mid-level businesses, who may not be able to deploy at the current price point."
"We would like to see improvement in the web interface for this solution, so that it can handle updates without manual intervention to put the data in order."
The Cisco Secure Firewall portfolio delivers greater protections for your network against an increasingly evolving and complex set of threats. With Cisco, you’re investing in a foundation for security that is both agile and integrated- leading to the strongest security posture available today and tomorrow.
From your data center, branch offices, cloud environments, and everywhere in between, you can leverage the power of Cisco to turn your existing network infrastructure into an extension of your firewall solution, resulting in world class security controls everywhere you need them.
Investing in a Secure Firewall appliance today gives you robust protections against even the most sophisticated threats without compromising performance when inspecting encrypted traffic. Further, integrations with other Cisco and 3rd party solutions provides you with a broad and deep portfolio of security products, all working together to correlate previously disconnected events, eliminate noise, and stop threats faster.
OPNsense is a user-friendly, fast-track, open-source FreeBSD-based firewall and routing platform. This software offers features that are generally available from costly commercial firewalls, with the added benefit of open and verifiable sources. The firewall provides users, developers, and organizations with an advantageous environment through transparency. The development of this project is driven by a strong focus on security and code quality.
The solution offers a variety of components, such as:
A team of professionals developed OPNsense. Other professional and experienced software architects, engineers, and developers are encouraged to join in the development of the solution to make it as successful as possible. OPNsense offers a variety of rich features with each release. Each upgrade is based on FreeBSD for continual, long-term support and utilizes a freshly advanced MVC framework based on Phalcon. OPNsense is committed to helping businesses, school networks, remote offices, hotels, and other markets in keeping their data protected.
OPNsense Core Features
OPNsense continually offers a free, complete, high-end security platform with new releases and features. With each release, OPNsense focuses on providing more unique and better security features in a timely manner. These features include:
Reviews from Real Users
OPNsense is a favorite security solution among reviewers for a number of reasons. Two of those reasons include the user-friendliness of the solution, which makes it easy to use, and its ability to easily scale.
For many, a user-friendly solution is essential. FiorindoDi A., a system administration specialist at a tech vendor, says, "The graphic user interface is very good and it is user-friendly, which makes the product easy-to-use."
Peerspot reviewers speak of the scalability of the solution. For example, an anonymous cloud and infrastructure manager at a venture capital and private equity firm reviewer notes, "OPNsense is easy to scale when running on the hardware."
Palo Alto Networks NG Firewalls is a firewall solution designed for security teams that provides them with full visibility and control over all networks via powerful traffic identification, malware prevention, and threat intelligence technologies. In order to determine which applications, users, and content traversing the network are safe, the solution offers companies a variety of advanced security tools and strategies.
Palo Alto Networks NG Firewalls Features
Palo Alto Networks NG Firewalls has many valuable key features. Some of the most useful ones include:
Palo Alto Networks NG Firewalls Benefits
There are several benefits to implementing Palo Alto Networks NG Firewalls. Some of the biggest advantages the solution offers include:
Reviews from Real Users
Below are some reviews and helpful feedback written by Palo Alto Networks NG Firewalls users.
A Solutions Architect at a communications service provider says, “The product stability and level of security are second to none in the industry. We value the security of our client's infrastructure so these features are valuable to us. An example of a very valuable feature behind Palo Alto is the application-aware identifiers that help the firewall know what its users are trying to do. It can block specific activities instead of just blocking categories. For example, you can block an application, or all unknown applications.”
PeerSpot user Gerry H., CyberSecurity Network Engineer at a university, mentions that the solution has a “Nice user interface, good support, is stable, and has extensive logging capabilities.” He also adds, “Wildfire has been a very good feature. This solution provides a unified platform that natively integrates all security capabilities, which is 100% important to us. This is a great feature.”
Eric S., Network Analyst at a recreational facilities/services company, states, "With its single pane of glass, it makes monitoring and troubleshooting a bit more homogeneous. We are not looking at multiple platforms and monitoring management tools. It is more efficient from that perspective. It is more of a common monitoring and control system for multiple aspects of what used to be different systems. It provides efficiency and time savings."
OPNsense is ranked 7th in Firewalls with 12 reviews while Palo Alto Networks NG Firewalls is ranked 5th in Firewalls with 71 reviews. OPNsense is rated 8.2, while Palo Alto Networks NG Firewalls is rated 8.8. The top reviewer of OPNsense writes "Unbeatable pricing and easy to configure and use, but it can be configured only through the GUI, and the integration with Azure cloud is difficult". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "Provides zero trust implementation, more visibility, and eliminated security holes". OPNsense is most compared with pfSense, Untangle NG Firewall, Sophos XG, Fortinet FortiGate and SonicWall TZ, whereas Palo Alto Networks NG Firewalls is most compared with Azure Firewall, Check Point NGFW, Fortinet FortiGate, Meraki MX and Palo Alto Networks VM-Series. See our OPNsense vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.