Cancel
You must select at least 2 products to compare!
Cisco Logo
98,494 views|66,440 comparisons
OPNsense Logo
76,651 views|66,830 comparisons
Netgate Logo
118,369 views|100,663 comparisons
Comparison Buyer's Guide
Executive Summary
Updated on Jun 2, 2022

We performed a comparison between OPNsense and pfSense based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: All the OPNsense reviewers agree that the initial setup is straightforward and easy. Most pfSense users say that its initial setup is straightforward, but a small percentage disagree, feeling that the setup is complex and requires a higher level of technical expertise.

  • Features: Users of both products are for the most part very satisfied with their scalability, stability, VPN features, and overall performance. OPNsense reviewers like its user-friendly interface and reporting tools. Several OPNsense users say it is less suitable for large-scale implementations. pfSense reviewers say it is robust, but its user interface could be enhanced. Several pfSense users mention that its security level should be improved.

  • Pricing: OPNsense and pfSense are both open-source solutions and are free of charge.

  • Service and Support: Both OPNsense and pfSense offer commercial support in addition to free online support forums. Reviewers of both solutions report being satisfied with the level of support they receive. pfSense users, in particular, find the community support and YouTube tutorials for the product to be very extensive and helpful.

Comparison Results: OPNsense ultimately won out in this comparison. Our reviewers agree that OPNsense is easy to install and easy to use, while pfSense was less so. One area where pfSense did come out on top was in the free support category.

To learn more, read our detailed OPNsense vs. pfSense Report (Updated: November 2022).
653,522 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands.""The most important feature is the VPN connection.""The interface is user-friendly.""If configured, Firepower provides us with application visibility and control.""Firepower has reduced our firewall operational costs by about 25 percent.""We are mostly using it for remote access, so the remote access feature is the most valuable, but all other features are also needed and required. It is also a very straightforward and reliable solution.""It is pretty stable. I haven't seen many issues during the past four years.""The most valuable features of this solution are advanced malware protection, IPS, and IDS."

More Cisco Secure Firewall Pros →

"I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed.""The IDS and IPS features are valuable. From the usability perspective, there is a lot of good documentation. As IT professionals, we found it very easy to configure the firewall. It was easy to configure and use.""The system in general is quite flexible.""OPNsense is easy to scale when running on the hardware.""The most valuable features are reporting, the Sensei plugin, and firewall capabilities.""OPNsense could improve by making the configuration more web-based rather than shell or command-line-based.""OPNsense is highly stable.""It's more secure and more reliable."

More OPNsense Pros →

"The concurrent users are perfect for us.""I have found pfSense to be stable.""Sophos Intercept X is scalable. Currently, we have almost 30 people using it in our company.""The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network.""Content protection, content inspection, and the application level firewall.""Some of the terminologies were more familiar to me than it was when I first encountered Cisco.""I have found the firewall portion for the blocking most valuable.""The VPN is my favorite feature."

More pfSense Pros →

Cons
"It can be improved when it comes to monitoring. Today, the logs from the firewalls could be improved a bit more without integrating with other devices.""FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively.""The only drawback of the user interface is when it comes to policies. When you open it and click on the policies, you have to move manually left and right if you want to see the whole field within the cell. Checkpoint has a very detailed user interface.""Technical support takes a long time to respond.""Cisco ASA is starting to get old and Firepower is taking over. All the good things happening are with Firepower.""I have used Fortinet, Palo Alto, and Check Point previously and I prefer the process of everything working together.""I would like more features in conjunction with other solutions, like Fortinet.""Cisco is not cheap, however, it is worth investing in these technologies."

More Cisco Secure Firewall Cons →

"The support for OPNsense is good because we have documents available on the internet. The support could improve a little.""The solution could be more secure.""I would like to see better SD-WAN performance.""Its interface should be a little bit better.""While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet.""They should improve IPEs for security in the future.""The IPS solution could be more reliable.""OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."

More OPNsense Cons →

"Ease of use is a problem for a user who is unfamiliar with this product because, in the interface, everything has to be set manually.""I tried pfSense, and it has a big issue with file system consistency, and this is what drove me to OPNsense. The file system stability is quite a big issue for us. We have a lot of outages related to power issues, and OPNsense is much more stable on this side.""Also, the GUI is helpful, but it's not user-friendly. It's complicated. It should be more intuitive for the average user and have an excellent graphical view. Of course, the user will typically know about network administration, but it still should be easy to understand.""They could improve their commercial stance and be more agile when it comes to the commercial pricing of enterprise deals.""We are at the moment looking to use it as a proxy service so that we can limit what websites people go and view and that sort of thing. That's an area I've struggled with a little bit at the moment and it could be a bit easier to set up.""pfSense could improve by having a sandboxing feature that I have seen in SonicWall. However, maybe it is available I am not aware of it.""The stability could be improved.""I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner."

More pfSense Cons →

Pricing and Cost Advice
  • "This product is expensive."
  • "If we compare it with FortiGate and the co-existing ASA, FortiGate is better in price."
  • "They seem to be at the top end in terms of pricing, but they are worth the price. They are probably a little bit lower than Palo Alto. If the customers are relying on Cisco products and they are thinking more in terms of scaling to another layer in a year, it is pretty much in a good price range."
  • "We're using the smart license for this firewall. The models that we have require licensing for remote access."
  • "There are licensing costs."
  • "I just bought it off the shelf, and I'm using it with my previous one, so I have not spent that much."
  • "The price is fair. It's not the cheapest, but it's not bad."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • More Cisco Secure Firewall Pricing and Cost Advice →

  • "OPNsense is an open-source solution and it is free to use."
  • "The solution is not expensive."
  • "As an appliance, it's in the medium price range."
  • "Its pricing is unbeatable in comparison to other firewalls. You can have a small instance that could be €80 a month with the hardware underneath. Azure Firewall and FortiGate are out of the question at this price. If you are on a public cloud, you need the underlying infrastructure. Other than that, there is no additional cost. If you have it on-prem, you have to buy the server or the appliance. The hardware cost is replaced with the infrastructure cost in the cloud. You also have costs for the public IPs and underlying VMs, but that's not related to OPNsense. It would be the same for a FortiGate deployment on Azure. You need a FortiGate license, and you need the underlying infrastructure that scales up depending on your needs."
  • "It is open source and free."
  • "The price of OPNsense is good."
  • More OPNsense Pricing and Cost Advice →

  • "I spent a couple of $1,000 on hardware, and the OS was free. A comparable firewall would cost me probably 20 grand. It saved a lot of money."
  • "I like the fact that it is open-source."
  • "The pricing is lower than some of its competitors."
  • "pfSense is open-source."
  • "We are using the open-source version which is free. We are testing the solution to see if we are going to go to the enterprise version which requires a license and is not free."
  • "There is no license. You don't have to pay anything. It's completely free."
  • "It's open-source and it's free. Anything for free is good."
  • "pfSense is a free solution."
  • More pfSense Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    653,522 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer:Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
    Top Answer:OPNsense could improve by making the configuration more web-based rather than shell or command-line-based.
    Top Answer:The price of OPNsense is good. I rate the price of OPNsense a five out of five.
    Top Answer:You don't really specify what type of router you are looking for but if you are talking about a gateway router I… more »
    Top Answer:Fortinet’s Fortigate is a firewall solution we use and are very much satisfied with its performance. We find Fortigate… more »
    Top Answer:The firewall sensor is highly effective, and it's easy to deploy. You can deploy pfSense with limited hardware… more »
    Comparisons
    Also Known As
    Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
    Learn More
    Cisco
    Video Not Available
    OPNsense
    Video Not Available
    Netgate
    Video Not Available
    Overview

    Cisco Secure Firewall is a suite of Cisco ASA Firewall and Cisco Firepower NGFW Firewall among other Cisco products. 

    Anticipate, act, and simplify with Secure Firewall

    With workers, data, and offices located all over, your firewall must be ready for anything. Secure Firewall helps you plan, prioritize, close gaps, and recover from disaster—stronger.

    Turn intent into action

    Unify policy across your environment and prioritize what’s important. Having security resilience is about shoring up your architecture against threats and using automation to save time.

    Achieve superior visibility

    Regain visibility and control of your encrypted traffic and application environments. See more and detect more with Cisco Talos, while leveraging billions of signals across your infrastructure with security resilience.

    Drive efficiency at scale

    Only Secure Firewall includes license entitlement for Cisco SecureX, our open orchestration and XDR platform. The combination increases productivity across your teams and hybrid environments, while reducing threat dwell times.

    Make zero trust practical

    Secure Firewall makes a zero-trust posture achievable and cost-effective with network, microsegmentation, and app security integrations. Automate access and anticipate what comes next.

    OPNsense is a user-friendly, fast-track, open-source FreeBSD-based firewall and routing platform. This software offers features that are generally available from costly commercial firewalls, with the added benefit of open and verifiable sources. The firewall provides users, developers, and organizations with an advantageous environment through transparency. The development of this project is driven by a strong focus on security and code quality.

    The solution offers a variety of components, such as:

    • Weekly security updates. These updates provide the user with the ability to reach new emerging threats in a timely manner through small increments.

    • Two major releases every year. These yearly releases are on a fixed release cycle and provide organizations with the ability to plan ahead of an upcoming upgrade.

    • A roadmap of instructions. Each major release provides a guide and a set of clear goals.

    A team of professionals developed OPNsense. Other professional and experienced software architects, engineers, and developers are encouraged to join in the development of the solution to make it as successful as possible. OPNsense offers a variety of rich features with each release. Each upgrade is based on FreeBSD for continual, long-term support and utilizes a freshly advanced MVC framework based on Phalcon. OPNsense is committed to helping businesses, school networks, remote offices, hotels, and other markets in keeping their data protected.

    OPNsense Core Features

    OPNsense continually offers a free, complete, high-end security platform with new releases and features. With each release, OPNsense focuses on providing more unique and better security features in a timely manner. These features include:

    • Captive Portal
    • Built-in reporting and monitoring tools including RRD Graphs
    • Network Flow Monitoring
    • Traffic Shaper
    • Support for Plugins
    • Granular Control Over State Table
    • Dynamic DNS
    • Two-factor authentication throughout the system
    • Netflow Exporter
    • Encrypted Configuration Backup to Google Drive
    • Forward Caching Proxy (transparent) with Blacklist Support
    • Stateful inspection firewall
    • DNS Server & DNS Forwarder
    • High Availability & Hardware Failover (with configuration synchronization & synchronized state tables)
    • DHCP Server and Relay
    • Virtual Private Network (site to site & road warrior, IPsec, OpenVPN & legacy PPTP support)
    • Intrusion Detection and Prevention
    • 802.1Q VLAN support

    Reviews from Real Users

    OPNsense is a favorite security solution among reviewers for a number of reasons. Two of those reasons include the user-friendliness of the solution, which makes it easy to use, and its ability to easily scale.

    For many, a user-friendly solution is essential. FiorindoDi A., a system administration specialist at a tech vendor, says, "The graphic user interface is very good and it is user-friendly, which makes the product easy-to-use."

    Peerspot reviewers speak of the scalability of the solution. For example, an anonymous cloud and infrastructure manager at a venture capital and private equity firm reviewer notes, "OPNsense is easy to scale when running on the hardware."

    pfSense is a free and open-source operating system for routers and firewalls, and is typically configured as DHCP server, DNS server, WiFi access point, VPN server, all running on the same hardware device. It is operated through a user-friendly web interface, making administration easy even for users with limited networking knowledge.

    In addition, pfSense is feature-rich, has a mature platform, is customizable, is flexible by design, and can be used on a small home router as well as run the entire network of a large corporation. pfSense puts you in control of your networking, is regularly updated, and works to promptly patch security issues. pfSense has recently become the favored alternative to the industry leader, Cisco.

    pfSense is:

    • Robust
    • Powerful
    • Easy to use
    • Secure
    • Scalable

    pfSense Key Features

    pfSense has many key features and capabilities, including:

    • Strength and accuracy: pfSense is able to always follow either default or custom rules, making it a stronger firewall than some of its competitors. It also filters traffic separately, whether it’s coming from your internal network of devices or the open internet, allowing you to set different rules and policies for each.

    • Flexibility: pfSense can work both as a basic firewall and as a complete security system because it gives you the flexibility to integrate additional features as code where necessary.

    • Open-source: Because it is open-source, not only is pfSense free to use, but community members can contribute to the code to make it a better software.

    • User-friendly: Usually firewall products are not user-friendly because they often include complex settings, options, and features that require fine-tuning. pfSense’s interface is simple, direct, and easy to use.

    • WireGuard Support: Instead of building your own VPN using pfSense, or settling for a commercial VPN provider, you can directly integrate WireGuard with the pfSense firewall.

    • Speed Management and Fault Tolerance: pfSense’s multi-WAN feature allows your system to continue operating in case components fail.

    • Well-supported: pfSense regularly has security and feature updates. It also has a documentation site and a well-informed and knowledgeable support forum.

    Reviews from Real Users

    Below is some feedback from PeerSpot Users who are currently using the solution.

    Bojan O., CEO at In.sist d.o.o., says, “The classic features, such as content inspection, content protection, and the application-level firewall, are the most important."

    Another PeerSpot user, a chef at a media company, explains what he finds most valuable about pfSense: "The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is."

    T.O., a VP of Business Development at a tech services company, mentions, "What I found most valuable is the cost of the platform, the flexibility of the platform, and the fact that the ongoing fees are not there as they are with the competitor."



    Offer
    Learn more about Cisco Secure Firewall
    Learn more about OPNsense
    Learn more about pfSense
    Sample Customers
    There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
    CompuNet Systems GmbH,
    Nerds On Site Inc., RKC Development Inc., Expertech, Fisher's Technology, Ncisive, Consulting, CPURX, Vaughn's Computer House Calls, Imeretech LLC, Digital Crisis, Carolina Digital Phone, Technigogo Technology Services, The Simple Solution, SwiftecITInc, Rocky Mountain Tech Team, Free Range Geeks, Alaska Computer Geeks, Lark Information Technology, Renaissance Systems Inc., Cutting Edge Computers, Caretech LLC, GoVanguard, Network Touch Ltd, P.C. Solutions.Net, Vision Voice and Data Systems LLC, Montgomery Technologies, Techforce, Concero Networks, ASONInc, CPS Electronics and Consulting, Darkwire.net LLC, IT Specialists, MBS-Net Inc., VOICE1 LLC, Advantage Networking Inc., Powerhouse Systems, Doxa Multimedia Inc., Pro Computer Service, Virtual IT Services, A&J Computers Inc., Envision IT LLC, CommunicaONE Inc., Bone Computer Inc., Amax Engineering Corporation, QPG Ltd. Co., IT 101 Inc., Perfect Cloud Solutions, Applied Technology Group Inc., The Digital Sun Group LLC, Firespring
    Top Industries
    REVIEWERS
    Financial Services Firm16%
    Comms Service Provider13%
    Computer Software Company9%
    Government8%
    VISITORS READING REVIEWS
    Comms Service Provider21%
    Computer Software Company19%
    Government7%
    Educational Organization5%
    REVIEWERS
    Comms Service Provider30%
    Logistics Company20%
    Aerospace/Defense Firm10%
    Financial Services Firm10%
    VISITORS READING REVIEWS
    Comms Service Provider28%
    Computer Software Company16%
    Government8%
    Educational Organization5%
    REVIEWERS
    University12%
    Marketing Services Firm10%
    Comms Service Provider10%
    Manufacturing Company6%
    VISITORS READING REVIEWS
    Comms Service Provider27%
    Computer Software Company15%
    Government8%
    Educational Organization5%
    Company Size
    REVIEWERS
    Small Business36%
    Midsize Enterprise24%
    Large Enterprise40%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise19%
    Large Enterprise53%
    REVIEWERS
    Small Business70%
    Midsize Enterprise10%
    Large Enterprise20%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise21%
    Large Enterprise54%
    REVIEWERS
    Small Business70%
    Midsize Enterprise17%
    Large Enterprise13%
    VISITORS READING REVIEWS
    Small Business29%
    Midsize Enterprise21%
    Large Enterprise51%
    Buyer's Guide
    OPNsense vs. pfSense
    November 2022
    Find out what your peers are saying about OPNsense vs. pfSense and other solutions. Updated: November 2022.
    653,522 professionals have used our research since 2012.

    OPNsense is ranked 7th in Firewalls with 12 reviews while pfSense is ranked 3rd in Firewalls with 54 reviews. OPNsense is rated 8.2, while pfSense is rated 8.6. The top reviewer of OPNsense writes "Unbeatable pricing and easy to configure and use, but it can be configured only through the GUI, and the integration with Azure cloud is difficult". On the other hand, the top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". OPNsense is most compared with Untangle NG Firewall, Sophos XG, Fortinet FortiGate, Sophos UTM and Check Point NGFW, whereas pfSense is most compared with Fortinet FortiGate, Sophos XG, Untangle NG Firewall, Sophos UTM and WatchGuard Firebox. See our OPNsense vs. pfSense report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.