We performed a comparison between OPNsense and pfSense based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: OPNsense ultimately won out in this comparison. Our reviewers agree that OPNsense is easy to install and easy to use, while pfSense was less so. One area where pfSense did come out on top was in the free support category.
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"The most important feature is the VPN connection."
"The interface is user-friendly."
"If configured, Firepower provides us with application visibility and control."
"Firepower has reduced our firewall operational costs by about 25 percent."
"We are mostly using it for remote access, so the remote access feature is the most valuable, but all other features are also needed and required. It is also a very straightforward and reliable solution."
"It is pretty stable. I haven't seen many issues during the past four years."
"The most valuable features of this solution are advanced malware protection, IPS, and IDS."
"I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed."
"The IDS and IPS features are valuable. From the usability perspective, there is a lot of good documentation. As IT professionals, we found it very easy to configure the firewall. It was easy to configure and use."
"The system in general is quite flexible."
"OPNsense is easy to scale when running on the hardware."
"The most valuable features are reporting, the Sensei plugin, and firewall capabilities."
"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."
"OPNsense is highly stable."
"It's more secure and more reliable."
"The concurrent users are perfect for us."
"I have found pfSense to be stable."
"Sophos Intercept X is scalable. Currently, we have almost 30 people using it in our company."
"The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network."
"Content protection, content inspection, and the application level firewall."
"Some of the terminologies were more familiar to me than it was when I first encountered Cisco."
"I have found the firewall portion for the blocking most valuable."
"The VPN is my favorite feature."
"It can be improved when it comes to monitoring. Today, the logs from the firewalls could be improved a bit more without integrating with other devices."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"The only drawback of the user interface is when it comes to policies. When you open it and click on the policies, you have to move manually left and right if you want to see the whole field within the cell. Checkpoint has a very detailed user interface."
"Technical support takes a long time to respond."
"Cisco ASA is starting to get old and Firepower is taking over. All the good things happening are with Firepower."
"I have used Fortinet, Palo Alto, and Check Point previously and I prefer the process of everything working together."
"I would like more features in conjunction with other solutions, like Fortinet."
"Cisco is not cheap, however, it is worth investing in these technologies."
"The support for OPNsense is good because we have documents available on the internet. The support could improve a little."
"The solution could be more secure."
"I would like to see better SD-WAN performance."
"Its interface should be a little bit better."
"While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet."
"They should improve IPEs for security in the future."
"The IPS solution could be more reliable."
"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."
"Ease of use is a problem for a user who is unfamiliar with this product because, in the interface, everything has to be set manually."
"I tried pfSense, and it has a big issue with file system consistency, and this is what drove me to OPNsense. The file system stability is quite a big issue for us. We have a lot of outages related to power issues, and OPNsense is much more stable on this side."
"Also, the GUI is helpful, but it's not user-friendly. It's complicated. It should be more intuitive for the average user and have an excellent graphical view. Of course, the user will typically know about network administration, but it still should be easy to understand."
"They could improve their commercial stance and be more agile when it comes to the commercial pricing of enterprise deals."
"We are at the moment looking to use it as a proxy service so that we can limit what websites people go and view and that sort of thing. That's an area I've struggled with a little bit at the moment and it could be a bit easier to set up."
"pfSense could improve by having a sandboxing feature that I have seen in SonicWall. However, maybe it is available I am not aware of it."
"The stability could be improved."
"I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner."
Cisco Secure Firewall is a suite of Cisco ASA Firewall and Cisco Firepower NGFW Firewall among other Cisco products.
Anticipate, act, and simplify with Secure Firewall
With workers, data, and offices located all over, your firewall must be ready for anything. Secure Firewall helps you plan, prioritize, close gaps, and recover from disaster—stronger.
Turn intent into action
Unify policy across your environment and prioritize what’s important. Having security resilience is about shoring up your architecture against threats and using automation to save time.
Achieve superior visibility
Regain visibility and control of your encrypted traffic and application environments. See more and detect more with Cisco Talos, while leveraging billions of signals across your infrastructure with security resilience.
Drive efficiency at scale
Only Secure Firewall includes license entitlement for Cisco SecureX, our open orchestration and XDR platform. The combination increases productivity across your teams and hybrid environments, while reducing threat dwell times.
Make zero trust practical
Secure Firewall makes a zero-trust posture achievable and cost-effective with network, microsegmentation, and app security integrations. Automate access and anticipate what comes next.
OPNsense is a user-friendly, fast-track, open-source FreeBSD-based firewall and routing platform. This software offers features that are generally available from costly commercial firewalls, with the added benefit of open and verifiable sources. The firewall provides users, developers, and organizations with an advantageous environment through transparency. The development of this project is driven by a strong focus on security and code quality.
The solution offers a variety of components, such as:
A team of professionals developed OPNsense. Other professional and experienced software architects, engineers, and developers are encouraged to join in the development of the solution to make it as successful as possible. OPNsense offers a variety of rich features with each release. Each upgrade is based on FreeBSD for continual, long-term support and utilizes a freshly advanced MVC framework based on Phalcon. OPNsense is committed to helping businesses, school networks, remote offices, hotels, and other markets in keeping their data protected.
OPNsense Core Features
OPNsense continually offers a free, complete, high-end security platform with new releases and features. With each release, OPNsense focuses on providing more unique and better security features in a timely manner. These features include:
Reviews from Real Users
OPNsense is a favorite security solution among reviewers for a number of reasons. Two of those reasons include the user-friendliness of the solution, which makes it easy to use, and its ability to easily scale.
For many, a user-friendly solution is essential. FiorindoDi A., a system administration specialist at a tech vendor, says, "The graphic user interface is very good and it is user-friendly, which makes the product easy-to-use."
Peerspot reviewers speak of the scalability of the solution. For example, an anonymous cloud and infrastructure manager at a venture capital and private equity firm reviewer notes, "OPNsense is easy to scale when running on the hardware."
pfSense is a free and open-source operating system for routers and firewalls, and is typically configured as DHCP server, DNS server, WiFi access point, VPN server, all running on the same hardware device. It is operated through a user-friendly web interface, making administration easy even for users with limited networking knowledge.
In addition, pfSense is feature-rich, has a mature platform, is customizable, is flexible by design, and can be used on a small home router as well as run the entire network of a large corporation. pfSense puts you in control of your networking, is regularly updated, and works to promptly patch security issues. pfSense has recently become the favored alternative to the industry leader, Cisco.
pfSense Key Features
pfSense has many key features and capabilities, including:
Reviews from Real Users
Below is some feedback from PeerSpot Users who are currently using the solution.
Bojan O., CEO at In.sist d.o.o., says, “The classic features, such as content inspection, content protection, and the application-level firewall, are the most important."
Another PeerSpot user, a chef at a media company, explains what he finds most valuable about pfSense: "The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is."
T.O., a VP of Business Development at a tech services company, mentions, "What I found most valuable is the cost of the platform, the flexibility of the platform, and the fact that the ongoing fees are not there as they are with the competitor."
OPNsense is ranked 7th in Firewalls with 12 reviews while pfSense is ranked 3rd in Firewalls with 54 reviews. OPNsense is rated 8.2, while pfSense is rated 8.6. The top reviewer of OPNsense writes "Unbeatable pricing and easy to configure and use, but it can be configured only through the GUI, and the integration with Azure cloud is difficult". On the other hand, the top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". OPNsense is most compared with Untangle NG Firewall, Sophos XG, Fortinet FortiGate, Sophos UTM and Check Point NGFW, whereas pfSense is most compared with Fortinet FortiGate, Sophos XG, Untangle NG Firewall, Sophos UTM and WatchGuard Firebox. See our OPNsense vs. pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.