"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"The most valuable features of this solution are the integrations and IPS throughput."
"One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality."
"There are no issues that we are aware of. It does its job silently in the background."
"OPNsense is easy to scale when running on the hardware."
"The initial implementation process is simple."
"We have found pretty much all the features of the solution to be valuable."
"The VPN server feature is the most valuable. It is integrated with Radius and AAA for doing accounting and authentication. Insight view is also an important feature for me at this time. It allows me to assess our network traffic. I also like the firewall feature. The BSD kernel has a packet filter. It is one of the most solid frameworks for firewalls. Its user interface is one of the best interfaces I have used."
"The most valuable features in OPNsense are reporting and visibility."
"The interface and the dashboard are the most valuable features of this solution."
"The system in general is quite flexible."
"The graphic user interface is very good and it is user-friendly which makes the product easy-to-use."
"It is a stable solution. It is also easy to install and can be deployed and maintained by one team member."
"I like the connectivity to the open VPN. It's very smooth."
"It works. I put pfSense in, and it works. I can't think of any trouble I ever had with it. It runs on heat-sensitive appliances. They don't need a fan, so they don't overheat. It is affordable, fast, and very high-speed. It is built on BSD Unix, and it pretty much runs on any Intel processor."
"The solution is very easy to use and has a very nice GUI."
"I have found the most valuable features to be antivirus and malware protection."
"I have found the firewall portion for the blocking most valuable."
"It has a good web cache. I used to use a DHCP server and DNS server. For my company, I use pfSense as a load balancing application."
"pfSense helped us during COVID-19 because we used OpenVPN to connect from home."
"The performance should be improved."
"Deploying configurations takes longer than it should."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."
"The initial setup could be simplified, as it can be complex for new users."
"The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box."
"The solution could be more secure."
"The ability to set the VPN IP address would be a welcome addition."
"The only thing that I would like to see improved is the Insight or the NetFlow analysis part. It would be good to have the possibility to dig down on the Insight platform. Right now, we can easily do only a few analyses. If this page becomes more powerful, it surely will be a well-adopted platform."
"I would like to see better SD-WAN performance."
"The interface needs to be simplified. It is not user-friendly."
"While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet."
"The solution would not be suitable for anything large-scale."
"There should be more technical documentation."
"The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time."
"I tried pfSense, and it has a big issue with file system consistency, and this is what drove me to OPNsense. The file system stability is quite a big issue for us. We have a lot of outages related to power issues, and OPNsense is much more stable on this side."
"The solution could improve by having centralized management and API support online."
"It could use a little bit of improvement in the reporting."
"If a user doesn't have a large amount of experience in Linux systems, they will have problems using this solution. Users need to be highly skilled in troubleshooting competency. Users who do not have such skills will find the product difficult to use."
"There are some bias issues and some intrusions in our network that have to be addressed. So, we're thinking of changing this firewall to something like a professional hardware-enabled firewall."
"Also, simplifying the rules for the GeoIP. Making it simpler to understand would be an improvement."
"We had training from an advisor for the configuring of this solution and it was not difficult. However, if we were not trained it would have been not as easy."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources.
OPNsense is ranked 13th in Firewalls with 11 reviews while pfSense is ranked 3rd in Firewalls with 60 reviews. OPNsense is rated 8.0, while pfSense is rated 8.6. The top reviewer of OPNsense writes "A solution that detects and blocks malicious content with good reporting and visibility, but the reliability needs improvement". On the other hand, the top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". OPNsense is most compared with Untangle NG Firewall, Sophos XG, Sophos UTM, Fortinet FortiGate and Cisco ASA Firewall, whereas pfSense is most compared with Fortinet FortiGate, Sophos UTM, Sophos XG, Untangle NG Firewall and Zyxel Unified Security Gateway. See our OPNsense vs. pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.