We performed a comparison between OPNsense and WatchGuard Firebox based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The Packet Tracer is a really good tool. If someone calls because they're having problems, you can easily create fake traffic without having to do an extended packet capture. You can see, straight away, if there's a firewall rule allowing that traffic in the direction you're trying to troubleshoot."
"The remote VPN and IPsec VPN or site-to-site VPN features are valuable. The clustering feature is also valuable. We have two ISP links. Whenever there is a failover, users don't even get to know. The transition is very smooth, and the users don't notice any latency. So, remote VPN, site-to-site VPN, and failover are three very powerful features of Cisco ASA."
"It helped us a lot with our VPNs for the home office during COVID. There has been more security and flexibility for VPNs and other applications."
"Cisco has the best documentation. You can easily find multiple documents by searching the web. Even a child can go online and find the required information."
"We find all of its features very useful. Its main features are policies and access lists. We use both of them, and we also use routing."
"ASA integrates with FirePOWER, IPS functionality, malware filtering, etc. This functionality wasn't there in the past. With its cloud architecture, Cisco can filter traffic at the engine layer. Evasive encryptions can be entered into the application, like BitTorrent or Skype. This wasn't possible to control through a traditional firewall."
"It brings us the ability to work from anywhere and has allowed us to work remotely without having to incur a lot of other costs. If we didn't have this type of solution, since we have so many on-prem services that are required, we would have likely lost money and been unable to deliver. We have a video services team who helped build the content for our sporting events. When you are watching a Leaf game and those swipes come by as well as the clips and things, those are all generated in-house. Without the ability to access our on-premise resources, we would have been dead in the water. So, the return on that is pretty impressive."
"I like the ASDM for the firewall because it is visual. With the command line, it is harder to visualize what is going on. A picture is worth a thousand words."
"The system in general is quite flexible."
"We have found pretty much all the features of the solution to be valuable."
"OPNsense is highly stable."
"OPNsense is easy to scale when running on the hardware."
"It's more secure and more reliable."
"I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed."
"The technical support is very good."
"What I like best about OPNsense is that, as a firewall, it's pretty good. I'm quite impressed with it. I had an excellent experience with OPNsense, which helped me achieve the targets I wanted."
"The solution has a useful traffic monitor."
"What I found most valuable in WatchGuard Firebox is that it's a functional platform that works, and each of its features works well. The solution also has good reporting and dashboard capabilities. I also find the overall performance of WatchGuard Firebox great."
"The most valuable feature of WatchGuard Firebox is the VPN. It's easy to connect to the VPN."
"From my experience with their customer service team, I would say that they seem quite knowledgeable and fairly quick to respond."
"There are no problems with the technical support. If a problem occurs it gets resolved immediately with our technical support partners."
"All of the features have been valuable. There's nothing on my M270 that I'm not using. If you have remote access, you can see how many users are coming from the outside world to be connected to the systems, through the virus systems that we have behind the firewall, in order to gain access to their files and do their work. We can also see how long they stay online and whether these connections are closed forcefully or for any other reasons, such as a glitch or some kind of misbehavior, to see if internet traffic is optimized and if that particular traffic is under company policies, concerning which websites were visited."
"I like that this product has very few issues."
"This product offers great protection using the default settings."
"We are still running the original ASAs. The software that you are running for the ASDM software and Java application has never been a lot of fun to operate. It would have been nice to see that change update be redesigned with modern systems, which don't play nicely with Java sometimes. Cybersecurity doesn't seem to love how that operates. For us, a fresher application, taking advantage of the hardware, would have been a better approach."
"I would like to see them add more next-generation features so that you don't need a lot of appliances to do just one task. It should be a single solution."
"The application detection feature of this solution could be improved as well as its integration with other solutions."
"Setting firewall network rules should be more straightforward with a clearer graphical representation. The rule-setting method seems old-fashioned. The firewall and network rules are separate from the Firepower and web access rules."
"I think the ASA layer is thin. It's always Layer 3 or Layer 4 source controller and doesn't control the Layer 7 traffic. It's important, and you'll need an additional firewall."
"The main problem we have is that things work okay until we upgrade the firmware, at which point, everything changes, and the net stops working."
"Most of the features don't work well, and some features are missing as well."
"It is hard to control the bandwidth of end-users with a Cisco Firewall. That is the main issue I've faced. I used Mikrotik for many years for this very reason. Mikrotik has the option to set a bandwidth restriction for a single IP or complete segments. Cisco should add this option to their firewall."
"The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs."
"While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet."
"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."
"The interface needs to be simplified. It is not user-friendly."
"We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much."
"An area for improvement in OPNsense is the hardware, which needs to be updated more frequently. DNS blocking is another good feature I want to be added to the solution. pfSense has a peer-blocking feature that I also want to see in OPNsense."
"The IPS solution could be more reliable."
"The support for OPNsense is good because we have documents available on the internet. The support could improve a little."
"The UI and web view aren't nice."
"The user interface for WatchGuard Firebox has room for improvement. Right now, it's a bit complex to work with and could be easier."
"They are working on cloud-based options. However, they do not have the options fully functional in their solution at this time."
"What could use some significant improvement in WatchGuard Firebox would be its interface and policy management. An additional feature I'd like to see in the next release of WatchGuard Firebox is the ability to modify an existing policy instead of having to recreate a policy when changes are necessary. At the moment, there's no possibility to modify the policy. You have to delete the policy and recreate it."
"This is a great product and offers great protection but they don't hear the customers' needs. They don't make improvements as per the customers' requests."
"The area where I think this product can be improved is the user interface and the reporting. It can be quite difficult to find the correct logs and to actually find out what is going on. The digging can be time-consuming."
"Firebox would be improved with integration for endpoint protection solutions."
"There is room for improvement in the threat protection, data packet inspection, and performance of the solution. Generally, it's just a lower-end product. It does the job but doesn't do it very well."
OPNsense is ranked 7th in Firewalls with 12 reviews while WatchGuard Firebox is ranked 4th in Unified Threat Management (UTM) with 23 reviews. OPNsense is rated 8.2, while WatchGuard Firebox is rated 8.2. The top reviewer of OPNsense writes "Unbeatable pricing and easy to configure and use, but it can be configured only through the GUI, and the integration with Azure cloud is difficult". On the other hand, the top reviewer of WatchGuard Firebox writes "Easy to deploy and it provides useful data on threats ". OPNsense is most compared with pfSense, Untangle NG Firewall, Sophos XG, Fortinet FortiGate and Azure Firewall, whereas WatchGuard Firebox is most compared with Fortinet FortiGate, pfSense, Sophos XG, Meraki MX and SonicWall NSa. See our OPNsense vs. WatchGuard Firebox report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.