We performed a comparison between OPNsense and WatchGuard Firebox based on real PeerSpot user reviews.Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The Packet Tracer is a really good tool. If someone calls because they're having problems, you can easily create fake traffic without having to do an extended packet capture. You can see, straight away, if there's a firewall rule allowing that traffic in the direction you're trying to troubleshoot."
"The remote VPN and IPsec VPN or site-to-site VPN features are valuable. The clustering feature is also valuable. We have two ISP links. Whenever there is a failover, users don't even get to know. The transition is very smooth, and the users don't notice any latency. So, remote VPN, site-to-site VPN, and failover are three very powerful features of Cisco ASA."
"It helped us a lot with our VPNs for the home office during COVID. There has been more security and flexibility for VPNs and other applications."
"Cisco has the best documentation. You can easily find multiple documents by searching the web. Even a child can go online and find the required information."
"We find all of its features very useful. Its main features are policies and access lists. We use both of them, and we also use routing."
"ASA integrates with FirePOWER, IPS functionality, malware filtering, etc. This functionality wasn't there in the past. With its cloud architecture, Cisco can filter traffic at the engine layer. Evasive encryptions can be entered into the application, like BitTorrent or Skype. This wasn't possible to control through a traditional firewall."
"It brings us the ability to work from anywhere and has allowed us to work remotely without having to incur a lot of other costs. If we didn't have this type of solution, since we have so many on-prem services that are required, we would have likely lost money and been unable to deliver. We have a video services team who helped build the content for our sporting events. When you are watching a Leaf game and those swipes come by as well as the clips and things, those are all generated in-house. Without the ability to access our on-premise resources, we would have been dead in the water. So, the return on that is pretty impressive."
"I like the ASDM for the firewall because it is visual. With the command line, it is harder to visualize what is going on. A picture is worth a thousand words."
"The system in general is quite flexible."
"We have found pretty much all the features of the solution to be valuable."
"OPNsense is highly stable."
"OPNsense is easy to scale when running on the hardware."
"It's more secure and more reliable."
"I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed."
"The technical support is very good."
"What I like best about OPNsense is that, as a firewall, it's pretty good. I'm quite impressed with it. I had an excellent experience with OPNsense, which helped me achieve the targets I wanted."
"The solution has a useful traffic monitor."
"What I found most valuable in WatchGuard Firebox is that it's a functional platform that works, and each of its features works well. The solution also has good reporting and dashboard capabilities. I also find the overall performance of WatchGuard Firebox great."
"The most valuable feature of WatchGuard Firebox is the VPN. It's easy to connect to the VPN."
"From my experience with their customer service team, I would say that they seem quite knowledgeable and fairly quick to respond."
"There are no problems with the technical support. If a problem occurs it gets resolved immediately with our technical support partners."
"All of the features have been valuable. There's nothing on my M270 that I'm not using. If you have remote access, you can see how many users are coming from the outside world to be connected to the systems, through the virus systems that we have behind the firewall, in order to gain access to their files and do their work. We can also see how long they stay online and whether these connections are closed forcefully or for any other reasons, such as a glitch or some kind of misbehavior, to see if internet traffic is optimized and if that particular traffic is under company policies, concerning which websites were visited."
"I like that this product has very few issues."
"This product offers great protection using the default settings."
"We are still running the original ASAs. The software that you are running for the ASDM software and Java application has never been a lot of fun to operate. It would have been nice to see that change update be redesigned with modern systems, which don't play nicely with Java sometimes. Cybersecurity doesn't seem to love how that operates. For us, a fresher application, taking advantage of the hardware, would have been a better approach."
"I would like to see them add more next-generation features so that you don't need a lot of appliances to do just one task. It should be a single solution."
"The application detection feature of this solution could be improved as well as its integration with other solutions."
"Setting firewall network rules should be more straightforward with a clearer graphical representation. The rule-setting method seems old-fashioned. The firewall and network rules are separate from the Firepower and web access rules."
"I think the ASA layer is thin. It's always Layer 3 or Layer 4 source controller and doesn't control the Layer 7 traffic. It's important, and you'll need an additional firewall."
"The main problem we have is that things work okay until we upgrade the firmware, at which point, everything changes, and the net stops working."
"Most of the features don't work well, and some features are missing as well."
"It is hard to control the bandwidth of end-users with a Cisco Firewall. That is the main issue I've faced. I used Mikrotik for many years for this very reason. Mikrotik has the option to set a bandwidth restriction for a single IP or complete segments. Cisco should add this option to their firewall."
"The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs."
"While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet."
"OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."
"The interface needs to be simplified. It is not user-friendly."
"We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much."
"An area for improvement in OPNsense is the hardware, which needs to be updated more frequently. DNS blocking is another good feature I want to be added to the solution. pfSense has a peer-blocking feature that I also want to see in OPNsense."
"The IPS solution could be more reliable."
"The support for OPNsense is good because we have documents available on the internet. The support could improve a little."
"The UI and web view aren't nice."
"The user interface for WatchGuard Firebox has room for improvement. Right now, it's a bit complex to work with and could be easier."
"They are working on cloud-based options. However, they do not have the options fully functional in their solution at this time."
"What could use some significant improvement in WatchGuard Firebox would be its interface and policy management. An additional feature I'd like to see in the next release of WatchGuard Firebox is the ability to modify an existing policy instead of having to recreate a policy when changes are necessary. At the moment, there's no possibility to modify the policy. You have to delete the policy and recreate it."
"This is a great product and offers great protection but they don't hear the customers' needs. They don't make improvements as per the customers' requests."
"The area where I think this product can be improved is the user interface and the reporting. It can be quite difficult to find the correct logs and to actually find out what is going on. The digging can be time-consuming."
"Firebox would be improved with integration for endpoint protection solutions."
"There is room for improvement in the threat protection, data packet inspection, and performance of the solution. Generally, it's just a lower-end product. It does the job but doesn't do it very well."
The Cisco Secure Firewall portfolio delivers greater protections for your network against an increasingly evolving and complex set of threats. With Cisco, you’re investing in a foundation for security that is both agile and integrated- leading to the strongest security posture available today and tomorrow.
From your data center, branch offices, cloud environments, and everywhere in between, you can leverage the power of Cisco to turn your existing network infrastructure into an extension of your firewall solution, resulting in world class security controls everywhere you need them.
Investing in a Secure Firewall appliance today gives you robust protections against even the most sophisticated threats without compromising performance when inspecting encrypted traffic. Further, integrations with other Cisco and 3rd party solutions provides you with a broad and deep portfolio of security products, all working together to correlate previously disconnected events, eliminate noise, and stop threats faster.
OPNsense is a user-friendly, fast-track, open-source FreeBSD-based firewall and routing platform. This software offers features that are generally available from costly commercial firewalls, with the added benefit of open and verifiable sources. The firewall provides users, developers, and organizations with an advantageous environment through transparency. The development of this project is driven by a strong focus on security and code quality.
The solution offers a variety of components, such as:
A team of professionals developed OPNsense. Other professional and experienced software architects, engineers, and developers are encouraged to join in the development of the solution to make it as successful as possible. OPNsense offers a variety of rich features with each release. Each upgrade is based on FreeBSD for continual, long-term support and utilizes a freshly advanced MVC framework based on Phalcon. OPNsense is committed to helping businesses, school networks, remote offices, hotels, and other markets in keeping their data protected.
OPNsense Core Features
OPNsense continually offers a free, complete, high-end security platform with new releases and features. With each release, OPNsense focuses on providing more unique and better security features in a timely manner. These features include:
Reviews from Real Users
OPNsense is a favorite security solution among reviewers for a number of reasons. Two of those reasons include the user-friendliness of the solution, which makes it easy to use, and its ability to easily scale.
For many, a user-friendly solution is essential. FiorindoDi A., a system administration specialist at a tech vendor, says, "The graphic user interface is very good and it is user-friendly, which makes the product easy-to-use."
Peerspot reviewers speak of the scalability of the solution. For example, an anonymous cloud and infrastructure manager at a venture capital and private equity firm reviewer notes, "OPNsense is easy to scale when running on the hardware."
WatchGuard Firebox is a unified security platform that offers organizations protection from cyber threats through a powerful network security device that controls all traffic between an external network and a trusted network. The solution is ideal for small and midsize businesses as well as for distributed enterprises. WatchGuard Firebox protects the entire network from intrusions, phishing attempts, malware, and ransomware by using cloud and virtual firewalls, AI-powered malware protection, and enhanced network visibility.
WatchGuard Firebox Features
WatchGuard Firebox has many valuable key features, including:
WatchGuard Firebox Benefits
Some of the benefits of using WatchGuard Firebox include:
Reviews from Real Users
Below are some reviews and helpful feedback written by WatchGuard Firebox users.
PeerSpot user Kelly C., IT Manager at a hospitality company, mentions, “One of the most valuable features is the Gateway AntiVirus. We scan all traffic as it's coming through. We also use spamBlocker to scrub spam. We use content filtering, which is critical in any corporate environment to make sure that people don't surf things they're not supposed to. WatchGuard has a very easy VPN and branch office VPN setup, so we use those pretty extensively too.It's very easy to use. In terms of performance, WatchGuard has always worked well for us. Regarding the reporting, I was in the Dimension server earlier today. It's very powerful. I like it. And the management features are easy to use. I like the fact that I can open up the System Manager client or I can just do it through the web if I'm making a quick change.”
A Director of Information Technology at a retailer says, “Among the most valuable features is the ease of use — love the interface — of both the web interface and of the WatchGuard System Manager. It's a stable platform. The devices are pretty rock-solid.”
Jason M., IT Director at a healthcare company, explains, “The policy monitoring and allowing different traffic flows are the most useful features for us; regulating which traffic comes in and out. In terms of the throughput and performance, we don't have a problem or any bottleneck there. We downgraded the size of our appliance because we're a small facility, and what we had before was actually too big. The one we are now going with seems to be doing a great job.” He also adds, “The management feature is pretty nice.”
Steve R., President and Owner at Peak Communication Systems, Inc., comments, "It saves us time in the respect that we now have the template built for it so we can get in and get it done. We've had much less problems supporting Voice over IP technologies from different companies. Because our client base has grown over the years, we're probably saving 20 to 30 man-hours a month now that we've got this on a good stable level."
OPNsense is ranked 7th in Firewalls with 12 reviews while WatchGuard Firebox is ranked 4th in Unified Threat Management (UTM) with 23 reviews. OPNsense is rated 8.2, while WatchGuard Firebox is rated 8.2. The top reviewer of OPNsense writes "Unbeatable pricing and easy to configure and use, but it can be configured only through the GUI, and the integration with Azure cloud is difficult". On the other hand, the top reviewer of WatchGuard Firebox writes "Easy to deploy and it provides useful data on threats ". OPNsense is most compared with pfSense, Untangle NG Firewall, Sophos XG, Fortinet FortiGate and Azure Firewall, whereas WatchGuard Firebox is most compared with Fortinet FortiGate, pfSense, Sophos XG, Meraki MX and SonicWall NSa. See our OPNsense vs. WatchGuard Firebox report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.