We performed a comparison between pfSense and WatchGuard Firebox based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Both products received high marks from reviewers, but WatchGuard ultimately won out in this comparison. According to reviews, WatchGuard appears to be a more secure solution.
"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"The content filtering is good."
"The most valuable feature is the access control list (ACL)."
"The most valuable features of this solution are advanced malware protection, IPS, and IDS."
"The initial setup was simple and fast."
"The interface is straightforward and easy to use."
"We like the fact that the product is open-source. It's free to use. There are no costs associated with it."
"The solution is very easy to use and configure."
"Good basic firewall features."
"Is good at blocking IP addresses."
"The initial setup is not complex."
"The main features of this solution are customization and ease to use."
"Because we bought two firewalls... we need a central place to manage the policies and deploy them to both devices. It's good that it provides a system management console that is able to manipulate and manage policies in one place and deploy them to different locations."
"The main features of the solution are the control of the site-to-site network access and the overall features."
"All of the features have been valuable. There's nothing on my M270 that I'm not using. If you have remote access, you can see how many users are coming from the outside world to be connected to the systems, through the virus systems that we have behind the firewall, in order to gain access to their files and do their work. We can also see how long they stay online and whether these connections are closed forcefully or for any other reasons, such as a glitch or some kind of misbehavior, to see if internet traffic is optimized and if that particular traffic is under company policies, concerning which websites were visited."
"The most valuable features of the WatchGuard Firebox are all the security and updated features. You are able to configure the solution from the cloud platform and the application and web interface are very nice."
"The security that is used for defending from the attacks is very good."
"The features that I have found most valuable are the FireWall features. The management side of WatchGuard is quite easy because it supports two ways to manage it - by the web and the other one they call WatchGuard systems manager. I used to be familiar with WSM only, but they improved their GUI in the web browser and now it is much easier to do it within the web browser."
"There are no problems with the technical support. If a problem occurs it gets resolved immediately with our technical support partners."
"Two of the functionalities we use most are the traffic monitoring and the full panel dashboard. Those are two things that are very useful for us... In addition, it provides us with layered security. It allows us to determine what types of access, to which networks, we want to allow or deny."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"We only have an issue with time sync with Cisco ASA and NTP. If the time is out of sync, it will be a disaster for the failover."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"The ability to better integrate with other tools would be an improvement."
"It would be great if some of the load times were faster."
"Implementations require the use of a console. It would help if the console was embedded."
"The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."
"Other solutions provide more scope for growth. For instance, we can have only 10 to 20 employees on VPN, but other solutions can support more users. We also have more capabilities to increase the performance of the solution."
"User interface is a little clumsy."
"Lacks instructional videos."
"Ultimately, we'd like something stronger, and something that can handle threats better in real-time."
"It would be great to add more to security."
"The interface is not very shiny and attractive."
"The integration could be improved."
"Many people have problems setting up the web cache for the web system."
"The solution is lacking a professional website, they should be updated more often."
"The data loss protection works well, but it could be easier to configure. The complexity of data loss protection makes it a more difficult feature to fully leverage. Better integration with third-party, two-factor authentication would be advantageous."
"I would like to see the devices made more flexible by adding modules to increase the ports that we can use."
"The solution can improve by adding a feature to tag a MAC address of a computer system in the policy and more IP configuration settings."
"They are working on cloud-based options. However, they do not have the options fully functional in their solution at this time."
"The only downside is that it is missing an API, that you can use to easily collect information from it."
"Its documentation could be improved. Sometimes, you need to search a bit longer to find what you are looking for."
"The UI is not as user-friendly as the model that I had used before, which was from Check Point. The design of the Firebox UI is restricted and needs an experienced network guy to understand the format and settings."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
pfSense is ranked 3rd in Firewalls with 61 reviews while WatchGuard Firebox is ranked 3rd in Unified Threat Management (UTM) with 21 reviews. pfSense is rated 8.4, while WatchGuard Firebox is rated 8.4. The top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". On the other hand, the top reviewer of WatchGuard Firebox writes "Competent, basic front-end; the ports that I have assigned appear to be unattainable to outsiders". pfSense is most compared with OPNsense, Fortinet FortiGate, Sophos XG, Untangle NG Firewall and Zyxel Unified Security Gateway, whereas WatchGuard Firebox is most compared with Fortinet FortiGate, Sophos XG, Meraki MX, Cisco ASA Firewall and Untangle NG Firewall. See our WatchGuard Firebox vs. pfSense report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.