Cisco Secure Firewall vs OPNsense Comparison 2024

Sponsored

Fortinet FortiGate

Read 306 Fortinet FortiGate reviews

120,425 views|88,209 comparisons

Cisco Secure Firewall

Read 404 Cisco Secure Firewall reviews

56,401 views|31,700 comparisons

OPNsense

Read 36 OPNsense reviews

105,864 views|93,109 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

Cisco Secure Firewall vs. OPNsense

May 2024

Executive Summary

Updated on Jul 11, 2023

We performed a comparison between Cisco Secure Firewall and OPNsense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

Features: Cisco Secure Firewall is highly regarded for its robust threat defense, comprehensive application visibility, effective troubleshooting capabilities, seamless integration with other Cisco products, and reliable high-availability capabilities. OPNsense is praised for its impressive scalability, excellent guest access capabilities, impressive flexibility, unwavering stability, and commendable IDS/IPS features.

Secure Firewall could benefit from enhancements in network performance, policy administration, customization options, and rule creation. It also requires better licensing flexibility, support for standard interfaces, and advanced features like web filtering. The management interface, deployment times, reporting, and logging functionalities should be enhanced as well. OPNsense needs improvements in its user-friendly interface, bandwidth management, multi-provider internet protection, high availability feature, logging, IPS solution, peer-blocking features, installation and deployment process, reporting capabilities, SSL inspection, and learning curve.

Service and Support: The feedback on customer service for Cisco Secure Firewall varies, with certain customers appreciating their technical assistance while others encountered delays and challenges. OPNsense's support has received both positive and negative assessments, with some customers finding it outstanding while others believe there is room for improvement.

Ease of Deployment: The setup process for Cisco Secure Firewall can be complex, relying on the user's knowledge and environment. OPNsense's initial setup is straightforward and does not present major challenges.

Pricing: Cisco Secure Firewall has a costly setup, involving additional expenses for licensing, support, and hardware. OPNsense is more budget-friendly, as the software itself is free, with expenses primarily related to hardware and deployment choices. Additionally, OPNsense provides a free version, whereas Cisco necessitates licensing.

ROI: Cisco Secure Firewall offers varying ROI depending on the use case and organization's architecture. It brings reduced operational costs and enhanced security, leading to positive ROI. OPNsense delivers ROI in under three months by eliminating recurring fees and recouping savings within that timeframe.

Comparison Results: Cisco Secure Firewall is the preferred choice when comparing it to OPNsense. The initial setup for Cisco Secure Firewall was generally considered straightforward and easy, thanks to the availability of Cisco's resources and documentation. Cisco Secure Firewall offers more valuable features such as threat defense, intensive troubleshooting capabilities, integration with other Cisco products, and advanced features like IPS and web filtering.

To learn more, read our detailed Cisco Secure Firewall vs. OPNsense Report (Updated: May 2024).

Download the complete report

770,428 professionals have used our research since 2012.

Featured Review

Prasanth P.

Global Chief Information Officer at a manufacturing company

Researched Cisco Secure Firewall but chose Fortinet FortiGate: Provides solid protection against viruses, malware, and other threats

FortiGate improved our security. It's one of the best hardware firewalls. We're secured against various outside threats. It's hard to know how... Read more →

Anonymous User

IT Specialist at a government

A flexible and easy to manage solution for segregating our servers from the rest of the environment

Instead of using multiple firewalls, we only need to rely on this solution. It has a small footprint.

Samo Primožič

Technical support engineer at ADVANT računalniški inženiring, komunikacije, svetovanje in distribucija d.o.o.

Easy to manage, free and good for small offices

It helps to improve network security. It does its job.

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"It is easy to manage, and it doesn't need much knowledge from the team. It is a stable device, and there are many features that are included out of the box.""The pricing is great and very reasonable.""The simplicity of the product is great. It's very easy to use, which is a compliment we get all the time in terms of feedback.""Advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless and simple integration into a large network.""The Intrusion Prevention System and the web filtering are both working well.""The web filtering facility and application control are the most valuable features from the point of view of our clients. The VPN feature is also quite popular amongst our clients. Two-factor authentication is one of the good features in Fortinet. These features are important for the current scenario of security. Security has become a necessity nowadays. With cyber-attacks becoming more common, protecting an organization's data is one of the major tasks. It is also very stable and scalable, and it is very straightforward to configure. Their technical support is also good.""The response is very quick and they can visually resolve our problems in a short period.""The initial setup of Fortinet FortiGate was straightforward."

More Fortinet FortiGate Pros →

"One of the best features is the ease of use. It's also easy to teach new engineers to use the ASA CLI.""The technical support is excellent. I would rate it as 10 out of 10. When there has been an issue, we have had a good response from them.""Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports.""Cisco ASA works very nicely from an administration perspective. The management of the device is very nice. The ASDM (Adaptive Security Device Manager) is the software that we use and it is very easy to configure using the GUI.""VPN, firewall, and IDS/IPS allow us to deliver services to meet client needs across various industry verticals.""Its efficiency and security are the most important. We are more efficient and more secure.""The features I have found most valuable are the ASA firewalls. I like to have features like most integrated systems in ACI.""The ASA has seen significant improvement due to the IPS."

More Cisco Secure Firewall Pros →

"The initial setup is easy. It only takes 15-30 minutes to deploy.""The most valuable feature is the Dual WAN in OPNSense, which offers advanced capabilities.""The feature I find most valuable, is that the program helped me to realize all the requested functionality that was needed.""I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed.""It has firewall and VPN capabilities, which are very valuable features.""The DNS-level filtering is impressive for thwarting time scanners.""The system in general is quite flexible.""OPNsense could improve by making the configuration more web-based rather than shell or command-line-based."

More OPNsense Pros →

Cons

"The setup is pretty complex and not easy to implement.""NGN, reporting and controls.""The platform's interface could improve.""Performance and technical support are the main issues with this solution.""With the addition of some features, it is possible that FortiGate can be used in all verticals.""Scalability is one of the disadvantages. When it comes to scalability, you have to actually change the box. If you want to upgrade it, you need to actually change the existing box and probably you take the system off to other sites.""You do need some IT knowledge in order to effectively work with the solution.""FortiOS is not simple."

More Fortinet FortiGate Cons →

"We would really like to see dual dual power supplies for some Cisco Firewall products.""We wanted to integrate Firepower with our solution, but it didn't have the capability to accommodate our bandwidth since they only had two 10 gig interfaces on the box. We run way more than that through our network because we are a service provider, providing Internet to our customers.""There are some limitations with SSL. Regarding the security assessment for the ISO 27000 standard, there are certain features that Cisco needs to scale up. Not all products support it, so you need to be slightly careful, especially on the site track.""The Sandbox and the Web Censoring in this solution need to be improved.""I would like more features in conjunction with other solutions, like Fortinet.""It is not easy to configure.""Sometimes, it is not easy to troubleshoot. You need to know where to go. It took me quite awhile. It's like, "Okay, if it doesn't go smoothly here, then go find the documentation." Once you do it, it is not so bad. However, it is sometimes a steep learning curve on the troubleshooting part of it.""REST API stability needs improvement in order for customizing resource allocation available to the user rather than just being there transparently. This way users can customize REST API and tailor it to their needs."

More Cisco Secure Firewall Cons →

"The interface needs to be simplified. It is not user-friendly.""I think the most important thing is that it should be easily accessible, but currently, that doesn't seem to be the case. We need a hardware platform that's based on common standards and open computing principles, which would be like a commodity and benefit us greatly.""The logging could improve in OPNsense.""There are issues with stability and reliability.""The solution could be more secure.""The solution would not be suitable for anything large-scale.""An area for improvement in OPNsense is the hardware, which needs to be updated more frequently. DNS blocking is another good feature I want to be added to the solution. pfSense has a peer-blocking feature that I also want to see in OPNsense.""We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much."

More OPNsense Cons →

Pricing and Cost Advice

"Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make."

"These boxes are not that expensive compared to what they can do, their functionality, and the reporting you receive. Fortinet licensing is straightforward and less confusing compared to Cisco."

"Go for long term pricing negotiated at the time of purchase."

"Work through partners for the best pricing."

"The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors."

"Easy to understand licensing requirements."

"We saved a bundle by not needing all the past appliances from an NGFW."

"The cost is too high... They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost."

More Fortinet FortiGate Pricing and Cost Advice →

"Always plan ahead for three years. In other words, do not buy a firewall on what your needs are today, but try to predict where you will be three years from now in terms of bandwidth, security requirements, and changes in organizational design."

"I have to admit that the price is high. But I think it's worth it if the stability of your solution counts for you."

"It has a great performance-to-price value, compared to competitive solutions."

"Spec the right hardware model and choose the right license for your needs."

"Everything with Cisco is expensive. My advice is that there are a lot better options out in the market now."

"To discuss with Cisco Systems or their partners to gain the optimal price and to not consider, without verifying, the false information that Cisco ASA is very expensive."

"Cisco devices are for sure costly and budget could be an important constrain on selecting them as our security solution."

"Price point is too high for features and throughput available."

More Cisco Secure Firewall Pricing and Cost Advice →

"We are not paying any licensing fees. OPNsense is completely free for us."

"It costs about $1000."

"There are no licensing costs for OPNsence."

"OPNsense is open source software so at this time it is free for us to use."

"OPNsense is a well known open-source tool."

"It is not an expensive product. Basically, I deployed it because it was the fastest solution to satisfy our needs in open source."

"OPNsense is an open-source solution and it is free to use."

"The solution is not expensive."

More OPNsense Pricing and Cost Advice →

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See Recommendations

770,428 professionals have used our research since 2012.

Comparison Review

Anonymous User

Security Consultant at Webernetz.net - Network Security Consulting

Cisco ASA vs. Palo Alto Networks

Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning the management options: How to add and rename objects. How to update a device. How to find log entries. Etc. Cisco ASA Fast Management Suite: The ASDM GUI is really fast. You do not have to wait for the next window if you click on a certain button. It simply appears directly. On the Palo, each entry to add, e.g., an application inside a security rule, takes a few seconds. Better “Preview CLI Commands”: I am always checking the CLI commands before I send them to the firewall. On the Cisco ASA, they are quite easy to understand. I know, Palo Alto also offers the “Preview Changes”, but it takes a bit more time to recognize all XML paths. Better CLI Commands at all: For Cisco admins it is very easy to parse a “show run” and to paste some commands into another device. This is not that easy on a Palo Alto firewall. First, you must change the config-output format, and second, you cannot simply paste many lines into another device, since the ordering of these lines is NOT correct by default. That is, it simply doesn’t work. ACL Hit Count: I like the hit counts per access list entry in the GUI. It quickly reveals which entries are used very often and which ones are never used. On the… Read more →

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and usage at… more »

Read all 3 answers →

What is the biggest difference between Sophos XG and FortiGate?

Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »

Read all 13 answers →

What are the biggest technical differences between Sophos UTM and Fortine...

Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »

Read all 11 answers →

Which is better - Fortinet FortiGate or Cisco ASA Firewall?

Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »

Read all 4 answers →

How does Cisco's ASA firewall compare with the Firepower NGFW?

Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »

Which is better - Meraki MX or Cisco ASA Firewall?

Top Answer: Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports… more »

Read all 2 answers →

What is the difference between PfSense and OPNsense?

Top Answer:Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »

What do you like most about OPNsense?

Top Answer:What I like the most about OPNsense is that it offers an easy-to-use dashboard for device management and control.

Read all 32 answers →

What is your experience regarding pricing and costs for OPNsense?

Top Answer:It is free.

Read all 27 answers →

Comparisons

Sophos XG vs. Fortinet FortiGate

Compared 19% of the time.

Netgate pfSense vs. Fortinet FortiGate

Compared 12% of the time.

Meraki MX vs. Fortinet FortiGate

Compared 7% of the time.

WatchGuard Firebox vs. Fortinet FortiGate

Compared 5% of the time.

Juniper SRX Series Firewall vs. Fortinet FortiGate

Compared 2% of the time.

More Fortinet FortiGate Competitors →

Palo Alto Networks WildFire vs. Cisco Secure Firewall

Compared 8% of the time.

Netgate pfSense vs. Cisco Secure Firewall

Compared 6% of the time.

Meraki MX vs. Cisco Secure Firewall

Compared 5% of the time.

Sophos XG vs. Cisco Secure Firewall

Compared 4% of the time.

SonicWall TZ vs. Cisco Secure Firewall

Compared 2% of the time.

More Cisco Secure Firewall Competitors →

Netgate pfSense vs. OPNsense

Compared 79% of the time.

Sophos XG vs. OPNsense

Compared 4% of the time.

Untangle NG Firewall vs. OPNsense

Compared 2% of the time.

Sophos UTM vs. OPNsense

Compared 2% of the time.

Palo Alto Networks NG Firewalls vs. OPNsense

Compared 1% of the time.

More OPNsense Competitors →

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate

Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall

Learn More

Fortinet

Cisco

OPNsense

Video Not Available

Overview

Fortinet FortiGate enhances network security, prevents unauthorized access, and offers robust firewall protection. Valued features include advanced threat protection, reliable performance, and a user-friendly interface. It improves efficiency, streamlines processes, and boosts collaboration, providing valuable insights for informed decision-making and growth.

Cisco Secure Firewall stands as a robust and adaptable security solution, catering to organizations of all sizes. It's designed to shield networks from a diverse array of cyber threats, such as ransomware, malware, and phishing attacks. Beyond mere protection, it also offers secure access to corporate resources, beneficial for employees, partners, and customers alike. One of its key functions includes network segmentation, which serves to isolate critical assets and minimize the risk of lateral movement within the network.

The core features of Cisco Secure Firewall are multifaceted:

Advanced threat protection is achieved through a combination of intrusion prevention, malware detection, and URL filtering technologies.
For secure access, the firewall presents multiple options, including VPN, remote access, and single sign-on.
Its network segmentation capability is vital in creating barriers within the network to safeguard critical assets.
The firewall is scalable, effectively serving small businesses to large enterprises.
Management is streamlined through Cisco DNA Center, a central management system.

The benefits of deploying Cisco Secure Firewall are substantial. It significantly reduces the risk of cyberattacks, thereby enhancing the security posture of an organization. This security also translates into increased productivity, as secure access means uninterrupted work. Compliance with industry regulations is another advantage, as secure access and network segmentation align with many regulatory standards. Additionally, it helps in reducing IT costs by automating security tasks and simplifying management processes.

In practical scenarios, Cisco Secure Firewall finds diverse applications. It's instrumental in protecting branch offices from cyberattacks, securing remote access for various stakeholders, safeguarding cloud workloads, and segmenting networks to isolate sensitive areas.

User reviews from PeerSpot reflect an overall positive experience with the Cisco Secure Firewall. Users appreciate its ease of configuration, good management capabilities, robust protection, user-friendly interface, and scalability. However, some areas for improvement include better integration capabilities with other vendors, maturity, control over bandwidth for end-users, and addressing software bugs.

In summary, Cisco Secure Firewall is a comprehensive, versatile, and reliable security solution that effectively meets the security needs of various organizations. It offers a balance of advanced protection, user-friendly management, and scalability, making it a valuable asset in the realm of network security.

OPNsense is a user-friendly, fast-track, open-source FreeBSD-based firewall and routing platform. This software offers features that are generally available from costly commercial firewalls, with the added benefit of open and verifiable sources. The firewall provides users, developers, and organizations with an advantageous environment through transparency. The development of this project is driven by a strong focus on security and code quality.

The solution offers a variety of components, such as:

Weekly security updates. These updates provide the user with the ability to reach new emerging threats in a timely manner through small increments.
Two major releases every year. These yearly releases are on a fixed release cycle and provide organizations with the ability to plan ahead of an upcoming upgrade.
A roadmap of instructions. Each major release provides a guide and a set of clear goals.

A team of professionals developed OPNsense. Other professional and experienced software architects, engineers, and developers are encouraged to join in the development of the solution to make it as successful as possible. OPNsense offers a variety of rich features with each release. Each upgrade is based on FreeBSD for continual, long-term support and utilizes a freshly advanced MVC framework based on Phalcon. OPNsense is committed to helping businesses, school networks, remote offices, hotels, and other markets in keeping their data protected.

OPNsense Core Features

OPNsense continually offers a free, complete, high-end security platform with new releases and features. With each release, OPNsense focuses on providing more unique and better security features in a timely manner. These features include:

Captive Portal
Built-in reporting and monitoring tools including RRD Graphs
Network Flow Monitoring
Traffic Shaper
Support for Plugins
Granular Control Over State Table
Dynamic DNS
Two-factor authentication throughout the system
Netflow Exporter
Encrypted Configuration Backup to Google Drive
Forward Caching Proxy (transparent) with Blacklist Support
Stateful inspection firewall
DNS Server & DNS Forwarder
High Availability & Hardware Failover (with configuration synchronization & synchronized state tables)
DHCP Server and Relay
Virtual Private Network (site to site & road warrior, IPsec, OpenVPN & legacy PPTP support)
Intrusion Detection and Prevention
802.1Q VLAN support

Reviews from Real Users

OPNsense is a favorite security solution among reviewers for a number of reasons. Two of those reasons include the user-friendliness of the solution, which makes it easy to use, and its ability to easily scale.

For many, a user-friendly solution is essential. FiorindoDi A., a system administration specialist at a tech vendor, says, "The graphic user interface is very good and it is user-friendly, which makes the product easy-to-use."

Peerspot reviewers speak of the scalability of the solution. For example, an anonymous cloud and infrastructure manager at a venture capital and private equity firm reviewer notes, "OPNsense is easy to scale when running on the hardware."

Sample Customers

1. Amazon Web Services 2. Microsoft 3. IBM 4. Cisco 5. Dell 6. HP 7. Oracle 8. Verizon 9. AT&T 10. T-Mobile 11. Sprint 12. Vodafone 13. Orange 14. BT Group 15. Telstra 16. Deutsche Telekom 17. Comcast 18. Time Warner Cable 19. CenturyLink 20. NTT Communications 21. Tata Communications 22. SoftBank 23. China Mobile 24. Singtel 25. Telus 26. Rogers Communications 27. Bell Canada 28. Telkom Indonesia 29. Telkom South Africa 30. Telmex 31. Telia Company 32. Telkom Kenya

There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.

1. Deciso B.V. 2. iXsystems, Inc. 3. EuroBSDCon 4. Netgate 5. Claranet 6. Voleatech 7. Open Systems AG 8. Securebit AG 9. Proxmox Server Solutions GmbH 10. AVM Computersysteme Vertriebs GmbH Additional customers include: T-Systems International GmbH, Deutsche Telekom AG, Vodafone GmbH, 1&1 IONOS SE, OVHcloud, Hetzner Online GmbH, Strato AG, PlusServer GmbH, Host Europe GmbH, United Internet AG, 1&1 Versatel Deutschland GmbH, QSC AG, Bechtle AG, Cancom SE, Computacenter AG & Co. oHG, T-Systems Multimedia Solutions GmbH, Atos SE, Capgemini SE, Accenture plc, IBM Corporation, Hewlett Packard Enterprise Company, Cisco Systems, Inc.

Top Industries

REVIEWERS

Comms Service Provider16%

Computer Software Company9%

Financial Services Firm8%

Manufacturing Company7%

VISITORS READING REVIEWS

Educational Organization20%

Computer Software Company15%

Comms Service Provider8%

Manufacturing Company6%

REVIEWERS

Financial Services Firm15%

Computer Software Company12%

Comms Service Provider12%

Government8%

VISITORS READING REVIEWS

Educational Organization21%

Computer Software Company16%

Comms Service Provider9%

Government6%

REVIEWERS

Comms Service Provider24%

Financial Services Firm18%

Logistics Company12%

Aerospace/Defense Firm6%

VISITORS READING REVIEWS

Comms Service Provider15%

Computer Software Company14%

Government8%

Educational Organization6%

Company Size

REVIEWERS

Small Business48%

Midsize Enterprise23%

Large Enterprise30%

VISITORS READING REVIEWS

Small Business27%

Midsize Enterprise32%

Large Enterprise41%

REVIEWERS

Small Business35%

Midsize Enterprise24%

Large Enterprise42%

VISITORS READING REVIEWS

Small Business24%

Midsize Enterprise31%

Large Enterprise45%

REVIEWERS

Small Business71%

Midsize Enterprise12%

Large Enterprise18%

VISITORS READING REVIEWS

Small Business33%

Midsize Enterprise18%

Large Enterprise48%

Buyer's Guide

Cisco Secure Firewall vs. OPNsense

May 2024

Free Report: Cisco Secure Firewall vs. OPNsense

Find out what your peers are saying about Cisco Secure Firewall vs. OPNsense and other solutions. Updated: May 2024.

DOWNLOAD NOW

770,428 professionals have used our research since 2012.

Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while OPNsense is ranked 3rd in Firewalls with 36 reviews. Cisco Secure Firewall is rated 8.2, while OPNsense is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of OPNsense writes "Robust network security and management offering a user-friendly interface, open-source flexibility, and cost-effectiveness, with challenges regarding initial setup and the absence of official support". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and SonicWall TZ, whereas OPNsense is most compared with Netgate pfSense, Sophos XG, Untangle NG Firewall, Sophos UTM and Palo Alto Networks NG Firewalls. See our Cisco Secure Firewall vs. OPNsense report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Cisco Secure Firewall vs OPNsense comparison