We performed a comparison between Cisco Secure Firewall vs. pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Firewall and pfSense come out about equal in this comparison. Cisco ASA Firewall has a slight edge when it comes to service and support, but pfSense has an edge when it comes to pricing.
"The next-gen features, the unified threat management capabilities are something that just about everybody is interested in at this point."
"I like Fortinet FortiGate's antispam filter, SPN, and clustering features."
"The most valuable features of Fortinet FortiGate are the different types of profiling. It has been the most effective for me. The WAF and the antivirus profile are the most effective in network protection."
"Whenever we raise a complaint with FortiGate, their response and resolution times are minimal."
"FortiGate is flexible and easy to use."
"The Fortinet FortiGate local partners were good. I did not have direct contact with Fortinet support."
"Some of the key features of the solution is that it has good reporting, you can receive many details from the connection, for example, clients and website information."
"The solution is extremely reliable."
"Netting is one of the best features. We can modify it in different ways. Site-to-site VPN is also an awesome feature of Cisco ASA. The biggest advantage of Cisco products is technical support. They provide the best technical support."
"The most valuable feature would be the IP blocking. It gets rid of things that you don't need in your environment."
"I am used to the ASA syntax, therefore it is quite easy to make up new rules. I have found that DNS doctoring rules are useful."
"Firepower has reduced our firewall operational costs by about 25 percent."
"Cisco Secure Firewall has improved our customers' security posture because it offers Next-Gen features, granularity, and reporting on the back of it. You can see the amount of users accessing Office 365, for example, and whether they're having a good or bad experience. You can see the threats that are coming into your network. You can see anyone who is compromised from within your network."
"All the features except IPS are valuable. IPS is not a part of my job."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"It's quite a capable box for UTM."
"I like pfSense's security features."
"It is much simpler than other solutions such as Fortinet."
"pfSense allows us to spread the hours of connection and do the filtering on the pfSense site."
"It is a stable solution."
"My company mainly works in the health and educational domain, schools and universities. I prevent the improper use of content from schools and universities. I defend the medical records for the patients in our hospitals. That is the main use case for me for the firewall."
"The solution is very easy to use and configure."
"Super easy to manage. Anyone who has been working with firewalls can handle it."
"The flexibility of adding new kinds of services without spending any money can't be beaten."
"It does not have key authentication for admin access."
"Stability and technical support are the two major issues I have found with Fortinet."
"Usually, we sell the bundle with the UTM or threat management piece with IPS, IDS. Other providers, such as Palo Alto, are ahead in terms of safe functionality. So, for me, delivering truly safe service is probably something that still needs to be improved."
"Sometimes you do need to know some CLI commands, so it's a bit harder for technicians or new people that don't know it."
"I would prefer to have more detailed logs within the FortiGate products themselves rather than relying on a separate tool."
"Fortinet FortiGate could improve by having more capabilities for troubleshooting VPN connections. For example, I do get some feedback about the current status, but I could use some history and logging of important events. The information is logged in our Syslog server, but I could use that information from the device. If they could provide a GUI to have some more insight on what's going with my VPN would be useful."
"Technical support needs to be improved."
"Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN."
"It could use a web-based portal for VPN. Earlier they had it in the ASA model, but currently they don't have it."
"The access layer of this solution could be improved in terms of the way the devices interconnect with our network. We need to be able to analyze the traffic between the different interconnection in these areas."
"An area for improvement is the graphical user interface. That is something that is coming up now. They could make the product more user-friendly. A better GUI is something that would make life much easier."
"There is huge scope for improvement in URL filtering. The database that they have is not accurate. Their content awareness and categorization for URL filtering are not that great. We faced many challenges with their categorization and content awareness. They should improve these categorization issues."
"One area that could be improved is its logging functionality. Your logs are usually displayed on the screen, but if you want to go back one or two days, then you need another solution in place because those logs are overwritten within minutes."
"They should allow customers to talk to them directly instead of having to go through the reseller."
"It can be improved when it comes to monitoring. Today, the logs from the firewalls could be improved a bit more without integrating with other devices."
"It is slowly not supported and other vendors are a few years ahead of Cisco in development."
"The GUI could use more “bells and whistles”. It's got plenty of info for a Sysadmin but some people like shiny things."
"It's just not listed as FIPS compliant for where we're at now in government, which is an issue."
"Their support could be better in terms of the response time."
"I would like to see SD1 integration into the software. That would be fantastic."
"The technical support needs to be improved."
"This solution is good for small businesses but it is not as stable as other competitors such as Fortinet."
"The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time."
"The main problem with pfSense is that it lacks adequate ransomware protection."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. Cisco Secure Firewall is rated 8.2, while Netgate pfSense is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and WatchGuard Firebox. See our Cisco Secure Firewall vs. Netgate pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.