Cisco Secure Firewall vs. pfSense

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Cisco Secure Firewall
Score 7.8 out of 10
N/A
Cisco Secure Firewall (formerly Cisco Firepower NGFW) is a firewall product that integrates with other Cisco security offerings. It provides Advanced Malware protection, including sandboxing environments and DDoS mitigation. Cisco also offers a Next Generation Intrusion Prevention System, which provides security across cloud environments using techniques like internal network segmentation. The firewall can be managed locally, remotely, and via the cloud. The product is scalable to the scope of…N/A
pfSense
Score 9.3 out of 10
N/A
pfSense is a firewall and load management product available through the open source pfSense Community Edition, as well as a the licensed edition, pfSense Plus (formerly known as pfSense Enterprise). The solution provides combined firewall, VPN, and router functionality, and can be deployed through the cloud (AWS or Azure), or on-premises with a Netgate appliance. It as scalable capacities, with functionality for SMBs. As a firewall, pfSense offers Stateful packet inspection, concurrent…
$179
per appliance
Pricing
Cisco Secure FirewallpfSense
Editions & Modules
No answers on this topic
SG-1100
$179
per appliance
SG-2100
$229
per appliance
SG-3100
$399
per appliance
SG-5100
$699
per appliance
XG-7100-DT
$899
per appliance
XG-7100-1U
$999
per appliance
XG-1537
$1,949
per appliance
XG-1541
$2,649
per appliance
Offerings
Pricing Offerings
Cisco Secure FirewallpfSense
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Cisco Secure FirewallpfSense
Considered Both Products
Cisco Secure Firewall
Chose Cisco Secure Firewall
pfsence is a very complicated firewall and there is lots of documentation available on Cisco website for help. The configuration is very difficult and less documentation available. Cisco Secure Firewall provides us all the security features in low cost and this is very easy to …
pfSense

No answer on this topic

Top Pros
Top Cons
Features
Cisco Secure FirewallpfSense
Firewall
Comparison of Firewall features of Product A and Product B
Cisco Secure Firewall
7.5
67 Ratings
13% below category average
pfSense
7.6
11 Ratings
11% below category average
Identification Technologies7.759 Ratings5.010 Ratings
Visualization Tools6.561 Ratings7.08 Ratings
Content Inspection7.661 Ratings4.011 Ratings
Policy-based Controls8.264 Ratings10.011 Ratings
Active Directory and LDAP7.555 Ratings7.09 Ratings
Firewall Management Console7.463 Ratings9.510 Ratings
Reporting and Logging7.063 Ratings8.011 Ratings
VPN7.855 Ratings10.011 Ratings
High Availability7.960 Ratings10.011 Ratings
Stateful Inspection8.159 Ratings7.011 Ratings
Proxy Server6.836 Ratings6.011 Ratings
Best Alternatives
Cisco Secure FirewallpfSense
Small Businesses
pfSense
pfSense
Score 9.3 out of 10
Sophos UTM
Sophos UTM
Score 9.1 out of 10
Medium-sized Companies
pfSense
pfSense
Score 9.3 out of 10
Palo Alto Networks Next-Generation Firewalls - PA Series
Palo Alto Networks Next-Generation Firewalls - PA Series
Score 9.4 out of 10
Enterprises
Palo Alto Networks Next-Generation Firewalls - PA Series
Palo Alto Networks Next-Generation Firewalls - PA Series
Score 9.4 out of 10
Palo Alto Networks Next-Generation Firewalls - PA Series
Palo Alto Networks Next-Generation Firewalls - PA Series
Score 9.4 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Cisco Secure FirewallpfSense
Likelihood to Recommend
7.6
(70 ratings)
9.7
(24 ratings)
Likelihood to Renew
6.2
(2 ratings)
-
(0 ratings)
Usability
9.0
(2 ratings)
10.0
(1 ratings)
Availability
9.5
(2 ratings)
-
(0 ratings)
Performance
5.0
(1 ratings)
-
(0 ratings)
Support Rating
7.7
(25 ratings)
-
(0 ratings)
Implementation Rating
8.0
(1 ratings)
-
(0 ratings)
Product Scalability
5.0
(1 ratings)
-
(0 ratings)
User Testimonials
Cisco Secure FirewallpfSense
Likelihood to Recommend
Cisco
Well, I mean it is really meant for the edge. I think maybe some of the smaller models you could maybe use at your, if you have remote workers where you wanted to protect their environment more than in their home network or whatever, but for us, we've always use the enterprise versions.
Read full review
Netgate (Rubicon Communications, LLC)
Because pfSense is built around open source software, it is very convenient to be able to deploy in the event of hardware failure. We once had a client with a proprietary router that failed. While the router was under warranty, the expected time for the new router to arrive was about 2 weeks. We decided to implement pfSense for the client as a stop gap and ultimately ended up deploying the full enterprise appliance. Being able to get up and running using commodity hardware was a huge win for the client. We've also had a great amount of success deploying pfSense hardware at apartment complexes. The DNS resolver works great and we've had no issues handling multiple VLANs with various DHCP scopes on it. Finally, we've had clients that require having a failover cluster. Utilizing the built in CARP capabilities, we've been able to provide a very robust failover system that requires little maintenance and no downtime in the event of equipment failure.
Read full review
Pros
Cisco
  • It's been a big change for us because like I said, we've been using it about a year, I think. And we went from ASAs to this, so it was a big changeover from being able to do everything in CLI honestly, it's a bit clunky and more time consuming to have to configure things through the Gooey, which has been a pain point for us. But we've tried to automate as much as we can. What it does well is the analysis. The event, not event viewer, but unified event, that's what it is. Handy tool. Also the tunnel troubleshooting the site to site tunnel monitoring or troubleshooting, I can't remember what it's called. It's pretty good too. It's nice how it has some predefined commands in there. I'd say those are probably the things we like about it the most.
Read full review
Netgate (Rubicon Communications, LLC)
  • Easy to use. Good user interface design! Easy to understand and easy to set up.
  • Lower hardware requirement. 3 years ago, we used an old PC to run it. Now, we have changed to a router device with Celeron CPU and 8GB RAM. It runs smoothly with a 1000G commercial broadband.
Read full review
Cons
Cisco
  • Sometimes it's the limitation of the throughput or limitation of the firewall. One DDoS attack they have the bandwidth capacity is very little. And then once there is DDoS attack. Many not only the firewall can protect that they need to take action further at the Upstreaming Provider, that side with the bigger pipe bandwidth for protecting the attack. Not only the firewall can prevent,. Yes. So sometimes firewalls still have the limitation and then need to do any additional monitoring or something. But we can do that with the ideas and IPS, but required to have the bigger pipe to protect DDos Attack, for example the bandwidth from the upstream network as well. I mean when many DDos Attack comes with big bandwidth, not only firewall can protect, but also the blackholing the traffic from upstream providers who has bigger bandwidth DDos mitigation services.
Read full review
Netgate (Rubicon Communications, LLC)
  • I did kind of mention a Con in the Pro section with OpenVPN.
  • When I create a config for an employee other employees are able to login to that config.
  • I could be doing something wrong when I am making it - I am not afraid to admit that as I am pretty new to all of this, but it seems like it builds a key and I would think the key would be unique in some way to each employee, but I could be wrong.
  • I actually do not have a lot of Con's for this software - I did not get to set this up on our work network so I am not sure of any downfalls when installing.
  • I installed this on my personal machine in a Hyper-V environment to get a feel for it before I started working on it at work and it seemed pretty smooth. I didn't run into any issues.
Read full review
Likelihood to Renew
Cisco
It works really well. We can do most anything we want or need to with it, and you don’t have to have a doctorate or multiple certs to necessarily figure it out. The thing that would probably have to happen to make us switch would be if we just got priced out - Cisco’s more powerful and higher bandwidth models cost a pretty penny.
Read full review
Netgate (Rubicon Communications, LLC)
No answers on this topic
Usability
Cisco
Solution is highly effective, offers a lot of features with constant improvements and additions of new features over time. It's relatively easy to get familiar with the system, especially if transitioning from adaptive security appliances. If this is not the case, as for learnability there's a learning curve but once learned it is relatively easy to remember the details about the system even after a period of non-use
Read full review
Netgate (Rubicon Communications, LLC)
The interface is simple, has sane defaults, and is consistent throughout.
Read full review
Reliability and Availability
Cisco
We have had really good success with Cisco Secure Firewall when it comes to availability. Even when we’ve had temporary issues with one appliance or the other, or with the Firewall Management Center, it has stayed up and defended our network diligently. We even had an issue where the licensing got disabled for multiple days, and it kept spinning like a top
Read full review
Netgate (Rubicon Communications, LLC)
No answers on this topic
Support Rating
Cisco
Cisco support is not at all suitable for this product, at least. It takes a long for them to help us with our server issues. A lot of the time, the customer support person keeps on redirecting calls to another person. They need to be well versed with the terminologies of the product they are supporting us with. Support needs a lot of improvement. Cisco Fire Linux OS, the operating system behind Cisco Firepower NGFW (formerly Sourcefire), also doesn't receive regular patches. In short, average customer service.
Read full review
Netgate (Rubicon Communications, LLC)
No answers on this topic
Implementation Rating
Cisco
In the beginning transition from Adaptive Security Appliance to Cisco Secure Firewall did not look like the best choice. Solution was new, there were a lot of bugs and unsupported features and the actual execution in the form of configuration via Firepower Management Center was extremely slow. Compare configuring a feature via CLI on ASA in a manner of seconds (copy/paste) to deployment via FMC to Secure Firewall which took approx. 10 mins (no exaggeration). Today, situation is a bit different, overall solution looks much more stable and faster then it was but there's still room for improvement.
Read full review
Netgate (Rubicon Communications, LLC)
No answers on this topic
Alternatives Considered
Cisco
We use the FMC as a virtual machine, it combines administration, monitoring and can be used perfectly for error analysis. There are restrictions due to administration without the FMC, so we decided on the FMC as the central administration.
Read full review
Netgate (Rubicon Communications, LLC)
While you can get the performance out of other products, pfSense offers the unique ability to put other services on the same device. Products such as Untagle's NG Firewall and SonicWall's TZ series offer cost effective options for firewall and VPN services, having incoming load balancing and connection proxies on the same device as the firewall offers extremely easy configuration and day to day management of network services
Read full review
Return on Investment
Cisco
  • I hope this answers the question, but we have the conversation about costs on equipment and lead times have been getting better with firewalls, but those two were the main things that have affected ROI, I think for us. That makes them go to other distributors or even other vendors because they need the products quickly. If it's too costly or the lead times too high, then they'll just go elsewhere.
Read full review
Netgate (Rubicon Communications, LLC)
  • Using pfSense has allowed us to build a professional network in our small office without needing a lot of proprietary hardware, saving thousands of dollars in IT infrastructure investment.
  • The cost for using pfSense is free, so it's a great option for those who don't have a large IT budget
  • pfSense utilizes all of the industry standard services to provide all of it's functionality, so support for service-level issues is readily available
  • Because of how much work has been put into pfSense to make it rock solid and reliable, we're able to support our network with minimal IT staffing, saving us thousands of dollars/year in personnel alone.
Read full review
ScreenShots