What users are saying about
<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener'>Customer Verified: Read more.</a>
44 Ratings
64 Ratings

Cisco Secure Firewall

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener'>Customer Verified: Read more.</a>
44 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 8.6 out of 100
64 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 8.9 out of 100

Feature Set Ratings

  • Cisco Secure Firewall ranks higher in 1 feature set: Firewall

Firewall

8.8

Cisco Secure Firewall

88%
8.5

pfSense

85%
Cisco Secure Firewall ranks higher in 8/11 features

Identification Technologies

8.1
81%
18 Ratings
8.7
87%
8 Ratings

Visualization Tools

8.0
80%
18 Ratings
7.9
79%
7 Ratings

Content Inspection

9.5
95%
20 Ratings
7.4
74%
9 Ratings

Policy-based Controls

9.1
91%
20 Ratings
8.5
85%
9 Ratings

Active Directory and LDAP

8.0
80%
18 Ratings
7.9
79%
8 Ratings

Firewall Management Console

8.8
88%
20 Ratings
9.7
97%
8 Ratings

Reporting and Logging

8.7
87%
20 Ratings
8.7
87%
9 Ratings

VPN

9.5
95%
17 Ratings
8.8
88%
9 Ratings

High Availability

9.9
99%
19 Ratings
8.9
89%
9 Ratings

Stateful Inspection

9.2
92%
20 Ratings
8.9
89%
9 Ratings

Proxy Server

7.4
74%
14 Ratings
8.2
82%
9 Ratings

Attribute Ratings

  • Cisco Secure Firewall is rated higher in 1 area: Likelihood to Recommend

Likelihood to Recommend

9.5

Cisco Secure Firewall

95%
20 Ratings
9.1

pfSense

91%
22 Ratings

Usability

8.0

Cisco Secure Firewall

80%
1 Rating

pfSense

N/A
0 Ratings

Support Rating

7.9

Cisco Secure Firewall

79%
6 Ratings

pfSense

N/A
0 Ratings

Likelihood to Recommend

Cisco

If you are already using [a] Cisco product like the Cisco ASA Series and you need more security on layer 7 then you can upgrade with firepower. This is well suited for middle and big organizations. If your company deals with credit card information then you should buy this firewall. It provides you all the features to stop any type of advanced attack on your organization
Read full review

Netgate (Rubicon Communications, LLC)

For fast-growing or SME companies, pfSense is quite suitable because pfSense already had many advanced features such as VPN and multiple WAN / LAN. As a result, we just need to pay for expensive router frequently to upgrade our infrastructure.
Read full review

Pros

Cisco

  • Updates with the HA Pair are incredibly easy and automated
  • FMC with Firepowers provide a single place to view information about devices and connections
  • Tedious policy changes can be staged during the working hours and then deployed in one click after hours
Read full review

Netgate (Rubicon Communications, LLC)

  • pfSense is an excellent firewall - It logs all of your traffic. It has packages you can install to snort bad traffic.
  • pfSense has a tool called "p0f" which allows you to see what type of OS is trying to connect to you. You can filter these results and you can also block a specific OS from connecting to you.
  • pfSense is an excellent load-balancer: (Multi-WAN and Server Load Balancing) The fail-over/aggregation works very well. This is perfect if your business uses multiple ISP's to ensure your customers are always able to access their data. Also helps with bandwidth distribution as well.
  • VPN's - I am not entirely sure if this package was free with pfSense, but it does offer the ability to use OpenVPN which is what I am familiar with.
  • They also have IPsec in the settings as well, but I am not familiar with that enough to go into any detail with it.
  • As I mentioned I do use OpenVPN the only thing I don't care for with it is I can create OpenVPN configs for each user I want to be able to VPN into the network and I assumed each one would be "unique" but this does not seem to be the case. I could be doing it wrong, but if I create a config for a specific employee I would expect only that employee should be able to use that config, but I have been able to login to everyone that I made using my credentials.
  • I mentioned earlier that pfSense had a GUI.
  • I personally really think it is cool because it has a bunch of reporting graphs for monitoring your networks. I think when I become the full-time admin at the company I am going to try to talk them into getting me a TV I can mount on the wall and display all the graphs and real-time info pfSense shows so I can monitor what is going on with the network(s) at all times. Plus I think it would look rad.
Read full review

Cons

Cisco

  • The UI in Cisco Firepower formerly Sourcefire) is complicated and entirely redundant. A lot of these features are not useful, and therefore, it can be removed from the main window.
  • The interface is very slow, with each operation taking a lot of time. Searching through the logs takes too much time.
Read full review

Netgate (Rubicon Communications, LLC)

  • There is no API for making changes. This can be a hindrance in environments where auto-deploying something needs firewall rules or HAProxy configs updated. Since all settings are stored in an XML file and then configs are generated from that, even manually updating config files cannot be done.
  • Beware that some network cards can have issues. pfSense is based on FreeBSD, so it's best to look on their compatibility list before deploying.
Read full review

Pricing Details

Cisco Secure Firewall

Starting Price

Editions & Modules

Cisco Secure Firewall editions and modules pricing
EditionModules

Footnotes

    Offerings

    Free Trial
    Free/Freemium Version
    Premium Consulting/Integration Services

    Entry-level set up fee?

    No setup fee

    Additional Details

    Pricing Info

    pfSense

    Starting Price

    $179 per appliance

    Editions & Modules

    pfSense editions and modules pricing
    EditionModules
    SG-11001791
    SG-21002292
    SG-31003993
    SG-51006994
    XG-7100-DT8995
    XG-7100-1U9996
    XG-153719497
    XG-154126498

    Footnotes

    1. per appliance
    2. per appliance
    3. per appliance
    4. per appliance
    5. per appliance
    6. per appliance
    7. per appliance
    8. per appliance

    Offerings

    Free Trial
    Free/Freemium Version
    Premium Consulting/Integration Services

    Entry-level set up fee?

    No setup fee

    Additional Details

    Usability

    Cisco

    It's overall very great, however the Management Console needs updating to fix the slowness of policy and rule deployments.
    Read full review

    Netgate (Rubicon Communications, LLC)

    No answers on this topic

    Support Rating

    Cisco

    Cisco support is not at all suitable for this product, at least. It takes a long for them to help us with our server issues. A lot of the time, the customer support person keeps on redirecting calls to another person. They need to be well versed with the terminologies of the product they are supporting us with. Support needs a lot of improvement. Cisco Fire Linux OS, the operating system behind Cisco Firepower NGFW (formerly Sourcefire), also doesn't receive regular patches. In short, average customer service.
    Read full review

    Netgate (Rubicon Communications, LLC)

    No answers on this topic

    Alternatives Considered

    Cisco

    Cisco Firepower firewalls have all the features expected of an NGFW. Managed with a Cisco Secure Firewall Management Center, most of the learning curve is just knowing where in the menus to go to do what you want. All brands of firewalls work as expected, and learning each GUI is the trick. The GUI for Cisco Secure Firewall Management Center is simple. Though when devices are registered to Cisco Secure Firewall Management Center, there are no options to make changes locally and sync them back to the management center. That does limit accessing a remote site that might go down.
    Read full review

    Netgate (Rubicon Communications, LLC)

    Before pfSense we were using consumer and small business rated network appliances from Linksys, Cisco, Buffalo and Netgear. We were replacing them on average of every 6-12 months because they'd fail or would offer poor wifi availability. Switching to pfSense allowed us to use professional grade switches and wifi access points, offloading all of the services that the consumer grade products took care of, onto pfSense (DHCP, DNS, routing, firewall, VPN, etc).
    Read full review

    Return on Investment

    Cisco

    • This product is great for inspection and normal firewall controls.
    • If there's a bug in it, it can take a lot of resource time to chase it and work around it.
    • Deciphering which data is useful has taken a bit of time and trimming.
    Read full review

    Netgate (Rubicon Communications, LLC)

    • Moving to a FWaaS solution installed on a decent computer the initial investment was moderate to cover 50 to 250 users, but still being cheaper that a Fortinet, Cisco ASA, or a Sophos UTM.
    • Paying only for support can be a double edge knife, cause you need to identify what's the goal of the request, or your drown into a an endless list of requirements.
    • To stay in the top with the half of a regular investment pFSense gives a wide variety of plugins that will give you a deep knowledge of your security flaws and strong points.
    Read full review

    Add comparison