25 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 7.7 out of 100
45 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 9.1 out of 100

Likelihood to Recommend

Cisco Secure Web Appliance (formerly Cisco WSA)

We have both scenarios where we can describe that. For example, in the HQ, where we have about 3,000 users, Cisco IronPort Web Security Appliance is the ideal solution, because we can consolidate all the Internet access, policies, rules, etc. in the same box. However, if you have small offices with a few users, it's hard to justify one big and expensive box that could cost more than the whole office infrastructure.
Eduardo Viero | TrustRadius Reviewer

pfSense

For fast-growing or SME companies, pfSense is quite suitable because pfSense already had many advanced features such as VPN and multiple WAN / LAN. As a result, we just need to pay for expensive router frequently to upgrade our infrastructure.
Allan Leung | TrustRadius Reviewer

Feature Rating Comparison

Firewall

Cisco Secure Web Appliance (formerly Cisco WSA)
pfSense
7.7
Identification Technologies
Cisco Secure Web Appliance (formerly Cisco WSA)
pfSense
6.7
Visualization Tools
Cisco Secure Web Appliance (formerly Cisco WSA)
pfSense
6.0
Content Inspection
Cisco Secure Web Appliance (formerly Cisco WSA)
pfSense
5.5
Policy-based Controls
Cisco Secure Web Appliance (formerly Cisco WSA)
pfSense
7.6
Active Directory and LDAP
Cisco Secure Web Appliance (formerly Cisco WSA)
pfSense
7.5
Firewall Management Console
Cisco Secure Web Appliance (formerly Cisco WSA)
pfSense
8.6
Reporting and Logging
Cisco Secure Web Appliance (formerly Cisco WSA)
pfSense
7.3
VPN
Cisco Secure Web Appliance (formerly Cisco WSA)
pfSense
9.0
High Availability
Cisco Secure Web Appliance (formerly Cisco WSA)
pfSense
8.7
Stateful Inspection
Cisco Secure Web Appliance (formerly Cisco WSA)
pfSense
8.7
Proxy Server
Cisco Secure Web Appliance (formerly Cisco WSA)
pfSense
8.7

Pros

Cisco Secure Web Appliance (formerly Cisco WSA)

  • SMA gave us central control over multiple servers, simplifying management.
  • Performance of the Appliance VM exceeded that of our old physical appliance-based solution.
  • Convenient licensing for virtualized environments that allows easy scaling.
Anonymous | TrustRadius Reviewer

pfSense

  • pfSense is an excellent firewall - It logs all of your traffic. It has packages you can install to snort bad traffic.
  • pfSense has a tool called "p0f" which allows you to see what type of OS is trying to connect to you. You can filter these results and you can also block a specific OS from connecting to you.
  • pfSense is an excellent load-balancer: (Multi-WAN and Server Load Balancing) The fail-over/aggregation works very well. This is perfect if your business uses multiple ISP's to ensure your customers are always able to access their data. Also helps with bandwidth distribution as well.
  • VPN's - I am not entirely sure if this package was free with pfSense, but it does offer the ability to use OpenVPN which is what I am familiar with.
  • They also have IPsec in the settings as well, but I am not familiar with that enough to go into any detail with it.
  • As I mentioned I do use OpenVPN the only thing I don't care for with it is I can create OpenVPN configs for each user I want to be able to VPN into the network and I assumed each one would be "unique" but this does not seem to be the case. I could be doing it wrong, but if I create a config for a specific employee I would expect only that employee should be able to use that config, but I have been able to login to everyone that I made using my credentials.
  • I mentioned earlier that pfSense had a GUI.
  • I personally really think it is cool because it has a bunch of reporting graphs for monitoring your networks. I think when I become the full-time admin at the company I am going to try to talk them into getting me a TV I can mount on the wall and display all the graphs and real-time info pfSense shows so I can monitor what is going on with the network(s) at all times. Plus I think it would look rad.
Charles R. Coggins III | TrustRadius Reviewer

Cons

Cisco Secure Web Appliance (formerly Cisco WSA)

  • The default metrics on the dashboard visualization are not that useful. It is not much customizable too. Some of the dashboard features like load, volume, etc. can have a hide option.
  • The false negatives are more than false positives. A lot of the times, it verdicts the same email as malicious and non-malicious. This can be reduced.
Kuntal Das | TrustRadius Reviewer

pfSense

  • There is no API for making changes. This can be a hindrance in environments where auto-deploying something needs firewall rules or HAProxy configs updated. Since all settings are stored in an XML file and then configs are generated from that, even manually updating config files cannot be done.
  • Beware that some network cards can have issues. pfSense is based on FreeBSD, so it's best to look on their compatibility list before deploying.
Aaron Smith | TrustRadius Reviewer

Usability

Cisco Secure Web Appliance (formerly Cisco WSA)

Cisco Secure Web Appliance (formerly Cisco WSA) 9.0
Based on 1 answer
Because it's one of those products you almost don't realize it exists from the end user. From the administrator perspective, you can do everything on its web interface and it's very intuitive to manage, once you know the concepts behind identities, acls, etc. Also, once you build the control structure, I mean, you link 'local' groups with your own Active Directory groups, as we did here, you don't need to be managing those things on the appliance itself.
Eduardo Viero | TrustRadius Reviewer

pfSense

No score
No answers yet
No answers on this topic

Support Rating

Cisco Secure Web Appliance (formerly Cisco WSA)

Cisco Secure Web Appliance (formerly Cisco WSA) 7.0
Based on 4 answers
Our experience with Cisco's support was terrible. Other than the fact that they don't respond to service-related emails with urgency, they also keep on changing the policies that affected us. Recently, they came up with a new look for the same software, which was insanely slow. Renewal of keys for the old interface took months. Overall, the support was not very friendly from the users' point of view.
Kuntal Das | TrustRadius Reviewer

pfSense

No score
No answers yet
No answers on this topic

Alternatives Considered

Cisco Secure Web Appliance (formerly Cisco WSA)

At home I have a McAfee service that does similar tasks and helps manage the users of my internet. McAfee seems more user friendly and easier to set exceptions.
Anonymous | TrustRadius Reviewer

pfSense

Before pfSense we were using consumer and small business rated network appliances from Linksys, Cisco, Buffalo and Netgear. We were replacing them on average of every 6-12 months because they'd fail or would offer poor wifi availability.Switching to pfSense allowed us to use professional grade switches and wifi access points, offloading all of the services that the consumer grade products took care of, onto pfSense (DHCP, DNS, routing, firewall, VPN, etc).
Jim Rubenstein | TrustRadius Reviewer

Return on Investment

Cisco Secure Web Appliance (formerly Cisco WSA)

  • Security! Security! Security! We are financial company that work with very sensitive information. A lot of unsafe traffic was blocked on the Cisco IronPort WSA over years of using it. We did not earn on it but absolutely sure that we did not lose 'gazillion' of dollars being infected or scammed.
  • Easy to configure and use, no need to teach new personnel how work with this product (hopefully saving time = saving money).
  • Unfortunately the price of license subscription made financial managers push IT dept. to look for something cheaper.
Valery Mezentsau | TrustRadius Reviewer

pfSense

  • Moving to a FWaaS solution installed on a decent computer the initial investment was moderate to cover 50 to 250 users, but still being cheaper that a Fortinet, Cisco ASA, or a Sophos UTM.
  • Paying only for support can be a double edge knife, cause you need to identify what's the goal of the request, or your drown into a an endless list of requirements.
  • To stay in the top with the half of a regular investment pFSense gives a wide variety of plugins that will give you a deep knowledge of your security flaws and strong points.
Victor Arana | TrustRadius Reviewer

Pricing Details

Cisco Secure Web Appliance (formerly Cisco WSA)

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Cisco Secure Web Appliance (formerly Cisco WSA) Editions & Modules

Additional Pricing Details

pfSense

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

pfSense Editions & Modules

Edition
SG-1100$1791
SG-2100$2291
SG-3100$3991
SG-5100$6991
XG-7100-DT$8991
XG-7100-1U$9991
XG-1537$1,9491
XG-1541$2,6491
  1. per appliance
Additional Pricing Details

Rating Summary

Likelihood to Recommend

Cisco Secure Web Appliance (formerly Cisco WSA)
7.5
pfSense
8.7

Usability

Cisco Secure Web Appliance (formerly Cisco WSA)
9.0
pfSense

Support Rating

Cisco Secure Web Appliance (formerly Cisco WSA)
7.0
pfSense

Add comparison