We just raised a $30M Series A: Read our story

Compare Azure Firewall vs. OPNsense

Cancel
You must select at least 2 products to compare!
Azure Firewall Logo
17,364 views|14,754 comparisons
OPNsense Logo
38,466 views|31,756 comparisons
Featured Review
Find out what your peers are saying about Azure Firewall vs. OPNsense and other solutions. Updated: November 2021.
552,305 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic.""They wanted to leverage something which is equivalent that can give them the next gen features like application awareness and intrusion protection. So that is a major reason they were looking forward to this. The original ASA firewall did not have these features. This was the major reason the customer moved on to Cisco Firepower Threat Defense (FTD). Now they can go ahead and leverage those functionalities.""We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government.""One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful.""The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy.""Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity.""Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches.""When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well."

More Cisco Firepower NGFW Firewall Pros »

"We secure the entry point to the virtual data center with the firewall.""Great security and connectivity.""The solution can autoscale.""The solution is very stable. When comparing it to other environments, it's actually quite impressive.""The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats.""Azure Firewall's feature that I have found most valuable is its scalability.""The solution has many useful features. For example, the solution allows users to create virtual IP addresses.""Performance and stability are the key features of this product."

More Azure Firewall Pros »

"The most valuable features are reporting, the Sensei plugin, and firewall capabilities.""I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed.""The initial implementation process is simple.""The solution is good for a basic firewall for a small business or for home use.""The VPN server feature is the most valuable. It is integrated with Radius and AAA for doing accounting and authentication. Insight view is also an important feature for me at this time. It allows me to assess our network traffic. I also like the firewall feature. The BSD kernel has a packet filter. It is one of the most solid frameworks for firewalls. Its user interface is one of the best interfaces I have used.""The system in general is quite flexible.""OPNsense is easy to scale when running on the hardware.""The most valuable features in OPNsense are reporting and visibility."

More OPNsense Pros »

Cons
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue.""The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area.""The initial setup can be a bit complex for those unfamiliar with the solution.""The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved.""Deploying configurations takes longer than it should.""We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond.""When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance.""Web filtering needs improvement because sometimes the URL is miscategorized."

More Cisco Firepower NGFW Firewall Cons »

"The reporting, logging, and monitoring features, as well as the flexibility of the policies, need to be improved.""Azure Firewall has limited visibility for IDPS, no TLS inspection, no app ID, no user ID, no content ID, no device ID. There is no antivirus or anti-spyware. Azure Firewall doesn't scan traffic for malware unless it triggers an IDPS signature. There is no sandbox or machine learning functionality, meaning we are not protected from Zero-day threats. There is no DNS security and limited web categories.""It needs a lot of improvement, especially on intruder detection. They are working hard on that.""The threat intelligence part could be better. I don't see why our customers have to get an additional solution with Azure Firewall. It would be great if they made it on par with Palo Alto.""We find it's different implementing it region-to-region. It might help if it was universal across all regions.""The solution doesn't offer the same capabilities of Fortinet. It should offer intrusion prevention and advance filtering. These are two very useful features offered on Fortinet that Azure lacks.""Currently, it only supports IP addresses, so you have to be specific about the IPs that are in your environment.""The product could be made more customizable."

More Azure Firewall Cons »

"The interface needs to be simplified. It is not user-friendly.""I would like to see better SD-WAN performance.""There should be more technical documentation.""The solution would not be suitable for anything large-scale.""The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs.""The ability to set the VPN IP address would be a welcome addition.""The only thing that I would like to see improved is the Insight or the NetFlow analysis part. It would be good to have the possibility to dig down on the Insight platform. Right now, we can easily do only a few analyses. If this page becomes more powerful, it surely will be a well-adopted platform.""The logging could improve in OPNsense."

More OPNsense Cons »

Pricing and Cost Advice
"When we purchased the firewall, we had to take the security license for IPS, malware protection, and VPN. If we are using high availability, we have to take a license for that. We also have to pay for hardware support and technical support. Its licensing is on a yearly basis.""Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing.""For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive.""The solution was chosen because of its price compared to other similar solutions.""Its price is in the middle range. Both Firepower and FortiGate are not cheap. Palo Alto and Check Point are the cheapest ones. I don't remember any costs in addition to the standard licensing fees.""Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed.""The price of Firepower is not bad compared to other products.""It definitely competes with the other vendors in the market."

More Cisco Firepower NGFW Firewall Pricing and Cost Advice »

"Azure Firewall is quite an expensive product.""The licensing module is good.""Azure Firewall is more expensive. If Microsoft can make Azure Firewall cheaper, I can see that all clients will think of using it. One client used FortiGate because it is much cheaper. Some clients ask me for Cisco, but in the cloud estimate, I found its cost is the same as Azure Firewall.""The total cost of ownership is much less than Palo Alto, Cisco, or any other brand.""It is pay-as-you-go. So, you pay based on the usage. If I remember it well, there is a basic fee, and there is a traffic fee. It is not per month. It is per hour or something like that. It is not so expensive."

More Azure Firewall Pricing and Cost Advice »

"It is not an expensive product. Basically, I deployed it because it was the fastest solution to satisfy our needs in open source.""OPNsense is an open-source solution and it is free to use.""The solution is not expensive.""As an appliance, it's in the medium price range.""OPNsense is a well known open-source tool.""OPNsense is open source software so at this time it is free for us to use."

More OPNsense Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
552,305 professionals have used our research since 2012.
Questions from the Community
Top Answer:  When you compare these firewalls you can identify them with different features, advantages, practices and… more »
Top Answer:  The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
Top Answer: It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
Top Answer: Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure… more »
Top Answer: Both products are very stable and easily scalable. The setup of Azure Firewall is easy and very user-friendly and the… more »
Top Answer: Both of these solutions are excellent options that provide flexible scalability and solid security. Fortinet Fortigate… more »
Top Answer: Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
Top Answer: The system in general is quite flexible.
Top Answer: The main cost is the hardware. We don't pay anything for the software.
Comparisons
Also Known As
Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
Learn More
OPNsense
Video Not Available
Overview

Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources.

Offer
Learn more about Cisco Firepower NGFW Firewall
Learn more about Azure Firewall
Learn more about OPNsense
Sample Customers
Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
Information Not Available
CompuNet Systems GmbH,
Top Industries
REVIEWERS
Comms Service Provider22%
Financial Services Firm16%
Manufacturing Company8%
Non Profit8%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company21%
Government7%
Manufacturing Company4%
REVIEWERS
Computer Software Company25%
Financial Services Firm25%
Manufacturing Company17%
Government8%
VISITORS READING REVIEWS
Computer Software Company31%
Comms Service Provider22%
Government6%
Financial Services Firm5%
VISITORS READING REVIEWS
Comms Service Provider46%
Computer Software Company16%
Government7%
Media Company4%
Company Size
REVIEWERS
Small Business43%
Midsize Enterprise28%
Large Enterprise29%
VISITORS READING REVIEWS
Small Business21%
Midsize Enterprise13%
Large Enterprise66%
REVIEWERS
Small Business26%
Midsize Enterprise16%
Large Enterprise58%
VISITORS READING REVIEWS
Small Business17%
Midsize Enterprise14%
Large Enterprise69%
REVIEWERS
Small Business69%
Midsize Enterprise15%
Large Enterprise15%
Find out what your peers are saying about Azure Firewall vs. OPNsense and other solutions. Updated: November 2021.
552,305 professionals have used our research since 2012.

Azure Firewall is ranked 16th in Firewalls with 19 reviews while OPNsense is ranked 19th in Firewalls with 11 reviews. Azure Firewall is rated 7.4, while OPNsense is rated 8.0. The top reviewer of Azure Firewall writes "Good value for your money, good URL filtering, supports intrusion prevention, and is stable". On the other hand, the top reviewer of OPNsense writes "A solution that detects and blocks malicious content with good reporting and visibility, but the reliability needs improvement". Azure Firewall is most compared with Palo Alto Networks NG Firewalls, Palo Alto Networks VM-Series, Fortinet FortiGate-VM, Check Point NGFW and WatchGuard Firebox, whereas OPNsense is most compared with pfSense, Untangle NG Firewall, Sophos XG, Sophos UTM and Kerio Control. See our Azure Firewall vs. OPNsense report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.