We just raised a $30M Series A: Read our story

Compare Cisco ASA Firewall vs. pfSense

Cancel
You must select at least 2 products to compare!
Cisco ASA Firewall Logo
61,780 views|45,842 comparisons
pfSense Logo
81,725 views|65,715 comparisons
Featured Review
Find out what your peers are saying about Cisco ASA Firewall vs. pfSense and other solutions. Updated: November 2021.
552,695 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"Provides good integrations and reporting.""The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable.""When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well.""The most valuable feature is stability.""There are no issues that we are aware of. It does its job silently in the background.""Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening.""The feature set is fine and is rarely a problem.""Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."

More Cisco Firepower NGFW Firewall Pros »

"If you have a solution that is creating a script and you need to deploy many implementations, you can create a script in the device and it will be the same for all. After that, you just have to do the fine tuning.""I have not contacted technical support. There is a lot of information on the internet for troubleshooting. All you need to do is use a search engine and you will find the information you are looking for easily.""The most valuable feature we have found to be the VPN because we use it often.""Netting is one of the best features. We can modify it in different ways. Site-to-site VPN is also an awesome feature of Cisco ASA. The biggest advantage of Cisco products is technical support. They provide the best technical support.""The most valuable feature is the ability to block almost all of the ports.""The user interface is easy to navigate.""I have found the most valuable feature to be the access control and IPsec VPN.""The configuration support is very good. You can find a lot of configuration samples and troubleshooting tips on the internet, which is very good."

More Cisco ASA Firewall Pros »

"We like the fact that the product is open-source. It's free to use. There are no costs associated with it.""I like pfSense's reports and how I can control access to the policies on the firewall.""pfSense is easy to use, has user-friendly dashboards, and useful blocking features.""What I like about pfSense is that it works well and runs on an inexpensive appliance.""Technical support is perfect, excellent.""I have found the most valuable features to be antivirus and malware protection.""Content protection, content inspection, and the application level firewall.""The most valuable features of pfSense are the reports, monitoring, filtration, and blocking incoming and outgoing traffic."

More pfSense Pros »

Cons
"The initial setup can be a bit complex for those unfamiliar with the solution.""I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here.""The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved.""In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard.""Cisco makes horrible UIs, so the interface is something that should be improved.""One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue.""The solution could offer better control that would allow the ability to restrictions certain features from a website.""We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."

More Cisco Firepower NGFW Firewall Cons »

"An area for improvement is the graphical user interface. That is something that is coming up now. They could make the product more user-friendly. A better GUI is something that would make life much easier.""We have more than one Cisco firewall and it is difficult for me to integrate both on the single UI.""The graphical interface could be improved. From what I have seen, Fortinet, for example, has a nicer GUI.""The stability is not the best.""They need to do an overhaul of the management console.""You shouldn't have to use the ASDM to help manage the client.""They should improve their interface.""Cisco ASA Firewall could improve by adding more advanced features such as web filtering, which is available in the next-generation firewalls. However, the Cisco ASA Firewall I am using could be old and these features have been updated."

More Cisco ASA Firewall Cons »

"This solution is good for small businesses but it is not as stable as other competitors such as Fortinet.""User interface is a little clumsy.""Also, simplifying the rules for the GeoIP. Making it simpler to understand would be an improvement.""It could use a little bit of improvement in the reporting.""The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them.""I'd like to find something in pfSense that is more specific to URL filtering. We have customers who would like to filter their web traffic. They would like to be able to say to their employees, "You can surf the web, but you cannot get access to Facebook or other social media," or "You can surf the web, but you're not allowed to gamble or watch porn on the web." My technicians say that doing this kind of stuff with pfSense nowadays is not easy. They can implement some filters using IP addresses but not by using the names of the domains and categories. So, we are not able to exclude some categories from the allowed traffic, such as porn, gambling, etc. To do that, we have to use another product and another web filter that uses DNS. I know that there are some third-party products that could work with pfSense, but I'd like the native pfSense solution to do that.""It needs to be more secure.""The configuration of the solution is a bit difficult."

More pfSense Cons »

Pricing and Cost Advice
"This product is expensive.""The solution was chosen because of its price compared to other similar solutions.""For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive.""The price is comparable.""I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs.""Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed.""When we purchased the firewall, we had to take the security license for IPS, malware protection, and VPN. If we are using high availability, we have to take a license for that. We also have to pay for hardware support and technical support. Its licensing is on a yearly basis.""Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."

More Cisco Firepower NGFW Firewall Pricing and Cost Advice »

"If we compare it with FortiGate and the co-existing ASA, FortiGate is better in price.""Cisco is expensive, but you do get benefits for the price.""It's very competitive with other products.""When it comes to Cisco, the price of everything is higher. Cisco firewalls are expensive, but we get support from Cisco, and that support is very active.""In terms of costs, other solutions are more expensive than Cisco. Palo Alto is more expensive than Cisco.""It's a brilliant firewall, and the fact that it comes with a perpetual license really does go far in terms of helping the organization in not having to deal with those costs on an annual basis. That is a pain point when it comes to services like the ones we have on Fortigate. That's where we really give Cisco firewalls the thumbs up.""I just bought it off the shelf, and I'm using it with my previous one, so I have not spent that much.""Cisco is considered to be an expensive solution."

More Cisco ASA Firewall Pricing and Cost Advice »

"I spent a couple of $1,000 on hardware, and the OS was free. A comparable firewall would cost me probably 20 grand. It saved a lot of money.""It's open-source and it's free. Anything for free is good.""It has almost zero cost, and it is open to us. It runs on a small appliance just for a couple of 100 bucks, and I've never had an appliance burn out on me yet.""There is an open-source community version that is available.""pfSense is open-source, but the support is something that the customer pays for.""It is open source.""The solution is free. However, you need to pay for support.""It is an open source firewall."

More pfSense Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
552,695 professionals have used our research since 2012.
Questions from the Community
Top Answer:  When you compare these firewalls you can identify them with different features, advantages, practices and… more »
Top Answer:  The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
Top Answer: It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
Top Answer: One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
Top Answer:  Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports… more »
Top Answer: When looking to change our ASA Firewall, we looked into Palo Alto’s WildFire. It works especially in preventing advanced… more »
Top Answer: You don't really specify what type of router you are looking for but if you are talking about a gateway router I… more »
Top Answer: Fortinet’s Fortigate is a firewall solution we use and are very much satisfied with its performance. We find Fortigate… more »
Top Answer: Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
Comparisons
Also Known As
Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv
Learn More
Netgate
Video Not Available
Overview

Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

Cisco ASA firewalls deliver enterprise-class firewall functionality with highly scalable and flexible VPN capabilities to meet diverse needs, from small/branch offices to high performance data centers and service providers. Available in a wide range of models, Cisco ASA can be deployed as a physical or virtual appliance. Flexible VPN capabilities include support for remote access, site-to-site, and clientless VPN. Also, select appliances support clustering for increased performance, VPN load balancing to optimize available resources, advanced high availability configurations, and more.

Cisco ASAv is the virtualized version of the Cisco ASA firewall. Widely deployed in leading private and public clouds, Cisco ASAv is ideal for remote worker and multi-tenant environments. The solution scales up/down to meet performance requirements and high availability provides resilience. Also, Cisco ASAv can deliver micro-segmentation to protect east-west network traffic.

Cisco firewalls provide consistent security policies, enforcement, and protection across all your environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables greater simplicity, visibility, and efficiency.

Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

Providing comprehensive network security solutions for the enterprise, large business and SOHO, pfSense solutions bring together the most advanced technology available to make protecting your network easier than ever before. Our products are built on the most reliable platforms and are engineered to provide the highest levels of performance, stability and confidence.
Offer
Learn more about Cisco Firepower NGFW Firewall
Learn more about Cisco ASA Firewall
Learn more about pfSense
Sample Customers
Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Nerds On Site Inc., RKC Development Inc., Expertech, Fisher's Technology, Ncisive, Consulting, CPURX, Vaughn's Computer House Calls, Imeretech LLC, Digital Crisis, Carolina Digital Phone, Technigogo Technology Services, The Simple Solution, SwiftecITInc, Rocky Mountain Tech Team, Free Range Geeks, Alaska Computer Geeks, Lark Information Technology, Renaissance Systems Inc., Cutting Edge Computers, Caretech LLC, GoVanguard, Network Touch Ltd, P.C. Solutions.Net, Vision Voice and Data Systems LLC, Montgomery Technologies, Techforce, Concero Networks, ASONInc, CPS Electronics and Consulting, Darkwire.net LLC, IT Specialists, MBS-Net Inc., VOICE1 LLC, Advantage Networking Inc., Powerhouse Systems, Doxa Multimedia Inc., Pro Computer Service, Virtual IT Services, A&J Computers Inc., Envision IT LLC, CommunicaONE Inc., Bone Computer Inc., Amax Engineering Corporation, QPG Ltd. Co., IT 101 Inc., Perfect Cloud Solutions, Applied Technology Group Inc., The Digital Sun Group LLC, Firespring
Top Industries
REVIEWERS
Comms Service Provider22%
Financial Services Firm16%
Manufacturing Company8%
Non Profit8%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company21%
Government7%
Manufacturing Company4%
REVIEWERS
Financial Services Firm17%
Comms Service Provider13%
Manufacturing Company10%
University6%
VISITORS READING REVIEWS
Comms Service Provider35%
Computer Software Company21%
Government5%
Educational Organization4%
REVIEWERS
Comms Service Provider11%
Marketing Services Firm9%
University9%
Construction Company7%
VISITORS READING REVIEWS
Comms Service Provider43%
Computer Software Company15%
Government6%
Media Company4%
Company Size
REVIEWERS
Small Business43%
Midsize Enterprise28%
Large Enterprise29%
VISITORS READING REVIEWS
Small Business21%
Midsize Enterprise13%
Large Enterprise66%
REVIEWERS
Small Business35%
Midsize Enterprise26%
Large Enterprise39%
VISITORS READING REVIEWS
Small Business28%
Midsize Enterprise16%
Large Enterprise56%
REVIEWERS
Small Business71%
Midsize Enterprise17%
Large Enterprise12%
VISITORS READING REVIEWS
Small Business59%
Midsize Enterprise13%
Large Enterprise28%
Find out what your peers are saying about Cisco ASA Firewall vs. pfSense and other solutions. Updated: November 2021.
552,695 professionals have used our research since 2012.

Cisco ASA Firewall is ranked 5th in Firewalls with 62 reviews while pfSense is ranked 3rd in Firewalls with 53 reviews. Cisco ASA Firewall is rated 8.0, while pfSense is rated 8.6. The top reviewer of Cisco ASA Firewall writes "Robust solution that integrates well with both Cisco products and products from other vendors". On the other hand, the top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". Cisco ASA Firewall is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, Meraki MX, Juniper SRX and Sophos XG, whereas pfSense is most compared with OPNsense, Fortinet FortiGate, Sophos UTM, Sophos XG and Zyxel Unified Security Gateway. See our Cisco ASA Firewall vs. pfSense report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.