We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."
"The solution offers very easy configurations."
"The most valuable feature is stability."
"The most valuable features of this solution are the integrations and IPS throughput."
"One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses."
"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"A good intrusion prevention system and filtering."
"Firewall and overall management are valuable features."
"The information security features are the most valuable."
"The main features I find useful are intrusion prevention and web filtering. Additionally, the solution is easy to manage."
"The solution is very user friendly."
"The VDOM (Virtual DOM) is a virtualized firewall that has some opportunities for flexibility that are an advantage in certain configurations."
"There are a lot of features that we like within the solution. The resources or performance of the firewall is very good. However, the real selling point is the fact that the solution offers so many features, it gives our clients a lot of extras that they can work with. There's a lot on offer."
"Performance-wise, I think FortiOS is much better than its Juniper counterpart. Based on our actual experience and performance metrics, FortiOS-based products are much better than Juniper."
"There are many useful features, such as web security and advanced threat detection."
"The solution is good for a basic firewall for a small business or for home use."
"The graphic user interface is very good and it is user-friendly which makes the product easy-to-use."
"The initial implementation process is simple."
"The most valuable features in OPNsense are reporting and visibility."
"The most valuable features are reporting, the Sensei plugin, and firewall capabilities."
"OPNsense is easy to scale when running on the hardware."
"The interface and the dashboard are the most valuable features of this solution."
"I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"The performance should be improved."
"Cisco makes horrible UIs, so the interface is something that should be improved."
"An area of improvement for this solution is the console visualization."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"The reporting and monitoring could improve, they have a lot of limitations. The monitoring is not easy compared to the other firewall."
"It could more scalable for the lower end users."
"FortiOS doesn't work well with all browsers. I think they need to do a better job of making it compatible with the various browsers that are out there."
"They're using a lot of application-specific IC, so that may be causing some performance issues. And whenever a Fortinet adds new features, it can affect performance."
"It would be great if they can push the Microsoft updates through Fortinet OS and provide a centralized patch management system. They should also include the data loss prevention (DLP) and data leakage prevention features. They could also add network monitoring more effectively."
"Right now, it's very trendy to integrate everything into the cloud. This solution would be more effective if they did more integration in that regard."
"The implementation could be simplified."
"Fortinet needs to make this solution even more robust. Sometimes when we get a DDoS attack, the cannot withstand it. We can run out of sessions very easily. That said, I suppose if you want more a robust system, then you could purchase higher-end solutions, which are more expensive. Still, I would like to see more protection from even in the low-end version."
"There should be more technical documentation."
"There are issues with stability and reliability."
"The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs."
"The solution would not be suitable for anything large-scale."
"I would like to see better SD-WAN performance."
"The only thing that I would like to see improved is the Insight or the NetFlow analysis part. It would be good to have the possibility to dig down on the Insight platform. Right now, we can easily do only a few analyses. If this page becomes more powerful, it surely will be a well-adopted platform."
"The solution could be more secure."
"While they do have paid options that actually gives better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet."
"Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"The price is comparable."
"This product is expensive."
"I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
"Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
"I am happy with the product in general, including the pricing."
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
"The price of Fortinet FortiOS has been reasonable."
"The support contracts are usually about $100 - $200 a device."
"The software costs roughly half what the hardware costs. Overall, the product is expensive."
"There is a license required for the solution and the price is fair."
"It is not an expensive product. Basically, I deployed it because it was the fastest solution to satisfy our needs in open source."
"OPNsense is a well known open-source tool."
"OPNsense is open source software so at this time it is free for us to use."
"The solution is not expensive."
"OPNsense is an open-source solution and it is free to use."
"As an appliance, it's in the medium price range."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Control all the security and networking capabilities in all your FortiGates across your entire network with one intuitive operating system. Improve your protection and visibility while reducing operating expenses and saving time with a truly consolidated next generation enterprise firewall platform.
OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources.
Fortinet FortiOS is ranked 20th in Firewalls with 13 reviews while OPNsense is ranked 19th in Firewalls with 11 reviews. Fortinet FortiOS is rated 8.4, while OPNsense is rated 8.0. The top reviewer of Fortinet FortiOS writes "Robust, scales well using FortiManager, and you have a choice of two different modes to run in". On the other hand, the top reviewer of OPNsense writes "A solution that detects and blocks malicious content with good reporting and visibility, but the reliability needs improvement". Fortinet FortiOS is most compared with Fortinet FortiWeb, Zyxel Unified Security Gateway, Azure Firewall, Darktrace and LiveAction LiveNX, whereas OPNsense is most compared with pfSense, Untangle NG Firewall, Sophos XG, Sophos UTM and Fortinet FortiGate. See our Fortinet FortiOS vs. OPNsense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.