We just raised a $30M Series A: Read our story

Compare Zyxel Unified Security Gateway vs. pfSense

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Fortinet, Check Point, Netgate and others in Firewalls. Updated: November 2021.
552,136 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch.""The most valuable features of this solution are the integrations and IPS throughput.""The feature set is fine and is rarely a problem.""It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS.""Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be.""Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality.""The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate.""Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening."

More Cisco Firepower NGFW Firewall Pros »

"I have found pfSense to be stable.""It has a good web cache. I used to use a DHCP server and DNS server. For my company, I use pfSense as a load balancing application.""Great extensibility of the platform.""At our peak time, we have reached more than 5,000 concurrent connections.""The initial setup is straightforward.""The documentation is very good.""What I like about pfSense is that it works well and runs on an inexpensive appliance.""The solution is very easy to use and configure."

More pfSense Pros »

"This is a capable appliance and the standard features work well for us.""The solution can scale well."

More Zyxel Unified Security Gateway Pros »

Cons
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area.""On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it.""Cisco Firepower NGFW Firewall can be more secure.""When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance.""The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore.""One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box.""I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here.""It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."

More Cisco Firepower NGFW Firewall Cons »

"Web interface could be enhanced and more user friendly.""Lacks instructional videos.""The technical support needs to be improved.""The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time.""The access control aspect of the product could be improved.""The configuration of the solution is a bit difficult.""The user interface can be improved to make it easier to add more features. And pfSense could be better integrated with other solutions, like antivirus.""I'd like to find something in pfSense that is more specific to URL filtering. We have customers who would like to filter their web traffic. They would like to be able to say to their employees, "You can surf the web, but you cannot get access to Facebook or other social media," or "You can surf the web, but you're not allowed to gamble or watch porn on the web." My technicians say that doing this kind of stuff with pfSense nowadays is not easy. They can implement some filters using IP addresses but not by using the names of the domains and categories. So, we are not able to exclude some categories from the allowed traffic, such as porn, gambling, etc. To do that, we have to use another product and another web filter that uses DNS. I know that there are some third-party products that could work with pfSense, but I'd like the native pfSense solution to do that."

More pfSense Cons »

"Sometimes it reboots when you least expect it, and that's the main issue.""Although manageable, the user interface is a little bit slow and could be improved."

More Zyxel Unified Security Gateway Cons »

Pricing and Cost Advice
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive.""The price of Firepower is not bad compared to other products.""It definitely competes with the other vendors in the market.""The price is comparable.""Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain.""I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way.""Its price is in the middle range. Both Firepower and FortiGate are not cheap. Palo Alto and Check Point are the cheapest ones. I don't remember any costs in addition to the standard licensing fees.""This product requires licenses for advanced features including Snort, IPS, and malware detection."

More Cisco Firepower NGFW Firewall Pricing and Cost Advice »

"I am using the free version of pfSense.""I spent a couple of $1,000 on hardware, and the OS was free. A comparable firewall would cost me probably 20 grand. It saved a lot of money.""It has almost zero cost, and it is open to us. It runs on a small appliance just for a couple of 100 bucks, and I've never had an appliance burn out on me yet.""This solution provides enterprise-level features at a fraction of the cost of an enterprise firewall.""Looking at what it does, I think that it is fairly priced.""I like the fact that it is open-source.""The solution is free. However, you need to pay for support.""Its price is pretty fair."

More pfSense Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
552,136 professionals have used our research since 2012.
Questions from the Community
Top Answer:  When you compare these firewalls you can identify them with different features, advantages, practices and… more »
Top Answer:  The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
Top Answer: It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
Top Answer: You don't really specify what type of router you are looking for but if you are talking about a gateway router I… more »
Top Answer: Fortinet’s Fortigate is a firewall solution we use and are very much satisfied with its performance. We find Fortigate… more »
Top Answer: Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
Top Answer: We have a yearly licensing agreement with the company. The licenses are okay. The costs are pretty low.
Top Answer: I have never seen it in any company that I've worked with before, and I would advise other companies not to buy it. The… more »
Comparisons
Also Known As
Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
Learn More
Netgate
Video Not Available
Overview

Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

Providing comprehensive network security solutions for the enterprise, large business and SOHO, pfSense solutions bring together the most advanced technology available to make protecting your network easier than ever before. Our products are built on the most reliable platforms and are engineered to provide the highest levels of performance, stability and confidence.

ZyWALL USG Series delivers high-access quality to help businesses satisfy the demand for always-online communications. For internal deployments, the ZyWALL USG Series provides active-passive High-Availability (HA) service to support device or connection failover.

With Device HA Pro service, the ZyWALL USG Series also supports instant failover, so connections are always maintained when a failover event occurs. For external deployments, the ZyWALL USG Series features multi- WAN load balancing/failover and a comprehensive mobile broadband USB modem support list for WAN backup operations. The ZyWALL USG Series also supports IPSec load balancing and failover, providing additional resilience for mission-critical VPN failover with VTI Interface deployments.

ZyWALL USG110/210/310 thoroughly protects networks with industry-leading firewall, Anti-Malware/ Virus, Anti-Spam, Content Filtering, IDP, and Application Patrol functionality. Regulate unauthorized use of Web applications over your network, such as Facebook, Google apps, and Netflix, among others. Zyxel security measures are enhanced with SSL Inspection, blocking threats hidden in SSL-encrypted connections while facilitating deeper policy enforcement. Furthermore, newly improved Content Filtering 2.0 enhances HTTPS Domain Filter, Browser SafeSearch, and Geo IP Blocking for an array of security enhancements to ensure clean Web connections.

Offer
Learn more about Cisco Firepower NGFW Firewall
Learn more about pfSense
Learn more about Zyxel Unified Security Gateway
Sample Customers
Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
Nerds On Site Inc., RKC Development Inc., Expertech, Fisher's Technology, Ncisive, Consulting, CPURX, Vaughn's Computer House Calls, Imeretech LLC, Digital Crisis, Carolina Digital Phone, Technigogo Technology Services, The Simple Solution, SwiftecITInc, Rocky Mountain Tech Team, Free Range Geeks, Alaska Computer Geeks, Lark Information Technology, Renaissance Systems Inc., Cutting Edge Computers, Caretech LLC, GoVanguard, Network Touch Ltd, P.C. Solutions.Net, Vision Voice and Data Systems LLC, Montgomery Technologies, Techforce, Concero Networks, ASONInc, CPS Electronics and Consulting, Darkwire.net LLC, IT Specialists, MBS-Net Inc., VOICE1 LLC, Advantage Networking Inc., Powerhouse Systems, Doxa Multimedia Inc., Pro Computer Service, Virtual IT Services, A&J Computers Inc., Envision IT LLC, CommunicaONE Inc., Bone Computer Inc., Amax Engineering Corporation, QPG Ltd. Co., IT 101 Inc., Perfect Cloud Solutions, Applied Technology Group Inc., The Digital Sun Group LLC, Firespring
Information Not Available
Top Industries
REVIEWERS
Comms Service Provider22%
Financial Services Firm16%
Government8%
Non Profit8%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company21%
Government7%
Manufacturing Company4%
REVIEWERS
Comms Service Provider11%
University9%
Marketing Services Firm9%
Computer Software Company7%
VISITORS READING REVIEWS
Comms Service Provider43%
Computer Software Company15%
Government6%
Media Company4%
VISITORS READING REVIEWS
Comms Service Provider47%
Computer Software Company16%
Government6%
Manufacturing Company3%
Company Size
REVIEWERS
Small Business43%
Midsize Enterprise28%
Large Enterprise29%
VISITORS READING REVIEWS
Small Business21%
Midsize Enterprise13%
Large Enterprise66%
REVIEWERS
Small Business71%
Midsize Enterprise17%
Large Enterprise12%
VISITORS READING REVIEWS
Small Business59%
Midsize Enterprise13%
Large Enterprise28%
No Data Available
Find out what your peers are saying about Fortinet, Check Point, Netgate and others in Firewalls. Updated: November 2021.
552,136 professionals have used our research since 2012.

pfSense is ranked 3rd in Firewalls with 53 reviews while Zyxel Unified Security Gateway is ranked 9th in Unified Threat Management (UTM) with 2 reviews. pfSense is rated 8.6, while Zyxel Unified Security Gateway is rated 6.0. The top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". On the other hand, the top reviewer of Zyxel Unified Security Gateway writes "Low cost but unresponsive technical support and very unstable performance". pfSense is most compared with OPNsense, Fortinet FortiGate, Sophos UTM, Sophos XG and Stormshield Network Security, whereas Zyxel Unified Security Gateway is most compared with Fortinet FortiOS, Fortinet FortiGate, WatchGuard Firebox, Sophos UTM and SonicWall NSa.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.