Cisco Secure Firewall and OPNsense both compete in the cybersecurity firewall category. Cisco has the upper hand in enterprise-grade security and support, while OPNsense offers a cost-effective and adaptable open-source alternative.
Features: Cisco Secure Firewall is known for advanced threat protection, stateful inspection, and robust VPN management. Its enterprise security features, including intrusion prevention and AnyConnect support, provide comprehensive protection. OPNsense offers a user-friendly interface, efficient VPN management, and flexibility through its community-driven approach, enriching open-source adaptability.
Room for Improvement: Cisco Secure Firewall users often encounter complex management interfaces and high costs, which can be prohibitive, especially for smaller enterprises. Additionally, the setup complexity and steep learning curve are challenges. OPNsense lacks some advanced commercial features and faces integration difficulties, particularly with new technologies, requiring ongoing adaptation from users. Consistent updates create an additional responsibility for adaptation.
Ease of Deployment and Customer Service: Cisco Secure Firewall's deployment can be intricate due to its tailored enterprise solutions, often requiring professional support. However, Cisco’s technical support is largely responsive and knowledgeable. In contrast, OPNsense’s straightforward deployment process and community-based support make it suitable for DIY setups, especially for open-source enthusiasts.
Pricing and ROI: Cisco Secure Firewall is priced at a premium, reflecting its extensive features and support, offering significant ROI for larger businesses through reduced downtime and enhanced security. OPNsense, being open-source, eliminates licensing costs, providing an attractive budget-friendly option for businesses desiring core firewall capabilities without extra expenses, despite lacking some of the advanced features.
Clients are now comfortable and not wasting productive hours on IT support.
The automation part is giving us a cost benefit and speed; we can react faster.
It's a very useful tool to mitigate and protect your enterprise.
The biggest return on investment when using Cisco Secure Firewall is that there's no waste in any infrastructure cost and licensing costs for us.
From my point of view, the biggest return on investment when using Cisco Secure Firewall is the single pane of glass, which is a huge plus for us.
The biggest return on investment for me when using Cisco Secure Firewall is reliability and robust network design.
The network attacks reduced by approximately 60% after using that, even without customizing the custom configuration yet.
For a very little investment, I was able to increase the security of my network.
They offer very accurate solutions.
The quick resolution of issues with Fortinet FortiGate is due to the support of the company and the fact that the equipment is easy to work with.
I would rate the technical support for Fortinet FortiGate a ten out of ten.
I have to provide many logs, yet problems remain unresolved, often requiring workarounds rather than solutions.
I have been working with them on firewalls, wireless, switching, and routing, and the support is the best.
They have expertise and provide solutions for the most difficult problems.
Compared to some open-source projects with weak support, OPNsense stands out for having both a strong community and commercial backing options.
I mainly rely on community support since the solution is open source.
If you say you do not have one, it is finished. This is where the monopoly starts.
They scale up really well from smaller models like the FortiGate 40 and 50 to bigger sites with the FortiGate 100 for more throughput - up to enterprise datacenters.
The variation comes in terms of the interfaces and throughputs, but from a security perspective, you get the same benefit, irrespective of whether you have an entry-level unit or an enterprise.
We determine sizing based on multiple factors: number of users, available links, traffic types, server count, services in use, and whether services will be published.
Scalability presents a challenge.
Compared to FortiGate and Palo Alto, it lags in configuration and other aspects.
Even with the highest one, the 4600, we still face issues, particularly when transitioning between screens; it becomes very slow.
Aside from these aspects, it demonstrated good scalability.
It supports routing, VPN setups, and traffic monitoring with additional packages like Snort and Suricata.
OPNsense is an extremely scalable solution.
We're experiencing 99.999% availability consistently.
I would rate the stability of Fortinet FortiGate a ten out of ten.
Currently, we are experiencing a general outage of one of the main internet service providers of the Dominican Republic, and we have not been impacted in our operations because with SD-WAN, we have another internet service provider and we are working with the second WAN connection without any disruption.
We have often encountered split-brain scenarios during failover processes and code upgrades, which have been persistent problems for us.
We work with a cluster with high availability, so if something goes wrong, we have it functioning.
Cisco Secure Firewall offers exceptional performance and stability.
For home and small network use, OPNsense is also reliable, providing enterprise-grade security at no cost.
OPNsense is the same, but it does have a way of installing the Realtek drivers, which gives you a lot more stability overall on the system.
The only challenge faced was its inadequacy to manage large voice traffic effectively, even with dedicated hardware.
Investing in a solution that can accommodate such growth would be more cost-effective than repeatedly purchasing new hardware.
While Fortinet claims to offer a comprehensive network solution, it falls short in addressing computer application issues, particularly server security.
When considering Sophos XG, which we also use, the logging and reporting functionality is notably more efficient.
My ongoing complaint for the last six years has been the lack of CLI functionality, which hinders my ability to work on the firewall, alongside concerns regarding deployment time.
Firepower Management Center is quite out of date compared to other vendors.
The integration between Cisco products themselves presents difficulties, such as SD-WAN configuration.
For high availability, it's crucial to have a method in place where a designated component oversees the entire process.
Improved guidance on package usage and integration beyond relying on external tutorials or community support would be beneficial.
I would like the APIs to be more mature and more developed and have more options to automate threat hunting.
Last year, I renewed the support for three years, which can sometimes be expensive but depends on the security benefits and how it helps us.
It offers cost savings as it is generally cheaper than the competition.
It is about 20% cheaper.
It's good to have them, however, it costs us a lot.
It's considered a premium, but people pay that price for Cisco.
There are a lot of in-place contracts for us that provide the benefit of discounts.
It is a free solution, and when you compare it to alternatives like FortiGate, which is quite powerful but also costly, the value becomes evident.
I would rate the pricing a nine out of ten, especially considering the availability of a free community edition.
It is free.
In terms of security, we have not experienced any security flaws or loopholes, and it has proven to be quite stable.
FortiGate has helped reduce the risk of cyberattacks that might disrupt our client's production.
These features help reduce our downtime, manage the ISPs, and deploy SLAs for all the website traffic.
What stands out positively about Cisco is their training and support, which has effectively prepared engineers to work with their products.
This is very important to my organization, as we work extensively with security because we are a bank, so we can keep the data safe.
Cisco Secure Firewall allows me to safeguard Layer 7 or Layer 3 and manage the security rules with the business needs of my organization.
The most valuable features include the basic firewall functionality and the GeoIP location services.
I can have a Wi-Fi VLAN and feel secure that the server network or the VM network that I have on a different VLAN are isolated, and they cannot talk to one another, which adds a great level of security.
It offers enterprise-grade features such as intrusion detection and prevention system, VPN support, traffic shaping, and web filtering, all without license cost.
Product | Market Share (%) |
---|---|
Fortinet FortiGate | 20.4% |
OPNsense | 11.0% |
Cisco Secure Firewall | 6.2% |
Other | 62.4% |
Company Size | Count |
---|---|
Small Business | 350 |
Midsize Enterprise | 130 |
Large Enterprise | 187 |
Company Size | Count |
---|---|
Small Business | 180 |
Midsize Enterprise | 126 |
Large Enterprise | 212 |
Company Size | Count |
---|---|
Small Business | 30 |
Midsize Enterprise | 5 |
Large Enterprise | 8 |
Fortinet FortiGate excels in providing integrated VPN, firewalling, and Unified Threat Management (UTM) with centralized management and high availability. It supports remote access and comprehensive threat protection, making it a preferred choice for securing networks.
Fortinet FortiGate offers a robust security platform with features such as strong intrusion prevention, application control, and web filtering. Its integration with Active Directory and SD-WAN functionality provides scalable solutions for large networks. Users appreciate its ease of use through centralized management interfaces, ensuring robust security with flexible configurations. However, FortiGate could enhance its graphical interface and technical support responsiveness, address firmware bugs and costly licensing, improve logging, integrate better with third-party tools, and strengthen scalability and memory for log storage. Complexity in configuration and the need for intuitive features are noted challenges, and there's a demand for advanced security, zero-trust capabilities, and AI integration.
What are the key features of Fortinet FortiGate?Fortinet FortiGate is widely implemented across industries like education, finance, and government. Companies use it for firewall protection, VPN, and SD-WAN capabilities, ensuring secure perimeter and data center security. It facilitates remote access management and traffic routing optimization, offering reliable security and connectivity solutions.
Cisco Secure Firewall provides comprehensive network security with advanced features such as application visibility, URL filtering, and malware protection. It combines a user-friendly interface with robust VPN capabilities, making it a reliable choice for varying network environments and industry applications.
Cisco Secure Firewall offers exceptional protection with its integration into Cisco's broader ecosystem, ensuring enhanced threat detection and policy unification. Despite its complexity in command-line interfaces and management, Cisco Secure Firewall remains a potent tool for safeguarding data. It is widely adopted for edge security, VPN services, perimeter defense, and traffic segmentation, especially in hybrid settings. Essential sectors like banking and telecom benefit from its stable connectivity and centralized security management. Though there are challenges with costs and support for third-party APIs, the firewall's scalability and high availability provide comprehensive support for protecting network assets.
What are the key features of Cisco Secure Firewall?Cisco Secure Firewall is widely implemented across sectors like banking, education, ISPs, and telecoms. It fortifies data centers and network edge security, delivering strong protection for client access, hybrid environments, and intrusion prevention. In these industries, firewall solutions ensure secure connectivity and manage RTU traffic effectively, leveraging centralized management and integration with Cisco's security tools.
OPNsense is an adaptable open-source firewall and routing platform appreciated for its flexibility, scalability, and user-friendly interface. It is equipped with robust security features and offers excellent reporting and visibility, essential for small businesses and home setups.
OPNsense stands out for its modular design, allowing cost-effective customization. This system supports VPNs and various firewall capabilities, making it suitable for securing networks from malicious traffic. Its frequent updates and extensive documentation, combined with a supportive online community, enhance user experience. However, there is room for improvement in integration with virtual servers and Azure. Scalability and hardware updates are important for large-scale environments, and users desire more reliable VPN solutions and enhanced threat intelligence tools.
What are OPNsense's most important features?OPNsense is implemented in industries requiring VPN and firewall functions, supporting site-to-site connections, protecting servers, and managing commercial network traffic. Companies apply it for security, UTM, SD-WAN, content filtering, intrusion detection, and prevention, utilizing its open-source nature and effectiveness as a next-generation firewall.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.