Comparison between Hacom Firewall Appliances and Cisco ASA Firewalls

Printer-friendly versionPDF version

If performance and technical requirements are known and one is familiar with Cisco® ASA Security Appliances, the comparison tables are useful to select a comparable firewall for a particular application. Hacom offers several firewall systems utilizing the pfSense® software.

The pfSense website has the up-to-date and most comprehensive list of features in the following URL: http://www.pfsense.org/index.php?option=com_content&task=view&id=40&Itemid=43.

It also lists common deployments in the following: http://www.pfsense.org/index.php?option=com_content&task=view&id=71&Itemid=81.

All of the features and capabilities of pfSense® software are included and available for uses. However, some features require more hardware capabilities: higher CPU performance, larger memory capacity, or a hard-drive/SSD instead of flash memory. In contrast to commercial network security appliances like Cisco ASA firewalls, some of the features and capabilities require additional and more costly licenses. Some features of pfSense® software like Intrusion Detection and Prevention require third-party annual subscription; about $500/sensor for Snort.

However, we have a new class of servers which house two complete and independent physical systems in one chasis. They are used for fail-over and hardware redundancy purposes, that Cisco does not seem to have something equivalent. We list them along with the base model, just for comparisons. They are the Mars II Twin Blase D525 Firewall 1U server and the Jupiter IV Twin Blade Firewall 1U Server.

There are four tables corresponding to four groups of Hacom's firewall Products which utilize pfSense® software: Small and Branch Office Appliances, SMB and Corporate Headquarter Appliances, Internet Edge Appliances, and Data Center Appliances. The primary considerations are loosely based on CPU performances with trade-off to low-power consumptions. Small and Branch Office Firewalls are based on the low-power fanless 500 Mhz VIA C7 and the Intel Celeron G465. SMB and Corporate Headquarter Firewalls are based on the low-power fanless Intel Atom N270 and the CPU performance Intel i3-3220T, while Internet Edge Firewalls are those of the low-power Intel Atom D525 and high-performance Intel i5-3470S-based systems. The Data Center Firewalls are based on the multicore Enterprise class i7-3720QM and Xeon e3-1275V2 with memory capacity from 4-16GB.

Each table is divided into three sections: performance, technical and additional network security capabilities. If the performance or technical detail requirements are known, the tables can be used to quickly identify the appropriate security appliances. Although all of pfSense® software capabilities are available throughout the ranges, it is recommended that only the SMB and Corporate HQ Firewalls, Internet Edge Firewalls, and Data Center Firewalls are considered for additional network security capabilities, like UTM (Unified Threat Management), Anti-spam, anti-phishing, URL filtering or Content Security (Anti-virus, Anti-Spyware, File Blocking).

Please contact our technical support if there are questions about which firewalls are best for a particular application.

Cisco® is a register trademark of Cisco Systems, Inc.
Knowledge Base: