We performed a comparison between Cisco Secure Firewall and Meraki MX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Meraki MX is the winner in this comparison. It is easier to set up and more user-friendly than Cisco ASA Firewall. In addition, Meraki MX is a less expensive solution than Cisco Secure Firewall.
"The most valuable feature is the ease of configuration."
"It's great for capturing the traffic and troubleshooting it."
"Its stability is the most valuable."
"The user interface is relatively easy. The devices are easy to deploy and figure out when you have experience with other security appliances."
"This version is stable. I don't have any issues with this solution, in our environment, it works well."
"The solution is stable."
"The GUI is good."
"Initial setup is easy to configure."
"Application inspection, network segmentation, and encrypted traffic detection or encrypted traffic analysis (ETA) are valuable for our customers."
"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"The most valuable feature is the access control list (ACL)."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"A stable and solid solution for protection from external threats and for VPN connections."
"IPSec Tunnel and AnyConnect (of course), the context awareness was a good feature, but clumsy at the beginning. I think it's better now."
"The technical team is always available when we have problems."
"Implementing Cisco Secure Firewall has saved us time because we rely on most of the out-of-the-box signatures. It has reduced the time and effort spent in configuration within the security network."
"Dual WAN connections are greatly simplified and point-to-point VPNs automatically connect regardless of what WAN connection is active."
"I like the automatic firmware updates. We use the Active Directory to authenticate VPN users."
"Real Auto VPN with load balancer without needing a public IP. It is simple and functional."
"Meraki makes it easy to be secure and know where the holes are to fix them. We have been fixing anything that we have ever found for 20 years. We keep up-to-date with firmware upgrades. We just try to stay on top of everything for security, like maintaining updates and getting rid of old systems. I feel like we're on top of it."
"Simple to manage."
"When you try to create an IP or when you have an alert about when a website is banned, these features are helpful."
"In a week, we can make new policy and view what all our users did."
"The security level of our organization has changed by using Meraki MX Firewalls. We didn't have the UTM before, but now we have sandboxing, tray scanning, attack preventions and monitorization. Our security level has improved."
"Bandwidth usage in reporting could be improved for Fortinet FortiGate."
"I would like some automated custom reporting."
"In some cases, its initial setup could be hard for customers."
"I would like to see a more intuitive dashboard."
"Fortinet FortiGate could improve if it had a cloud-managed solution."
"It does not have key authentication for admin access."
"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files."
"I haven't had a single issue since using Fortinet."
"The product would be improved if the GUI could be brought into the 21st Century."
"The virtual firewalls don't work very well with Cisco AnyConnect."
"A memory leakage issue which literally freeze the nodes (we have an HA environment). The issue is still not solved and the only recommendation from Cisco is to reboot the node."
"It would be good if Cisco made sure that the solution supports all routing protocols. Sometimes it doesn't."
"Cisco is not cheap, however, it is worth investing in these technologies."
"I would like it to have faster deployment times. A typical deployment could take two to three minutes. Sometimes, it depends on the situation. It is better than it was in the past, but it could always use improvement."
"They need a user-friendly interface that we could easily configure."
"The configuration is an area that needs improvement."
"It can be hard to get a hold of the solution’s technical support team."
"You cannot use switching behaviors as you see on the Meraki switch."
"Meraki MX can come across as an expensive solution."
"We could have more reporting options and the ability to send alarms to the administrator."
"Direct logging is something that can be introduced. In the absence of cloud management, the possibility of local configurations and on-premise logins becomes restricted. This limitation stands as a primary concern. When it comes to resolving issues, the inability to access login options hampers troubleshooting efforts. The stability is noteworthy; but when compared to alternative products, its stability is comparatively lower. Additionally, certain limitations are observed in terms of remote control. Price-wise, the solution stands out for its competitive and cost-effective nature compared to other alternatives. Operationally, it is user-friendly and requires minimal effort from administrators, making configuration hassle-free."
"The product could incorporate tools like ThousandEyes into the system so we can see things directly."
"From the improvement perspective, we need more monitoring capabilities. We want to have full-based access visibility, such as, what is happening when something is trying to reach and it is denying. We cannot see some parts of it. The integration of active directory with this product is not very fruitful. It has some bugs or lacks in the functionality of active directory integration. We are unable to identify where exactly and whether it has really applied our policy."
"What I would like to see in the next version is to have more interfaces for WAN links."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Meraki MX is ranked 2nd in Unified Threat Management (UTM) with 58 reviews. Cisco Secure Firewall is rated 8.2, while Meraki MX is rated 8.2. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Meraki MX writes "Cost-effective, simplified, easy to manage, and reliable with advanced security features and granular visibility". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Meraki MX is most compared with Palo Alto Networks NG Firewalls, Sophos XG, SonicWall TZ, Netgate pfSense and SonicWall NSa. See our Cisco Secure Firewall vs. Meraki MX report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Meraki is designed for zero deployments and no in-house firewall specialist personnel. Best to secure Networks like remote offices, branches or home offices. Also to protect Internet Access (your computer accesses the internet).
Cisco ASA is more of a professional firewall, not only protecting internet access but also providing security for publishing services like web servers, data centers, central services. They will need a specialist to install and support them. Therefore offer much more sophisticated protection features.
So you can't really compare these solutions, as they are targeting different markets.
You might compare Cisco to Sophos, but again, these are different protection solutions, one for network protection, the other for client protection. If you look only at the firewall part, you miss a lot in the total protection approach with Sophos.
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports network security and firewall options. We researched both Meraki and ASA. We liked that ASA provides a solid VPN setup and integrates with other Cisco security offerings.
Cisco ASA is great for routing and accessing remote office locations via the remote VPN. We also liked the high availability and customizable nating (Network Access Translation). It is very reliable and easy to use. You can easily configure a site-to-site VPN to connect multiple sites. The support is great - they respond 24/7/365 and there is a lot of documentation available.
The downside is that ASAs are aging. Therefore, Cisco ASAs are best suited to small businesses. If you need something affordable that gets the job done, ASA is a good option.
We chose Cisco Meraki, because, in our opinion, it is a step forward from ASA. The level of security and intrusion detection is great, and because it is cloud-based, it is easy to change the configuration without downtime. Logging is very comprehensive, and management is very simple.
The best feature is content filtering with granular control. Cisco Meraki offers advanced malware protection, including traffic shaping. Another feature we really like is that you can pre-configure devices before they arrive at the installation.
It doesn’t work with DMVPN, which is a downside. Another feature that could use some improvement is reporting, which is not real-time. The price can get expensive but if you can afford it, a full-stack Cisco Meraki system does a great job keeping your network secure.
Conclusions:
If you want a robust but basic firewall, ASA is your best choice. Cisco Meraki is a better choice if you are looking for a next-generation firewall with advanced security features and easy management.