We performed a comparison between Cisco Secure Firewall and WatchGuard Firebox based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. WatchGuard Firebox received slightly better ratings because it is easier to deploy than Cisco Secure Firewall.
"The most valuable feature is the interface, which is very user friendly. We are utilizing most of the features, like content filtering. The firewall is powerful."
"The user interface (UI) is very, very good."
"Initial setup is easy to configure."
"The most valuable feature is the bundled subscription, which is IPS, TV and web filtering."
"I like Fortinet FortiGate's antispam filter, SPN, and clustering features."
"UTM/NGFW features and FortiCloud for logs and backups are awesome."
"It has improved our security capabilities."
"The initial installation is very straightforward."
"At this point, we find that this product has high productivity and high availability and there is no need for improvement."
"My confidence continues to build upon using Cisco firewalls."
"The IPS (In-plane switching) is the most valuable feature."
"It is a highly stable product. We rarely receive any serious outdates, so it works quite well."
"The deep packet inspection is useful, but the most useful feature is application awareness. You can filter on the app rather than on a static TCP port."
"One of the most valuable features is the GUI front end, which is very easy to use. But I'm also a command-line guy, and being able to access the device via command-line for advanced troubleshooting is quite important."
"What I found the most valuable about Cisco Secure Firewall is that if a client is educated about the solution, it can help him or her avoid many problems and mistakes."
"The user interface, the UI, is excellent on the solution."
"I like intrusion detection the most."
"We experienced that WatchGuard is easy to setup regarding VPN compared to other firewalls of other brands."
"The security that is used for defending from the attacks is very good."
"The solution has increased productivity with our outside salespeople being able to connect into their computers and use those remotely."
"The reports are detailed."
"The client is easy to use and stable"
"The ports that I have assigned appear to be unattainable to outside 'mal-actors,' unless they have an address registered on the internet that this thing is expecting. That's a layer of security."
"I like that this product has very few issues."
"The room for improvement is about the global delivery time period. Usually I need to wait for almost one month to deliver it overseas. So if you can shorten the deliver time it'd be great."
"The support team for Fortinet FortiGate needs to be more customer friendly."
"I don't like that anything more than very basic reporting is not included."
"The firewall engine is not so strong as of now, in my opinion... My second concern is that, while they have Zero-day vulnerability and anti-malware features, the threat engine needs to be strengthened, its efficiency can be increased."
"I would like to see improvements with the antivirus and IPS as they are not working properly all the time."
"Fortinet FortiGate is a stable solution. However, my issue is the performance only. When I use all the profiles, this affects the performance. From the beginning, I should have had a better sizing of the box."
"There is a lot of improvement needed with SSL-VPN."
"Fortinet should focus on enhancing the capabilities of FortiGate by consolidating its various products, such as FortiGate Cloud, FortiManager, and FortiAnalyzer."
"The stability and the product features have to really be worked on."
"It is surprising that you need to have a virtual appliance for the Firepower Management Center. It is not good if you have to setup a VMware server just for it."
"HTTPs inspection and higher throughput/spec would be good."
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."
"Security must be increased when a new user connects over the LAN and an alarm must be generated."
"It should be easier for the IT management or the admin to configure products. For example, the firewall products are not very straightforward for many users. They should be easier to configure and should be more straightforward."
"The IPS and GUI are outdated."
"I needed to be well-versed with all the command lines for Cisco ASA in order to fully utilize it. I missed this info and wasted some operational costs."
"Once you start getting into proxy actions and setting up: "Okay, cool. Once this rule gets triggered, what actions have to happen?" I do know a few people who use WatchGuard and they still have to get assistance when they look at that. So I would file that as a con for WatchGuard. Proxy actions can be a little bit complicated."
"We use WatchGuard to manage our failover for internet. If a primary internet goes down, it does a failover to the secondary the internet. However, what it doesn't do so well is that if the primary internet has a lot of latency but it's not completely down, it doesn't do a failover to the backup in a timely manner."
"It would be wonderful if the WatchGuard team develops nice products for threat intelligence."
"The way Secure Sign-On authentication is happening needs to be improved. When the Secure Sign-On portal is turned on, anybody who comes into the campus, whether he or she is a staff member or a guest, has to go past the initial portal. One of the shortcomings is the username. It shouldn't allow permutations or combinations with upper or lower cases. For example, when there is a username abc, it shouldn't allow ABC or Abc. It should not allow the same username, but currently, two separate people can go in. Therefore, its authentication or validation should be improved, and the case sensitiveness should be picked up. If I have restricted someone to two devices, they shouldn't be able to use different combinations of the same username and get into the third or fourth device. It shouldn't allow different combinations of alphabets to be used to log in."
"The UI is not as user-friendly as the model that I had used before, which was from Check Point. The design of the Firebox UI is restricted and needs an experienced network guy to understand the format and settings."
"I would like to see more tutorials on setting up the Firebox."
"I'd like to have better access to workstation monitoring, connection monitoring, and the amount of time an address is being used, to better gauge proper network utilization. If I knew that something was connected to a particular external location for an extended period that seems abnormal, I'd be able to act upon it."
"The usability could be better, but it is definitely manageable. If we have to go to a backup internet connection, that could be a little bit easier."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while WatchGuard Firebox is ranked 13th in Firewalls with 79 reviews. Cisco Secure Firewall is rated 8.2, while WatchGuard Firebox is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of WatchGuard Firebox writes "Offers a streamlined deployment, intuitive interface and robust security features". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Sophos UTM, whereas WatchGuard Firebox is most compared with Netgate pfSense, Sophos XG, OPNsense, SonicWall TZ and Sophos XGS. See our Cisco Secure Firewall vs. WatchGuard Firebox report.
See our list of best Firewalls vendors and best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.