We performed a comparison between Cisco Secure Firewall and Fortinet Fortigate based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Fortinet Fortigate comes out on top. Its ease of deployment combined with its solid set of features and excellent service and support ratings make it a more desirable solution than Cisco Secure Firewall.
"The main thing that I love the most is its policy and objects. Whenever I try to give access to a user, I can create an object via group creation in the object fields. This way, I am not able to enter a user in the policy repeatedly."
"For us, the most valuable features are the IPX and the Sourcefire Defense Center module. That gives us visibility into the traffic coming in and going out, and gives us the heads-up if there is a potential outbreak or potential malicious user who is trying to access the site. It also helps us see traffic generated by an end device trying to reach out to the world."
"Stability, high availability of services, and very high MTBU were the most valuable features for me."
"It is pretty stable. I haven't seen many issues during the past four years."
"The most valuable feature would be the IP blocking. It gets rid of things that you don't need in your environment."
"The Packet Tracer is a really good tool. If someone calls because they're having problems, you can easily create fake traffic without having to do an extended packet capture. You can see, straight away, if there's a firewall rule allowing that traffic in the direction you're trying to troubleshoot."
"Cisco ASA works very nicely from an administration perspective. The management of the device is very nice. The ASDM (Adaptive Security Device Manager) is the software that we use and it is very easy to configure using the GUI."
"IPSec Tunnel and AnyConnect (of course), the context awareness was a good feature, but clumsy at the beginning. I think it's better now."
"The SD-WAN feature is the most valuable. This feature evolved from link load balancing. It has helped us in terms of our uptime and privatizing applications whenever we experience an outage. The SD-WAN feature has been a plus for us. Two-factor authentication has allowed us to add more users in terms of remote working. We have two-factor authentication for remote workers to authenticate them before they get on the network."
"We can detect any attack of viruses or malware at the first point of contact."
"The solution is scalable."
"It's very easy to configure."
"It is a good source for firewall protection."
"A strong point of FortiGate is the graphical interface is complete and easy to use."
"The most valuable features are the enterprise modeling and the simple interface."
"Allows for firewall rules to be programmed and named in a way that makes it “readable”"
"Other firewalls, upgrading is a very easy task; from the graphical user interface, you just need to import the firmware versions into it and install it. In this firewall, you need to have a third-party solution in both. It's a process. It's a procedure, a hard procedure, actually, so there is no straightforward procedure for upgrading."
"Virtual patching would be helpful for servers that are not able to update patches due to compatibility issues."
"Tech support could not answer all of our questions. I had to do research on the web to solve my issues."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"In terms of what could be improved, I would say the UTM part should be more integrated for one price, because if you buy ASA from Cisco, you need to buy another contract service from Cisco as a filter for the dictionary of attacks. In Fortinet, you buy a firewall and you have it all."
"We have seen some bugs come up with Cisco Secure Firewall in terms of high availability. The solution should be improved to avoid these bugs."
"While this applies to all vendors, pricing can be always lower. In my opinion, Cisco is the most expensive. The pricing can be reduced."
"When we talk about data centers, we are talking about 100 gig capacity or 400 gig capacity. When it comes to active-active solution clustering and resilience and performance, Cisco should look into these a little bit more."
"FortiGate support could do some improvements on their IPv6 configuration. Right now it's still in the very early stage for utilizing in an enterprise level network environment."
"It needs to improve its ISP load balancing."
"The product does need better support in the cloud environment. It's not exactly cloud-native right now."
"Fortinet FortiGate could improve by having better visibility. Palo Alto has better visibility."
"The firmware needs improvement because there are bugs when a new release comes through. Sometimes, the configuration changes, and it's a bit harder to see where the fail is. The first time that you have the firmware, it tends to have some issues, and it's better to wait a bit to update the equipment."
"Reporting is limited to providing an external appliance for improving the reporting capabilities of the FortiAnalyzer. It does not offer a central management and is also sold separably as an appliance."
"It would be nice if FortiGate incorporated some built-in endpoint protection features. I would also like a built-in SOC dashboard for managing multiple Fortinet firewalls."
"Fortinet FortiGate can improve by integrating the web application firewall and the DDoS protection part of the solution. Having a WAF feature, web application firewall, and proxy together would be a good benefit."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews. Cisco Secure Firewall is rated 8.2, while Fortinet FortiGate is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Fortinet FortiGate is most compared with Sophos XG, Netgate pfSense, Meraki MX, Check Point NGFW and WatchGuard Firebox. See our Cisco Secure Firewall vs. Fortinet FortiGate report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.