We performed a comparison between Cisco Secure Firewall and Fortinet Fortigate based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Fortinet Fortigate comes out on top. Its ease of deployment combined with its solid set of features and excellent service and support ratings make it a more desirable solution than Cisco Secure Firewall.
"The firepower sensors have been great; they do a good job of dropping unwanted traffic."
"It is a secure product."
"The IP filter configuration for specific political and Static NAT has been most valuable."
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"The IPS (In-plane switching) is the most valuable feature."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"We can easily track unauthorized users and see where traffic is going."
"The product is very stable, easy to troubleshoot, and configure, so it has reduced the time it takes for support."
"Fortigate's most valuable feature is that it doesn't need a push policy when writing rules."
"I like Fortinet FortiGate's antispam filter, SPN, and clustering features."
"The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors."
"Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough."
"From the firewall perspective, the rules and policies are very sufficient and easy to use."
"FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features."
"The reporting and monitoring are very good."
"It would be great to have all the data correlated to have an overview and one point of administration."
"You need to have a little bit of knowledge to be able to configure it. Otherwise, it would be very difficult to configure because there is no GUI. The latest software available in the market has a GUI and probably zero-touch provisioning and auto-configuration. All these things are not available in our version. You need to manually go and configure everything in the switch. In terms of new features, we would definitely want to have URL-based filtering, traffic steering, and probably a little bit steering in the bandwidth based on the per-user level and per-user group. We will definitely need some of these features in the near future."
"Licensing is complex, and I'd like it to be simplified. This is an area for improvement."
"This is an older product and has reached end-of-life."
"Most of the features don't work well, and some features are missing as well."
"The interface for monitoring could be improved to allow better views to make troubleshooting easier."
"The licensing needs simplification."
"You have to know the ASA command line very well because not all operations are available in the graphical interface"
"Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."
"Backup can be improved."
"Fortinet should focus on enhancing the capabilities of FortiGate by consolidating its various products, such as FortiGate Cloud, FortiManager, and FortiAnalyzer."
"There can be more security in hybrid implementations. When a customer has a hybrid environment where some parts are in the cloud, we need a consistent security solution for such scenarios."
"Palo Alto has a feature called WildFire Analysis that is unavailable in FortiGate. WildFire is better than a sandbox because it can address zero-day threats and vulnerabilities. It can immediately identify zero-day threats from the cloud."
"The security of Fortinet FortiGate could improve."
"Some of the features in the graphical user interface do not work, which requires that we used the command-line-interface."
"There were quite a few problems with the stability of the system."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews. Cisco Secure Firewall is rated 8.2, while Fortinet FortiGate is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Fortinet FortiGate is most compared with Sophos XG, Netgate pfSense, Meraki MX, Check Point NGFW and WatchGuard Firebox. See our Cisco Secure Firewall vs. Fortinet FortiGate report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.