We performed a comparison between Cisco Secure Firewall and Fortinet Fortigate based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Fortinet Fortigate comes out on top. Its ease of deployment combined with its solid set of features and excellent service and support ratings make it a more desirable solution than Cisco Secure Firewall.
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"We definitely feel more secure. We have more control over things going in and out of our network."
"The content filtering is good."
"Firepower has reduced our firewall operational costs by about 25 percent."
"Valuable features include AnyConnect, double translations, and an independent IPS module."
"The initial setup is easy."
"The setup was straightforward. I was happy with the configuration and deployment of the solution, as it was quick."
"Protecting our landscape in general and being able to see logging when things aren't going as set out in policies are valuable features. Our security department is keen on seeing the logging."
"One of the valuable features is a standardized OS."
"The most valuable features of Fortinet FortiGate are the ability to work in proxy mode, which other solutions, such as Palo Alto cannot. There are some features that are better that come at no extra license or subscriptions cost, such as basic SD-WAN. The DLT is useful, other solutions have the same feature too, such as Palo Alto."
"We use a lot of function on the IPS and it works well for us."
"We use the filtering feature the most. It has filtering and inbuilt securities. We can create customized rules to define which users can access a particular type of site. We can create policies inside the firewall."
"User-friendly and affordable security solution that's recommended for SMB customers. This solution has good technical support."
"The simplicity of the product is great. It's very easy to use, which is a compliment we get all the time in terms of feedback."
"FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features."
"I only deal with it from a security analyst's point of view. I don't really get into the features of the actual FortiGate. From the security point of view, it works, and it does its job."
"More intuitive support for SIP services are needed. This took a long time to configure properly for the user."
"We have seen some bugs come up with Cisco Secure Firewall in terms of high availability. The solution should be improved to avoid these bugs."
"Cisco should redo their website so it's actually usable in a faster way."
"If the implementation was easier, it would be a lot better for us."
"We were also not too thrilled when Cisco announced that in the upcoming new-gen ASA, iOS was not going to be supported, or if you install them, they will not be able to be managed through the Sourcefire. However, it seems like Cisco is moving away from the ASA iOS to the Sourcefire FireSIGHT firmware for the ASA. We haven't had a chance to test it out."
"The security features in the URL category need more improvement."
"I was just trying to learn how this product actually operates and one thing that I see from internal processing is it does fire-walling and then sends it to the IPS model and any other model that needs to be performed. For example, content checking or filtering will be done in a field processing manner. That is something that causes delays in the network, from a security perspective. That is something that can be improved upon. Palo Alto already has implemented this as a pilot passed processing. So they put the same stream of data across multiple modules at the same time and see if it is giving a positive result by using an XR function. So, something similar can be done in the Cisco Firepower. Instead of single processing or in a sequential manner, they can do something similar to pile processing. Internal function that is something that they can improve upon."
"It would be great to have all the data correlated to have an overview and one point of administration."
"With the addition of some features, it is possible that FortiGate can be used in all verticals."
"Fortinet FortiGate could improve by having more capabilities for troubleshooting VPN connections. For example, I do get some feedback about the current status, but I could use some history and logging of important events. The information is logged in our Syslog server, but I could use that information from the device. If they could provide a GUI to have some more insight on what's going with my VPN would be useful."
"I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security."
"The way everything is set up could be easier. Currently, people need a lot of experience and knowledge to administer it and to link it to devices."
"The support from Fortinet FortiGate could improve. They are not easily accessible when we need them. They could improve their response time."
"The reports are very basic."
"Pricing for it is a bit high. It could be cheaper."
"There aren't really any negative aspects to discuss."
Cisco Secure Firewall is ranked 4th in Firewalls with 112 reviews while Fortinet FortiGate is ranked 2nd in Firewalls with 67 reviews. Cisco Secure Firewall is rated 8.2, while Fortinet FortiGate is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Includes multiple tools that help manage and troubleshoot, but needs SD-WAN for load balancing". On the other hand, the top reviewer of Fortinet FortiGate writes "Efficient, user-friendly, and affordable". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Juniper SRX Series Firewall, whereas Fortinet FortiGate is most compared with Sophos XG, Netgate pfSense, Meraki MX, Check Point NGFW and WatchGuard Firebox. See our Cisco Secure Firewall vs. Fortinet FortiGate report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.