We performed a comparison between Cisco Secure Firewall and WatchGuard XTM [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."We were looking for the VPN feature and controlling the inflow and outflow of all the traffic within the site and across the sites. We are also using it for the VPN and VLANs."
"From the firewall perspective, the rules and policies are very sufficient and easy to use."
"The solution has very good threat and content filtering switches."
"FortiGate has a strong security topic which allows all of the Fortinet devices to communicate and share information which makes their security more powerful."
"The signature database and zero-day detection are Fortinet FortiGate's most valuable features."
"It's very fast and easy to configure."
"We use the filtering feature the most. It has filtering and inbuilt securities. We can create customized rules to define which users can access a particular type of site. We can create policies inside the firewall."
"This is a quality product with ok support, and it is better than the competition we've tried."
"The architecture of FTD is great because it has an in-depth coverage and because it uses the AVC, (Application, Visibility, and Control) and also rate limits. Also, the architecture of fast paths is great."
"I think Cisco ASA Firewall is the most stable firewall solution."
"REST API offering with rich capabilities which makes the product very robust."
"If we look at the Cisco ASA without Firepower, then one of the most valuable features is the URL filtering."
"The most valuable features of this solution are the integrations and IPS throughput."
"Cisco Secure Firewall has improved our customers' security posture because it offers Next-Gen features, granularity, and reporting on the back of it. You can see the amount of users accessing Office 365, for example, and whether they're having a good or bad experience. You can see the threats that are coming into your network. You can see anyone who is compromised from within your network."
"The implementation is pretty straightforward."
"Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."
"Monitoring of network activity is included in the box."
"WatchGuard XTM is fairly basic. We use it as the perimeter firewall. The main point is to protect from attack software and hacking."
"Reputation Enabled Defense indicates that some websites are so infested that it's not even worth visiting them, and therefore saving the bandwidth of going through the detection process."
"It configures in all-in-one place."
"It is stable and does not require you to reboot all the time."
"We have used technical support for WatchGuard many times and overall, we are satisfied with it. They are always listening and there is a good reaction time to our findings. When there are issues, they really try to resolve them."
"After installing the product, we achieved awareness of our data protection needs and email misuse."
"I like the hostwatch because I can see what traffic uses the most bandwidth and I can block that site."
"Fortinet Fortigate could benefit by simplifying some of their processes."
"As far as wanting more scalability or things in the network diagram, it's going to cost you."
"It should have a better pricing plan. It is too expensive. It should also have a more granular view of the attack. I don't have FortiAnalyzer, and it is difficult for me to have a complete view when there is an attack on my server."
"It would be nice if backups could more easily migrate between different models."
"The setup is pretty complex and not easy to implement."
"My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"We'd like more management across other integrations."
"It will be nice if they had what you traditionally would use a web application scanner for. If the solution could take a deeper look into HTTP and HTTPS traffic, that would be nice."
"It doesn't have Layer 7 security."
"The stability is not the best."
"It's lacking one feature: VPN. Also, the 2100 Series lacks a DDoS feature. If they could add that to those platforms, that would be good."
"The product's user interface is an area with certain shortcomings where improvements are required."
"I would like it to have faster deployment times. A typical deployment could take two to three minutes. Sometimes, it depends on the situation. It is better than it was in the past, but it could always use improvement."
"Make the IPS baked-in."
"The content filtering on an application level is not as good as other solutions such as Palo Alto."
"The setting policies need improvement. It needs an easier way to do static NAT and check on what policy is being used for that specific traffic."
"The VPN errors are not helpful when troubleshooting."
"Sometimes we have had issues with stability of the product."
"I would like them to improve the product's overall protections. This would be good for all product users."
"The initial setup is neither simple nor complex. If you know the base in networking and how the firewall works, you will be able to figure it out."
"One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. That functionality is what we are looking for from WatchGuard XTM here."
"Syslog (Dimension) is focused on presentation, but needs more focus on utility like SonicWall syslog (GMS/Analyzer)."
"WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job. The software could do it, but there's no hardware that allows that to happen at the moment. So it doesn't scale as well as some other products, that's for sure."
Earn 20 points
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while WatchGuard XTM [EOL] doesn't meet the minimum requirements to be ranked in Firewalls. Cisco Secure Firewall is rated 8.2, while WatchGuard XTM [EOL] is rated 8.0. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of WatchGuard XTM [EOL] writes "The multi-layer security of the products are the primary reason we use these appliances, however, the gateway wireless functionality for managing access points leaves much to be desired". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Juniper SRX Series Firewall, whereas WatchGuard XTM [EOL] is most compared with .
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.