We performed a comparison between Cisco IOS Security and Palo Alto Networks NG Firewalls based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless and simple integration into a large network."
"The solution is easy to configure and maintain remotely."
"This version is stable. I don't have any issues with this solution, in our environment, it works well."
"The security features are about the best that I've seen anywhere."
"I like that you are able to manage FortiGate from the FortiManager to create a more centralized environment."
"With FortiClient, you can easily connect when you are home, check out what you want to do, and connect to your network when you are not at work. You can switch on servers and you can check what is wrong."
"Fortinet FortiGate is easy to use. Anyone can easily maintain it."
"Fortinet FortiGate has many valuable features, such as IDS, and intrusion detection. It has security features that are in part with the technologies that are available in the market."
"The solution is very user-friendly and easy to deal with."
"What I have used the most and received the most benefit from is the IPsec technology."
"The solution is easy to use."
"The VPN was valuable for us because more people are working from home. It has a lot of reporting and easy-to-use management tools."
"Cisco IOS Security has many good features, but compared to other solutions, it has a more user-friendly interface with steps to apply and manage rules. Another good part of the solution is that it's more straightforward."
"It is less expensive than alternative firewalls."
"Cisco IOS Security is a mature product with extensive capabilities, serving as the base for the defense layer. It offers good network visibility, which helps in rapid response through the Rapid Threat Containment feature. Its deployment and configuration are straightforward."
"The hardware is pretty stable. It's also a very good product performance-wise. Initially, it wasn't mature like a firewall and there were other leaders, but now they have included almost all the features of next-generation security. Basically, it's a good product to work with."
"The initial setup process is quite easy."
"The user experience is good and the configuration is very easy."
"The trackability is most valuable. When a port is open for a protocol, such as port 443 for HTTPS, it can look inside the traffic and identify or verify the applications that are using the port, which was previously not possible with traditional firewalls."
"The structure is much faster and more sophisticated than Cisco."
"The most valuable aspect of this solution is pre-sales and post-sales because of the support and relationship building."
"Decryption is one of Palo Alto Networks NG Firewalls' best features because we can decrypt by category. For instance, we can decrypt everything except for bank traffic so that we don't interfere with the passwords and two-factor authentication of those checking their bank accounts at work. We can still monitor for malware and other threats that come through a secure channel. It's seamless for users. The URL filtering and IPS are both great as well."
"The most important thing is that it's really user-friendly. I have almost stopped using the CLI because I like the graphical interface. You can do whatever you want on a single screen, including all the configuration and implementation, using Panorama. You don't have to switch from one place to another."
"The machine learning in the core of the firewalls, for inline, real-time attack prevention, is very important to us. With the malware and ransomware threats that are out there, to keep abreast of and ahead of those types of attacks, it's important for our devices to be able to use AI to distinguish when there is malicious traffic or abnormal traffic within our environment, and then notify us."
"There are some cloud-based features that could be much more flexible than they currently are."
"I use the FortiGate 60D model and realized the 300Mbps bandwidth limitation. Because it is a product that offers many services, I think it could have greater bandwidth capacity."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are."
"It would be ideal if they had some sort of GUI interface for troubleshooting and diagnostics."
"We would like to see a better training platform implemented."
"The stability of Fortinet FortiGate could improve."
"The firewall engine is not so strong as of now, in my opinion... My second concern is that, while they have Zero-day vulnerability and anti-malware features, the threat engine needs to be strengthened, its efficiency can be increased."
"Sometimes I find it difficult to manage. Some configurations are difficult for new engineers, for example."
"The company needs to make its solution more affordable to make it more accessible to larger markets. Otherwise, it's seen as an enterprise-level solution that small or medium-sized organizations can't afford and therefore they won't even look at it."
"I think setup could be one area for improvement, because sometimes we don't have people inside so we have to move to the place."
"It would be ideal if the solution had more capacity."
"Cisco very slowly introduces and implements the products, unlike other brands."
"There could be a bit more functions on offer that could make it easier to use."
"We have a very bad experience on the support. They take too much time requesting logs, and they are not coming directly online to resolve the issues."
"We need to pay for the license and it is expensive."
"The solution needs some management tool enhancements. It could also use more reporting tools."
"Support should be improved, wait times can be long."
"Most other VPN clients include mobile VPNs but Palo Alto does not."
"The biggest thing that needs to be improved with them is their training. I took a training class for the 8.0 build, then I took it again for the 9.0 and 10 builds. They add new features every time that they do a new major release, but the training doesn't keep up. It is the same basic training that probably was with the 3.0 build, and they just change the screenshots. I would love to see them do some more work since they have all these bells and whistles, but we don't know how to use those features on a large scale."
"I would like the option to be able to block the traffic from a specific country in a few clicks."
"The pricing could be improved upon."
"Generating reports is not so easy."
"The solution doesn't support routing in virtual firewall creation, and we want that to be enabled."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Cisco IOS Security is ranked 22nd in Firewalls with 47 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 161 reviews. Cisco IOS Security is rated 8.0, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Cisco IOS Security writes "User-friendly and excels in documentation, making it easier to resolve issues". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Cisco IOS Security is most compared with Cisco Secure Firewall, Meraki MX, Fortinet FortiOS, Netgate pfSense and Juniper SRX Series Firewall, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Netgate pfSense. See our Cisco IOS Security vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.