We performed a comparison between Cisco IOS Security and Palo Alto Networks NG Firewalls based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Allows for firewall rules to be programmed and named in a way that makes it “readable”"
"I only deal with it from a security analyst's point of view. I don't really get into the features of the actual FortiGate. From the security point of view, it works, and it does its job."
"What's most important is the ease of use."
"It works very well. It has a lot of different functionalities. Its cost is also fine for our customers."
"The scalability of Fortinet FortiGate is good."
"The solution is easy to configure and maintain remotely."
"The flexibility and ease of configuration are the most valuable features."
"The tool is a nice product and easy to handle. The software's user interface is also good. You can easily implement remote access in the solution."
"The Intrusion Firewall is a valuable feature."
"The capabilities for scalability with this product are huge"
"Completely integrates branch offices with perimeter security."
"The most valuable feature is the scalability. The nice thing with the bigger vendors is that they're very good at scale."
"Cisco IOS Security increases the overall security of our network, performs authentication, and provides level 15 access and privileges."
"It covers everything we need it to without looking to secondary solutions."
"The hardware is pretty stable. It's also a very good product performance-wise. Initially, it wasn't mature like a firewall and there were other leaders, but now they have included almost all the features of next-generation security. Basically, it's a good product to work with."
"One of the valuable features of the solution is its flexibility and it performs great."
"Prisma Access is the most valuable feature of Palo Alto Networks NG Firewalls."
"The trackability is most valuable. When a port is open for a protocol, such as port 443 for HTTPS, it can look inside the traffic and identify or verify the applications that are using the port, which was previously not possible with traditional firewalls."
"The WildFire reporting and Cortex XDR platform have huge infrastructures in the cloud that secures the network against threats. So, we have the potential on the system, specifically for users, where we take care of this since the user is the most dangerous. We get reports back from WildFire on a minute-by-minute basis, rather than a daily or weekly update like I used to with different AV vendors. These features can detect viruses and malware more quickly, which is super important."
"It is pretty important to have embedded machine learning in the core of the firewall to provide inline, real-time attack prevention, because all these different attacks and threats are constantly evolving. So, you want to have something beyond just hard pass rules. You want it to learn as it is going along. Its machine learning seems pretty good. It seems like it is catching quite a few things."
"The feature that I like the most is its IPS model, the WildFire model. I really like how the whole threat protection model functions, including the vulnerability and anti-spyware aspects. That is really awesome."
"Its flexibility is the most valuable."
"From my experience, comparing it to other products, the granularity you can have in the application is very good. The application detection is excellent. It's certainly one of the best."
"We have found the SSL decryption within this solution to be great; you can enable this feature and have the ability to see more of what is happening across your network."
"They should improve high CPU and memory usage that occurs."
"Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why."
"I would like to have logs, monitoring, and reporting for a month without extra fees."
"The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. When I have used the Sophos solution it is a complete solution, in Fortinet FortiGate you have to use additional tools to have the features needed."
"The Wi-Fi controller needs a lot of improvement."
"NGN, reporting and controls."
"There could be more integration between the logging and analytical platforms to make it more seamless and integrated."
"My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."
"I would like upgrading iOS to be a bit easier."
"We cannot directly upgrade the system. The tool's deployment is also very difficult in legacy environments. The tool needs to have bigger ports as well."
"The configuration should be easier in the solution."
"There are the usual bugs that are inherent to some software upgrades. Sometimes this provides some unexpected issues, however, it happens with all brands all the time."
"The pricing is the only con for this product."
"An area for improvement in Cisco IOS Security is the performance because it's not as stable sometimes. There's also some latency in the solution, which could be improved. Cisco IOS Security integrates with other solutions, but you'll encounter many errors after integration, so this is another area for improvement. I'd like to see enhanced performance and a simplified setup in the next version of Cisco IOS Security."
"Cisco IOS Security should improve its functionalities."
"Cisco very slowly introduces and implements the products, unlike other brands."
"The initial configuration is complicated to set up."
"We have not taken Palo Alto's firewall management solution because it's too expensive and we don't feel it delivers significant value."
"The solution is not straightforward."
"I would like to see it provide us with intelligent information from the data that it captures, within the same cost."
"We would like to see improvement in the web interface for this solution, so that it can handle updates without manual intervention to put the data in order."
"In Mexico, Palo Alto's discounts are significantly lower than Cisco's. They are also more expensive – about 15% or 20% – than Cisco, but their platforms are very similar."
"It's not so easy to scale out your security capabilities."
"Sometimes some of the applications the customer has do not respond as they normally should."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Cisco IOS Security is ranked 22nd in Firewalls with 47 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 164 reviews. Cisco IOS Security is rated 8.0, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Cisco IOS Security writes "User-friendly and excels in documentation, making it easier to resolve issues". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Cisco IOS Security is most compared with Cisco Secure Firewall, Meraki MX, Fortinet FortiOS and Netgate pfSense, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Netgate pfSense. See our Cisco IOS Security vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.