We performed a comparison between Cisco Secure Firewall and Zscaler Internet Access based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."A strong point of FortiGate is the graphical interface is complete and easy to use."
"FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all of these features on one device because it can cause performance issues."
"The most important features of Fortinet FortiGate are the Intrusion Prevention System (IPS) and firewall control applications."
"The notable features that I have found most valuable are that it includes the antivirus, and also IPS, and even SD-WAN."
"It's quite comfortable to handle the FortiGate firewall."
"SSL-VPN is very useful for us and has been very reliable."
"The reporting you receive out of this appliance is excellent. You will not need an external management system."
"I really like the captive portal feature for our guest network. It has nice VLAN features in terms of separating our network. The anti-virus is also good."
"Beats sophisticated cyber attacks with a superior security appliance."
"FMC is very good in terms of giving a lot of visibility into what the firewall is seeing, what it's stopping, and what it's letting through. It lets the administrator have a little bit of knowledge of what's coming in or out of the device. It's excellent."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"I'm a big fan of SecureX, Cisco's platform for tying together all the different security tools. It has a lot of flexibility and even a lot of third-party or non-Cisco integration. I feel like that's a really valuable tool."
"The solution's dashboard is fine, and in terms of support, Cisco is better than other OEMs in the market."
"Cisco's engineer helped us with a lot of scripting to see what existed. Previously, we didn't have a proper policy. In fact, we didn't have any policy because we didn't have any firewall for the data center, so generating a policy was a big challenge. Cisco's engineer helped us to do some scripting and find out what kind of policy we can have and organize those policies. That was nice."
"Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be."
"The main thing that I love the most is its policy and objects. Whenever I try to give access to a user, I can create an object via group creation in the object fields. This way, I am not able to enter a user in the policy repeatedly."
"Zscaler covers all the features needed to replace a VPN or proxy solution. They are good. They've been on the market for 15 years now, so they are mature enough."
"SSL inspection is a valuable feature."
"The solution is stable and reliable."
"The most valuable feature is the ability to drop packets."
"The solution is stable."
"It is easy to set up the solution."
"Zscaler Internet Access's best feature is the granular policy controls."
"We enjoy all of the proxy capabilities and the capability to integrate into the SIEM/SOC solution."
"Security is a continuous process. In every product, there is a requirement for improvement. Its pricing should also be improved according to Indian market requirements. They must also improve on the reporting part. Its reporting can be more precise. If we can get a real-time report in a specific format, it will be helpful for customers to know about the current status of their security."
"They should improve the interface to make it more user-friendly."
"The cloud management and automation capability could be improved."
"Some of the software stability could improve."
"NGN, reporting and controls."
"The solution is very expensive."
"Technical support could be better. You don't always get the level of help you need right away."
"The inability to scale the FortiAnalyzer to match our growth necessitates the purchase of new hardware."
"It should have packets, deep level inspections and controls, like the features which other IPS solutions used to have."
"Sometimes my customers say that Cisco Firewalls are a bit more difficult compared to Fortigate or Palo Alto. There is complexity in the configuration and the GUI could be improved."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"It needs to provide the next-generation firewall features that other vendors provide, like data analytics, telemetry, and deep packet inspection."
"Intrusion prevention, we currently need to apply deep bracket inspection manually to use web filtering."
"The price and SD-WAN capabilities are the areas that need improvement."
"This is an older product and has reached end-of-life."
"The stability could be better because we have a lot of issues with the stability of Cisco Firepower."
"One thing that they could improve is the ability to import rules from other platforms."
"I don't know whether it's Zscaler or not, however, sometimes I can't access my time management. I need to wait and try again a few hours later. Typically, if I let some time pass, I can access it again."
"It needs better integration with other applications. It takes a fair amount of regular activity to apply the by-passes because it is very strict in its restrictions and frequently you have to go in and open things up to allow the workforce to work."
"Currently, the solution's interface is not that user-friendly."
"I would like to see more training and video documentation."
"In terms of usage, here in the GCC, it's still growing a growing market, so the combination of DLP, data leak prevention, to a certain extent is fine. But what it requires is user-based access or role-based access. The solution needs to grow into that, which definitely takes time. There's not an easy way to integrate it, when you have a cloud-based solution."
"Another thing that I would like to see is if Zscaler could have a separate product for direct access. I looked at a private access solution, but I understand there's a separate product that isn't integrated with this."
"One thing that needs to be improved is their presence in China. I'm not sure if that's a Zscaler thing or if it's a problem with all vendors in this space, but it would be nice to have better coverage in China. This concern is a common one for vendors across the board when dealing with the Chinese market."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 46 reviews. Cisco Secure Firewall is rated 8.2, while Zscaler Internet Access is rated 8.2. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Zscaler Internet Access writes "Provides integrated CASB and file sandboxing but could be less expensive ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Zscaler Internet Access is most compared with Cisco Umbrella, Microsoft Defender for Cloud Apps, Netskope , Prisma Access by Palo Alto Networks and Appgate SDP. See our Cisco Secure Firewall vs. Zscaler Internet Access report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.