Check Point CloudGuard Network Security vs Cisco Secure Firewall comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on Jul 11, 2023

We performed a comparison between Check Point CloudGuard Network Security and Cisco Secure Firewall based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

Features: Check Point CloudGuard Network Security provides useful features including VPN Blade, IPS Blade, URL filtering, and Applications Control Blade. Cisco Secure Firewall offers features such as threat defense, dashboard visibility, and application visibility and control.

For the Check Point CloudGuard Network Security, users suggest enhancing their support system, adding features like cluster creation on AWS and a managed web portal. They also recommend providing more visibility on data protection and improving documentation and support services. As for Cisco Secure Firewall, improvements are needed in network performance, policy administration, customization options, web filtering, user-friendly management interface, performance for IPS, and functionality in public clouds.

Service and Support: While some customers have praised the technical support of Check Point, others have faced response delays. Cisco Secure Firewall's customer service has garnered mixed review. Some customers appreciate the immediate solutions provided by their technical support, while others have mentioned delays and difficulties, particularly with Firepower.

Ease of Deployment: Check Point CloudGuard Network Security is generally considered easy and user-friendly for setup. However, it can be complex for some users and may require technical expertise. The deployment time varies depending on the number of customers or websites. Cisco Secure Firewall's initial setup reviews are mixed. Some find it difficult, while others find it straightforward. Cisco offers resources and documentation for assistance, yet the complexity can vary depending on the user's experience.

Pricing: The cost of setting up Check Point CloudGuard Network Security is perceived as high by most. There are, however, flexible pricing options with various discount models. Opinions on the pricing of Cisco Secure Firewall differ, with some finding it expensive and others considering it moderate.

ROI: Check Point CloudGuard Network Security consistently delivers a strong ROI of 80% to 85%, offering improved advantages and simplified administration. Cisco Secure Firewall exhibits fluctuating ROI, with some positive returns observed.

Comparison Results: Check Point CloudGuard Network Security is the preferred choice when compared to Cisco Secure Firewall. Users find the initial setup of Check Point CloudGuard Network Security to be easy, straightforward, and user-friendly. Check Point CloudGuard Network Security is highly praised for its valuable features such as VPN Blade, IPS Blade, URL filtering, and Applications Control Blade.

To learn more, read our detailed Check Point CloudGuard Network Security vs. Cisco Secure Firewall Report (Updated: March 2024).
765,386 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The notable features that I have found most valuable are that it includes the antivirus, and also IPS, and even SD-WAN.""The most valuable features of Fortinet FortiGate are the ease of use and there are several operating systems that can include the hardware capacities. In the newer releases, the resources were more useful because they were included in the operating system.""​Easy to implement, and it is also reliable.​""FortiGate Secure SD-WAN includes best-of-breed next-generation firewall (NGFW) security, SD-WAN, advanced routing, and WAN optimization capabilities, delivering a security-driven networking WAN edge transformation in a unified offering.""There are lots of features and most of them are deployed for internet security. Users are protected if they accidentally go to some malicious sites.""Fortinet FortiGate is a security device. It can optimize security on the networks of a company. It actually protects the company from attacks from outside. With FortiGate, you can categorize the users. You can create a group of users that can access all of the websites for their work. You can limit other users' access.""Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution.""The solution has very good threat and content filtering switches."

More Fortinet FortiGate Pros →

"The program is very stable.""Customers appreciate the CME plugin for automatically understanding assets within the cloud. This information appears in the manager, allowing users to tag the assets and adjust policies and rules accordingly.""Auto Scaling is one of the features that make me want to choose CloudGuard over actual HW.""The VPN features in CloudGuard Network Security have been the most valuable for us.""Its integration and use of features, such as advanced threat prevention, have helped us a lot with malware prevention and also with avoiding exposure to false positives.""The product has allowed us to develop applications from the cloud - even with large environments and well-segmented security lines.""We consolidated from three management consoles and three clusters to only one, which is a big improvement.""The solution is reliable."

More Check Point CloudGuard Network Security Pros →

"The most valuable feature we have found to be the VPN because we use it often.""Very good as a stateful inspection firewall.""Firepower has reduced our firewall operational costs by about 25 percent.""It is very stable compared to other firewall products.""It has definitely improved our organization. It gives us remote connectivity, helps workers connect remotely, and also gives us good connectivity to our other branches.""Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches.""The features I found most valuable in this solution, are the overall security features.""The ASA 55-x range is a solid and reliable firewall. It secures the traffic for normal purposes."

More Cisco Secure Firewall Pros →

Cons
"Fortinet FortiGate can be integrated with different platforms. They have integrations in place, but I can't say they're 100%.""My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint.""Monitoring and reporting could be better.""The initial setup and configuration are not intuitive and require training.""One of the problems I was having was with user mapping, and it is an issue for which I have escalated tickets with Fortinet support.""The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are.""The user interface could be improved to make it less confusing and easier to set up.""It should have a better pricing plan. It is too expensive. It should also have a more granular view of the attack. I don't have FortiAnalyzer, and it is difficult for me to have a complete view when there is an attack on my server."

More Fortinet FortiGate Cons →

"Check Point Virtual Systems is a complete solution, but pricing can be better.""CloudGuard Network Security could be improved in the area of upgrading in place.""The solution’s technical support, DNS security and training could be improved.""The solution is not that flexible when deploying on-prem.""We utilize logging systems, and geolocation is crucial for us as some applications must only be accessible from our country. However, there have been occasional issues with this feature.""It can be difficult to install properly without prior training""I would like to see a step-by-step initial installation of the firewall. That would be really helpful. Like in Oracle appliances, when you start it asks you, what's your current IP address? An initial setup should be a step by step and intuitive process. You click on "begin," it asks you some simple questions. You fill in the blanks - your current IP address, what you want to do, you want to set up a site to site VPN, for example, that kind of thing. That would be the smartest thing to have.""We have the product deployed on Azure China. One crucial concern is the version limitation; unfortunately, in Azure China, we are restricted to running version R80. Our architecture has a Load Balancer, VMSS CloudGuard, etc. The duplication in this setup prevents the application from seeing the original client IP. This poses a problem for certain applications that require the original IP for login purposes. Although we managed a workaround with a different architecture involving a WAF, it is not as straightforward as the standard Azure setup."

More Check Point CloudGuard Network Security Cons →

"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore.""The management of the firewalls could be improved because there are a lot of bugs.""When we first got it, we were doing individual configuring. Now, there is a way to manage from one location.""FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively.""They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me.""In Firepower, there is an ability to search and dig into a search, which is nice. However, I'm not a super fan of the way it scrolls. If you want to look at something live, it's a lot different. You're almost waiting. With the ASDM, where it just flows, you can really see it. The second someone clicks something or does something, you'll see it. The refresh rate on the events in Firepower is not as smooth.""More intuitive support for SIP services are needed. This took a long time to configure properly for the user.""Cisco wasn't first-to-market with NGFWs... they should look at what other vendors are doing and try not only to be on the same wavelength but a little bit better."

More Cisco Secure Firewall Cons →

Pricing and Cost Advice
  • "Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make."
  • "These boxes are not that expensive compared to what they can do, their functionality, and the reporting you receive. Fortinet licensing is straightforward and less confusing compared to Cisco."
  • "Go for long term pricing negotiated at the time of purchase."
  • "Work through partners for the best pricing."
  • "The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors."
  • "Easy to understand licensing requirements."
  • "​We saved a bundle by not needing all the past appliances from an NGFW.​"
  • "The cost is too high... They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost."
  • More Fortinet FortiGate Pricing and Cost Advice →

  • "On average, it is normally on the lower end, being less expensive than Palo Alto or Cisco."
  • "It is more expensive than other solutions and would be more competetive in the market if it came down in price."
  • "We pay approximately ‎€150,000 ($166,000 USD) per year."
  • "Licensing is simply by the number of hosts that you are looking to protect within your environment. It makes it much easier to ensure that you are covering your environment."
  • "There is flexibility in the different licensing models that are offered."
  • "The pricing is pretty high, not just for your capital, for what you have to pay upfront, but for what you pay for your annual software renewals as well, compared to a lot of other vendors. Check Point is near the top, as far as how much it's going to cost you."
  • "Pricing of CloudGuard is pretty fair when you have a single account. It's comparable with other cloud providers. But for our use case, it got really pricey when we had to deploy multiple CloudGuards on multiple accounts in different regions, because you can't have CloudGuard protecting multiple regions. That's the big thing."
  • "The pricing and licensing have been good. We just had to do a license increase for our portion of it. We had that done within a couple of days. Given the fact that it's purely a software-based license, it ends up being even quicker than doing it for an on-prem firewall."
  • More Check Point CloudGuard Network Security Pricing and Cost Advice →

  • "Always plan ahead for three years. In other words, do not buy a firewall on what your needs are today, but try to predict where you will be three years from now in terms of bandwidth, security requirements, and changes in organizational design."
  • "I have to admit that the price is high. But I think it's worth it if the stability of your solution counts for you."
  • "It has a great performance-to-price value, compared to competitive solutions."
  • "Spec the right hardware model and choose the right license for your needs."
  • "Everything with Cisco is expensive. My advice is that there are a lot better options out in the market now."
  • "To discuss with Cisco Systems or their partners to gain the optimal price and to not consider, without verifying, the false information that Cisco ASA is very expensive."
  • "Cisco devices are for sure costly and budget could be an important constrain on selecting them as our security solution."
  • "​Price point is too high for features and throughput available.​"
  • More Cisco Secure Firewall Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    765,386 professionals have used our research since 2012.
    Comparison Review
    Anonymous User
    Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning the management options: How to add and rename objects. How to update a device. How to find log entries. Etc. Cisco ASA Fast Management Suite: The ASDM GUI is really fast. You do not have to wait for the next window if you click on a certain button. It simply appears directly. On the Palo, each entry to add, e.g., an application inside a security rule, takes a few seconds. Better “Preview CLI Commands”: I am always checking the CLI commands before I send them to the firewall. On the Cisco ASA, they are quite easy to understand. I know, Palo Alto also offers the “Preview Changes”, but it takes a bit more time to recognize all XML paths. Better CLI Commands at all: For Cisco admins it is very easy to parse a “show run” and to paste some commands into another device. This is not that easy on a Palo Alto firewall. First, you must change the config-output format, and second, you cannot simply paste many lines into another device, since the ordering of these lines is NOT correct by default. That is, it simply doesn’t work. ACL Hit Count: I like the hit counts per access list entry in the GUI. It quickly reveals which entries are used very often and which ones are never used. On the… Read more →
    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and usage at… more »
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Top Answer:The central management feature is a big plus, allowing us to manage both local and cloud gateways from one platform.
    Top Answer:The pricing is okay. I know the cost for the competitors and CloudGuard pricing is fine. It is cheaper than other… more »
    Top Answer:There is room for improvement in addressing bugs and support issues. Communication with support, particularly with… more »
    Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer: Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports… more »
    Comparisons
    Also Known As
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    CloudGuard IaaS, Check Point vSEC, CloudGuard IaaS, Check Point Virtual Systems, Check Point CloudGuard Network Security
    Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
    Learn More
    Overview

    Fortinet FortiGate enhances network security, prevents unauthorized access, and offers robust firewall protection. Valued features include advanced threat protection, reliable performance, and a user-friendly interface. It improves efficiency, streamlines processes, and boosts collaboration, providing valuable insights for informed decision-making and growth.

    CloudGuard Network Security is a firewall solution that provides network security for cloud environments. It protects against cyber threats with multi-layered security for public, private, and hybrid clouds. 

    CloudGuard Network Security offers advanced threat prevention, firewall, VPN, and application security services, designed to secure cloud infrastructure, virtual networks, and cloud-based applications and workloads.

    CloudGuard Network Security Features

    CloudGuard Network Security has many valuable key features. Some of the most useful ones include:

    • Advanced threat prevention: The solution Includes anti-virus, anti-bot, and intrusion prevention to defend against known and unknown threats.
    • Firewall: It has a stateful inspection firewall and network address translation (NAT) to secure traffic flow between cloud resources and the internet.
    • VPN: CloudGuard Network Security offers secure and encrypted connectivity for remote users and between cloud resources.
    • Application security: It includes a web application firewall (WAF) and SSL inspection to secure web applications and protect against cyber attacks.
    • Cloud-native architecture: The solution is designed specifically for cloud environments and integrates with cloud-native services like Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).
    • Compliance and governance: It helps organizations comply with regulations such as PCI DSS, HIPAA, and GDPR by providing detailed reporting and auditing capabilities.
    • Multi-layered security: CloudGuard Network Security provides a comprehensive security solution with multiple layers of defense for maximum protection.

    CloudGuard Network Security Benefits

    There are many benefits to implementing CloudGuard Network Security. Some of the biggest advantages the solution offers include:

    • Scalability and flexibility: The solution supports dynamic scaling and flexible deployment options to meet the changing needs of cloud environments.
    • Automated deployment and management: CloudGuard Network Security enables fast and efficient deployment and management of security services through a centralized, cloud-based management console.
    • Future-proof: Designed for the cloud and integrated with cloud-native services, CloudGuard Network Security helps organizations prepare for future cloud requirements and advancements.

    Reviews from Real Users

    CloudGuard Network Security is a solution that stands out when compared to many of its competitors. Some of its major advantages are that it has good cloud security, is cost-effective, has no false positives, improves productivity, and much more.

    Bernard O., Technical Engineer at Harnssen Group Limited, says, "Check Point is one of the few solutions that pay attention to cloud security. Many others mostly focus on providing on-premises solutions."

    Another PeerSpot reviewer, Shrinkhala S., Senior Manager at Agriculture Skill Council of India appreciates the solution for many reasons: “There are no security lapses and 100% restriction of threat entrants in the system or server. It's a cost-effective solution with no false positive cases. The product helps in bringing productivity and enhanced customer experience for users.

    We have a happy workforce and more workforce retention and increased IT environment sustainability. There is 100% proactive detection of root causes and root sources. It is dynamic and agile, and its features and utilities continuously improve and evolve. It's the best-unified endpoint management solution for IT systems globally. The product is available for all kinds of business users.”

    "One of the main characteristics that CloudGuard Network Security has given us isgranularity and visibility,” explains Adriamcam, Consultant at ITQS.

    Cisco Secure Firewall stands as a robust and adaptable security solution, catering to organizations of all sizes. It's designed to shield networks from a diverse array of cyber threats, such as ransomware, malware, and phishing attacks. Beyond mere protection, it also offers secure access to corporate resources, beneficial for employees, partners, and customers alike. One of its key functions includes network segmentation, which serves to isolate critical assets and minimize the risk of lateral movement within the network.

    The core features of Cisco Secure Firewall are multifaceted:

    • Advanced threat protection is achieved through a combination of intrusion prevention, malware detection, and URL filtering technologies.
    • For secure access, the firewall presents multiple options, including VPN, remote access, and single sign-on.
    • Its network segmentation capability is vital in creating barriers within the network to safeguard critical assets.
    • The firewall is scalable, effectively serving small businesses to large enterprises.
    • Management is streamlined through Cisco DNA Center, a central management system.

    The benefits of deploying Cisco Secure Firewall are substantial. It significantly reduces the risk of cyberattacks, thereby enhancing the security posture of an organization. This security also translates into increased productivity, as secure access means uninterrupted work. Compliance with industry regulations is another advantage, as secure access and network segmentation align with many regulatory standards. Additionally, it helps in reducing IT costs by automating security tasks and simplifying management processes.

    In practical scenarios, Cisco Secure Firewall finds diverse applications. It's instrumental in protecting branch offices from cyberattacks, securing remote access for various stakeholders, safeguarding cloud workloads, and segmenting networks to isolate sensitive areas.

    User reviews from PeerSpot reflect an overall positive experience with the Cisco Secure Firewall. Users appreciate its ease of configuration, good management capabilities, robust protection, user-friendly interface, and scalability. However, some areas for improvement include better integration capabilities with other vendors, maturity, control over bandwidth for end-users, and addressing software bugs.

    In summary, Cisco Secure Firewall is a comprehensive, versatile, and reliable security solution that effectively meets the security needs of various organizations. It offers a balance of advanced protection, user-friendly management, and scalability, making it a valuable asset in the realm of network security.

    Sample Customers
    1. Amazon Web Services 2. Microsoft 3. IBM 4. Cisco 5. Dell 6. HP 7. Oracle 8. Verizon 9. AT&T 10. T-Mobile 11. Sprint 12. Vodafone 13. Orange 14. BT Group 15. Telstra 16. Deutsche Telekom 17. Comcast 18. Time Warner Cable 19. CenturyLink 20. NTT Communications 21. Tata Communications 22. SoftBank 23. China Mobile 24. Singtel 25. Telus 26. Rogers Communications 27. Bell Canada 28. Telkom Indonesia 29. Telkom South Africa 30. Telmex 31. Telia Company 32. Telkom Kenya
    Physicians Choice Laboratory Services, Helvetica Insurance
    There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
    Top Industries
    REVIEWERS
    Comms Service Provider16%
    Computer Software Company9%
    Financial Services Firm8%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Educational Organization20%
    Computer Software Company15%
    Comms Service Provider8%
    Manufacturing Company6%
    REVIEWERS
    Computer Software Company15%
    Manufacturing Company14%
    Financial Services Firm10%
    Security Firm10%
    VISITORS READING REVIEWS
    Computer Software Company14%
    Financial Services Firm13%
    Manufacturing Company7%
    Comms Service Provider7%
    REVIEWERS
    Financial Services Firm15%
    Comms Service Provider12%
    Computer Software Company12%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Educational Organization20%
    Computer Software Company16%
    Comms Service Provider9%
    Government6%
    Company Size
    REVIEWERS
    Small Business48%
    Midsize Enterprise23%
    Large Enterprise30%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise32%
    Large Enterprise41%
    REVIEWERS
    Small Business36%
    Midsize Enterprise20%
    Large Enterprise44%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise14%
    Large Enterprise59%
    REVIEWERS
    Small Business35%
    Midsize Enterprise24%
    Large Enterprise42%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise30%
    Large Enterprise46%
    Buyer's Guide
    Check Point CloudGuard Network Security vs. Cisco Secure Firewall
    March 2024
    Find out what your peers are saying about Check Point CloudGuard Network Security vs. Cisco Secure Firewall and other solutions. Updated: March 2024.
    765,386 professionals have used our research since 2012.

    Check Point CloudGuard Network Security is ranked 12th in Firewalls with 112 reviews while Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews. Check Point CloudGuard Network Security is rated 8.6, while Cisco Secure Firewall is rated 8.2. The top reviewer of Check Point CloudGuard Network Security writes "The solution has good threat emulation, threat extraction, and reporting features". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Check Point CloudGuard Network Security is most compared with Azure Firewall, VMware NSX, Akamai Guardicore Segmentation, Palo Alto Networks VM-Series and Illumio, whereas Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Juniper SRX Series Firewall. See our Check Point CloudGuard Network Security vs. Cisco Secure Firewall report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.