We performed a comparison between Cisco Secure Firewall and Meraki MX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Meraki MX is the winner in this comparison. It is easier to set up and more user-friendly than Cisco ASA Firewall. In addition, Meraki MX is a less expensive solution than Cisco Secure Firewall.
"It is a good source for firewall protection."
"The IPS is good. It protect my network from attackers."
"Fortigate's most valuable feature is that it doesn't need a push policy when writing rules."
"The most valuable features of the solution are SD-WAN, filtering testing applications, web filtering, and the new VPN."
"The scalability of Fortinet FortiGate is good."
"The integration with Active Directory is one of the good features. Most of the customers are now looking for the Single Sign-on feature. So, being able to integrate Active Directory with the firewall is useful. It is also easy."
"The most useful functionality of Fortinet FortiGate is the user interface, multiple engines, and their cloud with the latest integrations. Additionally, the Security Fabric tool is very good."
"It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall. You don't need to pay some other company for another product to do that for you. The firewall can do that for you. So, it's an easy-to-use product for people to be independent. They don't need to rely on other vendors to do what the firewall can do. They can do everything."
"The configuration capabilities and the integration with other tools are the most valuable features. I really like this product. Cisco is one of my favorite brands, and I always think Cisco solutions are very reliable, easy to configure, and very secure."
"IPS and Snort are very important because they also differentiate Cisco from other vendors and competitors."
"A powerful enterprise security solution that is dependible."
"There are no issues that we are aware of. It does its job silently in the background."
"Right now, Cisco ASA NGFW has given us a lot of improvement. We are planning to move to a new facility and will be a much larger organization."
"URL filtering is valuable."
"It's the VPN side of things that has been most useful for us. It allows us to secure our users even when they're working from home. They are able to access all of our resources, no matter where they are in the world."
"Beats sophisticated cyber attacks with a superior security appliance."
"The security level of our organization has changed by using Meraki MX Firewalls. We didn't have the UTM before, but now we have sandboxing, tray scanning, attack preventions and monitorization. Our security level has improved."
"It has very good features; it's easy to use, configure, set up, and deploy."
"The product is quite secure, easy to manage, and well-connected with other devices."
"We work also with domain control (DC) from Microsoft or Amazon. We use a whole virtual appliance with Meraki."
"Since it has an integrated dashboard for all the products, customers can get complete network analytics regarding what the user is doing, monitoring, and observing."
"I think cloud management is key. The cloud management and support are the two things that make the product great."
"It prevents us from being hacked and delivers information about who and where the attack came from."
"When you try to create an IP or when you have an alert about when a website is banned, these features are helpful."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"The solution lacks sufficient filtering."
"I haven't had a single issue since using Fortinet."
"If I had any criticism that I would give FortiGate, it would be that they need to stop changing their logging format. Every time we do a firmware upgrade, it is a massive issue on the SIM. Parsers have to be rebuilt. Even the FortiGate guys came in and said that they don't play well in the sandbox."
"In the balance between links feature normally you can just choose one option to balance. It would be better for the solution to have more than one option, preferably three."
"We would like to see a better training platform implemented."
"We had a minor problem where there was a major system upgrade on the hardware platfrom and the Mac client was not available as soon as it might have been. The PC client was available immediately, but we had to wait a month or so, before there was a mac client. I was slightly irritated that it was not ready on time, but it was eventually resolved."
"The solution can have more features in a single box that can be multi-applied to integrate everything."
"I would like for them to develop better integration with other security platforms."
"Other products are becoming easier to access and configure. They are providing UI interfaces to configure, take backup, synchronize redundant machines, and so on. It is very easy to take backup and upgrade the images in those products. Cisco ASA should have such features. If one redundant machine is getting upgraded, the technology and support should be there to upgrade other redundant machines. In a single window, we should be able to do more in terms of backups, restores, and upgrades."
"The license system is also good but it's not very impressive. It's a very regular licensing system. They call it a smart license which means that your device will connect to the internet. This is a little bit of a headache for some customers. It doesn't make the customer happy because most of the customers prefer not to connect their firewall or system to the internet."
"The initial setup could be simplified, as it can be complex for new users."
"I needed to be well-versed with all the command lines for Cisco ASA in order to fully utilize it. I missed this info and wasted some operational costs."
"Its implementation was not straightforward. It was mainly because we were running two projects together."
"The throughput highlighted on the datasheet (10Gbps) should be reviewed. This throughput is only for a UDP running environment, which you will never find in the real world. Rather consider a multiprotocol throughput."
"Cisco ASA is not a next-generation firewall product."
"It is very expensive."
"I need more UTM protection security features."
"The product doesn't support route summarization and BGP dynamic routing protocol."
"Right now, you can postpone the update but eventually, if you don't do the update, it will install the updates automatically for you and that's something that is not working for me."
"The IPS, the Intrusion Prevention System, can be improved."
"It would be great if the Meraki devices let us see, in real time, the internet demand on a single device."
"You can only have one tunnel in the whole infrastructure — one tunnel with one device."
"It would be nice if the different services, including the SIEM SOC and endpoint detection and response (EDR) were integrated into one, so that I don't have to go to different vendors for different services."
Cisco Secure Firewall is ranked 4th in Firewalls with 112 reviews while Meraki MX is ranked 2nd in Unified Threat Management (UTM) with 22 reviews. Cisco Secure Firewall is rated 8.2, while Meraki MX is rated 8.2. The top reviewer of Cisco Secure Firewall writes "Includes multiple tools that help manage and troubleshoot, but needs SD-WAN for load balancing". On the other hand, the top reviewer of Meraki MX writes "Great solution that can manage multiple devices (security, switches, APs, Cameras) with a single pane of glass". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Sophos XG, Juniper SRX Series Firewall and Palo Alto Networks NG Firewalls, whereas Meraki MX is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Netgate pfSense, SonicWall TZ and SonicWall NSa. See our Cisco Secure Firewall vs. Meraki MX report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Meraki is designed for zero deployments and no in-house firewall specialist personnel. Best to secure Networks like remote offices, branches or home offices. Also to protect Internet Access (your computer accesses the internet).
Cisco ASA is more of a professional firewall, not only protecting internet access but also providing security for publishing services like web servers, data centers, central services. They will need a specialist to install and support them. Therefore offer much more sophisticated protection features.
So you can't really compare these solutions, as they are targeting different markets.
You might compare Cisco to Sophos, but again, these are different protection solutions, one for network protection, the other for client protection. If you look only at the firewall part, you miss a lot in the total protection approach with Sophos.
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports network security and firewall options. We researched both Meraki and ASA. We liked that ASA provides a solid VPN setup and integrates with other Cisco security offerings.
Cisco ASA is great for routing and accessing remote office locations via the remote VPN. We also liked the high availability and customizable nating (Network Access Translation). It is very reliable and easy to use. You can easily configure a site-to-site VPN to connect multiple sites. The support is great - they respond 24/7/365 and there is a lot of documentation available.
The downside is that ASAs are aging. Therefore, Cisco ASAs are best suited to small businesses. If you need something affordable that gets the job done, ASA is a good option.
We chose Cisco Meraki, because, in our opinion, it is a step forward from ASA. The level of security and intrusion detection is great, and because it is cloud-based, it is easy to change the configuration without downtime. Logging is very comprehensive, and management is very simple.
The best feature is content filtering with granular control. Cisco Meraki offers advanced malware protection, including traffic shaping. Another feature we really like is that you can pre-configure devices before they arrive at the installation.
It doesn’t work with DMVPN, which is a downside. Another feature that could use some improvement is reporting, which is not real-time. The price can get expensive but if you can afford it, a full-stack Cisco Meraki system does a great job keeping your network secure.
Conclusions:
If you want a robust but basic firewall, ASA is your best choice. Cisco Meraki is a better choice if you are looking for a next-generation firewall with advanced security features and easy management.