We performed a comparison between Cisco Secure Firewall and SonicWall NSa based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I really like the captive portal feature for our guest network. It has nice VLAN features in terms of separating our network. The anti-virus is also good."
"The application control features, such as Facebook blocking and Spotify blocking, are the most valuable."
"I have found Fortinet FortiGate to be scalable."
"The tool is a nice product and easy to handle. The software's user interface is also good. You can easily implement remote access in the solution."
"The SD-WAN is the most valuable feature."
"The main benefit is the grouping of our security monitoring."
"The most valuable features of Fortinet FortiGate are the different types of profiling. It has been the most effective for me. The WAF and the antivirus profile are the most effective in network protection."
"One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them."
"Management Console and user profiling to define activities."
"AnyConnect has been very helpful, along with the ability to use LDAP for authentication."
"The greatest benefit that this has provided to our organization is that we've been able to adjust the time that it takes to implement firewall changes. It's gone from a week to less than half a day to implement a change, which means that our DevOps team can be much more agile, and there is much less overhead on the firewall team."
"The high-availability and remote VPN features are most valuable."
"On the network side, where you create your rules for allowing traffic — what can come inside and what can go out — that works perfectly, if you know what you want to achieve. It protects you."
"We have been using a 5520 for seven years in our datacenter and we are satisfied by this version."
"Its in-depth monitoring and analysis help us to make better decisions and policies."
"The interface is user-friendly."
"It has good reporting, the reporting is marvelous."
"It is a brilliant product. It is a Unified Threat Management (UTM) system. It has got about 11 security services that take care of your perimeter security. It takes care of any kind of cyber threats that could come in. It takes care of creating VPNs between two SonicWalls instantly and very easily. It has got spyware in it as well as a firewall. It has also got a gateway antivirus and an application firewall that can block things from outside."
"The filtering is excellent."
"The prices are similar to other vendors and the support is good."
"For me, the most valuable feature of SonicWall NSa is the UTM."
"Valuable features include a web filter, DHCP, and monitoring capabilities."
"The most valuable aspect of the solution is its ability to work like any other firewall."
"The most valuable features of this solution are the GUI pre-filtering and the ATP (advanced threat protection)."
"The cloud management and automation capability could be improved."
"It could use more templates for third-party site-to-site VPN setups other than FortiGate and Cisco."
"The sniffing packets or packet captures, can be simplified and improved because it's a little confusing."
"Its reporting capabilities can be improved. It should have some out-of-the-box reporting capabilities and some degree of customization. The basic reporting that it currently has is not sufficient to create more usable reports. It needs some sort of out-of-the-box reporting. They try to make customers purchase FortiAnalyzer for this kind of reporting, which is an additional cost. Other firewall vendors, such as SonicWall and Sophos, provide this sort of reporting without any additional cost."
"The updates Fortinet provides are sometimes unstable."
"I would like to see improvements in the product's application rules."
"The routing capability on the FortiGate devices has room for improvement."
"They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI."
"They should allow customers to talk to them directly instead of having to go through the reseller."
"I'm not a big fan of the FDM (Firepower Device Manager) that comes with Firepower. I found out that you need to use the Firepower Management Center, the FMC, to manage the firewalls a lot better. You can get a lot more granular with the configuration in the FMC, versus the FDM that comes out-of-the-box with it. FDM is like Firepower for dummies."
"Also, they have a Firepower source file that I can work on the ASA device and on Firepower devices. A problem here lies in the way that you manage these devices. Some devices do not support the FMC, and some devices have to be managed through ASDM, and others have to be managed through FMC."
"I would like it to have faster deployment times. A typical deployment could take two to three minutes. Sometimes, it depends on the situation. It is better than it was in the past, but it could always use improvement."
"I wish the Cisco interface was not so granular. Check Point was easier to create specific rules than with ASAv."
"Cisco is still catching up with its Firepower Next-Generation firewalls."
"I was just trying to learn how this product actually operates and one thing that I see from internal processing is it does fire-walling and then sends it to the IPS model and any other model that needs to be performed. For example, content checking or filtering will be done in a field processing manner. That is something that causes delays in the network, from a security perspective. That is something that can be improved upon. Palo Alto already has implemented this as a pilot passed processing. So they put the same stream of data across multiple modules at the same time and see if it is giving a positive result by using an XR function. So, something similar can be done in the Cisco Firepower. Instead of single processing or in a sequential manner, they can do something similar to pile processing. Internal function that is something that they can improve upon."
"Usually, the customers are satisfied, but I am going to recommend that all clients upgrade to FirePOWER management. I want Cisco to improve the feature called anti-spam. We use a Cisco only email solution, that's why we need the anti-spam on email facility."
"It doesn't require much improvement. The only improvement area is that cloud reporting, assessment reporting, and other reporting features should be available with the subscription. They should provide reporting features with the subscription base, which is currently not there. We bought the reporting tool, but there are some complications. They have made some changes to the application, and now the reporting management is completely on the cloud."
"The product has a lot of bugs, actually. We are facing some issues with this product. The DPI SSL feature which is there, it is not working properly."
"It would be useful to have an application firewall that prevents the outside world from seeing your private IPs. You don't need to publicize your private IPs to the outside world, and you can create a barrier, like a proxy server."
"Initially, it may be difficult for some people to learn and become acquainted with it."
"The dynamics needs to be improved. The solution is not very compatible compared to the market products."
"The implementation for VLANs is a little bit cumbersome. It would be good to make that a little bit easier."
"SonicWall does not support DynDNS, yet this is an important feature for smaller companies that do not have a static IP address."
"I would like to have a built-in vulnerability scanner in the firewall. It would be great to have such functionality. Its price could also be better. It would also be good to have a local warehouse. It doesn't get damaged a lot, but if a customer needs a replacement, currently, it has to come from Miami or Mexico, which can take a few days. It would be better if they have a local warehouse from where we can just pick replacements and quickly solve a client's needs in terms of replacing equipment. It would be great to have it locally instead of waiting for it from Mexico or the USA."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while SonicWall NSa is ranked 20th in Firewalls with 77 reviews. Cisco Secure Firewall is rated 8.2, while SonicWall NSa is rated 7.8. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of SonicWall NSa writes "Great performance and security with reasonable pricing". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Huawei NGFW, whereas SonicWall NSa is most compared with SonicWall TZ, Meraki MX, Sophos XG, Netgate pfSense and WatchGuard Firebox. See our Cisco Secure Firewall vs. SonicWall NSa report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.