Cisco ASA vs. Fortinet FortiGate

Cisco ASA is ranked 2nd in Firewalls with 68 reviews vs Fortinet FortiGate which is ranked 1st in Firewalls with 33 reviews. The top reviewer of Cisco ASA writes "Syslog generation and forwarding are good but it lacks many UTM features". The top reviewer of Fortinet FortiGate writes "The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors". Cisco ASA is most compared with Fortinet FortiGate, Palo Alto Networks WildFire and Juniper SRX. Fortinet FortiGate is most compared with Cisco ASA, Sophos UTM and Palo Alto Networks WildFire. See our Cisco ASA vs. Fortinet FortiGate report.
Cancel
You must select at least 2 products to compare!
+Add products to compare
Most Helpful Review
Find out what your peers are saying about Cisco ASA vs. Fortinet FortiGate and others in Firewalls.
291,818 professionals have used our research since 2012.

Quotes From Members Comparing Cisco ASA vs. Fortinet FortiGate

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Pros
Beats sophisticated cyber attacks with a superior security appliance.It allowed us to consolidating multiple security devices into a single appliance.Valuable features include AnyConnect, double translations, and an independent IPS module.ASA 5505 and ASA 5506 are very powerful tools to use in a business environment, and provide a lot of security.It joins all branches and permits employees to work outside their offices, but everything is based on high securities standards (PCI compliance).Once configured to suit your needs, these firewalls are rock solid appliances.Cisco ASA has an okay CLI with a nice GUI.My confidence continues to build upon using Cisco firewalls.

Read more »

Advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless and simple integration into a large network.Easy to use support and licensing portal as well as activation process.The CLI and GUI do a good job of putting a lot at your fingertips.Their proxy-based inspection is responsive and secure.We can detect any attack of viruses or malware at the first point of contact.Whenever we raise a complaint with FortiGate, their response and resolution times are minimal.It has improved our organization with control data.Valuable features include the Web Application Firewall, and it even has DLP (data leak prevention).

Read more »

Cons
The only con that I have really seen with it is the reporting structure. FirePOWER is good. It has been a great help because, before that, it was not good at all.The Cisco ASA device needs overall improvement, as configurations alone do not completely secure my network.We are looking for software taxi capabilities.The product crashes. We have a cluster of firewalls and we regularly get failovers.The licensing needs simplification.The IPS module is combined with the main operating system.Intrusion prevention, we currently need to apply deep bracket inspection manually to use web filtering.Multiple WAN connections: Even though you can implement more than one interface to outside connections, it is lacking on load balances, etc.

Read more »

I think there could be more QoS featuresI would like to see improvements made to the dashboard and UI, as well as to the reporting.It could use more templates for third-party site-to-site VPN setups other than FortiGate and Cisco.There are problems with the custom reporting of the unique traffic. The data is there, but it is too difficult for us to extract.They need faster serviceability and more security features.The reports are very basic.The firewall engine is not so strong as of now, in my opinion... My second concern is that, while they have Zero-day vulnerability and anti-malware features, the threat engine needs to be strengthened, its efficiency can be increased.I need user-behavior analytics, to find threat scenarios from inside the organization, insider attacks. That would be very helpful for us. In addition, I would like next-generation features for small and medium businesses. These businesses require UTM, all in one product. Fortinet must include it.

Read more »

Pricing and Cost Advice
The cost of keeping the licensing up on the ASA is very expensive. It has a lot of positives, but the cost of going with it is really starting to be a major negative right now.Commercial leasing is the best option.ASA pricing seems high compared to other firewalls, such as the Sophos XG models.The licensing features are getting more complicated. These should be simplified.It was initially heavy on my pocket, but it soon actualised its worth.​It is worth every penny that we have invested in it.​We looking for a possible new solution because of the licensing and VPN.​Be sure of what features you are ​going to utilize to add/remove some from new bundles.

Read more »

Setup cost may be not so low, as you expect, because it depends on different factors, but TCO for 5 years may pleasantly surprise you.Compared to other firewall products, it's a little cheaper in terms of pricing.It scales well if you know what to buy from a physical box standpoint. They seem to offer something for every level.Pricing is good. They offer a lot of things, the most important is the support. Every time you upgrade your license, you also get insurance for the equipment. If you have any problem with equipment, they send in new equipment.The cost is too high... They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost.​We saved a bundle by not needing all the past appliances from an NGFW.​Easy to understand licensing requirements.The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors.

Read more »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
291,818 professionals have used our research since 2012.
Answers from the Community
Nishantha Cooray
Alberto E. Luna RodriguezReal User

The short answer is it depends on what you are looking for.

FortiGates are great devices. The offer lots of features, decent and friendly UI and overall good performance, and they do it cheaper than most others. Security features and UTM are pretty good too. However, from my experience, beware of dimensioning, if you're planning to activate several of the features a FG supports (AV, IPS, WLAN Controller and such), performance can drop substantially and cause all kinds of failures, so it might be a good idea to over-dimension your hardware a bit to avoid issues.

On the other hand, I've found Cisco to be the most stable and reliable, and offer better performance of the two. They also offer better protection and Cisco Support is the best IMO. However the prices of Cisco are often higher than other vendors. ASAs are more complex so there will be a steeper learning curve for you to get going with these and the GUI (ASDM) is lacking compared to others so knowing (and loving) the CLI is a must.

In summary, go Fortinet if you're looking for decent performance, great security and easy administration at lower prices. go Cisco if you require better security, performance and reliability, and don't mind paying a little extra and spending a few more hours learning to handle them.

Hope this helps. Regards.

27 March 17
Vũ TiếnCườngReal User

To answer your question, let me ask a question first? What's your main target? Security first or Money First? In my point of view and based on my real experience:
- Fortinet is good if you need an appliance with many features such as: antispam, antivirus, url filtering, app control, firewall. It's all-in-one solution --> Fortinet is easy to use and maintanance. But its perfomance is not so good as show on datasheet, if you turn-on IPS, the performance decreases for about 40-50%, and so on... I see a bit of my customer turn-on this feature because of its reliable. For support service, Fortinet response is poor,

- Cisco Firepower: its performance is good, if you purchase all-in-one license, you will also have features like URL Filtering, App Control, IPS. The most interesting part is AMP feature, I think it better than Fortinet product. You can view gartner report about AMP. Sourcefire has many cool features such as traffic profiling, correlation, remediation, auto discovery (host, application, user). It also has IPS auto learning feature and can help to auto tunning/ apply appropriate signatures for your application. It also has DNS security feature (using OpenDNS) to help to mitigate botnet, other features like IP Intelligence, C&C, Phishing, Spam Source... For support service, Cisco is better, with faster response time and also escalate time when your issue is very critical. Forgot to mention, Firepower can do DPI-SSL inspection, and if your infrastructure has F5, it will better to get SSL Offload to F5 and get packet inspection by Firepower, it's a good combination.

So in conclusion, if you want best in price product, you can choose Cisco. If money is a big problem, Fortinet is a choice. Also Cisco has many products that can suitable for your environment (from Firepower 2000 series to 8000 series)

Rgds,
CuongVT

27 March 17
Hamada AhmedReal User

With a fraction of the cost , the FortiGate3600C vs. Cisco ASA5585-XSSP60 is an example of how Fortinet beats Cisco in price/performance, capacity and overall security.

27 March 17
Michael DeesConsultant

Based on Gartner Magic Quadrant and other third party evaluations. Fortinet' Fortigate consistently outperforms Cisco's Firepower. When sizing the box for performance, I would get Fortinet directly involved so you don't accidentally purchase an underpowered firewall.

27 March 17
Panduka Samarasinghe CisspReal User

Hi,

It’s tough to give a comparison without knowing what I’m comparing it with. Is there a specific Cisco Firepower model you were looking at ?

When it comes to performance between 2 vendors there are always models which can match that of the other given they stay within budget.

Cheers...

28 March 17
Ranking
RANKING
Views
93,242
Comparisons
56,190
Reviews
67
Followers
4,537
Avg. Rating
7.8
Views
188,563
Comparisons
109,276
Reviews
36
Followers
4,758
Avg. Rating
8.3
Top Comparisons
Top Comparisons
Compared 33% of the time.
Compared 8% of the time.
See more Cisco ASA competitors »
Compared 18% of the time.
Compared 15% of the time.
See more Fortinet FortiGate competitors »
Also Known As
Also Known AsAdaptive Security Appliance, ASAFortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
Website/Video
Website/VideoCisco
Fortinet
Overview
Overview

Adaptive Security Appliance (ASA) is Cisco's end-to-end software solution and core operating system that powers the Cisco ASA product series. This software solution provides enterprise-level firewall capabilities for all types of ASA products, including blades, standalone appliances and virtual devices. Adaptive Security Appliance provides protection to organizations of all sizes, and allows end-users to access information securely anywhere, at any time, and through any device.

Adaptive Security Appliance is also fully compatible with other key security technologies, and so provides organizations with an all-encompassing security solution.

The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

OFFER
Learn more about Cisco ASA
Learn more about Fortinet FortiGate
Sample Customers
Sample CustomersThere are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, and City of Tomorrow. Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
Top Industries
Top Industries
REVIEWERS
Financial Services Firm
16%
Comms Service Provider
13%
Manufacturing Company
11%
Retailer
8%
VISITORS READING REVIEWS
Financial Services Firm
16%
Comms Service Provider
11%
Manufacturing Company
8%
Government
7%
REVIEWERS
Comms Service Provider
13%
Real Estate/Law Firm
13%
Energy/Utilities Company
13%
Construction Company
8%
VISITORS READING REVIEWS
Financial Services Firm
15%
Comms Service Provider
10%
Government
7%
Manufacturing Company
6%
Company Size
Company Size
REVIEWERS
Small Business
36%
Midsize Enterprise
31%
Large Enterprise
33%
VISITORS READING REVIEWS
Small Business
30%
Midsize Enterprise
29%
Large Enterprise
40%
REVIEWERS
Small Business
49%
Midsize Enterprise
31%
Large Enterprise
20%
VISITORS READING REVIEWS
Small Business
33%
Midsize Enterprise
39%
Large Enterprise
28%
Find out what your peers are saying about Cisco ASA vs. Fortinet FortiGate and others in Firewalls.
Download now
291,818 professionals have used our research since 2012.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sign Up with Email