Cisco ASA vs Fortinet FortiGate

Cisco ASA is ranked 2nd in Firewalls with 56 reviews vs Fortinet FortiGate which is ranked 1st in Firewalls with 25 reviews. The top reviewer of Cisco ASA writes "Syslog generation and forwarding are good but it lacks many UTM features". The top reviewer of Fortinet FortiGate writes "FortiGate security appliances provide UTM security in a single device with a good administrative interface and performance". Cisco ASA is most compared with Fortinet FortiGate, Palo Alto Networks WildFire and Juniper SRX. Fortinet FortiGate is most compared with Cisco ASA, Sophos UTM and Palo Alto Networks WildFire. See our Cisco ASA vs Fortinet FortiGate report.
Cancel
You must select at least 2 products to compare!
+Add products to compare
Most Helpful Review
Cisco asa vs. fortinet fortigate report from it central station 2018 05 04 thumbnail
Find out what your peers are saying about Cisco ASA vs Fortinet FortiGate and others in Firewalls.
269,736 professionals have used our research since 2012.

Quotes From Members Comparing Cisco ASA vs Fortinet FortiGate

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Pros
The firewall and policy side are easy to use.A stable, reliable solution used to protect the network's perimeter.It is much better than most of the other firewalls that I have worked with.VPN, firewall, and IDS/IPS allow us to deliver services to meet client needs across various industry verticals.Filtering is the best feature.Its ability to work with the traffic.​If only a Layer 4 FW is needed, this is a good solution.It is very stable.

Read more »

It's very easy to set up, it's very easy to make policies and, for an organization, that means you don't need IT expert in firewalls. You just need to have somebody who knows a little bit of IT, and that's it. With other products, you need someone with a "Masters" degree in firewalls.You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it.Advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless and simple integration into a large network.Easy to use support and licensing portal as well as activation process.A strong point of FortiGate is that the graphical interface is complete and easy to use, especially if we think there is a list of operations that we are able to perform inside.Consolidated our network environment at all locations, but mainly at our datacenter.It is a one box solution, which covers most of the edge device’s requirements.​Easy to implement, and it is also reliable.​

Read more »

Cons
Make the IPS baked-in.It is a good firewall, though not NextGen.it is not very user-friendly for the administration.It needs more tunneling capabilities.MSSP oriented interface: I would like a single console which would allow me to manage settings creating consistency across all customers.The IPS and GUI are outdated.It is slowly not supported and other vendors are a few years ahead of Cisco in development.​I would like it to be easier to work with and have a better user interface.​ It is not straightforward. You need to know the Cisco command-line interface.

Read more »

As far as wanting more scalability or things in the network diagram, it's going to cost you.I think there could be more QoS featuresI would like to see improvements made to the dashboard and UI, as well as to the reporting.With FortiGate, the main complaint that I have heard is about the technical support.One area for improvement is the performance on bandwidth demands for smaller devices, as well as better web filtering.​It needs to improve its ISP load balancing.​Reporting is limited to providing an external appliance for improving the reporting capabilities of the FortiAnalyzer. It does not offer a central management and is also sold separably as an appliance.MTBF: Hardware failure is more common when compared to SonicWall or Cisco ASA.

Read more »

Pricing and Cost Advice
​It is worth every penny that we have invested in it.​We looking for a possible new solution because of the licensing and VPN.​Be sure of what features you are ​going to utilize to add/remove some from new bundles.It requires additional licensing to enable 10G ports.License capacity needs to be extended and the vendor needs to work on the pricing.Pricing is why we had to go for a UTM. For us to achieve what we needed, if we had gone with the ASA, the cost would have been high compared to getting one box (UTM).​Price point is too high for features and throughput available.​Cisco devices are for sure costly and budget could be an important constrain on selecting them as our security solution.

Read more »

Pricing is good. They offer a lot of things, the most important is the support. Every time you upgrade your license, you also get insurance for the equipment. If you have any problem with equipment, they send in new equipment.The cost is too high... They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost.Setup cost may be not so low, as you expect, because it depends on different factors, but TCO for 5 years may pleasantly surprise you.​We saved a bundle by not needing all the past appliances from an NGFW.​Easy to understand licensing requirements.The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors.Work through partners for the best pricing.Go for long term pricing negotiated at the time of purchase.

Read more »

Cisco asa vs. fortinet fortigate report from it central station 2018 05 04 thumbnail
Find out what your peers are saying about Cisco ASA vs Fortinet FortiGate and others in Firewalls.
269,736 professionals have used our research since 2012.
Answers from the Community
C2085e1c 58ce 4e62 8305 8af5abca26f2 avatar
Nishantha Cooray
Alberto e luna rodriguez avatar 1432051310?1432051308

The short answer is it depends on what you are looking for.

FortiGates are great devices. The offer lots of features, decent and friendly UI and overall good performance, and they do it cheaper than most others. Security features and UTM are pretty good too. However, from my experience, beware of dimensioning, if you're planning to activate several of the features a FG supports (AV, IPS, WLAN Controller and such), performance can drop substantially and cause all kinds of failures, so it might be a good idea to over-dimension your hardware a bit to avoid issues.

On the other hand, I've found Cisco to be the most stable and reliable, and offer better performance of the two. They also offer better protection and Cisco Support is the best IMO. However the prices of Cisco are often higher than other vendors. ASAs are more complex so there will be a steeper learning curve for you to get going with these and the GUI (ASDM) is lacking compared to others so knowing (and loving) the CLI is a must.

In summary, go Fortinet if you're looking for decent performance, great security and easy administration at lower prices. go Cisco if you require better security, performance and reliability, and don't mind paying a little extra and spending a few more hours learning to handle them.

Hope this helps. Regards.

27 March 17
96e7872c 8911 4376 a0a9 b8f82f6f06a3 avatar

To answer your question, let me ask a question first? What's your main target? Security first or Money First? In my point of view and based on my real experience:
- Fortinet is good if you need an appliance with many features such as: antispam, antivirus, url filtering, app control, firewall. It's all-in-one solution --> Fortinet is easy to use and maintanance. But its perfomance is not so good as show on datasheet, if you turn-on IPS, the performance decreases for about 40-50%, and so on... I see a bit of my customer turn-on this feature because of its reliable. For support service, Fortinet response is poor,

- Cisco Firepower: its performance is good, if you purchase all-in-one license, you will also have features like URL Filtering, App Control, IPS. The most interesting part is AMP feature, I think it better than Fortinet product. You can view gartner report about AMP. Sourcefire has many cool features such as traffic profiling, correlation, remediation, auto discovery (host, application, user). It also has IPS auto learning feature and can help to auto tunning/ apply appropriate signatures for your application. It also has DNS security feature (using OpenDNS) to help to mitigate botnet, other features like IP Intelligence, C&C, Phishing, Spam Source... For support service, Cisco is better, with faster response time and also escalate time when your issue is very critical. Forgot to mention, Firepower can do DPI-SSL inspection, and if your infrastructure has F5, it will better to get SSL Offload to F5 and get packet inspection by Firepower, it's a good combination.

So in conclusion, if you want best in price product, you can choose Cisco. If money is a big problem, Fortinet is a choice. Also Cisco has many products that can suitable for your environment (from Firepower 2000 series to 8000 series)

Rgds,
CuongVT

27 March 17
Acefc34e 2377 43ff b058 a7d7b6a90c8a avatar
Hamada AhmedReal User

With a fraction of the cost , the FortiGate3600C vs. Cisco ASA5585-XSSP60 is an example of how Fortinet beats Cisco in price/performance, capacity and overall security.

27 March 17
Ranking
RANKING
Views
82,274
Comparisons
60,293
Reviews
52
Followers
5,675
Avg. Rating
7.7
Views
162,443
Comparisons
112,264
Reviews
23
Followers
5,863
Avg. Rating
8.1
Top Comparisons
Top Comparisons
Fortinet
Compared 33% of the time.
Juniper networks
Compared 8% of the time.
See more Cisco ASA competitors »
Cisco
Compared 18% of the time.
Sophos logo
Compared 16% of the time.
See more Fortinet FortiGate competitors »
Also Known As
Also Known AsAdaptive Security Appliance, ASAFortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
Website/Video
Website/VideoCisco
  • Vendor 7042 screenshot 1523857417
Fortinet
  • Vendor 7314 screenshot 1524940687
OverviewQuestionmark icon
Overview

Adaptive Security Appliance (ASA) is Cisco's end-to-end software solution and core operating system that powers the Cisco ASA product series. This software solution provides enterprise-level firewall capabilities for all types of ASA products, including blades, standalone appliances and virtual devices. Adaptive Security Appliance provides protection to organizations of all sizes, and allows end-users to access information securely anywhere, at any time, and through any device.

Adaptive Security Appliance is also fully compatible with other key security technologies, and so provides organizations with an all-encompassing security solution.

The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

OFFER
Learn more about Cisco ASA
Learn more about Fortinet FortiGate
Sample Customers
Sample CustomersThere are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, and City of Tomorrow. Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
Top IndustriesQuestionmark icon
Top Industries
REVIEWERS
Financial Services Firm
15%
Retailer
9%
Comms Service Provider
9%
Manufacturing Company
9%
VISITORS READING REVIEWS
Financial Services Firm
17%
Comms Service Provider
11%
Manufacturing Company
8%
Government
7%
REVIEWERS
Healthcare Company
12%
Energy/Utilities Company
12%
Comms Service Provider
12%
Health, Wellness And Fitness Company
6%
VISITORS READING REVIEWS
Financial Services Firm
16%
Comms Service Provider
11%
Government
7%
Manufacturing Company
7%
Company SizeQuestionmark icon
Company Size
REVIEWERS
Small Business
35%
Midsize Enterprise
31%
Large Enterprise
34%
VISITORS READING REVIEWS
Small Business
30%
Midsize Enterprise
30%
Large Enterprise
40%
REVIEWERS
Small Business
47%
Midsize Enterprise
36%
Large Enterprise
18%
VISITORS READING REVIEWS
Small Business
32%
Midsize Enterprise
38%
Large Enterprise
31%
Cisco asa vs. fortinet fortigate report from it central station 2018 05 04 thumbnail
Find out what your peers are saying about Cisco ASA vs Fortinet FortiGate and others in Firewalls.
Download now
269,736 professionals have used our research since 2012.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sign Up with Email