Cisco ASA vs. Fortinet FortiGate

Cisco ASA is ranked 2nd in Firewalls with 77 reviews vs Fortinet FortiGate which is ranked 1st in Firewalls with 44 reviews. The top reviewer of Cisco ASA writes "Syslog generation and forwarding are good but it lacks many UTM features". The top reviewer of Fortinet FortiGate writes "The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors". Cisco ASA is most compared with Fortinet FortiGate, Meraki MX Firewalls and Juniper SRX. Fortinet FortiGate is most compared with Cisco ASA, Sophos UTM and pfSense. See our Cisco ASA vs. Fortinet FortiGate report.
Cancel
You must select at least 2 products to compare!
Cisco ASA Logo
105,669 views|52,863 comparisons
Fortinet FortiGate Logo
216,146 views|106,802 comparisons
Most Helpful Review
Find out what your peers are saying about Cisco ASA vs. Fortinet FortiGate and other solutions.
310,623 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
Its VPN and ASN features are very stable.The setup was straightforward. I was happy with the configuration and deployment of the solution, as it was quick.It provides security for our company, and our users.It protects our network.The stability of the product is good.Cisco ASA is very strong.It is a secure product.It is scalable and stable.

Read more »

It is easy to use and performs very well.We are a visual effects company, and there have been a number of high profile security issues in our industry. This has brought us to a higher standard of security, which our clients are very keen on these days.It's a firewall that secures our internal network. I have been using it since 2013, and I find that most of the features are advanced, and very user friendly.The most valuable feature is the bundled subscription, which is IPS, TV and web filtering.It is a good source for firewall protection.It has improved our security capabilities.I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over.It performs very well.

Read more »

Cons
In terms of next-generation capabilities, Cisco is a little behind, and it is way behind the market leaders.The initial setup was complex.The pricing is a bit high.Migration with other appliances is not easy. It has to be done manually, and this takes a long time.It is not easy to configure.The scalability is a bit limiting, to be honest. In terms of when you look to changing landscape in terms of threats, I think to me, my personal it's a bit limiting.Tech support could not answer all of our questions. I had to do research on the web to solve my issues.<p>If there is old hardware, or appliances, it does not necessarily work with the new Cisco generation firewalls.

Read more »

There could be more integration between the logging and analytical platforms to make it more seamless and integrated.We had a minor problem where there was a major system upgrade on the hardware platfrom and the Mac client was not available as soon as it might have been. The PC client was available immediately, but we had to wait a month or so, before there was a mac client. I was slightly irritated that it was not ready on time, but it was eventually resolved.The web-cache feature which was previously on the FortiGate device, but was deleted with the recent upgrade should be returned. It was a very valuable feature for us.I think they need to improve more in order to be a competitor with the leaders of the field.The UTM filtering needs improvement.There were quite a few problems with the stability of the system.A couple of things I've seen that need improvement, especially in terms of a hard coding. The driver-level active moment really is out-of-the-box and we have to have contact the customer support and sometimes it is difficult to resolve.I would like to see more advanced developments of a wireless controller in the future.

Read more »

Pricing and Cost Advice
The cost is a bit high compared to other solutions in the market.Cisco recently has become very expensive.The cost is a bit higher than other competitive solutions on the market.It is considered on the "high end" of the spectrum.The cost of keeping the licensing up on the ASA is very expensive. It has a lot of positives, but the cost of going with it is really starting to be a major negative right now.Commercial leasing is the best option.ASA pricing seems high compared to other firewalls, such as the Sophos XG models.The licensing features are getting more complicated. These should be simplified.

Read more »

It is a good product from a price perspective versus functionality.Price-wise, it's at a good price point for our market.It is cost-effective, and provides a good value for your money. The pricing, and license renewal, is very reasonable for us.They need to be competitive with other solutions.It is an inexpensive solution.We find the most valuable aspect of this solution is the price. It is affordable, and cheaper than other firewalls.The pricing is perfect.The price, in comparison to other products is very cheap.

Read more »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
310,623 professionals have used our research since 2012.
Answers from the Community
Miriam Tover
Alberto E. Luna RodriguezReal User

Fortinet FGs: Great devices, relatively easy to deploy and maintain. Cheaper than most devices of their kind. If you're looking for a lot of features at a relatively low price point this is the way to go. However, beware of Fortinet's promises performance-wise, if you take this route you'll want to over-dimension your device a bit, otherwise you will not be activating the features you're buying. Stability and reliability is OK (careful with software upgrades as they tend to break some things).

Cisco ASA: My personal preference because of the peace of mind they provide (specially if it's your phone that rings every time something breaks). Not as friendly as Fortinet, takes effort deploy and maintain. They are more expensive and offer less features, but they do the work they are built for, and they do it exceptionally. If you are looking for stability, reliability and great support, and you don't mind spending some extra dollars then this is the way to go, Firepower adds some of the missing features that other vendors offer, but not as well integrated IMO. They are improving on that regard, but still lag behind other vendors with UTM devices.

18 December 18
NetworkE721dReal User

1. The biggest difference between the two is the pricing. You can get a higher model of FortiGate with all the bells and whistles for a quarter of the price of the basic model of the Cisco Firepower (cisco's next gen firewalls).
2. Cisco ASA will be end of production pretty soon. I am unsure if they will continue to sell the ASA with Firepower bundle.
3. The only upside of buying Cisco these days is for the TAC support which of course comes with a huge cost of smartnet support cost.
4. The down side of FortiGate is that their support isn't as great as Cisco. So if you know what you are doing you can get by with FortiGate just fine and save a bunch of money in the process. It is not that difficult to work with FortiGate.
5. My suggestion is do a Proof of Concept with both the hardware on site and evaluate the performance and ease of use. Your sales rep for Cisco and FortiGate should be able to get you a demo device.
6. Also key when choosing a firewall is understanding the nature of your traffic. For example: My previous company dealt with a lot of bid traffic which are really small packets but in large numbers and the Palo Alto firewall that we brought for almost $500K could not handle it, hence do your due diligence and understand the traffic that will be passing through the firewall.
7. Evaluate the firewall to see if it can handle east-west traffic security (zero trust deployment).

19 December 18
reviewer690582Real User

Before I respond completely, does it matter if the bandwidth is compromised while all firewall apps are active?

My experience with Fortinet was heavy overhead while their firewall apps were active. This was with a 1GHz Verizon FIOS business account (1 GHz up AND download). Hardwired endpoints and WiFi connections using Fortigate APs were under 20 devices. We were below 100 MHz and was confirmed with my 3rd party whom I had a 5 day a week 8 hours/day support account. That is a greater than 90% overhead. The Fortinet device was a 90-D router - that was overkill for what my company size was and yet, still had that performance.

17 December 18
Jefferson LoiseauUser

In order to answer that question a few things needs to be understood about the current environment.

For small to medium business where funding is a concern, the Fortinet are a very good long term solution. If you are deploying an External and Internal environment, you could leverage a combination of both where the Cisco ASA is on the internal and Fortinet on the external.

Fortinet’s are easier to deploy and there security approach is top end.

ASA are a bit more difficult and with the FirePower are known to be an issue when deploying and pushing out policies.

I’d be more inclined to go with the Fortinet’s than ASA’s is staff and resources are limited.

17 December 18
Goumou FerdinandUser

Hello, I recommend Cisco ASA, it is very consistence, powerful, flexible and interoperability that is the main goal of Cisco products. I always recommend to my client ASA if they need Firewall only.
Fortigate is a good product, easy to implement and manage, it is also less expensive compare to ASA, I most of the time recommend Fortinet to a client who have limited budget for security, so by choosing Fortigate, the client can use the other services such as antivirus, malware protection, application control and so on.
So in summary the choice is not made base on the device, but base on the customer infrastructure, budget and technical resource they have to manage the devices.

Cheers,

20 December 18
Ranking
2nd
out of 47 in Firewalls
Views
105,669
Comparisons
52,863
Reviews
74
Followers
3,991
Avg. Rating
7.9
1st
out of 47 in Firewalls
Views
216,146
Comparisons
106,802
Reviews
37
Followers
4,262
Avg. Rating
8.4
Top Comparisons
Compared 34% of the time.
Compared 9% of the time.
Compared 8% of the time.
Compared 17% of the time.
Compared 14% of the time.
Compared 9% of the time.
Also Known As
Adaptive Security Appliance, ASAFortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
Learn
Cisco
Fortinet
Overview

Adaptive Security Appliance (ASA) is Cisco's end-to-end software solution and core operating system that powers the Cisco ASA product series. This software solution provides enterprise-level firewall capabilities for all types of ASA products, including blades, standalone appliances and virtual devices. Adaptive Security Appliance provides protection to organizations of all sizes, and allows end-users to access information securely anywhere, at any time, and through any device.

Adaptive Security Appliance is also fully compatible with other key security technologies, and so provides organizations with an all-encompassing security solution.

Block more threats and quickly mitigate those that do breach your defenses with the industry’s first threat-focused NGFW.

The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

Offer
Learn more about Cisco ASA
Learn more about Fortinet FortiGate
Sample Customers
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
Top Industries
REVIEWERS
Manufacturing Company15%
Financial Services Firm15%
Comms Service Provider13%
Retailer6%
VISITORS READING REVIEWS
Comms Service Provider21%
Financial Services Firm14%
Manufacturing Company9%
Energy/Utilities Company6%
REVIEWERS
Comms Service Provider13%
Media Company10%
Real Estate/Law Firm10%
Financial Services Firm10%
VISITORS READING REVIEWS
Financial Services Firm15%
Comms Service Provider10%
Government7%
Manufacturing Company6%
Company Size
REVIEWERS
Small Business36%
Midsize Enterprise30%
Large Enterprise34%
VISITORS READING REVIEWS
Small Business30%
Midsize Enterprise29%
Large Enterprise40%
REVIEWERS
Small Business47%
Midsize Enterprise28%
Large Enterprise25%
VISITORS READING REVIEWS
Small Business34%
Midsize Enterprise38%
Large Enterprise28%
Find out what your peers are saying about Cisco ASA vs. Fortinet FortiGate and other solutions.
310,623 professionals have used our research since 2012.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sign Up with Email