Cisco ASA vs Fortinet FortiGate

Cisco ASA is ranked 2nd in Firewalls with 66 reviews vs Fortinet FortiGate which is ranked 1st in Firewalls with 29 reviews. The top reviewer of Cisco ASA writes "Syslog generation and forwarding are good but it lacks many UTM features". The top reviewer of Fortinet FortiGate writes "FortiGate security appliances provide UTM security in a single device with a good administrative interface and performance". Cisco ASA is most compared with Fortinet FortiGate, Palo Alto Networks WildFire and Juniper SRX. Fortinet FortiGate is most compared with Cisco ASA, Sophos UTM and Palo Alto Networks WildFire. See our Cisco ASA vs Fortinet FortiGate report.
Cancel
You must select at least 2 products to compare!
+Add products to compare
Most Helpful Review
Find out what your peers are saying about Cisco ASA vs Fortinet FortiGate and others in Firewalls.
284,207 professionals have used our research since 2012.

Quotes From Members Comparing Cisco ASA vs Fortinet FortiGate

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Pros
Valuable features include AnyConnect, double translations, and an independent IPS module.ASA 5505 and ASA 5506 are very powerful tools to use in a business environment, and provide a lot of security.It joins all branches and permits employees to work outside their offices, but everything is based on high securities standards (PCI compliance).Once configured to suit your needs, these firewalls are rock solid appliances.Cisco ASA has an okay CLI with a nice GUI.My confidence continues to build upon using Cisco firewalls.I am used to the ASA syntax, therefore it is quite easy to make up new rules. I have found that DNS doctoring rules are useful.I found that setting up rules for HTTPS and SSH access to the management interface are straightforward, including setting the cypher type.

Read more »

Centralized monitoring, policy management, and virtualized appliances allow us to take control over our public and private infrastructure.The product is very stable, easy to troubleshoot, and configure, so it has reduced the time it takes for support.The IPS is good. It protect my network from attackers.A strong point of FortiGate is the graphical interface is complete and easy to use.It's very easy to set up, it's very easy to make policies and, for an organization, that means you don't need IT expert in firewalls. You just need to have somebody who knows a little bit of IT, and that's it. With other products, you need someone with a "Masters" degree in firewalls.You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it.Advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless and simple integration into a large network.Easy to use support and licensing portal as well as activation process.

Read more »

Cons
The licensing needs simplification.The IPS module is combined with the main operating system.Intrusion prevention, we currently need to apply deep bracket inspection manually to use web filtering.Multiple WAN connections: Even though you can implement more than one interface to outside connections, it is lacking on load balances, etc.These firewalls are not for beginners.It has poor performance.Antivirus features must be integrated for end user security.Security must be increased when a new user connects over the LAN and an alarm must be generated.

Read more »

Cisco Meraki products are rising very quickly in the cloud and the connected era. Meraki products offer much better ROI, upgradability, and manageability.It needs more available central management.It could use better throughput on some of the smaller boxes for the branch offices.One area for improvement is the performance on the bandwidth demands for smaller devices, as well as better web filtering.As far as wanting more scalability or things in the network diagram, it's going to cost you.I think there could be more QoS featuresI would like to see improvements made to the dashboard and UI, as well as to the reporting.With FortiGate, the main complaint that I have heard is about the technical support.

Read more »

Pricing and Cost Advice
ASA pricing seems high compared to other firewalls, such as the Sophos XG models.The licensing features are getting more complicated. These should be simplified.It was initially heavy on my pocket, but it soon actualised its worth.​It is worth every penny that we have invested in it.​We looking for a possible new solution because of the licensing and VPN.​Be sure of what features you are ​going to utilize to add/remove some from new bundles.It requires additional licensing to enable 10G ports.License capacity needs to be extended and the vendor needs to work on the pricing.

Read more »

It scales well if you know what to buy from a physical box standpoint. They seem to offer something for every level.Pricing is good. They offer a lot of things, the most important is the support. Every time you upgrade your license, you also get insurance for the equipment. If you have any problem with equipment, they send in new equipment.The cost is too high... They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost.Setup cost may be not so low, as you expect, because it depends on different factors, but TCO for 5 years may pleasantly surprise you.​We saved a bundle by not needing all the past appliances from an NGFW.​Easy to understand licensing requirements.The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors.Work through partners for the best pricing.

Read more »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
284,207 professionals have used our research since 2012.
Answers from the Community
Nishantha Cooray

The short answer is it depends on what you are looking for.

FortiGates are great devices. The offer lots of features, decent and friendly UI and overall good performance, and they do it cheaper than most others. Security features and UTM are pretty good too. However, from my experience, beware of dimensioning, if you're planning to activate several of the features a FG supports (AV, IPS, WLAN Controller and such), performance can drop substantially and cause all kinds of failures, so it might be a good idea to over-dimension your hardware a bit to avoid issues.

On the other hand, I've found Cisco to be the most stable and reliable, and offer better performance of the two. They also offer better protection and Cisco Support is the best IMO. However the prices of Cisco are often higher than other vendors. ASAs are more complex so there will be a steeper learning curve for you to get going with these and the GUI (ASDM) is lacking compared to others so knowing (and loving) the CLI is a must.

In summary, go Fortinet if you're looking for decent performance, great security and easy administration at lower prices. go Cisco if you require better security, performance and reliability, and don't mind paying a little extra and spending a few more hours learning to handle them.

Hope this helps. Regards.

27 March 17

To answer your question, let me ask a question first? What's your main target? Security first or Money First? In my point of view and based on my real experience:
- Fortinet is good if you need an appliance with many features such as: antispam, antivirus, url filtering, app control, firewall. It's all-in-one solution --> Fortinet is easy to use and maintanance. But its perfomance is not so good as show on datasheet, if you turn-on IPS, the performance decreases for about 40-50%, and so on... I see a bit of my customer turn-on this feature because of its reliable. For support service, Fortinet response is poor,

- Cisco Firepower: its performance is good, if you purchase all-in-one license, you will also have features like URL Filtering, App Control, IPS. The most interesting part is AMP feature, I think it better than Fortinet product. You can view gartner report about AMP. Sourcefire has many cool features such as traffic profiling, correlation, remediation, auto discovery (host, application, user). It also has IPS auto learning feature and can help to auto tunning/ apply appropriate signatures for your application. It also has DNS security feature (using OpenDNS) to help to mitigate botnet, other features like IP Intelligence, C&C, Phishing, Spam Source... For support service, Cisco is better, with faster response time and also escalate time when your issue is very critical. Forgot to mention, Firepower can do DPI-SSL inspection, and if your infrastructure has F5, it will better to get SSL Offload to F5 and get packet inspection by Firepower, it's a good combination.

So in conclusion, if you want best in price product, you can choose Cisco. If money is a big problem, Fortinet is a choice. Also Cisco has many products that can suitable for your environment (from Firepower 2000 series to 8000 series)

Rgds,
CuongVT

27 March 17
Hamada AhmedReal User

With a fraction of the cost , the FortiGate3600C vs. Cisco ASA5585-XSSP60 is an example of how Fortinet beats Cisco in price/performance, capacity and overall security.

27 March 17
Michael DeesConsultant

Based on Gartner Magic Quadrant and other third party evaluations. Fortinet' Fortigate consistently outperforms Cisco's Firepower. When sizing the box for performance, I would get Fortinet directly involved so you don't accidentally purchase an underpowered firewall.

27 March 17

Hi,

It’s tough to give a comparison without knowing what I’m comparing it with. Is there a specific Cisco Firepower model you were looking at ?

When it comes to performance between 2 vendors there are always models which can match that of the other given they stay within budget.

Cheers...

28 March 17
Ranking
RANKING
Views
87,912
Comparisons
58,307
Reviews
63
Followers
4,681
Avg. Rating
7.9
Views
175,912
Comparisons
111,258
Reviews
28
Followers
4,875
Avg. Rating
8.1
Top Comparisons
Top Comparisons
Compared 33% of the time.
Compared 8% of the time.
See more Cisco ASA competitors »
Compared 18% of the time.
Compared 16% of the time.
See more Fortinet FortiGate competitors »
Also Known As
Also Known AsAdaptive Security Appliance, ASAFortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
Website/Video
Website/VideoCisco
Fortinet
Overview
Overview

Adaptive Security Appliance (ASA) is Cisco's end-to-end software solution and core operating system that powers the Cisco ASA product series. This software solution provides enterprise-level firewall capabilities for all types of ASA products, including blades, standalone appliances and virtual devices. Adaptive Security Appliance provides protection to organizations of all sizes, and allows end-users to access information securely anywhere, at any time, and through any device.

Adaptive Security Appliance is also fully compatible with other key security technologies, and so provides organizations with an all-encompassing security solution.

The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

OFFER
Learn more about Cisco ASA
Learn more about Fortinet FortiGate
Sample Customers
Sample CustomersThere are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, and City of Tomorrow. Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
Top Industries
Top Industries
REVIEWERS
Financial Services Firm
15%
Manufacturing Company
12%
Comms Service Provider
12%
University
9%
VISITORS READING REVIEWS
Financial Services Firm
16%
Comms Service Provider
11%
Manufacturing Company
8%
Government
7%
REVIEWERS
Comms Service Provider
11%
Real Estate/Law Firm
11%
Healthcare Company
11%
Energy/Utilities Company
11%
VISITORS READING REVIEWS
Financial Services Firm
16%
Comms Service Provider
10%
Government
7%
Manufacturing Company
7%
Company Size
Company Size
REVIEWERS
Small Business
35%
Midsize Enterprise
31%
Large Enterprise
33%
VISITORS READING REVIEWS
Small Business
30%
Midsize Enterprise
30%
Large Enterprise
41%
REVIEWERS
Small Business
49%
Midsize Enterprise
33%
Large Enterprise
18%
VISITORS READING REVIEWS
Small Business
32%
Midsize Enterprise
39%
Large Enterprise
29%
Find out what your peers are saying about Cisco ASA vs Fortinet FortiGate and others in Firewalls.
Download now
284,207 professionals have used our research since 2012.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sign Up with Email