We performed a comparison between Cisco Secure Firewall and Palo Alto Networks NG Firewalls based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco Secure Firewall is commended for its threat defense, dashboard visibility, seamless integration with other Cisco products, and ease of use. Palo Alto Networks NG Firewalls are highly regarded for their embedded machine learning, robust security capabilities, and intuitive interface.
Both the Cisco Secure Firewall and Palo Alto Networks NG Firewalls have numerous areas for improvement. The Cisco Secure Firewall needs enhancement in network performance, policy administration, advanced features, management interface, patching and bug fixing, integration with other tools, and centralized management. Palo Alto Networks NG Firewalls can improve in terms of customization, next-generation capabilities, rule creation, monitoring interface, bug fixing, configuration simplicity, support processes, ACC tool, IPv6 support, VPN functionality, GUI interface, training materials, SSL inspection, and external dynamic list feature.
Service and Support: Customer opinions on the customer service of Cisco Secure Firewall vary, as some customers appreciate the technical support they receive, while others encounter delays and challenges. Palo Alto Networks NG Firewalls also receive mixed reviews for their customer service. While some customers commend the expertise of their support team, others express frustration with contacting the team and enduring lengthy wait times.
Ease of Deployment: The setup process for Cisco Secure Firewall can be more or less complex depending on the user's familiarity and environment. The initial setup for Palo Alto Networks NG Firewalls is described as simple, uncomplicated, and effortless. Users appreciate its user-friendly and efficient design, with readily available training materials for easy comprehension.
Pricing: Reviewers have differing opinions on the setup cost of Cisco Secure Firewall. Some consider it expensive due to additional expenses for licensing, support, and hardware. Palo Alto Networks NG Firewalls are generally acknowledged to have higher pricing. Reviewers note that Palo Alto Networks offers competitive hardware prices and discounts for multi-year licenses.
Comparison Results: Palo Alto Networks NG Firewalls is the preferred choice when compared to Cisco Secure Firewall. Users find the initial setup of Palo Alto Networks NG Firewalls to be straightforward and easy. Palo Alto Networks NG Firewalls stands out for its embedded machine learning capabilities, strong security features, and user-friendly interface.
"Their reliability and their policy of pre-shipping replacements when a unit has failed."
"The most useful functionality of Fortinet FortiGate is the user interface, multiple engines, and their cloud with the latest integrations. Additionally, the Security Fabric tool is very good."
"There is an easy process for configuring it, and it is straightforward to implement the device from scratch."
"It's a firewall that secures our internal network. I have been using it since 2013, and I find that most of the features are advanced, and very user friendly."
"It is a safe product."
"The stability of the solution is excellent, as it is with other Fortinet products."
"SSL-VPN is very useful for us and has been very reliable."
"A strong point of FortiGate is the graphical interface is complete and easy to use."
"The most valuable feature of this solution is its ability to integrate vertically."
"ASA integrates with FirePOWER, IPS functionality, malware filtering, etc. This functionality wasn't there in the past. With its cloud architecture, Cisco can filter traffic at the engine layer. Evasive encryptions can be entered into the application, like BitTorrent or Skype. This wasn't possible to control through a traditional firewall."
"The IPS, as well as the malware features, are the two things that we use the most and they're very valuable."
"The most important feature is its categorization because on the site and social media you are unified in the way they are there."
"One of the most valuable features is the GUI front end, which is very easy to use. But I'm also a command-line guy, and being able to access the device via command-line for advanced troubleshooting is quite important."
"The feature set is fine and is rarely a problem."
"The solution is used for the protection of the mobile data network. It is protecting 3G/4G Internet customers and the Private APN."
"We have not had to deal with stability issues."
"We have found the SSL decryption within this solution to be great; you can enable this feature and have the ability to see more of what is happening across your network."
"The application control portion of the solution is its most valuable aspect."
"Most of the features in Palo Alto are very valuable."
"It has the typical features of a next-generation firewall. It can do application control, antivirus, content filtering, etc."
"The GUI is simple and the solution is straightforward."
"I like the sandbox feature, and it's very good. It kills each malware deployment in the sense of signatures within five minutes. So, we can secure our network and infrastructure very well within the stipulated time. The WildFire functionality is very good because a few files are also getting blocked. It's critical as malware attacks are also getting ignored, and the logging is very well maintained in this firewall. The most valuable solutions in this field are application-based firewalls. That is the main criteria of the firewall and functionality. We can get all the logs related to this and each and every packet. I like that the firewall is working as an application. The application-based entity we have deployed is well maintained and working very well. We were able to find lots of vulnerabilities when we deployed it, but we could not disclose all. But there were vulnerabilities we could block by updating the firewall and taking actions on clientside machines. So, we got to know that we have lots of vulnerabilities inside the organization too, and we took lots of steps and resolved the number of vulnerabilities. Palo Alto Networks NG Firewalls is an all-in-one solution. It provides every entity log, which is a very good functionality of this firewall. It gives every packet and aspect that the firewall is performing through its logs, and it does it very well. This firewall's unified platform helped eliminate multiple network security tools. If anyone uses P2P sites, cryptocurrency websites, or any illegal sites, we can block it easily. It gives us a proper alert for these kinds of sites, and it properly secures our network. Monitoring is the best thing we are doing here, and we can block this kind of vulnerability as soon as it comes to us."
"I like the firewall's vulnerability management features, which give you reminders to update your system and update your OS."
"With its single pane of glass, it makes monitoring and troubleshooting a bit more homogeneous. We are not looking at multiple platforms and monitoring management tools. It is more efficient from that perspective. It is more of a common monitoring and control system for multiple aspects of what used to be different systems. It provides efficiency and time savings."
"Fortinet FortiGate could improve by having more storage in the hardware for log data."
"The sniffing packets or packet captures, can be simplified and improved because it's a little confusing."
"It would be nice if backups could more easily migrate between different models."
"The stability of Fortinet FortiGate could improve."
"The process of configuring firewall rules appears excessively complex."
"Fortinet FortiGate could improve by having a frequent ask questions(FAQ) area for people to receive quick answers to popular questions. Additionally, it would be beneficial to have an SMS notification feature. For example, if you cannot access your email you could receive an SMS message."
"We had a minor problem where there was a major system upgrade on the hardware platfrom and the Mac client was not available as soon as it might have been. The PC client was available immediately, but we had to wait a month or so, before there was a mac client. I was slightly irritated that it was not ready on time, but it was eventually resolved."
"Web security solutions can be improved."
"One of the problems that we have had is the solution requires Java to work. This has caused some problems with the application visibility and control. When the Java works, it is good, but Java wasn't a good choice. I don't like the Java implementation. It can be difficult to work with sometimes."
"Cisco Firepower NGFW Firewall can be more secure."
"One feature lacking is superior anti-virus protection, which must be added."
"One big pain point I have is the ASDM interface because it's Java, and sometimes, it's a bit buggy and has low performance. That's something that probably won't be improved because of backward compatibility."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"If I need to download AnyConnect in a rush, it will prompt me for my Cisco login account. Nobody wants to download a client to a firewall that they don't own."
"At times the product is sluggish and slow"
"They should improve their interface."
"It is a complete product, but the SSL inspection feature requires some improvements. We need to deploy certificates at each end point to completely work out the UTM solutions. If you enable SSL encryption, it is a tedious process. It takes a lot of time to deploy the certificates to all endpoints. Without SSL inspection, UTM features will not work properly. So, we are forced to enable this SSL inspection feature."
"For an upcoming release, they could improve on the way to build security rules per user."
"Its stability can be better. Their technical response from the support side can also be better."
"The user interface can be significantly simplified."
"The areas that need to improve are network protection and user identification."
"The price could be more friendly, which would be good for Palo Alto and us. If the price were a little lower, then it would be a viable option for mid-level businesses, who may not be able to deploy at the current price point."
"I would like to see more integration."
"The SD-WAN product is fairly new. They could probably improve that in terms of customizing it and making the configuration a little bit easier."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 161 reviews. Cisco Secure Firewall is rated 8.2, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Check Point NGFW, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and OPNsense. See our Cisco Secure Firewall vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Pricewise Cisco. But PA has better rating.
Palo Alto is better.
In my Oppinion, Palo Alto is better than Cisco. You can refer in NSS Lab 2018 & 2019 DCSG-SVM, NSS-labs-NGIPS-Comparative-Report, and some report from Forester about Zero Trust Architecture, and Gartner SASE report to discus more advantages of Palo Alto in the future