Compare Cisco Firepower NGFW Firewall vs. Palo Alto Networks VM-Series

Cancel
You must select at least 2 products to compare!
Most Helpful Review
MD.SIHAB TALUKDAR
Find out what your peers are saying about Cisco Firepower NGFW Firewall vs. Palo Alto Networks VM-Series and other solutions. Updated: January 2021.
456,966 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"The greatest benefit for the organization is the confidence that we are secured.""Its ability to discover attacks is a valuable feature. All of the other features that have to do with security are good.""I haven't had any major problems so I haven't had to open a ticket with technical support.""The IPS (In-plane switching) is the most valuable feature.""I like the user interface because the navigation is very easy, straightforward on your left side pane you have all the sites that you need to browse. Unlike any other firewalls, it's pretty straightforward.""We have multiple secure internal networks linked with our plants. We are from a oil company, so we have multiple plant areas which need to have restricted network access. Therefore, we are using it for restricting access to the plant area.""The initial setup was completely straightforward.""I would say the Firepower module is most valuable. I'm trying more to transition to this kind firewall. I had to study a little on Palo Alto Networks equipment. There is a lot I have to learn about the difference."

More Cisco ASA Firewall Pros »

"Stability is perfect. I haven't had any problems.""We chose Cisco because it had the full package that we were looking for.""Because of the deeper inspection it provides we have better security and sections that allow users broader access.""An eight because it's a good security solution. It's more mature than its competitors.""Cisco Firepower NGFW is really easy to use right now to determine when my file requires a shift from primary to secondary status, and it can be done with automation. Earlier we used to do this with patching.""I like the way Firepower presents the data. It gives you two classifications for the evidence, something based on the priority of the evidence and another classification based on the impact of the evidence in your environment. This makes it very easy to spot the evidence that is most impactful to my environment. Instead of having to go through all the evidence based on that priority, I can focus on the evidence that has the most impact on my environment.""The most valuable feature of the Firepower solution is FireSIGHT, which can be easily managed and is user-friendly.""Once you add Firepower onto to it and you start enabling some of its features, you get some IDS/IPS involved with it and you can even do web filtering."

More Cisco Firepower NGFW Firewall Pros »

"The most valuable aspects of this solution are that it's simple and stable. It has better security aspects compared to other similar solutions.""The most valuable features are security and support.""The interface with Panorama makes it very easy to use.""The most valuable features are web control and IPS/IDS.""In Palo Alto the most important feature is the App-ID.""The most valuable feature is the Posture Assessment.""The most valuable feature is that you can control your traffic flowing out and coming it, allowing you to apply malware and threat protection, as well as vulnerability checks.""The Palo Alto VM-Series is nice because I can move the firewalls easily."

More Palo Alto Networks VM-Series Pros »

Cons
"There may have been one or two incidences of malicious threats.""Some of the features, like the stability, need to be improved.""In the past though, colleagues have had issues during the upgrade process. The failover didn't work and production was down.""At times the product is sluggish and slow""If I need to download AnyConnect in a rush, it will prompt me for my Cisco login account. Nobody wants to download a client to a firewall that they don't own.""Most of the time, when I try to run Java, it is not compatible with ASA's current operating systems.""We have to rely on Cisco ASDM to access the firewall interface. This needs improvement. Because we have a web-based interface, and it is a lot more user-friendly.""The installation and integration of Cisco ASA with FirePOWER can be improved. The management with Fortigate is easier than Cisco ASA on FirePOWER. The management side of Cisco ASA can be improved so it can be more easily configured and used."

More Cisco ASA Firewall Cons »

"I would like for them to develop better integration with other security platforms.""The stability and the product features have to really be worked on.""Cisco should redo their website so it's actually usable in a faster way.""The security features in the URL category need more improvement.""One feature lacking is superior anti-virus protection, which must be added.""Also, they have a Firepower source file that I can work on the ASA device and on Firepower devices. A problem here lies in the way that you manage these devices. Some devices do not support the FMC, and some devices have to be managed through ASDM, and others have to be managed through FMC.""I would like to see the inclusion of more advanced antivirus features in the next release of this solution.""In Firepower, there is an ability to search and dig into a search, which is nice. However, I'm not a super fan of the way it scrolls. If you want to look at something live, it's a lot different. You're almost waiting. With the ASDM, where it just flows, you can really see it. The second someone clicks something or does something, you'll see it. The refresh rate on the events in Firepower is not as smooth."

More Cisco Firepower NGFW Firewall Cons »

"In the next release, I would like for them to develop an anti-malware functionality in which it checks for malicious files like Cisco has.""There should be an option for direct integration with the Azure platform.""The command-line interface is something that some people struggle with and I think that they should have an option to go straight to the GUI.""I would like to have automatic daily reporting, such as how many users have connected via SSL VPN.""The solution needs to have more easily searchable details or documentation about it online, so it's easier to Google if you have queries.""In the next release, I would like to see better integration between the endpoints and the firewalls.""The disadvantage with Palo Alto is that they don't have a cloud-based solution that includes a secure web gateway.""The product needs improvement in their Secure Access Service Edge."

More Palo Alto Networks VM-Series Cons »

Pricing and Cost Advice
"Licensing is expensive compared to other solutions.""The cost is a big factor for us. This is why we are using it only in our restricted area. They are very much higher than their competitors in the market.""We paid about $7,000 for the Cisco firewall, plus another small Cisco router and the lead switch. It was under the combined license. It's a final agreement.""Watch out for hidden licensing and incredibly high annual maintenance costs.""I bought a license for three years and it was really affordable.""With AnyConnect, it depends on your license. It depends on the number of concurrent users you want to connect.""This solution might be expensive, but it is economical in the long run.""Some of our customers would be more likely to standardize on Cisco equipment if the cost was lower because a lot of people install cheap equipment."

More Cisco ASA Firewall Pricing and Cost Advice »

"It's more expensive than Fortinet and Juniper. The price is high compared to other vendors. In general, for the license, it's not that expensive.""The Cisco licensing agreement in Bangladesh is different than the one in India and in Dubai. It is not a problem, but if you want to subscribe to the yearly subscription, the original cost is really high. Also, if you go for an anti-virus, you pay for an additional yearly subscription.""The price of this solution is not good or bad.""The Firepower series of appliances is not cheap. I just got a quote recently for six firewalls that was in the range of over half-a-million dollars. That's what could push us to look to other vendors...""Our subscription costs, just for the firewalls, is between $400,000 and $500,000 a year.""Cisco's pricing is high, at times, for what they provide.""The one-time cost is affordable, but the maintenance cost and the Smart Net costs need to be reduced. They're too high.""We normally license on a yearly basis. The hardware procurement cost should be considered. If you're virtual maybe that cost is eradicated and just the licensing cost is applied. If you have hardware the cost must be covered by you. All the shipping charges will be paid by you also. I don't thing there are any other hidden charges though."

More Cisco Firepower NGFW Firewall Pricing and Cost Advice »

"The price of this solution is very high for some parts of Africa, which makes it a challenge.""Palo Alto can be as much as two times the price of competing products that have twice the capabilities.""The cost of this product varies from customer to customer and the relationship with IBM, including how many offerings from IBM are already being used.""Because I work for a university and the URL is for the institution, it's a free license for us.""It is not the cheapest on the market. The total cost for two firewall instances is $75,000. This includes licenses, deployment fees, and support for two years."

More Palo Alto Networks VM-Series Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
456,966 professionals have used our research since 2012.
Answers from the Community
David Prieto
author avatarRicardoGranados (Ingram Micro Inc.)
Consultant

Palo Alto's Vulnerability Protection (IPS) has a good rating from NSS Labs and allows the use of Suricata and Snort signatures. The PAN-OS 10 release includes local machine learning that protects against zero-day attacks.

author avatarUmesh Wadhwa
Real User

Pricewise Cisco. But PA has better rating.

author avatarBingyu Zhang
User

Palo Alto is better.

author avatarNguyen The Huy
User

In my Oppinion, Palo Alto is better than Cisco. You can refer in NSS Lab 2018 & 2019 DCSG-SVM, NSS-labs-NGIPS-Comparative-Report, and some report from Forester about Zero Trust Architecture, and Gartner SASE report to discus more advantages of Palo Alto in the future 

Questions from the Community
Top Answer:  When you compare these firewalls you can identify them with different features, advantages, practices and… more »
Top Answer: They provide DDoS protection and multi-factor authentication. That is a good option as it enables work-from-home… more »
Top Answer: Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to… more »
Top Answer: The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect… more »
Top Answer: Our primary use case for this solution is to improve network security. The maturity of our company's security… more »
Top Answer: I have been working with Palo Alto for more than 5 years now and I think I have worked with almost every other firewall… more »
Top Answer: The most valuable features are web control and IPS/IDS.
Top Answer: The price of this solution is very high for some parts of Africa, which makes it a challenge. If it were lowered then it… more »
Popular Comparisons
Compared 7% of the time.
Compared 5% of the time.
Also Known As
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAvCisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
Learn
Cisco
Cisco
Palo Alto Networks
Overview

Cisco ASA firewalls deliver enterprise-class firewall functionality with highly scalable and flexible VPN capabilities to meet diverse needs, from small/branch offices to high performance data centers and service providers. Available in a wide range of models, Cisco ASA can be deployed as a physical or virtual appliance. Flexible VPN capabilities include support for remote access, site-to-site, and clientless VPN. Also, select appliances support clustering for increased performance, VPN load balancing to optimize available resources, advanced high availability configurations, and more.

Cisco ASAv is the virtualized version of the Cisco ASA firewall. Widely deployed in leading private and public clouds, Cisco ASAv is ideal for remote worker and multi-tenant environments. The solution scales up/down to meet performance requirements and high availability provides resilience. Also, Cisco ASAv can deliver micro-segmentation to protect east-west network traffic.

Cisco firewalls provide consistent security policies, enforcement, and protection across all your environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables greater simplicity, visibility, and efficiency.

Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

The VM-Series is a virtualized form factor of our next-generation firewall that can be deployed in a range of private and public cloud computing environments based on technologies from VMware, Amazon Web Services, Microsoft, Citrix and KVM.

The VM-Series natively analyzes all traffic in a single pass to determine the application identity, the content within, and the user identity. These core elements of your business can then be used as integral components of your security policy, enabling you to improve your security efficacy through a positive control model and reduce your incident response time though complete visibility into applications across all ports.

In both private and public cloud environments, the VM-Series can be deployed as a perimeter gateway, an IPsec VPN termination point, and a segmentation gateway, protecting your workloads with application enablement and threat prevention policies.

Offer
Learn more about Cisco ASA Firewall
Learn more about Cisco Firepower NGFW Firewall
Learn more about Palo Alto Networks VM-Series
Sample Customers
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, WestfieldWarren Rogers Associates
Top Industries
REVIEWERS
Financial Services Firm17%
Comms Service Provider14%
Manufacturing Company10%
Computer Software Company7%
VISITORS READING REVIEWS
Comms Service Provider34%
Computer Software Company22%
Media Company5%
Government4%
REVIEWERS
Financial Services Firm27%
Comms Service Provider27%
Non Profit14%
Transportation Company9%
VISITORS READING REVIEWS
Comms Service Provider39%
Computer Software Company22%
Government5%
Media Company4%
REVIEWERS
Financial Services Firm23%
Manufacturing Company15%
Healthcare Company8%
Retailer8%
VISITORS READING REVIEWS
Computer Software Company31%
Comms Service Provider17%
Insurance Company4%
Educational Organization4%
Company Size
REVIEWERS
Small Business35%
Midsize Enterprise26%
Large Enterprise39%
VISITORS READING REVIEWS
Small Business28%
Midsize Enterprise21%
Large Enterprise51%
REVIEWERS
Small Business44%
Midsize Enterprise23%
Large Enterprise33%
VISITORS READING REVIEWS
Small Business11%
Midsize Enterprise10%
Large Enterprise80%
REVIEWERS
Small Business37%
Midsize Enterprise30%
Large Enterprise33%
Find out what your peers are saying about Cisco Firepower NGFW Firewall vs. Palo Alto Networks VM-Series and other solutions. Updated: January 2021.
456,966 professionals have used our research since 2012.

Cisco Firepower NGFW Firewall is ranked 4th in Firewalls with 30 reviews while Palo Alto Networks VM-Series is ranked 9th in Firewalls with 15 reviews. Cisco Firepower NGFW Firewall is rated 8.4, while Palo Alto Networks VM-Series is rated 8.6. The top reviewer of Cisco Firepower NGFW Firewall writes "Enables analysis, diagnosis, and deployment of fixes quickly, but the system missed a SIP attack". On the other hand, the top reviewer of Palo Alto Networks VM-Series writes "An excellent solution for the right situations and businesses". Cisco Firepower NGFW Firewall is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, Meraki MX, Azure Firewall and Palo Alto Networks NG Firewalls, whereas Palo Alto Networks VM-Series is most compared with Azure Firewall, Fortinet FortiGate, Fortinet FortiGate-VM, Juniper SRX and Kerio Control. See our Cisco Firepower NGFW Firewall vs. Palo Alto Networks VM-Series report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.