Compare Cisco Firepower NGFW Firewall vs. Palo Alto Networks WildFire

Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about Fortinet, Cisco, pfSense and others in Firewalls. Updated: September 2020.
441,478 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"At this point, we find that this product has high productivity and high availability and there is no need for improvement.""It is a highly stable product. We rarely receive any serious outdates, so it works quite well.""It is a secure product.""It is scalable and stable.""Cisco ASA is very strong.""It protects our network.""The stability of the product is good.""It is a comprehensive suite and complete package."

More Cisco ASA Firewall Pros »

"The architecture of FTD is great because it has an in-depth coverage and because it uses the AVC, (Application, Visibility, and Control) and also rate limits. Also, the architecture of fast paths is great.""Stability is perfect. I haven't had any problems.""We chose Cisco because it had the full package that we were looking for.""Because of the deeper inspection it provides we have better security and sections that allow users broader access.""An eight because it's a good security solution. It's more mature than its competitors.""Cisco Firepower NGFW is really easy to use right now to determine when my file requires a shift from primary to secondary status, and it can be done with automation. Earlier we used to do this with patching.""I like the way Firepower presents the data. It gives you two classifications for the evidence, something based on the priority of the evidence and another classification based on the impact of the evidence in your environment. This makes it very easy to spot the evidence that is most impactful to my environment. Instead of having to go through all the evidence based on that priority, I can focus on the evidence that has the most impact on my environment.""The most valuable feature of the Firepower solution is FireSIGHT, which can be easily managed and is user-friendly."

More Cisco Firepower NGFW Firewall Pros »

"The cloud-based services are a nice feature.""My primary use case for this solution is for a secure gateway.""The reporting feature helps our performance.""Being an application-based firewall, this is one of the critical focus factors along with the threat prevention services it provides.""It is stable and pretty much scalable.""It helps us when segmenting and securing the network and all sort of technologies, all sort of next generation needs. It's next generation phases of firewall like anti-virus, sandboxing, wifi, and VPN.""They have many different options with Palo Alto WildFire and the set-up is quick. If you have all the details in hand, it does not take more than 15 minutes to deploy a firewall.""The most valuable feature is the Automatic Verdict, to recognize whether something is a threat, or not."

More Palo Alto Networks WildFire Pros »

Cons
"<p>If there is old hardware, or appliances, it does not necessarily work with the new Cisco generation firewalls.""It is not easy to configure.""The scalability is a bit limiting, to be honest. In terms of when you look to changing landscape in terms of threats, I think to me, my personal it's a bit limiting.""Tech support could not answer all of our questions. I had to do research on the web to solve my issues.""Migration with other appliances is not easy. It has to be done manually, and this takes a long time.""The pricing is a bit high.""Cisco ASA should be easier to use. It is a bit tough to navigate and see what is going on.""Even on a smaller scale, people are finding you need HA pairs, and there's no way that the ASA can do that, at least in the virtual version."

More Cisco ASA Firewall Cons »

"The license system is also good but it's not very impressive. It's a very regular licensing system. They call it a smart license which means that your device will connect to the internet. This is a little bit of a headache for some customers. It doesn't make the customer happy because most of the customers prefer not to connect their firewall or system to the internet.""I would like for them to develop better integration with other security platforms.""The stability and the product features have to really be worked on.""Cisco should redo their website so it's actually usable in a faster way.""The security features in the URL category need more improvement.""One feature lacking is superior anti-virus protection, which must be added.""Also, they have a Firepower source file that I can work on the ASA device and on Firepower devices. A problem here lies in the way that you manage these devices. Some devices do not support the FMC, and some devices have to be managed through ASDM, and others have to be managed through FMC.""I would like to see the inclusion of more advanced antivirus features in the next release of this solution."

More Cisco Firepower NGFW Firewall Cons »

"I think it would be nice for Palo Alto to work without the connection to the cloud. It is 100% powerful when connected to the cloud. But, if you disconnect from the cloud, you only get 40-50% power.""I would give this product a rating of 9 out of 10 due to some slight issues of performance.""As a firewall and 360 degrees of security, there needs to be more maturity.""The initial setup was complex.""Other vendors have some sort of bandwidth management built into the firewall itself and Palo Alto is missing that.""There are certain changes that I was expecting in the previous version, and I hope that they are soon fixed. All of the problems that I have faced so far have been resolved.""I would like to see them continue on their developmental roadmap for the product.""The size of Palo Alto's cloud is big but it could be easier to use from a product management perspective."

More Palo Alto Networks WildFire Cons »

Pricing and Cost Advice
"The cost is a bit higher than other competitive solutions on the market.""It is considered on the "high end" of the spectrum.""Cisco recently has become very expensive.""The cost is a bit high compared to other solutions in the market.""Purchasing from the AWS Marketplace was easy. It was just point and click.""It is pay-as-you-go, so it much cheaper than buying in the plants.""Our individual release cycle has been quicker because the entire development and testing environment has been automated because of these virtual instances. It has aligned our development workflow. This is where we have seen the ROI increase.""With the Cisco ASA, you do get what you pay for. What would really be awesome is to see Cisco blow out a real cheap version where you can use the sandbox, but leave it step-wise and go to another product relatively easily, like getting you hooked on candy."

More Cisco ASA Firewall Pricing and Cost Advice »

"Based on the services that you will get, especially the AMP license, the price is very reasonable.""It's more expensive than Fortinet and Juniper. The price is high compared to other vendors. In general, for the license, it's not that expensive.""The Cisco licensing agreement in Bangladesh is different than the one in India and in Dubai. It is not a problem, but if you want to subscribe to the yearly subscription, the original cost is really high. Also, if you go for an anti-virus, you pay for an additional yearly subscription.""The price of this solution is not good or bad.""The Firepower series of appliances is not cheap. I just got a quote recently for six firewalls that was in the range of over half-a-million dollars. That's what could push us to look to other vendors...""Our subscription costs, just for the firewalls, is between $400,000 and $500,000 a year.""Cisco's pricing is high, at times, for what they provide.""The one-time cost is affordable, but the maintenance cost and the Smart Net costs need to be reduced. They're too high."

More Cisco Firepower NGFW Firewall Pricing and Cost Advice »

"The pricing is OK, it is not too expensive.""It is a reasonable price compared to other solutions on the market.""It's pretty expensive but with respect to value for money, it's okay.""The licensing fees are on an annual basis, and there are no costs in addition to the standard fees.""We pay between $3,000 and $4,000 CAD ($2,200 - $3,000 USD) per year to maintain this solution.""This solution is very pricey and it depends on the package that you implement.""I think they should lower the price of this solution""The pricing is highly expensive."

More Palo Alto Networks WildFire Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
441,478 professionals have used our research since 2012.
Answers from the Community
Senthil Kumar Manian
author avatarPeter Reibstein
User

Palo Alto was the first company to tackle perimeter protection via applications instead of port blocking their install base is massive including the Fortune 50 Cisco is a household name but when it comes to App FW's Palo is the name and they have much more time within the market place to hone their product sets because they invented this architecture. Fortinet, Cisco CheckPoint, Sophos Barracuda , Cisco etc. they are followers not leaders. I like new technology and have been doing research for many years on great products and some real dogs. Years ago there used to be a saying no one ever got fired for buying IBM

Here are a couple of winners you should look at Critical Start, Secuerlink and Okta sorry got off topic typical Sales Guy... Ha Ha. If anyone wants to take a look at any of these new platforms please let me know - Thx

author avatarErich Bart
User

The biggest difference is that Cisco has many point solutions that are not fully orchestrated or can only forward certain data. Palo Alto Networks (No. 1 winner of Forrester Report Q04/18 for Eco Systems Provider) is different.

What is a Palo Alto ecosystem:
There are certainly more than enough top UEBA solutions for endpoint detection, response and network traffic analysis - EDR and NTA - but most force your analysts to manually merge information, slowing investigation and increasing complexity. The Palo Alto Networks ecosystem Cortex XDR™,
on the other hand, features a cloud-based detection and response app and blindly removes spots by merging network, endpoint and cloud data. The automatic exchange of security-relevant information between and within the integrated solutions is crucial, as is the automated resolution of incidents to relieve the SoC team.

author avatarNicholas S (scc)
Vendor

You have Cisco Firepower integrated into the same web-based access GUI than all other Cisco products into one page. And Cisco is a well-known brand with excellent after-sales services worldwide.

About Palo Alto, it seems like a good product also but it does not connect to the same web-based access GUI for Cisco products. And maybe the after-sales services might not be worldwide or not as fast as Cisco.

author avatarGirish Vyas
Real User

Hello there. That is a valid question many would have when they evaluate a product. However comparison of Wildfire and Cisco NGFW would not be correct. It should be compared with what is known as Threatgrid from Cisco which does the same function of sand boxing as that of Palo Alto Wildfire. When you compare both they have their own intelligence unit, Cisco has Talos while Palo Alto has Unit 42 and both will give you a decent protection from zero day. However the product can be differentiated only on the support as both are big names and will deliver the best for their customer. However Cisco support for product is better. That’s where the difference is. Palo Alto being pure focused on security, does determine to application level while Cisco being a networking. Company has an integrated strategy. So overall both product are good. Just that level of support is something someone should definitely evaluate before getting their hands in it. Just my 2 cents.

author avatarYousif Alshami
User

I didn’t work with Cisco Firepower that much but the main difference is that Cisco Firepower is a combined source fire and firewall and they have different mechanisms than Palo Alto Wildfire. It has multiple virtual machines running the malware and gives you the results. If there is no signature it will generate one and upload it to the cloud.

author avatarMANEESH MS PILLAI
Real User

Network Speed is stable in Cisco and security is better in Cisco.

I strongly recommended you proceed with Cisco.

author avatarEmad Ul Haq
Real User

1. The underlying difference is the threat engine both feed from, both are equally good as none of them comes from a small company.
2. Cisco has an edge on a few things such as it has a bigger fleet to natively collect threats, such as switching, routing, wireless, firewalls and so on. Palo Alto, on the other hand, doesn’t have that, however, these days all major security providers integrate their threat feeds.
3. Some basic comparisons of the platforms are below.
* Firepower is an awesome NGFW addition to the Cisco fleet, however, it has gone through a lot of integrations with and without ASA which has resulted in inconsistency, both in terms of its management and capabilities.
* PaloAlto, on the other hand, is another awesome NGFW which provides you not only brilliant security but also ease of management, it has been like this for a while and the platform is consistent and mature.
* Firepower natively lacked routing capabilities out of the box, unsure what is the latest however PaloAlto comes with feature-rich routing capabilities such as BGP, Route-based VPN etc.
* I have found Panorama to be far more simplistic than ASDM. The firepower FMC provides a good intuitive dashboard but I still prefer Panorama for its single pane of glass.
* Logging in PaloAltos/Panorama is simple as compared to typical ASDM logs, FMC has decent logging.
* You may find Palos to be expensive, I am not updated with the new pricing model of both but that is how it was for some time.

author avatarPeter Reibstein
User

Compare Cisco Firepower NGFW vs. Palo Alto Networks WildFire

Cisco Firepower NGFW is ranked 9th in Firewalls with 19 reviews while Palo Alto Networks WildFire is ranked 1st in Advanced Threat Protection with 9 reviews. Cisco Firepower NGFW is rated 7.8, while Palo Alto Networks WildFire is rated 8.8. The top reviewer of Cisco Firepower NGFW writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Palo Alto Networks WildFire writes "Traffic is scanned in a single flow which improves the response times for the user". Cisco Firepower NGFW is most compared with Fortinet FortiGate, Cisco ASA NGFW and Palo Alto Networks WildFire, whereas Palo Alto Networks WildFire is most compared with Fortinet FortiGate, Cisco Firepower NGFW and Cisco ASA NGFW.

Questions from the Community
Top Answer: Fortinet FGs: Great devices, relatively easy to deploy and maintain. Cheaper than most devices of their kind. If you're… more »
Top Answer: They provide DDoS protection and multi-factor authentication. That is a good option as it enables work-from-home… more »
Top Answer: In terms of costs, other solutions are more expensive than Cisco. Palo Alto is more expensive than Cisco.
Top Answer: Palo Alto was the first company to tackle perimeter protection via applications instead of port blocking their install… more »
Top Answer: We are partners for both products and as a security practice, we recommend Fortinet over Cisco for security. Fortinet… more »
Top Answer: Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to… more »
Top Answer: The way that the solution quickly updates to adjust to threats is the solution's most valuable aspect. When there's a… more »
Top Answer: The pricing of the solution is a bit higher, but it's worth the extra money you will spend because of the protection… more »
Top Answer: In terms of threat prevention capabilities, the solution doesn't need any improvements that I can see. We've been quite… more »
Popular Comparisons
Compared 8% of the time.
Compared 5% of the time.
Compared 4% of the time.
Compared 4% of the time.
Also Known As
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAvCisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
Learn
Cisco
Cisco
Palo Alto Networks
Overview

Cisco ASA firewalls deliver enterprise-class firewall functionality with highly scalable and flexible VPN capabilities to meet diverse needs, from small/branch offices to high performance data centers and service providers. Available in a wide range of models, Cisco ASA can be deployed as a physical or virtual appliance. Flexible VPN capabilities include support for remote access, site-to-site, and clientless VPN. Also, select appliances support clustering for increased performance, VPN load balancing to optimize available resources, advanced high availability configurations, and more.

Cisco ASAv is the virtualized version of the Cisco ASA firewall. Widely deployed in leading private and public clouds, Cisco ASAv is ideal for remote worker and multi-tenant environments. The solution scales up/down to meet performance requirements and high availability provides resilience. Also, Cisco ASAv can deliver micro-segmentation to protect east-west network traffic.

Cisco firewalls provide consistent security policies, enforcement, and protection across all your environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables greater simplicity, visibility, and efficiency.

Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

WildFire™ cloud-based threat analysis service is the industry’s most advanced analysis and prevention engine for highly evasive zero-day exploits and malware. The cloud-based service employs a unique multi-technique approach combining dynamic and static analysis, innovative machine learning techniques, and a groundbreaking bare metal analysis environment to detect and prevent even the most evasive threats.
Offer
Learn more about Cisco ASA Firewall
Learn more about Cisco Firepower NGFW Firewall
Learn more about Palo Alto Networks WildFire
Sample Customers
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, WestfieldNovamedia, Nexon Asia Pacific, Lenovo, Samsonite, IOOF, Sinogrid, SanDisk Corporation
Top Industries
REVIEWERS
Financial Services Firm20%
Comms Service Provider13%
Manufacturing Company9%
University7%
VISITORS READING REVIEWS
Computer Software Company27%
Comms Service Provider26%
Media Company6%
Government5%
REVIEWERS
Financial Services Firm36%
Comms Service Provider21%
Transportation Company14%
Manufacturing Company14%
VISITORS READING REVIEWS
Comms Service Provider33%
Computer Software Company27%
Government5%
Media Company4%
REVIEWERS
Comms Service Provider21%
Retailer14%
Government14%
Financial Services Firm7%
VISITORS READING REVIEWS
Computer Software Company30%
Comms Service Provider19%
Government7%
Media Company5%
Company Size
REVIEWERS
Small Business35%
Midsize Enterprise24%
Large Enterprise41%
VISITORS READING REVIEWS
Small Business27%
Midsize Enterprise25%
Large Enterprise48%
REVIEWERS
Small Business40%
Midsize Enterprise27%
Large Enterprise33%
REVIEWERS
Small Business48%
Midsize Enterprise10%
Large Enterprise41%
VISITORS READING REVIEWS
Small Business13%
Midsize Enterprise17%
Large Enterprise69%
Find out what your peers are saying about Fortinet, Cisco, pfSense and others in Firewalls. Updated: September 2020.
441,478 professionals have used our research since 2012.
Cisco Firepower NGFW Firewall is ranked 5th in Firewalls with 20 reviews while Palo Alto Networks WildFire is ranked 1st in Advanced Threat Protection with 14 reviews. Cisco Firepower NGFW Firewall is rated 8.4, while Palo Alto Networks WildFire is rated 8.6. The top reviewer of Cisco Firepower NGFW Firewall writes "Enables analysis, diagnosis, and deployment of fixes quickly, but the system missed a SIP attack". On the other hand, the top reviewer of Palo Alto Networks WildFire writes "Good technical support and provides automatic analysis that saves us time in filtering email". Cisco Firepower NGFW Firewall is most compared with Fortinet FortiGate, Meraki MX , Azure Firewall, Check Point Virtual Systems and Palo Alto Networks NG Firewalls, whereas Palo Alto Networks WildFire is most compared with Fortinet FortiGate, Zscaler Internet Access, Juniper SRX, pfSense and Proofpoint Email Protection.

See our list of .

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.