We performed a comparison between Cisco Secure Firewall and ShieldX based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."It's great for capturing the traffic and troubleshooting it."
"The SD-WAN function is very developed. It has SD-WAN functionality with security features in one device. We can manage from one single console SD-WAN and the security policy."
"Customers want to load balance more than eight lines or six internet lines. FortiGate is the only solution that can accomplish this."
"Unified Threat Management (UTM) features."
"Easy to implement, and it is also reliable."
"The ease of setting the solution up is a valuable aspect for us."
"Fortinet FortiGate's ease of management is the most valuable feature."
"I appreciate FortiGate's flexibility, which allows for centralized management through FortiManager."
"The management aspect of the product is very straightforward."
"The customer service/technical support is very good with this solution."
"Stability is perfect. I haven't had any problems."
"The configuration was kind of straightforward from the command line and also from the ASDM. It was very easy to manage by using their software in Java."
"We are mostly using it for remote access, so the remote access feature is the most valuable, but all other features are also needed and required. It is also a very straightforward and reliable solution."
"The main thing that I love the most is its policy and objects. Whenever I try to give access to a user, I can create an object via group creation in the object fields. This way, I am not able to enter a user in the policy repeatedly."
"Cisco Secure Firewall made it easier so that more than one person can handle things. We are able to have a bigger team that can handle simple tasks and have a smaller team focus on the deep-dive needs."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"We were able to see what devices are talking to each other, giving us more visibility."
"The Adaptive Intention Engine is fantastic. It allows us to develop security policies using the language of our internal customers. It's machine-learning applied to security workflows. That allows us to much more easily construct the policies that will protect those workflows."
"...It takes the exact same policies that you would apply to your on-premise environment and enables you to simply apply them to the cloud. It becomes one policy for both on-prem and for the cloud."
"The most valuable feature is the automatic scaling. With its microservices, it scales both up and down, depending on traffic and throughput."
"The UI was also one of the huge selling points. My web development manager was blown away with the detail and the granularity that you can get out of the UI. It is a very strong and informative UI, with the amount of data it provides."
"It has helped us tighten our security posture. Now, staff can only access things that they should be accessing."
"ShieldX has been designed from the very beginning to work well in cloud environments. It understands autoscaling, automation, and auto-configuration. These are the things which are important in today's operating environment."
"I would like to see improvements in the support from Fortinet. Here in the Philippines, whenever we have problems with a Fortinet product, we mostly ask for support from distributors and resellers and not directly from Fortinet."
"If I had any criticism that I would give FortiGate, it would be that they need to stop changing their logging format. Every time we do a firmware upgrade, it is a massive issue on the SIM. Parsers have to be rebuilt. Even the FortiGate guys came in and said that they don't play well in the sandbox."
"I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE."
"Technical support is good but the response time could be faster."
"The user interface could be improved."
"I don't like that anything more than very basic reporting is not included."
"The pricing could be a bit better, especially when you consider how they have the most basic offering priced."
"I would like to see better pricing in the next release, as well as a simplification of the installation."
"It would be great if some of the load times were faster."
"The Cisco ASA device needs overall improvement, as configurations alone do not completely secure my network."
"It needs more tunneling capabilities."
"Cisco ASA is starting to get old and Firepower is taking over. All the good things happening are with Firepower."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"Initial setup can be complex. It is complex. We have to set up ASA, SFR module, and FMC separately, which sometimes requires extensive troubleshooting, even for smaller issues."
"Cisco wasn't first-to-market with NGFWs... they should look at what other vendors are doing and try not only to be on the same wavelength but a little bit better."
"I'm not very familiar with the largest Firepower models, but competitors like Palo Alto seem to have a more capable engine to do, for instance, TLS/SSL decryption. As I understand, Firepower doesn't let you export the decrypted traffic so that, for instance, the security department can look at the traffic or inspect traffic. It's all in the box. I've heard rumors that this is something Cisco is working on, but it isn't yet available."
"I would like better reports and in-depth reporting."
"They need to be consistent in performance and capabilities over time, given the fact that this is new and I want to see where this goes in the next year or so. As the vendor continues to evolve and add future functionality, we want to make sure that we are still keeping up with the integrations, etc. Time will be the key factor here. The proper support for some of the latest technologies, Docker containers, etc. They need to keep up with threat landscape, so we will see how the security get layered. This is what we are going to be keeping an eye on."
"We are having some issues with their LDAP and integrating it with the Active Directory. We can't seem to set it up."
"There should be a bit more customer care, with regular review meetings on it or regular reports. It would be nice to have a quarterly or biannual review of what ShieldX has blocked."
"With any kind of tool like ShieldX, where you're in the cloud instead of a traditional firewall, you're using CPU resources in those environments to provide the protection. So there's a cost associated with CPU resources. I'm pressing upon them to make the product much more efficient and use less CPUs to do the same thing."
Earn 20 points
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while ShieldX is ranked 46th in Firewalls. Cisco Secure Firewall is rated 8.2, while ShieldX is rated 9.2. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of ShieldX writes "Proactively monitors, blocks, and reports what it has blocked; and self-updates meaning there is zero maintenance". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas ShieldX is most compared with .
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.