We performed a comparison between Cisco Secure Firewall vs Palo Alto Network Wildfire based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, with all other factors being more or less equal, Cisco Secure Firewall comes in a bit ahead of Palo Alto simply because of their stronger support.
"The most valuable feature of Fortinet FortiGate is load balancing. It can provide central management and VPNA. Additionally, it has enhanced our security environment."
"FortiGate has a strong security topic which allows all of the Fortinet devices to communicate and share information which makes their security more powerful."
"Fortigate's most valuable feature is that it doesn't need a push policy when writing rules."
"The solution is stable."
"The application control features, such as Facebook blocking and Spotify blocking, are the most valuable."
"The most valuable features of Fortinet FortiGate are the different types of profiling. It has been the most effective for me. The WAF and the antivirus profile are the most effective in network protection."
"The most valuable features are SD-WAN, application control, IPS control, and FortiSandbox."
"Web filtering and two-factor authentication are great features."
"The main thing that I love the most is its policy and objects. Whenever I try to give access to a user, I can create an object via group creation in the object fields. This way, I am not able to enter a user in the policy repeatedly."
"All the rules are secure and we haven't had a significant malware attack in the five years that we've been using ASA Firewall. It has been a tremendous improvement for our network. However, I can't quantify the benefits in monetary terms."
"The benefits we see from the ASA are connected to teleworking as well as, of course, having the basic functionality of a firewall in place and the prevention of attacks."
"The most valuable feature is the Intrusion Prevention System."
"The ASA has seen significant improvement due to the IPS."
"The ASA 55-x range is a solid and reliable firewall. It secures the traffic for normal purposes."
"I like its integration with the AnyConnect client. I also like how modular it is. For example, I can easily integrate the Umbrella add-on into it. We are planning on adding Umbrella. We haven't added it yet, but we have researched."
"I haven't had any major problems so I haven't had to open a ticket with technical support."
"Whole team can use the firewall and understand it."
"The most valuable feature is the Automatic Verdict, to recognize whether something is a threat, or not."
"It is a stable solution...It is a scalable solution."
"I like the analysis they apply to the unknown files, and I think they have good technology to use as a sandboxing tool. I didn't find something similar to WildFire in the marketplace."
"The most valuable features of Palo Alto Networks WildFire are the good URL and file analysis that uses artificial intelligence. It has different interfaces, such as rest, SMTP protocol, and HTTPS. The Security incidents and event management are very good. Additionally, there are many file types that are supported and there is no limit to the number of files it can handle simultaneously. It integrates well with SIEM solutions."
"The most valuable feature for us is the VPN."
"A good tool for file scanning and email threat detection, especially when it comes to attachments and communications."
"My primary use case for this solution is for a secure gateway."
"The firewall engine is not so strong as of now, in my opinion... My second concern is that, while they have Zero-day vulnerability and anti-malware features, the threat engine needs to be strengthened, its efficiency can be increased."
"Bandwidth usage in reporting could be improved for Fortinet FortiGate."
"The main aspect of FortiGate that could be improved is load balancing. Our management team does not want to buy another appliance for only load balancing."
"In terms of what could be improved, the SD-WAN is quite difficult, because if you install the new box, 15 is okay, but if you change from an old configuration, if there is already configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface."
"Fortinet FortiGate could improve by adding enhancements to FortiMail, FortiSOAR, and FortiDeceptor."
"I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security."
"I would like to see a more intuitive dashboard."
"They are doing good, but they can improve the distributor assignment. The availability of the product and the timeline of delivery are the main things. The distribution should be swift, and the distributor should not reach out to end customers directly. They should work as a distributor. There should also be one more local distributor. Currently, there is only one distributor in Pakistan, and the rest of them are in UAE. It is difficult to work with only one distributor. Sometimes, you don't get along with the same distributor, and that's why they should have one more distributor. Their licensing should also be improved. The activation or renewal of the product should be done from the date of renewal, not from the date on which the license expired."
"Migration with other appliances is not easy. It has to be done manually, and this takes a long time."
"I would like to see more configurable feature parity with Cisco ASA, which is the legacy product that Cisco is moving away from. When configuring remote access VPN, not all of the options are there. You have to download another tool, which means that the configuration takes a little bit longer with Cisco Secure Firewall. Though it's getting there, there are still some features lagging behind."
"Its interface is sometimes is a little bit slow, and it can be improved. When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode. In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment."
"The Cisco Firewall UI could be improved."
"The most valuable features of the product are the VPN and the NextGen firewall features such as application control, URL filtering, etc."
"You need to have a little bit of knowledge to be able to configure it. Otherwise, it would be very difficult to configure because there is no GUI. The latest software available in the market has a GUI and probably zero-touch provisioning and auto-configuration. All these things are not available in our version. You need to manually go and configure everything in the switch. In terms of new features, we would definitely want to have URL-based filtering, traffic steering, and probably a little bit steering in the bandwidth based on the per-user level and per-user group. We will definitely need some of these features in the near future."
"The one thing that the ASAs don't have is a central management point. We have a lot of our environments on FTD right now. So, we are using a Firewall Management Center (FMC) to manage all those. The ASAs don't really have that, but they are easy to use if you physically go into them and manage them."
"There are some limitations with SSL. Regarding the security assessment for the ISO 27000 standard, there are certain features that Cisco needs to scale up. Not all products support it, so you need to be slightly careful, especially on the site track."
"When comparing this solution to others it is not as good overall."
"The initial setup was complex."
"As a firewall and 360 degrees of security, there needs to be more maturity."
"The cost of this solution could still be improved, in particular, giving product discounts for charitable causes."
"The VPN and decryption need improvement."
"The global product feature needs improvement, the VPN, and we need some enhanced features."
"It's not really their problem, it's a problem across the board. There will always be problems with interrupted traffic. We have to set it up where we're playing a middle man game where we're stripping it out, looking at it, and then putting it back together and sending it on its way. That requires CPU cycles. And there's some overhead with that."
"The initial setup was a little bit complex, mainly due to the GUI console and management challenges."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Palo Alto Networks WildFire is ranked 3rd in Advanced Threat Protection (ATP) with 58 reviews. Cisco Secure Firewall is rated 8.2, while Palo Alto Networks WildFire is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Palo Alto Networks WildFire writes "Good technical support and provides automatic analysis that saves us time in filtering email". Cisco Secure Firewall is most compared with Netgate pfSense, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Palo Alto Networks WildFire is most compared with Proofpoint Email Protection, Juniper SRX Series Firewall, Fortinet FortiSandbox, Check Point SandBlast Network and Zscaler Internet Access.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.