We performed a comparison between Cisco IOS Security and Palo Alto Networks NG Firewalls based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's very easy to configure."
"The threat prevention is the solution's most valuable aspect."
"The most valuable features of Fortinet FortiGate are the ease of use and there are several operating systems that can include the hardware capacities. In the newer releases, the resources were more useful because they were included in the operating system."
"It's great for capturing the traffic and troubleshooting it."
"The email protection and VPN features are the most valuable."
"The solution is very user friendly. The user interface in particular is quite nice."
"It has improved our organization with control data."
"FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features."
"One of the valuable features of the solution is its flexibility and it performs great."
"The technical support is good."
"One of the main features is that the hardware is extremely reliable."
"We use the product for firewalls."
"There is a positive impact on security, particularly the intrusion feature, which helps keep the solution concealed and secure."
"The most valuable feature is endpoint protection."
"The solution is easy to use."
"Cisco products are very secure and integrate easily with other devices."
"One of the most valuable features of Palo Alto Networks NG Firewalls is application symmetries."
"Overall, it is a good solution. It is stable. We use URL filtering, which is useful for blocking undesired URLs."
"The user ID, Wildfire, UI, and management configuration are all great features."
"The application awareness feature that recognizes application IDs and vulnerability protection are Palo Alto Networks NG Firewalls' most valuable features."
"Compared to other firewalls from Check Point, Fortinet, and Cisco, for example, Palo Alto Networks NG Firewalls use the most advanced techniques. They have sandbox integration and others in the orchestrator. Palo Alto's security features are at a higher level than those of the competitors at the moment."
"The scalability is very good."
"The App-ID, Content-ID, User-ID, and encryption and decryption are valuable features."
"I like the navigation of the general Panorama solution. I can easily navigate around and get to the thing I need. I'm not wasting time trying to find something."
"I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE."
"My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."
"It would be a benefit if Fortinet would release a one-stop solution that is better integrated with other products and an automated emergency response system."
"It needs more available central management."
"There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision."
"It is stable, but its stability can be improved."
"It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features."
"The firmware needs improvement because there are bugs when a new release comes through. Sometimes, the configuration changes, and it's a bit harder to see where the fail is. The first time that you have the firmware, it tends to have some issues, and it's better to wait a bit to update the equipment."
"Cisco IOS Security could improve its security features. There are competitors that have some additional security features, such as Fortinet FortiGate. Additionally, there should be better synchronization with Cisco IOS Security and other vendors, and improved AI features would be beneficial."
"Sometimes I find it difficult to manage. Some configurations are difficult for new engineers, for example."
"Cisco IOS Security should improve its functionalities."
"Cisco IOS Security's monitoring is rather rudimentary and could be improved."
"I think setup could be one area for improvement, because sometimes we don't have people inside so we have to move to the place."
"I would love it if it has a link-by-link feature, integration with Unified Threat Management (UTM), and load balancers. They haven't got any link-by-link feature right now, which can be a very attractive option. This link-by-link feature can also be made available for Cisco's UTM firewalls. The link-by-link feature is available in some of the other firewalls. Currently, integration with UTM is missing. Cisco IOS Security also doesn't have the load balancers and a few things that need to be done to get a good UTM firewall. Normally, other firewalls have UTM. As a next-generation firewall, it's good, but as a UTM, it has to do some work."
"I think they should bring back remote VPN for users."
"The user interface needs to be improved."
"For an upcoming release, they could improve on the way to build security rules per user."
"We use ACC which is a tool for verifying the activity or traffic within your network. Currently, in ACC, the time of the samples that they offer is about five minutes. When you try to go down to a shorter duration, you can't. You only have five minutes. They can provide samples for shorter durations, such as one minute."
"Lacks mobility between on-prem and cloud based."
"In terms of what could be improved, comparatively the price is very high. That would be the one thing."
"As things are evolving, we want to make sure that Palo Alto is able to keep up with what is going on outside. They should continue to do more intelligence-related enhancements and integrate with some of the other security tools. We want to have a more intelligent toolset down the road."
"The only problem that I see with the Palo Alto NGFW being an all-in-one appliance is that because of the different features that are being put into a single appliance, the OS tends to be beefier. Over the eight years, we have seen that the number of features or analyses being put into the appliance itself has a tendency to slow down the appliance, especially at the time of bootup. So, any time we are doing maintenance work, the time required for the appliance to boot up and be fully functional again is significantly longer than eight years ago. They could find a way to make this all-in-one appliance faster."
"I wish that the Palos had better system logging for the hardware itself."
"I like the reports, but I wish the reporting was a little better. When I set up the automatic reports to come in, they're pretty basic. I would like them to be a little more advanced at the ACC monitoring and things like that. I still enjoy all the daily alerts that I get and all the daily PDFs and reports, but I just feel that it could expand upon the visualization of the reports."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Cisco IOS Security is ranked 22nd in Firewalls with 47 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 161 reviews. Cisco IOS Security is rated 8.0, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Cisco IOS Security writes "User-friendly and excels in documentation, making it easier to resolve issues". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Cisco IOS Security is most compared with Cisco Secure Firewall, Meraki MX, Fortinet FortiOS, Netgate pfSense and Juniper SRX Series Firewall, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Netgate pfSense. See our Cisco IOS Security vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.