We performed a comparison between Cisco Secure Firewall and WatchGuard Firebox based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. WatchGuard Firebox received slightly better ratings because it is easier to deploy than Cisco Secure Firewall.
"The features that prevent internet connections, the filtering are the most valuable because we did not have any internet protection before."
"What I like the most is the configuration and that it's simple, and straightforward to maintain."
"I like that they have given me a solution at a fair price."
"The next-generation firewall is great."
"We use the filtering feature the most. It has filtering and inbuilt securities. We can create customized rules to define which users can access a particular type of site. We can create policies inside the firewall."
"Fortinet FortiGate has many valuable features, such as IDS, and intrusion detection. It has security features that are in part with the technologies that are available in the market."
"I only deal with it from a security analyst's point of view. I don't really get into the features of the actual FortiGate. From the security point of view, it works, and it does its job."
"The features that we have found most valuable are the SSL VPN and the User Portal."
"The most important feature is the VPN connection."
"The feature I find most valuable is the Cisco VPN Interconnection."
"Once you add Firepower onto to it and you start enabling some of its features, you get some IDS/IPS involved with it and you can even do web filtering."
"The return on investment is not going to be restricted to just the box... Now, these genres have been expanded to cyber, to third-party integrations, having integrated logging, having integrated micro and macro segmentations. The scope has been widened, so the ROI, eventually, has multiplied."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"The setup was straightforward. I was happy with the configuration and deployment of the solution, as it was quick."
"ASA 5505 and ASA 5506 are very powerful tools to use in a business environment, and provide a lot of security."
"It's the VPN side of things that has been most useful for us. It allows us to secure our users even when they're working from home. They are able to access all of our resources, no matter where they are in the world."
"The ports that I have assigned appear to be unattainable to outside 'mal-actors,' unless they have an address registered on the internet that this thing is expecting. That's a layer of security."
"Simple to move settings between WatchGuard boxes."
"The features that I have found most valuable are the FireWall features. The management side of WatchGuard is quite easy because it supports two ways to manage it - by the web and the other one they call WatchGuard systems manager. I used to be familiar with WSM only, but they improved their GUI in the web browser and now it is much easier to do it within the web browser."
"They've done a lot of work with their SD-WAN, which we do use, to have our old internet service with our new internet service. If anything goes down on a particular interface, I can have different rules applied. Most of my users don't even know when our primary internet goes down anymore... I don't have to be here to do anything to switch it to our backup internet or to switch it back."
"The most valuable features of this solution are live logging, rule setup and maintenance, and VPN creation."
"The solution simplifies my business. Normally, for administration, we are using NetApp System Manager on Window since it's easy to create new policies. In a short amount of time, you can create new policies based on new requirements. For example, in the last few months, many requirements changed due to the coronavirus, adding the use of new services, like Office 365, and eLearning tools, like Zoom."
"The ease of use is most valuable. You can quickly train someone who hasn't seen a firewall in life. You can get people up to speed, and in a few months, they are able to manage this product very easily. It is a very user-friendly, scalable, and stable product. Its price is also spot-on."
"If there is any conflict, the reporting feature will kick out all types of information, which is great."
"Lacks training for new features."
"Fortigate's hardware capacities could be improved."
"I think that the infrastructure for the VPN could be improved. The way that it is bundled also made it difficult to use and sell as it is too expensive."
"Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN."
"The initial setup is complex."
"There are some license issues. Not every feature must have a separate license. There must be some of kind synergy between the license so we don't have to pay for every individual license that we would like to have."
"A sandbox would be good in order to be able to inspect the emails containing spam and be able to validate the emails that contain malware, prior to delivering to the customer."
"There are some complex administration tasks in their administration portal. That needs to be improved."
"One thing that Cisco could improve is the GUI. The graphic user interface should be more user-friendly."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"The relatively new Firepower Threat Defense image (mix of ASA and Sourcefire network security) fills a lot of gaps and features that were missing on ASA."
"The application detection feature of this solution could be improved as well as its integration with other solutions."
"It could also use a reporting dashboard."
"I would like to see them update the GUI so that it doesn't look like it was made in 1995."
"We are still running the original ASAs. The software that you are running for the ASDM software and Java application has never been a lot of fun to operate. It would have been nice to see that change update be redesigned with modern systems, which don't play nicely with Java sometimes. Cybersecurity doesn't seem to love how that operates. For us, a fresher application, taking advantage of the hardware, would have been a better approach."
"The ability to integrate (as options) all-in-one features -- like anti-spam, anti-virus, etc."
"There should be better integration and a way to configure multiple vendors into the same data center in order to offer more flexibility."
"Setup of this solution is complex, it's not plug and play."
"One other shortcoming is that there is no backup for it. We really haven't figured out how we might solve that problem. We may want to put a duplicate in... With WatchGuard, we just have the one box. If that were to fail, we'd probably be really hurting."
"There are a couple of things I wished that it would do, but I can't think of those off the top of my head."
"The documentation for the System Manager/Dimension configuration, could be a little bit clearer... The use case where you have multiple sites with multiple firewalls, and one site that has the System Manager server and the Dimension server, wasn't really well defined. It took me a little bit of digging to get that to actually work."
"What could use some significant improvement in WatchGuard Firebox would be its interface and policy management. An additional feature I'd like to see in the next release of WatchGuard Firebox is the ability to modify an existing policy instead of having to recreate a policy when changes are necessary. At the moment, there's no possibility to modify the policy. You have to delete the policy and recreate it."
"The pricing could be improved. It is definitely one of the more expensive products."
"I'd like to have better access to workstation monitoring, connection monitoring, and the amount of time an address is being used, to better gauge proper network utilization. If I knew that something was connected to a particular external location for an extended period that seems abnormal, I'd be able to act upon it."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while WatchGuard Firebox is ranked 13th in Firewalls with 78 reviews. Cisco Secure Firewall is rated 8.2, while WatchGuard Firebox is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of WatchGuard Firebox writes "Offers a streamlined deployment, intuitive interface and robust security features". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Sophos UTM, whereas WatchGuard Firebox is most compared with Netgate pfSense, Sophos XG, OPNsense, SonicWall TZ and Sophos UTM. See our Cisco Secure Firewall vs. WatchGuard Firebox report.
See our list of best Firewalls vendors and best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.