We performed a comparison between Cisco Secure Firewall and Meraki MX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Meraki MX is the winner in this comparison. It is easier to set up and more user-friendly than Cisco ASA Firewall. In addition, Meraki MX is a less expensive solution than Cisco Secure Firewall.
"The solution is easy to configure and maintain remotely."
"UTM/NGFW features and FortiCloud for logs and backups are awesome."
"The most valuable features are the enterprise modeling and the simple interface."
"FortiGate has a strong security topic which allows all of the Fortinet devices to communicate and share information which makes their security more powerful."
"The most valuable features are the policies, filtering, and configuration."
"The security fabric is excellent."
"The most valuable feature of FortiGate is FortiView which provides proactive monitoring."
"I think that the UTM features are the most value, as it truly protects my infrastructure."
"One of the best features is the ease of use. It's also easy to teach new engineers to use the ASA CLI."
"If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."
"It's easy to integrate ASA with other Cisco security products. When you understand the technology, it's not a big deal. It's very simple."
"Management Console and user profiling to define activities."
"The most valuable Cisco Secure Firewall features are options, features, and ease of deployment because it's an appliance."
"Its ability to discover attacks is a valuable feature. All of the other features that have to do with security are good."
"Cisco Secure Firewall's security solutions, advanced malware protection, and DDoS communication are very good."
"The most valuable feature is that the encryption is solid."
"It is very fast to implement."
"MX is easy to manage, configure and install."
"Managed centrally over the web: You can manages all your Meraki devices in a single account."
"It is easy to manage, which is one of the most important things for us. It is also flexible, stable, and scalable."
"We work also with domain control (DC) from Microsoft or Amazon. We use a whole virtual appliance with Meraki."
"I love the simplicity of Meraki MX — specifically, the simplicity of the dashboard."
"Ease of management is the best thing about the solution."
"The internet traffic shaping has been very valuable."
"If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement."
"The solution's framework needs to be frequently updated in order to have a stable solution."
"There is room for improvement related to the logging and reporting aspect."
"Lacks training for new features."
"It should be more stable. There should be full integration within Fortinet products themselves as well as with other third-party products. Especially when you're not dealing with SIEM and the correlation of the security box, we want Fortinet to be able to share that information with as many other products as it can."
"The Wi-Fi controller needs a lot of improvement."
"Price, of course, can always be more competitive or better."
"I think they need to improve more in order to be a competitor with the leaders of the field."
"My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"It can be improved when it comes to monitoring. Today, the logs from the firewalls could be improved a bit more without integrating with other devices."
"These firewalls are not for beginners."
"Security must be increased when a new user connects over the LAN and an alarm must be generated."
"The main problem we have is that things work okay until we upgrade the firmware, at which point, everything changes, and the net stops working."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"I have used Fortinet, Palo Alto, and Check Point previously and I prefer the process of everything working together."
"Meraki MX can come across as an expensive solution."
"Expensive licensing and firewall stops immediately working if the license is not renewed at expiration date."
"In general, the SD-WAN feature needs to be improved. The load sharing and load balancing of the traffic should be improved. I have had some problems with these features in the past."
"Load balancing options and ability to manage a couple of Internet connections."
"The product doesn't support route summarization and BGP dynamic routing protocol."
"The current lead time is longer for Meraki MX, and it needs to be improved."
"It would be nice if the different services, including the SIEM SOC and endpoint detection and response (EDR) were integrated into one, so that I don't have to go to different vendors for different services."
"The client-side VPN is weak. The product could be improved with deployment templates."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Meraki MX is ranked 2nd in Unified Threat Management (UTM) with 57 reviews. Cisco Secure Firewall is rated 8.2, while Meraki MX is rated 8.2. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Meraki MX writes "Cost-effective, simplified, easy to manage, and reliable with advanced security features and granular visibility". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Meraki MX is most compared with Palo Alto Networks NG Firewalls, Sophos XG, SonicWall TZ, Netgate pfSense and SonicWall NSa. See our Cisco Secure Firewall vs. Meraki MX report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Meraki is designed for zero deployments and no in-house firewall specialist personnel. Best to secure Networks like remote offices, branches or home offices. Also to protect Internet Access (your computer accesses the internet).
Cisco ASA is more of a professional firewall, not only protecting internet access but also providing security for publishing services like web servers, data centers, central services. They will need a specialist to install and support them. Therefore offer much more sophisticated protection features.
So you can't really compare these solutions, as they are targeting different markets.
You might compare Cisco to Sophos, but again, these are different protection solutions, one for network protection, the other for client protection. If you look only at the firewall part, you miss a lot in the total protection approach with Sophos.
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports network security and firewall options. We researched both Meraki and ASA. We liked that ASA provides a solid VPN setup and integrates with other Cisco security offerings.
Cisco ASA is great for routing and accessing remote office locations via the remote VPN. We also liked the high availability and customizable nating (Network Access Translation). It is very reliable and easy to use. You can easily configure a site-to-site VPN to connect multiple sites. The support is great - they respond 24/7/365 and there is a lot of documentation available.
The downside is that ASAs are aging. Therefore, Cisco ASAs are best suited to small businesses. If you need something affordable that gets the job done, ASA is a good option.
We chose Cisco Meraki, because, in our opinion, it is a step forward from ASA. The level of security and intrusion detection is great, and because it is cloud-based, it is easy to change the configuration without downtime. Logging is very comprehensive, and management is very simple.
The best feature is content filtering with granular control. Cisco Meraki offers advanced malware protection, including traffic shaping. Another feature we really like is that you can pre-configure devices before they arrive at the installation.
It doesn’t work with DMVPN, which is a downside. Another feature that could use some improvement is reporting, which is not real-time. The price can get expensive but if you can afford it, a full-stack Cisco Meraki system does a great job keeping your network secure.
Conclusions:
If you want a robust but basic firewall, ASA is your best choice. Cisco Meraki is a better choice if you are looking for a next-generation firewall with advanced security features and easy management.