We performed a comparison between Cisco Secure Firewall vs Palo Alto Network Wildfire based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, with all other factors being more or less equal, Cisco Secure Firewall comes in a bit ahead of Palo Alto simply because of their stronger support.
"The solution is stable."
"Consolidated our network environment at all locations, but mainly at our datacenter."
"Some of the key features of the solution is that it has good reporting, you can receive many details from the connection, for example, clients and website information."
"The FortiGate controls the user's activities and maximizes my bandwidth use overall."
"The most valuable features are SD-WAN, application control, IPS control, and FortiSandbox."
"The email protection and VPN features are the most valuable."
"The most valuable feature is the interface, which is very user friendly. We are utilizing most of the features, like content filtering. The firewall is powerful."
"The stability of the solution is excellent, as it is with other Fortinet products."
"I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete."
"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"The Inline Mode configuration works really well, and ASA works very impressively."
"The customer service/technical support is very good with this solution."
"The interface is user-friendly."
"Everything is all documented in the file or in the command line script that gets uploaded to the device. It gives us great visibility."
"Once you add Firepower onto to it and you start enabling some of its features, you get some IDS/IPS involved with it and you can even do web filtering."
"The most valuable features are all of the security features in terms of protection and SSL and VPN."
"The most valuable features of Palo Alto Networks WildFire are the good URL and file analysis that uses artificial intelligence. It has different interfaces, such as rest, SMTP protocol, and HTTPS. The Security incidents and event management are very good. Additionally, there are many file types that are supported and there is no limit to the number of files it can handle simultaneously. It integrates well with SIEM solutions."
"The technical support is good."
"They have many different options with Palo Alto WildFire and the set-up is quick. If you have all the details in hand, it does not take more than 15 minutes to deploy a firewall."
"Detailed reporting on analysis of content. The inspections are easily applied to security policy profiles and profile groups, and may be assigned on a per-rule basis."
"The solution is completely integrated with all the other Palo Alto products. I think that it is the best part for endpoint protection. The firewall features include URL and DNS filtering, threat protection, and antivirus."
"It gives a more accurate assessment of a virus in terms of whether it's truly a virus, malware, or a false positive. We have some legacy software that could pop up as being something that is malware. WildFire goes through and inspects it, and then it comes back and lets us know if it's a false positive. Usually, when it finds out that it's not a virus, it lets us know that it's benign, and it can exclude it from that scan, which means I don't even have to worry about that one popping up anymore."
"The reporting feature helps our performance."
"In terms of what could be improved, the SD-WAN is quite difficult, because if you install the new box, 15 is okay, but if you change from an old configuration, if there is already configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface."
"If I had any criticism that I would give FortiGate, it would be that they need to stop changing their logging format. Every time we do a firmware upgrade, it is a massive issue on the SIM. Parsers have to be rebuilt. Even the FortiGate guys came in and said that they don't play well in the sandbox."
"It would be nice if backups could more easily migrate between different models."
"In the next release, maybe the documentation on how to use this solution could be improved."
"There are some cloud-based features that could be much more flexible than they currently are."
"Sometimes you do need to know some CLI commands, so it's a bit harder for technicians or new people that don't know it."
"Maybe they could make some features more accessible, such as a way to translate directions between two networks that share the same subnets."
"I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE."
"The solution has not had any layer upgrades. It does not have layer five and upwards, it only has up to layer four. This has caused some problems for us."
"There are some limitations with SSL. Regarding the security assessment for the ISO 27000 standard, there are certain features that Cisco needs to scale up. Not all products support it, so you need to be slightly careful, especially on the site track."
"I would like more features in conjunction with other solutions, like Fortinet."
"In NGFW, Cisco should be aligned with the new technology and inspection intelligence because Cisco is far behind in this pipeline."
"There's a little bit of a disconnect between Firepower’s management and the rest of the products, like DNA and Prime. The solution should have fewer admin portals for network, security, and firewalls."
"It integrates with other security products from Cisco, but sometimes, there can be glitches or errors."
"The graphical interface could be improved. From what I have seen, Fortinet, for example, has a nicer GUI."
"The ASAs are being replaced with the new Firepowers and they have a different type of structure in the configuration to be able to migrate from one to the other."
"The cost of this solution could still be improved, in particular, giving product discounts for charitable causes."
"The VPN and decryption need improvement."
"I think it would be nice for Palo Alto to work without the connection to the cloud. It is 100% powerful when connected to the cloud. But, if you disconnect from the cloud, you only get 40-50% power."
"There are more specialized solutions that compete with Wildfire. Therefore, they need to work on their machine learning and AI to be more competitive."
"The size of Palo Alto's cloud is big but it could be easier to use from a product management perspective."
"The GUI is better in 8.0, but I still feel it lacks the fast response most of us desire. Logs are much quicker."
"In the future, I would like to see more automation in the reporting."
"The initial setup was complex."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Palo Alto Networks WildFire is ranked 3rd in Advanced Threat Protection (ATP) with 58 reviews. Cisco Secure Firewall is rated 8.2, while Palo Alto Networks WildFire is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Palo Alto Networks WildFire writes "Good technical support and provides automatic analysis that saves us time in filtering email". Cisco Secure Firewall is most compared with Netgate pfSense, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Palo Alto Networks WildFire is most compared with Proofpoint Email Protection, Juniper SRX Series Firewall, Fortinet FortiSandbox, Check Point SandBlast Network and Zscaler Internet Access.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.