We performed a comparison between Cisco IOS Security and Cisco Secure Firewall based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We use the FortiGate Sandbox to detect zero-day vulnerabilities, such as anomalies or malware, that are unknown and have not yet been discovered."
"The SD-WAN function is very developed. It has SD-WAN functionality with security features in one device. We can manage from one single console SD-WAN and the security policy."
"The solution is very user-friendly."
"The integration with Active Directory is one of the good features. Most of the customers are now looking for the Single Sign-on feature. So, being able to integrate Active Directory with the firewall is useful. It is also easy."
"Fortinet FortiGate is user-friendly and affordable."
"The initial installation is very straightforward."
"One of the valuable features is a standardized OS."
"Virtual Domains (VDOMs) are a feature that we found valuable."
"Completely integrates branch offices with perimeter security."
"You can scale it when you need to."
"Previously, anyone in the organization would see any data point in the wall. They could just go and connect their machine with that data point and could access the network. But now, even if someone came and tried that, they will not be given access."
"The product's stability is good."
"The solution is very user-friendly and easy to deal with."
"It covers everything we need it to without looking to secondary solutions."
"Cisco is head-and-shoulders above all of the competition when it comes to technical support."
"The Intrusion Firewall is a valuable feature."
"The CLI is the most valuable feature. This solution is very flexible and offers different functionality including firewalls and VPN connectivity."
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"I like the user interface because the navigation is very easy, straightforward on your left side pane you have all the sites that you need to browse. Unlike any other firewalls, it's pretty straightforward."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"A good intrusion prevention system and filtering."
"I like the ASDM for the firewall because it is visual. With the command line, it is harder to visualize what is going on. A picture is worth a thousand words."
"I like that Cisco Firepower NGFW Firewall is reliable. Support is also good."
"It provides security for our company and users."
"For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial."
"Quality control on their firmware versions needs improvement. When they introduce new firmware, there tend to be bugs."
"It could use more templates for third-party site-to-site VPN setups other than FortiGate and Cisco."
"The solution can have more features in a single box that can be multi-applied to integrate everything."
"We would like to have the ability to disable some of the security functionalities."
"It can be a little bit more user-friendly in terms of policy definition and implementation. It seems a little bit complicated, and it could be simplified."
"There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision."
"I would like to have logs, monitoring, and reporting for a month without extra fees."
"The company needs to make its solution more affordable to make it more accessible to larger markets. Otherwise, it's seen as an enterprise-level solution that small or medium-sized organizations can't afford and therefore they won't even look at it."
"Cisco IOS Security could improve its security features. There are competitors that have some additional security features, such as Fortinet FortiGate. Additionally, there should be better synchronization with Cisco IOS Security and other vendors, and improved AI features would be beneficial."
"The solution is complex and can be more user-friendly."
"I would like upgrading iOS to be a bit easier."
"There's a technology called SD-WAN that we would like to see. We are unable to handle multiple connections or to automatically load balance. I would like to have a feature that enables us to automatically prepare for load balancing."
"I wish it would be more like the next generation firewall technology. There should be more selection between the application and filtering."
"An area for improvement in Cisco IOS Security is the performance because it's not as stable sometimes. There's also some latency in the solution, which could be improved. Cisco IOS Security integrates with other solutions, but you'll encounter many errors after integration, so this is another area for improvement. I'd like to see enhanced performance and a simplified setup in the next version of Cisco IOS Security."
"While Cisco IOS Security is stable and scalable, I would like to see it improved to be even better."
"For what we use it for, it ends up being the perfect product for us, but it would help if they could expand it into some of the other areas and other use cases working with speeding up and the reliability of the pushes from the policy manager."
"One big pain point I have is the ASDM interface because it's Java, and sometimes, it's a bit buggy and has low performance. That's something that probably won't be improved because of backward compatibility."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"In terms of what could be improved, I would say the UTM part should be more integrated for one price, because if you buy ASA from Cisco, you need to buy another contract service from Cisco as a filter for the dictionary of attacks. In Fortinet, you buy a firewall and you have it all."
"It would be great if some of the load times were faster."
"In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard."
"The one thing that the ASAs don't have is a central management point. We have a lot of our environments on FTD right now. So, we are using a Firewall Management Center (FMC) to manage all those. The ASAs don't really have that, but they are easy to use if you physically go into them and manage them."
"In today's world, cyberattacks have become a common occurrence. However, so far, we have not faced any issues with our systems. I hope the situation remains the same in the future. If Cisco introduces even more advanced security measures, it would be beneficial."
Cisco IOS Security is ranked 22nd in Firewalls with 47 reviews while Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews. Cisco IOS Security is rated 8.0, while Cisco Secure Firewall is rated 8.2. The top reviewer of Cisco IOS Security writes "User-friendly and excels in documentation, making it easier to resolve issues". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Cisco IOS Security is most compared with Meraki MX, Fortinet FortiOS, Netgate pfSense, OPNsense and Palo Alto Networks URL Filtering with PAN-DB, whereas Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls. See our Cisco IOS Security vs. Cisco Secure Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.