We performed a comparison between Cisco Secure Firewall and Fortinet FortiOS based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The management console is pretty simple, so anyone who understands networking can initially deploy the solution."
"Fortinet FortiGate is easy to use. Anyone can easily maintain it."
"The SD-WAN is the most valuable feature."
"Fortinet FortiGate has many valuable features, such as IDS, and intrusion detection. It has security features that are in part with the technologies that are available in the market."
"One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them."
"It works very well. It has a lot of different functionalities. Its cost is also fine for our customers."
"Their interface is very easy to use, it is without bugs."
"The features that I have found most valuable are that it is good to use, and most importantly, the pricing. The customer especially likes the discount when they trade up or something like that."
"The most important point is the detection engine which is now part of the next-generation firewalls and which is supported by Cisco Talos."
"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."
"The Firepower IPS, based on Snort technology, has an amazing detection engine and historical analysis capability of files that eases threat investigations a lot."
"Cisco ASA has an okay CLI with a nice GUI."
"Cisco offers a great educational series to train users on their devices."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"Very good as a stateful inspection firewall."
"IPS and Snort are very important because they also differentiate Cisco from other vendors and competitors."
"The solution constantly adds features that are useful and user-friendly such as the ability to tweak firewalls through the CLI."
"What I like about this solution, is that it is the only solution that currently offers VPN for clients."
"It's simple to use in terms of inbound and outbound traffic management."
"It is more robust than SonicWall, particularly on the VPN from site to site."
"Firewall and overall management are valuable features."
"For my organization, it has become much easier to scan the firewalls because the solution is more user-friendly than competitors."
"The most valuable features of Fortinet FortiOS are its constant updates and definitions."
"We have expanded the wireless access point and switches using Fortinet FortiOS."
"The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. When I have used the Sophos solution it is a complete solution, in Fortinet FortiGate you have to use additional tools to have the features needed."
"The price of FortiGate should be reduced because there are some other leading products that are cheaper."
"It would be nice if backups could more easily migrate between different models."
"The search tool needs improvement. It's very difficult to search for policies right now."
"Technical support could be better. You don't always get the level of help you need right away."
"Fortinet FortiGate is a stable solution. However, my issue is the performance only. When I use all the profiles, this affects the performance. From the beginning, I should have had a better sizing of the box."
"With the reports, you can see it, and you can get good feelings so upper management can go, "Oh, wow. That looks pretty." However, it's very basic."
"In the future, I would like to see improvements made to cloud-based management."
"If I need to download AnyConnect in a rush, it will prompt me for my Cisco login account. Nobody wants to download a client to a firewall that they don't own."
"Also, they have a Firepower source file that I can work on the ASA device and on Firepower devices. A problem here lies in the way that you manage these devices. Some devices do not support the FMC, and some devices have to be managed through ASDM, and others have to be managed through FMC."
"We are replacing ASA with FTD which offers many new features not available using ASA."
"It needs more tunneling capabilities."
"Its interface is sometimes is a little bit slow, and it can be improved. When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode. In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment."
"A feature that would allow me to load balance among multiple ISPs, especially since we have deployed it as a perimeter firewall, would be a great addition."
"One of the challenges we've had with the Cisco ASA is the lack of a strong controller or central management console that is dependable and reliable all the time."
"I would like it if there was a centralized way to manage policies, then sticking with the network functions on the actual devices. That is probably the thing that frustrates me the most. I want a way that you can manage multiple policies at several different locations, all at one site. You then don't have to worry about the connectivity piece, in case you are troubleshooting because connectivity is down."
"You can enable and disable certain modules in it. However, with disabling, nobody can really tell us if that module is disabled."
"The solution needs to adjust its pricing models. With the way they are structured, everything is very disparate and sold separately, and, depending on the solution, it can get quite pricey."
"The technical support is good. However, during the holidays they can get a little slow to respond."
"Fortinet FortiOS is stable. However, last month we had an issue with a released patch. We had to receive another update to fix the firewall issue consuming all of the resources. The patches should be tested more before going into circulation."
"Fortinet FortiOS could improve by having better authentication methods with Microsoft or Google Services."
"The threat time interval lags a little, especially if there's a heavy load on the firewall."
"The pricing model makes this product far more expensive than similar solutions."
"Some features I have found to be hidden and cannot be accessed through the graphical user interface, you can only access them through the command-line interface(CLI). All the features should be accessible through the graphical user interface."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Fortinet FortiOS is ranked 15th in Firewalls with 73 reviews. Cisco Secure Firewall is rated 8.2, while Fortinet FortiOS is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Fortinet FortiOS writes "Provides effective filtering features, good stability but initial setup is moderately challenging". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Fortinet FortiOS is most compared with Fortinet FortiManager, Fortinet FortiGate-VM, Fortinet FortiWeb, Darktrace and Sangfor NGAF. See our Cisco Secure Firewall vs. Fortinet FortiOS report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.