We performed a comparison between Cisco Secure Firewall and Palo Alto Networks NG Firewalls based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco Secure Firewall is commended for its threat defense, dashboard visibility, seamless integration with other Cisco products, and ease of use. Palo Alto Networks NG Firewalls are highly regarded for their embedded machine learning, robust security capabilities, and intuitive interface.
Both the Cisco Secure Firewall and Palo Alto Networks NG Firewalls have numerous areas for improvement. The Cisco Secure Firewall needs enhancement in network performance, policy administration, advanced features, management interface, patching and bug fixing, integration with other tools, and centralized management. Palo Alto Networks NG Firewalls can improve in terms of customization, next-generation capabilities, rule creation, monitoring interface, bug fixing, configuration simplicity, support processes, ACC tool, IPv6 support, VPN functionality, GUI interface, training materials, SSL inspection, and external dynamic list feature.
Service and Support: Customer opinions on the customer service of Cisco Secure Firewall vary, as some customers appreciate the technical support they receive, while others encounter delays and challenges. Palo Alto Networks NG Firewalls also receive mixed reviews for their customer service. While some customers commend the expertise of their support team, others express frustration with contacting the team and enduring lengthy wait times.
Ease of Deployment: The setup process for Cisco Secure Firewall can be more or less complex depending on the user's familiarity and environment. The initial setup for Palo Alto Networks NG Firewalls is described as simple, uncomplicated, and effortless. Users appreciate its user-friendly and efficient design, with readily available training materials for easy comprehension.
Pricing: Reviewers have differing opinions on the setup cost of Cisco Secure Firewall. Some consider it expensive due to additional expenses for licensing, support, and hardware. Palo Alto Networks NG Firewalls are generally acknowledged to have higher pricing. Reviewers note that Palo Alto Networks offers competitive hardware prices and discounts for multi-year licenses.
Comparison Results: Palo Alto Networks NG Firewalls is the preferred choice when compared to Cisco Secure Firewall. Users find the initial setup of Palo Alto Networks NG Firewalls to be straightforward and easy. Palo Alto Networks NG Firewalls stands out for its embedded machine learning capabilities, strong security features, and user-friendly interface.
"Overall, the pricing of the solution is very good. The product offers good value."
"It is a one box solution, which covers most of the edge device’s requirements."
"The solution is stable."
"Its user interface is good, and it is always working fine."
"It is simple to manage, and there are a lot of functionalities in the same box."
"It has very easy management and an amazing ETM configuration."
"It has improved our organization with control data."
"The application control features, such as Facebook blocking and Spotify blocking, are the most valuable."
"The most important point is the detection engine which is now part of the next-generation firewalls and which is supported by Cisco Talos."
"Very good as a stateful inspection firewall."
"The return on investment is not going to be restricted to just the box... Now, these genres have been expanded to cyber, to third-party integrations, having integrated logging, having integrated micro and macro segmentations. The scope has been widened, so the ROI, eventually, has multiplied."
"Management Console and user profiling to define activities."
"Beats sophisticated cyber attacks with a superior security appliance."
"The CLI is the most valuable feature. This solution is very flexible and offers different functionality including firewalls and VPN connectivity."
"Previously, our customers had to always utilize hand-to-hand delivery. Now, they are able to move completely to a secure digital method. They use a strictly dark fiber optics connection from a central location to the endpoint."
"The Inline Mode configuration works really well, and ASA works very impressively."
"The most valuable features are the threat prevention and policy-based routing features."
"I like the firewall's vulnerability management features, which give you reminders to update your system and update your OS."
"It has a unique approach to packet processing. It has single-pass architecture. We can easily perform policy lookups, application decoding, and integration or merging. This can be all done with a single pass. It effectively reduces the amount of processing required to perform multiple actions. This is the main advantage of using Palo Alto."
"We utilize advanced threat prevention features like web filtering and SSL decryption, which haven't caused any issues."
"One of the things I really like about it is that we have the same features and functions available on the entry-level device (PA-220), as do large corporations with much more costly appliances."
"The first time I came across these firewalls, what surprised me the most was their web user interface. It is complete and gives you a lot of information. You can do 80% of the things related to your network and firewall through the web UI. In some of the other devices, the UI is not as complete. App-ID is also very valuable in customer networks. When you're seeing a lot of traffic in your network, you can see in your web UI which users have the applications that are consuming the most bandwidth. You have a broad context, which is very good."
"The strengths of Palo Alto Networks NG Firewalls are application visibility and application awareness. Their strong point is identifying applications for traffic. So all of the policies that are configured are related to the application and not to a port."
"It worked fine normally."
"It can be a little bit more user-friendly in terms of policy definition and implementation. It seems a little bit complicated, and it could be simplified."
"The debugging and troubleshooting has room for improvement."
"If I had any criticism that I would give FortiGate, it would be that they need to stop changing their logging format. Every time we do a firmware upgrade, it is a massive issue on the SIM. Parsers have to be rebuilt. Even the FortiGate guys came in and said that they don't play well in the sandbox."
"Tunnel flapping was one of the major things I had seen wherein your internet link remains but your VPN tunnel is down. However, since I got a fix from the TAC team, I have not noticed it, but the customer complained a few times that they couldn't access the internet because of this problem."
"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files."
"The support team for Fortinet FortiGate needs to be more customer friendly."
"The initial setup and configuration are not intuitive and require training."
"The command line is complicated, and the interface could be better."
"One thing that we really would have loved to have was policy-based routing. We had a lot of connections, and sometimes, we would have liked to change the routing depending on the policies, but it was lacking this capability. We also wanted application filtering and DNS filtering."
"An area of improvement for this solution is the console visualization."
"It could also use a reporting dashboard."
"I would say that in inexperienced hands, the interface can be kind of overwhelming. There are just a lot of options. Too much, if you don't know what you are looking for or trying to do."
"The product would be improved if the GUI could be brought into the 21st Century."
"Changes you make in the GUI sometimes do not reflect in the command line and vice versa."
"The user interface is too complex for people who are not trained to or certified to engage with the product. The interface should be easier to use."
"With the new FTD, there is a little bit of a learning curve."
"The initial configuration is complicated to set up."
"The price of the solution is very high."
"We have not taken Palo Alto's firewall management solution because it's too expensive and we don't feel it delivers significant value."
"In the future, I would like to see more OTP features."
"The tool's central management system is complicated, making it challenging to manage multiple devices centrally. Individually, the firewalls are easy to use and manage. I'd like to see better central management features in the next release. They've introduced some, but I haven't tried them yet, so I can't say how effective they are. However, having a single management interface would be a big improvement."
"The solution could be simplified."
"Its scalability for on-prem deployments can be better. For an on-prem deployment, the hardware has to be replaced if the volume goes up to a certain level."
"A major concern is making the licensing more accessible to enable small municipalities to afford and manage their own systems independently."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 162 reviews. Cisco Secure Firewall is rated 8.2, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Juniper SRX Series Firewall, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and OPNsense. See our Cisco Secure Firewall vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Pricewise Cisco. But PA has better rating.
Palo Alto is better.
In my Oppinion, Palo Alto is better than Cisco. You can refer in NSS Lab 2018 & 2019 DCSG-SVM, NSS-labs-NGIPS-Comparative-Report, and some report from Forester about Zero Trust Architecture, and Gartner SASE report to discus more advantages of Palo Alto in the future