Previously, our customers had to always utilize hand-to-hand delivery. Now, they are able to move completely to a secure digital method. They use a strictly dark fiber optics connection from a central location to the endpoint.
CTO at a tech vendor with 1-10 employees
Helps consolidate infrastructure solutions and has a straightforward setup
Pros and Cons
- "Previously, our customers had to always utilize hand-to-hand delivery. Now, they are able to move completely to a secure digital method. They use a strictly dark fiber optics connection from a central location to the endpoint."
- "FMC could be improved because management with FMC is quite difficult compared to using Firepower web-based management."
What is our primary use case?
What is most valuable?
Our clients have been able to consolidate infrastructure products such as Talus for hardware encryption and Dell EMC for D2D de-duplication and backup.
What needs improvement?
FMC could be improved because management with FMC is quite difficult compared to using Firepower web-based management.
For how long have I used the solution?
We've been selling Cisco Firepower for a year.
Buyer's Guide
Cisco Secure Firewall
March 2025

Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
845,406 professionals have used our research since 2012.
What do I think about the stability of the solution?
Our clients feel that Cisco has proven stability in enterprise networking, routers, and ASA firewall security.
How are customer service and support?
We are very confident with Cisco's technical support and would give them a ten out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Previously, we sold Check Point and Palo Alto.
We choose to sell Cisco because it has been approved by NATO. Our clients use a strictly offline infrastructure, and there were significant issues with Check Point. In addition, we have good support from the local Cisco office, and they also suggested that the end user goes with Cisco.
As a Cisco Secure Firewall reseller, the value we bring is very good support. You will not get the same level of support from some other vendors. For instance, Palo Alto and Check Point don't have direct support like Cisco. They have third-party support. Thus, you may get a response only when you escalate the issue to the third tier of the service level. With Cisco, everything is resolved within a day.
How was the initial setup?
The initial setup is straightforward because most network engineers have worked with Cisco. Cisco invested in universities, and as a result, 40% of the network experience of students is with Cisco.
Our clients are mostly financial institutions and have strict policies that do not allow personal data on external clouds outside the country. As a result, they mostly use an on-premises or hybrid cloud deployment model.
We are currently having our customers switch from the 2000 to the 3000 series.
What's my experience with pricing, setup cost, and licensing?
The price is not too high, but the subscription is a little bit high. We compared the activation of Cisco and Fortinet, and when we activated the whole portfolio of the UTM of Fortinet, the speed was reduced. We tested the same situation with the Cisco 2140 series, and there was no reduction in speed.
What other advice do I have?
When you're evaluating the solution, take a look at the customer reviews.
We have had no issues with Cisco Secure Firewall, and I would rate it at nine on a scale from one to ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller

Network Engineer at a computer software company with 51-200 employees
Integrates easily and has VPN capabilities, but the ASDM interface is a bit buggy and the CLI isn't always intuitive
Pros and Cons
- "I like its integration with the AnyConnect client. I also like how modular it is. For example, I can easily integrate the Umbrella add-on into it. We are planning on adding Umbrella. We haven't added it yet, but we have researched."
- "One big pain point I have is the ASDM interface because it's Java, and sometimes, it's a bit buggy and has low performance. That's something that probably won't be improved because of backward compatibility."
What is our primary use case?
We are mainly using it as a VPN gateway and edge firewall.
How has it helped my organization?
It helped us with the transition to working from home and hybrid working. Because of its VPN capabilities, it enabled us to keep working while everyone had to stay home because of COVID.
It integrates well with other systems within our environment.
What is most valuable?
I like its integration with the AnyConnect client. I also like how modular it is. For example, I can easily integrate the Umbrella add-on into it. We are planning on adding Umbrella. We haven't added it yet, but we have researched it.
What needs improvement?
One big pain point I have is the ASDM interface because it's Java, and sometimes, it's a bit buggy and has low performance. That's something that probably won't be improved because of backward compatibility.
The CLI is not always clear. It's not always intuitive.
Some of the things, such as site-to-site VPN, are complicated to set up. The settings you have are all hidden away in crypto maps, and you can't have a setting per tunnel. When you want to change one particular tunnel, you automatically change them all. That's a drawback.
For how long have I used the solution?
We've been using the Cisco ASA firewall for about two years.
What do I think about the stability of the solution?
It's reliable.
How are customer service and support?
I haven't had much contact with their tech support. We have a partner called Fundamentals for support. They're good. I'd recommend them.
Which solution did I use previously and why did I switch?
We have a Palo Alto core firewall, and we handle threat detection and intrusion prevention on that device. We don't use Cisco ASA for detecting or remediating threats.
Compared to other systems that I have used in the past, Cisco ASA is reliable, and it's not a very big hassle to set up. It's very good, and it just does its job.
How was the initial setup?
It's not a very big hassle to set up. It's a bit complex when you go into different topics that aren't the basic capabilities, such as when you go above VPN and basic ACL configuration, but all in all, it does the job.
What other advice do I have?
I'd rate it a seven out of ten because of the ASDM, non-intuitive CLI, and complication of setting some of the things.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Cisco Secure Firewall
March 2025

Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
845,406 professionals have used our research since 2012.
System Engineer
Saves us a lot of time and has a stable VPN
Pros and Cons
- "I think that the firewall feature is the most valuable to me as it is one of the oldest features for this solution. We also appreciate how stable the VPN is."
- "I have a lot of difficulties with the solution's Firewall Management Center (FMC) and the GUI. Neither is responsive enough and should be improved."
What is our primary use case?
Our primary use cases for this solution are as a traditional firewall, VPN system, IPS, and for URL filtering.
What is most valuable?
I think that the firewall feature is the most valuable to me as it is one of the oldest features for this solution. We also appreciate how stable the VPN is.
What needs improvement?
I have a lot of difficulties with the solution's Firewall Management Center (FMC) and the GUI. Neither is responsive enough and should be improved.
For how long have I used the solution?
My organization has been using Cisco Secure Firewall for more than 10 years.
What do I think about the stability of the solution?
My opinion is that this solution is quite stable.
How are customer service and support?
We encounter tech issues often. Sometimes it's really good to work with the tech engineer, but sometimes it can be really frustrating that it's slow to go through the email chat and everything. It depends on the engineer you get.
How would you rate customer service and support?
Positive
How was the initial setup?
I have had difficulties with the implementation of this solution. When I first encountered this solution, I had difficulties bringing it up and configuring it, but this was maybe due to the fact that back then it was a new technology. It is possible that I would have an easier time with it right now.
What other advice do I have?
I would say that this solution did help free up staff. Today, and even during COVID, a lot of customers are interested in VPN solutions and this demand will only keep increasing. I work from home mostly and the solution saves me two hours per day.
I do want to stress that this solution saves our organization time. We have 13 engineers in our company and even more staff in other departments and they also have the opportunity to work from home and with this, they save a lot of time. We plan on buying a smaller office thanks to this and this too will save a lot of money for the company.
The reason we chose Cisco is that some of my colleagues partnered with the provider when they came to Hungary, so they have been working with these solutions for a long time.
I do not have experience with the Cisco migration tool, but my colleagues do and they are really happy with it and its ease of use.
I would rate this solution a nine, on a scale from one to 10, with one being the worst and 10 being the best.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Technical Solutions Architect at NIL Data Communications
Video Review
Provides perimeter security, allowing/blocking of traffic, IPS, and port scans
Pros and Cons
- "The return on investment is not going to be restricted to just the box... Now, these genres have been expanded to cyber, to third-party integrations, having integrated logging, having integrated micro and macro segmentations. The scope has been widened, so the ROI, eventually, has multiplied."
- "The only improvement that we could make is maybe [regarding] the roadmap, to have better visibility as to what we are targeting ahead in the next few quarters."
What is our primary use case?
With [my company], NIL, it's cross-domain. It's just not ASA, but in particular we work with customers where we talk about the physical boxes or even the virtual appliances that we're deploying. The use cases can be multiple, but mostly what we have seen is perimeter security, looking at blocking [and] allowing of traffic before accessing the internet.
The majority of the challenges that we see across customers and partners is looking at the data, the integrity, security, [and] looking at various areas where they need to put in boxes or solutions which could secure their environments. It's not just about the data, but even looking at the endpoints, be it physical or virtual. That, in itself, makes the use case for putting in a box like ASA.
And, of course, with the integrations nowadays that we have from a firewall, looking at multiple identity solutions or logging solutions you could integrate with, that in itself becomes a use case of expanding the genres of integrated security.
What is most valuable?
The best features would obviously be the ones that are most used: the perimeter security, allowing/blocking of traffic, NAT-ing, and routing, or making it easy as compared to a router. If you were to do the similar features on a router, it would be way more extensive and difficult as compared to a firewall. These are the majority of the features that anyone would begin with.
But of course, they expanded to other features like IPS or cyber security or looking at vulnerabilities or scanning, port scans. Those are the advanced things.
[In terms of overall performance] in the last decade or so, especially in the last three or four years, the scale of where the architecture has been—all the numbers, the stats, everything—has gone up exponentially. It's all because of the innovations that are always happening, and not just at the hardware level, but particularly at the software level. Of course, we can always look at the data sheets and talk about the numbers, but all I can say, in my experience, is that the numbers have really gone up, and the speed at which the numbers have gone up in the last couple of years or so, is really progressive. That's really good to see.
What needs improvement?
We're reaching [the point] where we want it to be. If you go 10 years back, we did miss the bus on bringing in the virtual versus the physical appliance, but now that we have had it, the ASAv, for a few years, I think we are doing the right things at the right place.
The only improvement that we could make is maybe [regarding] the roadmap, to have better visibility as to what we are targeting ahead in the next few quarters. That is where we, as partners, can also leverage our repos with our customers and making them aware that there might be some major changes that we may have to introduce in their networks in the near future.
For how long have I used the solution?
I started back in the days with ASA when I was [with] Cisco. I was [with] Cisco for 12 years. I started as a TAC engineer, and one of the teams I was leading was the ASA team, firewall, and across VPN, AAA. it became like a cross-border team or cross-architecture, and it's been long enough. I've been working with ASAs for about 12 or more years now.
What do I think about the stability of the solution?
From the stability standpoint, it's way better. Is there a scope for improvement? Of course. There always is. But I can just speak from my experience. What it was and what it is today, it is way better.
What do I think about the scalability of the solution?
We look at scalability for any product of Cisco. I cannot be confined to the ASAs. We have physical, virtual, and cloud deployments. Everything is possible, so scalability is no issue.
How are customer service and support?
Support, when you look at any product from Cisco, has been top-notch. I was a TAC guy myself for 10 years and I can vouch for it like anyone would do from TAC.
Support has always been extensive. There is great detail in root cause analysis. Going back into my Cisco TAC experience, it's always the story that if you know the product well, you know the things that you need to collect for TAC or for any other junior SME to work with you collectively, to get down to the solutions sooner. Otherwise, they have to let you know what you need to collect. It's better to know the product, get the right knowledge transfer, work towards those goals, and then, collectively, we can work as a great team.
How was the initial setup?
I have mostly been involved in the pre-sales stage, and then eventually the post-sales as well. But we do the groundwork of making sure that we have set the stage for the customer to get the initial onboarding. And at times, I do it with other engineers or other colleagues who take it over from there. In my experience, it has been pretty straightforward.
It's not just the implementation, but [it's] also managing or maintaining [the ASA]. It would depend on how complex a configuration is, a one-box versus cluster versus clusters at different sites. Depending on the amount of configuration complexity and the amount of nodes that you have, you would need to look at staff from there. It's hard to put a number [on it and] just say you need a couple of guys. It could be different for different use cases and environments.
[In terms of maintenance] it's about a journey: the journey from having the right knowledge transfer, knowing how to configure a product, knowing how to deploy it, and then how to manage it. Now, of course, from the manageability standpoint, there are some basic checks that you have to do, like firmware upgrades, or backup restores, or looking at the sizing—how much your customer needs: a single node versus multiple nodes, physical versus virtual, cloud versus on-prem. But once you are done with that, it also depends on how much the engineers or SMEs know about configuring the product, because if they know about configuring the product, that's when they would know if something has been configured incorrectly. That also comes in [regarding] maintenance [of] or troubleshooting the product. Knowledge transfer is the key, and making sure that you're up to date and you have your basic checks done. Then, [the] manageability is like any other product, it's going to be easy.
What was our ROI?
The return on investment is not going to be restricted to just the box, because nowadays, if you look at the integrated security that Cisco has been heavily investing into, it's not just about ASA doing the firewalling functions. Now, these genres have been expanded to cyber, to third-party integrations, having integrated logging, having integrated micro and macro segmentations. The scope has been widened, so the ROI, eventually, has multiplied.
What other advice do I have?
Being a partner, we work with customers who already have different vendor solutions as well. At times, there are a mix of small SMB sites, which could be, let's say, a grocery. There are smaller stores and there are bigger stores, and at times, they do local DIAs or local internet breakouts. [That's where] you do see some cloud-based or very small firewalls as well, but when you look at the headquarters or bigger enterprises, that is where we would probably position Cisco.
[My advice] would depend [on] if they are comfortable with a particular product, if they've been working with a particular vendor. If it's a Cisco shop, or if they've been working on Cisco, or the customers are quite comfortable with Cisco, I would say this is the way to go. Unless they have a mixed environment. It will still depend on the SME's expertise, how comfortable they are, and then looking at the use cases and which products would nullify or solve them. That is where we should position it.
My lessons are endless with ASA, but my lessons are mostly toward product knowledge. When you look at the deployment side of things, or for me, personally, when I was TAC, to know how things work internally within ASA—like an A to Z story, and there are 100 gaps between and you need to know those gaps—and then, eventually, you will get to the problem and solve it in minutes rather than hours.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Network Engineer at a computer software company with 201-500 employees
Gives us remote connectivity and helps workers connect remotely
Pros and Cons
- "It has definitely improved our organization. It gives us remote connectivity, helps workers connect remotely, and also gives us good connectivity to our other branches."
- "I would like it if there was a centralized way to manage policies, then sticking with the network functions on the actual devices. That is probably the thing that frustrates me the most. I want a way that you can manage multiple policies at several different locations, all at one site. You then don't have to worry about the connectivity piece, in case you are troubleshooting because connectivity is down."
What is our primary use case?
We use it for basic firewalling, building VPN tunnels, and for some remote VPN connections.
We have two ASAs servicing external remote connectivity sessions for about 300 users.
How has it helped my organization?
It has definitely improved our organization. It gives us remote connectivity, helps workers connect remotely, and also gives us good connectivity to our other branches.
What needs improvement?
It would be nice if it had the client to actually access the firewall. Though, web-based access over HTTPS is actually a lot nicer than having to put on a client just to access the device.
For Firepower Threat Defense and ASAs, I would like it if there was a centralized way to manage policies, then sticking with the network functions on the actual devices. That is probably the thing that frustrates me the most. I want a way that you can manage multiple policies at several different locations, all at one site. You then don't have to worry about the connectivity piece, in case you are troubleshooting because connectivity is down.
For how long have I used the solution?
I have been using ASA for about three years.
What do I think about the stability of the solution?
It is stable.
We just run updates on them. I don't know if we have had to do any hardware maintenance, which is good.
What do I think about the scalability of the solution?
We have been just using ASAs for a smaller environment.
I don't know if I have ever worked with ASA in a highly scalable environment.
How are customer service and support?
I haven't really gotten involved with the technical support for ASAs.
Which solution did I use previously and why did I switch?
I work with a lot of different companies and a number of different firewalls. A lot of times it is really about the price point and their specific needs.
This solution was present when I showed up.
What's my experience with pricing, setup cost, and licensing?
The pricing is pretty standard.
I wish there was an easier way to license the product in closed environments. I have worked in a number of closed environments, then it is a lot of head scratching. I know that we could put servers in these networks and that would help with the licensing. I have never been in a situation where we connected multiple networks, i.e., having an external network as well as an internal network, as those kinds of solutions are not always the best. I think licensing is always a headache for everyone, and I don't know if there is a simple solution.
Which other solutions did I evaluate?
We can build GRE tunnels. Whereas, Firepower can't route traffic nor do a bit more traffic engineering within the VPN tunnels. This is what I like about using ASAs over Firepower.
Firepower Threat Defense has a mode where you can manage multiple firewalls through a single device.
I really like how Palo Alto does a much better job separating the network functions from the firewalling functions.
I would consider if there is a need to centralize all the configurations. If you have many locations and want to centrally manage it, I would use the ASA to connect to a small number of occasions. As that grew, I would look for a solution where I could centrally manage the policies, then have a little more autonomous control over the networking piece of it.
What other advice do I have?
Know specifically what you want out of the firewall. If you are looking for something that will build the GRE tunnel so you can route between different sites, I would go with ASA over Firepower Threat Defense.
I like the ASA. I would probably rate it as eight or nine out of 10, as far as the firewalls that I have worked with.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network Security Engineer at Cielo
Great for blocking attacks, best support, and very easy to use
Pros and Cons
- "The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
- "Its interface is sometimes is a little bit slow, and it can be improved. When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode. In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment."
What is our primary use case?
I use it to protect my DMZ from external attacks.
How has it helped my organization?
Last year, we received a lot of linear service attacks in our environment during the Black Friday season. Cisco Firepower blocked every attack.
What is most valuable?
The Adversity Malware Protection (AMP) feature is the most valuable.
It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard.
What needs improvement?
Its interface is sometimes is a little bit slow, and it can be improved.
When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode.
In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment.
For how long have I used the solution?
I have been using Cisco Firepower for two years.
What do I think about the scalability of the solution?
We use it specifically for DMZ, so we don't need it to scale it up. Because we are using this solution for a specific environment, we don't plan to increase its usage.
We have a few teams who use this solution. We have the information security team for reading the logs and policies. We have administrators, and we also have contractors for the network operation center to analyze some logs and reports.
How are customer service and technical support?
We have used their technical support. They are amazing. Cisco's technical support is the best.
Which solution did I use previously and why did I switch?
We have used Check Point and one more solution. The main difference is in the IPS signatures. Cisco Firepower has precise and most updated IPS signatures.
How was the initial setup?
The initial setup is easy. The deployment took two months because we didn't have Firepower previously, and it took us some time to plan and implement.
What about the implementation team?
We used our reseller and contractor to deploy Cisco Firepower. They were good.
What other advice do I have?
I would recommend this solution. I would rate Cisco Firepower a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Network Administrator at a construction company with 1,001-5,000 employees
Good signature detection, intrusion detection, IDS, and IPS
Pros and Cons
- "The stability of the solution is very good. We can see that it gets even better with every release."
- "It will be nice if they had what you traditionally would use a web application scanner for. If the solution could take a deeper look into HTTP and HTTPS traffic, that would be nice."
What is our primary use case?
We primarily use the solution for internet access firewalls.
How has it helped my organization?
The solution allows you to be more agile and react faster.
What is most valuable?
The Sourcefire stuff itself is the most valuable feature. Signature detection, intrusion detection, IDS, and IPS are all very good. AMP is very useful. I like that you can put it onto devices as well. The aggregated views in FMC that you get when you're a global shop which is centralized, and then offers gateways per region. In Europe, America and APAC, you have all the data coming together in the FMC. That's quite nice.
What needs improvement?
The FMC could be a little bit faster.
It will be nice if they had what you traditionally would use a web application scanner for. If the solution could take a deeper look into HTTP and HTTPS traffic, that would be nice.
For how long have I used the solution?
I've been using the solution for 1.5 years.
What do I think about the stability of the solution?
The stability of the solution is very good. We can see that it gets even better with every release.
What do I think about the scalability of the solution?
For us, the scalability is good, because we sized everything right, right from the beginning. If you size it right, it's very good. We don't plan on adding more firewalls, unless we suddenly grow exponentially, which we're not expecting to do at this point.
How are customer service and technical support?
We only contacted technical support during initial implementation and that was all handled by the consultant. I have a lot of other Cisco related tickets open, so we're used to the process.
I would say, however, that we're also using Meraki, and the Meraki support is way better, in my opinion.
Cisco support tends to take longer, and I mean really long given the fact that subject matter is sometimes also more complicated, so it really depends. When you compare that directly to Meraki, Meraki answers the same day, and I cannot say that about the legacy Cisco support items. I can understand that the market for the legacy service is so much bigger for Cisco, so I can see why it takes longer.
How was the initial setup?
The initial setup was complex because we had to migrate old ASA firewalls. The ACLs, or rather the policies, are very different now, and way more elaborate, so that that took some tweaking, and some consulting and some time.
Deployment took two months. We had to make sure that our old ACL base settings from the ASAs were correctly translated and implemented into the new FTD setups.
What about the implementation team?
We used a consultant to assist with implementation.
Which other solutions did I evaluate?
We've looked at a few options, but we have an internal policy that says, unless noted otherwise, network equipment has to be Cisco based. We had to go with a Cisco product.
What other advice do I have?
We are using the on-premises deployment model.
My advice for those considering the solution is this: if you want to migrate something, plan enough time for testing before you come over to the solution. You should also watch as many webinars as you can about that solution, or get a consultant and do a proper lab set up and go through the whole thing with them. It's is definitely worthwhile, given the complexity of the whole product.
I would rate the solution nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Director of network engineering at a computer software company with 5,001-10,000 employees
Is easy to use, stable, and scalable
Pros and Cons
- "Cisco ASA Firewall is a well known product. They're always updating it, and you know what they're doing and that it works."
- "It would be good if Cisco made sure that the solution supports all routing protocols. Sometimes it doesn't."
What is our primary use case?
Our primary use case includes basic firewalls, VPNs, NAT, and our connections to customers.
It's used in our data centers to protect the network and customer circuits.
How has it helped my organization?
Cisco ASA Firewall has improved our organization by allowing connectivity to the outside world and into different places.
Cybersecurity resilience is very important to our organization. There are always threats from the outside, and the firewall is the first line of defense in protecting the network.
What is most valuable?
Cisco ASA Firewall is a well-known product. They're always updating it, and you know what they're doing and that it works.
What needs improvement?
It would be good if Cisco made sure that the solution supports all routing protocols. Sometimes it doesn't.
For how long have I used the solution?
I've been using it for probably 10 to 15 years.
What do I think about the stability of the solution?
For the most part, it's stable.
What do I think about the scalability of the solution?
It's a very scalable solution.
How are customer service and support?
The technical support is very good, and I would give them a nine out of ten.
How would you rate customer service and support?
Positive
What's my experience with pricing, setup cost, and licensing?
The pricing and licensing are getting more complicated, and I'd like that to be simpler.
Which other solutions did I evaluate?
We evaluated some Palo Alto and Juniper solutions, but Cisco ASA Firewall is better in terms of ease of use. You could get certified in it.
What other advice do I have?
To leaders who want to build more resilience within their organization, I would say that the ASA, along with its features, is a good product to have as one of the lines of defense.
The solution does require maintenance. We have four network engineers who
are responsible for upgrading code and firewall rules, and for new implementations.
On a scale from one to ten, I would rate Cisco ASA Firewall a nine. Also, it's a very good product, and it compares well to others.
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros
sharing their opinions.
Updated: March 2025
Popular Comparisons
Fortinet FortiGate
Netgate pfSense
Sophos XG
Palo Alto Networks NG Firewalls
Check Point NGFW
Azure Firewall
WatchGuard Firebox
SonicWall TZ
Juniper SRX Series Firewall
Fortinet FortiGate-VM
SonicWall NSa
Sophos XGS
Untangle NG Firewall
Fortinet FortiOS
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What Is The Biggest Difference Between Cisco ASA And Fortinet FortiGate?
- Cisco Firepower vs. FortiGate
- How do I convince a client that the most expensive firewall is not necessarily the best?
- What are the biggest differences between Cisco Firepower NGFW and Fortinet FortiGate?
- What Is The Biggest Difference Between Cisco Firepower and Palo Alto?
- Would you recommend replacing Cisco ASA Firewall with Fortinet FortiGate FG 100F due to cost reasons?
- What are the main differences between Palo Alto and Cisco firewalls ?
- A recent reviewer wrote "Cisco firewalls can be difficult at first but once learned it's fine." Is that your experience?
- Which is the best IPS - Cisco Firepower or Palo Alto?
- Which product do you recommend and why: Palo Alto Networks VM-Series vs Cisco Firepower Threat Defense Virtual (FTDv)?