Try our new research platform with insights from 80,000+ expert users

Check Point CloudGuard Network Security vs Cisco Secure Firewall comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
318
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Check Point CloudGuard Netw...
Ranking in Firewalls
8th
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
148
Ranking in other categories
Managed Security Services Providers (MSSP) (2nd), Software Defined WAN (SD-WAN) Solutions (3rd), Cloud and Data Center Security (6th), WAN Edge (3rd), Unified Threat Management (UTM) (6th)
Cisco Secure Firewall
Ranking in Firewalls
5th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
409
Ranking in other categories
Cisco Security Portfolio (4th)
 

Mindshare comparison

As of March 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 20.8%, up from 17.8% compared to the previous year. The mindshare of Check Point CloudGuard Network Security is 0.3%, up from 0.3% compared to the previous year. The mindshare of Cisco Secure Firewall is 5.6%, up from 5.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Martin Raška - PeerSpot reviewer
Unification of security features strengthens network protection
The overall network security is good. It's big-picture, all in one bundle. It's valuable to have everything in one place instead of spreading across different products. Unified security management positively affects a company's security operations. They have one unified view of the security. I can connect multiple gateways to the management and have the view. I can have reporting and walks in a single pane of glass on the consolidated platform. It's easy to use. The management is the best on the market. It's very easy to work with, read, understand, and navigate. It helps increase our customer's security posture. We can see in some cases CloudGuard improves our customer's posture overall.
Jordan De Sousa - PeerSpot reviewer
Helped with the consolidation of tools and has a great dashboard
We have used different types of solutions. We had Cisco ASA for about 10 years, and then we switched to an on-site firewall to MX from Meraki, Cisco. For our cloud, we have Cisco Services Routers. The migration to the cloud has been a lot of work. Not all of our systems were compliant with being on the cloud so we had to work on some applications and delete some of them. For the old systems, we had to do extra work but for the newer systems, it was fine. The migration took around 18 months to migrate 99%. We had more than 2,000 on-prem firewall sites. Cisco helped with the migration to the cloud with the migration tool. Migrating MX was really easy and the tools helped us to migrate from the old ASA we had to the new MX. The cloud, firewalling, and CSR helped us from the data center on-premise approach to the cloud because at the time we didn't have a lot of experience with the cloud. It was easy to use the Cisco appliances in that space. I think that this solution has saved our IT staff time because of the ease of deployment. When I first started as a network engineer, it took a whole day to configure a firewall because of all the particularities you could potentially have at a site. I think that this solution saved our organization's time because security saves money because. At the end of the day, firewalls block threats. This solution helped with the consolidation of tools as we had all the observability tools in the solutions. Some 10 years ago we all had third-party solutions doing the observability. Now, we have the whole package and not only the firewall. We choose Cisco 10 or 20 years ago mostly because it was a market-leading solution. I also think it's because of MX's user-friendly solution that you can get on board easily. As far as CSA goes, I believe it's because you have a lot of features on the firewalls and it's the stability of course.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"A strong point of FortiGate is the graphical interface is complete and easy to use."
"You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it."
"Fortinet offers the latest versions to cater to the needs of enterprises."
"It is a good source for firewall protection."
"The SD-WAN feature is the most valuable. This feature evolved from link load balancing. It has helped us in terms of our uptime and privatizing applications whenever we experience an outage. The SD-WAN feature has been a plus for us. Two-factor authentication has allowed us to add more users in terms of remote working. We have two-factor authentication for remote workers to authenticate them before they get on the network."
"The pricing is excellent. It's much less expensive than Cisco."
"What's most important is the ease of use."
"The most valuable feature of Fortinet FortiGate is security. They are known for efficiency and are on the top of Gartner Quadrant reviews. Fortinet FortiGate has an easy-to-use platform with a good graphical interface. The configuration is simple and the solution provides an overall good layer of security."
"Check Point is one of the few solutions that pay attention to cloud security. Many others mostly focus on providing on-premises solutions."
"CloudGuard Network Security has helped reduce our organizational risk by about 15%."
"The solution is stable. Most Check Point solutions are stable."
"I like how straightforward it is and simple it is to implement in the cloud."
"Check Point management is way easier."
"This solution has good scalability and stability."
"It is a good-to-use tool that is also flexible."
"The tool's most valuable feature is its management console."
"The features I have found most valuable are the ASA firewalls. I like to have features like most integrated systems in ACI."
"I work with Cisco and other partners, but the Cisco team is the best team in our country. When I call them, they always help us."
"I'm a big fan of SecureX, Cisco's platform for tying together all the different security tools. It has a lot of flexibility and even a lot of third-party or non-Cisco integration. I feel like that's a really valuable tool."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"It is very stable compared to other firewall products."
"This solution has good security, and it's a good product. You can trust Cisco, and there's support as well, which is really good."
"We can shift traffic, block certain content, or redirect policies."
"Filtering is the best feature."
 

Cons

"FortiGate support could do some improvements on their IPv6 configuration. Right now it's still in the very early stage for utilizing in an enterprise level network environment."
"The platform's compatibility with Wi-Fi equipment needs improvement."
"They should improve the interface to make it more user-friendly."
"Fortinet FortiGate could improve by having better visibility. Palo Alto has better visibility."
"The main aspect of FortiGate that could be improved is load balancing. Our management team does not want to buy another appliance for only load balancing."
"You do need some IT knowledge in order to effectively work with the solution."
"Fortinet FortiGate can improve by integrating the web application firewall and the DDoS protection part of the solution. Having a WAF feature, web application firewall, and proxy together would be a good benefit."
"I would like to have logs, monitoring, and reporting for a month without extra fees."
"We miss full blade support for all blades that are compatible with the cluster. Especially notable is the lack of support for Identity Awareness in active standby environments for customers. In our setup, transitioning to Connective clusters would be preferable for maintaining connections during failover situations."
"It is pretty great in all aspects, but the integration could be easier, especially with Scale Set and related features."
"Despite using it for a long time, there are always new features. For example, just last week, I discovered a new feature that had been in the software for years yet it was not visible due to its placement behind multiple menus. Teaching sessions would be beneficial, yet it is our responsibility to learn, so we cannot entirely rely on Check Point."
"The costs are high."
"Check Point could show us use cases that would help us in Czech and could help us with security threats in our specific country."
"We have Microsoft CASB cloud app security and it's one of the least compatible firewalls. They really need to look at this, as both Check Point and Microsoft are major players. Why aren't they compatible? If we had Palo Alto then we wouldn't have this problem."
"The product can still grow."
"Check Point has a history of moving fast with software release and upgrade cycles which are difficult to keep up with at times."
"The integration between different tools could be improved. For example, with SecureX, I am yet to find out how to forward security events to different tools such as Microsoft Sentinel, which is what we use for log detection."
"The main problem we have is that things work okay until we upgrade the firmware, at which point, everything changes, and the net stops working."
"When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."
"It would be nice if you didn't have to configure using a command-line interface. It's a bit technical that way."
"The user interface is a little clunky and difficult to work with. Some things aren't as easy as they should be."
"Technical support takes a long time to respond."
"It would be great to have all the data correlated to have an overview and one point of administration."
"The access layer of this solution could be improved in terms of the way the devices interconnect with our network. We need to be able to analyze the traffic between the different interconnection in these areas."
 

Pricing and Cost Advice

"I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost."
"There is a license to use Fortinet FortiGate."
"Fortinet costs are 25% lower than the high-cost provider. There is an equipment cost and a recurring monthly cost for licenses and technical support."
"The price depends on the size of the company. From the beginning, you just want to know the internet bandwidths, speed, and the number of users to be able to offer the right product and model. They have a lot of products in FortiGate according to the size of the company, like 200D and 300D."
"It is affordable. Palo Alto is much more expensive than Fortinet."
"The price for the Fortinet FortiGate is reasonable. Secure SD-WAN is free of charge. If you have their firewall, it's free of charge. It's very tempting."
"We are on an annual license to use Fortinet FortiGate."
"Fortinet FortiGate's price can be reduced."
"They're a little high in price. The price could be lower."
"You get charged only for what resources you choose and how much traffic actually passes through the firewall, which in turn saves a lot of money."
"I quite like the way they priced it. It is very reasonable."
"Handling costs is not my department. Licensing has been quite acceptable. It is a bit easier now, but when I began working with CloudGuard, it was a bit too technical."
"The product is expensive but also valuable."
"The tool's pricing is not cheap."
"CloudGuard Network Security's pricing is fine."
"The product's licensing costs are yearly."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"The pricing is too high and the licensing is too confusing."
"Some of our customers would be more likely to standardize on Cisco equipment if the cost was lower because a lot of people install cheap equipment."
"It is considered on the "high end" of the spectrum."
"It was pretty good and not expensive on the subscription side. Cisco is doing a good job on this."
"Pricing is high."
"The cost is a bit higher than other competitive solutions on the market."
"​It is worth every penny that we have invested in it.​"
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
839,255 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Comms Service Provider
6%
Manufacturing Company
6%
Computer Software Company
20%
Financial Services Firm
13%
Manufacturing Company
7%
Retailer
6%
Educational Organization
41%
Computer Software Company
13%
Manufacturing Company
4%
Government
4%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
What do you like most about Check Point CloudGuard Network Security?
The tool's most valuable feature is its management console.
What is your experience regarding pricing and costs for Check Point CloudGuard Network Security?
The setup cost is okay. The cost overall is somewhat high compared to other vendors, whether firewalls or cloud-nativ...
What needs improvement with Check Point CloudGuard Network Security?
The reporting needs enhancement. Currently, we are not always aware of the gateways' status, like CPU and RAM usage. ...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
CloudGuard IaaS, Check Point vSEC, CloudGuard IaaS, Check Point Virtual Systems, Check Point CloudGuard Network Security
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
Physicians Choice Laboratory Services, Helvetica Insurance
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Find out what your peers are saying about Check Point CloudGuard Network Security vs. Cisco Secure Firewall and other solutions. Updated: January 2025.
839,255 professionals have used our research since 2012.