Try our new research platform with insights from 80,000+ expert users

Check Point CloudGuard Network Security vs Cisco Secure Firewall comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
317
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Check Point CloudGuard Netw...
Ranking in Firewalls
8th
Average Rating
8.6
Reviews Sentiment
7.5
Number of Reviews
127
Ranking in other categories
Managed Security Services Providers (MSSP) (2nd), Software Defined WAN (SD-WAN) Solutions (3rd), Cloud and Data Center Security (7th), WAN Edge (3rd), Unified Threat Management (UTM) (6th)
Cisco Secure Firewall
Ranking in Firewalls
5th
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
407
Ranking in other categories
Cisco Security Portfolio (3rd)
 

Mindshare comparison

As of January 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 20.3%, up from 17.4% compared to the previous year. The mindshare of Check Point CloudGuard Network Security is 0.3%, up from 0.3% compared to the previous year. The mindshare of Cisco Secure Firewall is 5.8%, up from 5.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
PRASHANT GARJE - PeerSpot reviewer
Cost-effective, supports automation, and provides good security
We have done a lot of automation with the firewall, but sometimes, there are some failures because of some bugs. The fixes for them are still not available. We have daily or weekly communication with the Check Point people giving support in the India region, but we have not seen much improvement or response to our requests for some additional features. We are moving to infra as a code, so we are expecting more advancements in this product. Just installing the patches is not going to help us. They need to focus on this area. I expect Check Point CloudGuard to come up with some AI/ML integration. A firewall is the first L3 security device available to you. It is the single point that manages or processes the traffic for an organization. There is a possibility that the device goes down or gets rebooted for any reason. The integration of artificial intelligence with the devices can help us to know in advance that there might be a surge in traffic. There might be a spike in the traffic, so we can have some additional firewalls integrated. This predictive analysis has to be there. This way, if required, a second, third, or fourth firewall can come into the picture. All the firewalls will process the traffic simultaneously. I am expecting such capability. This sort of feature is available with AWS. We are deploying all the firewalls on AWS, but it would be easy if, in the future, such a feature is available from the OEM or Check Point itself. It will be very helpful for the organization. We have had a couple of outages because of some misconfiguration. They were human errors but there were no prior indications that if we were making these sorts of changes, this would happen. People making the changes on the firewall were not aware of this, and that is the reason why the outage happened. In a financial organization, an outage of even five minutes can cost a lot.
Jordan De Sousa - PeerSpot reviewer
Helped with the consolidation of tools and has a great dashboard
We have used different types of solutions. We had Cisco ASA for about 10 years, and then we switched to an on-site firewall to MX from Meraki, Cisco. For our cloud, we have Cisco Services Routers. The migration to the cloud has been a lot of work. Not all of our systems were compliant with being on the cloud so we had to work on some applications and delete some of them. For the old systems, we had to do extra work but for the newer systems, it was fine. The migration took around 18 months to migrate 99%. We had more than 2,000 on-prem firewall sites. Cisco helped with the migration to the cloud with the migration tool. Migrating MX was really easy and the tools helped us to migrate from the old ASA we had to the new MX. The cloud, firewalling, and CSR helped us from the data center on-premise approach to the cloud because at the time we didn't have a lot of experience with the cloud. It was easy to use the Cisco appliances in that space. I think that this solution has saved our IT staff time because of the ease of deployment. When I first started as a network engineer, it took a whole day to configure a firewall because of all the particularities you could potentially have at a site. I think that this solution saved our organization's time because security saves money because. At the end of the day, firewalls block threats. This solution helped with the consolidation of tools as we had all the observability tools in the solutions. Some 10 years ago we all had third-party solutions doing the observability. Now, we have the whole package and not only the firewall. We choose Cisco 10 or 20 years ago mostly because it was a market-leading solution. I also think it's because of MX's user-friendly solution that you can get on board easily. As far as CSA goes, I believe it's because you have a lot of features on the firewalls and it's the stability of course.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"FortiGate has a very strong unified threat management system."
"Our security improved from being able to put in rules and close off unwanted traffic."
"The solution is stable."
"The most valuable feature of Fortinet FortiGate is URL filtering."
"Customers are more inclined towards FortiGate because of application control, web filtering, and anti-spam features. The support from the FortiGate team is good, and price-wise, it is affordable."
"The stability and scalability of this solution are satisfactory. Its SD-WAN, VPN, and URL filtering features are very useful."
"The most valuable features are the policies, filtering, and configuration."
"The solution has very good threat and content filtering switches."
"I like the firewall and the virtual machine. I also like that it's compatible with Amazon Web Services and Azure."
"The CloudGuard Network Security's most valuable feature is implementing IPS for accessing our data center and server environment in Azure. It helps us to prevent attacks. By protecting our environment with Check Point, which we were already familiar with, it provided a solution that extended into the cloud environment."
"The router's anti-bot feature and network security for detecting malware and preventing its spread are critical components. Additionally, there are other features like antivirus, anti-malware, and a firewall. T"
"CloudGuard Network Security provides unified security management across hybrid clouds as well as on-prem. It's very important because when I have unified security, I have better control of the situation. If there's an attack or something like that, we can react faster. It's easier for everyone in the organization to work with the Infinity platform."
"It was very easy to install the solution, and the architecture meant we didn't have to worry about exceeding the solution's capacity."
"Customers appreciate the CME plugin for automatically understanding assets within the cloud. This information appears in the manager, allowing users to tag the assets and adjust policies and rules accordingly."
"The notifications, the visibility, and the deployment are the most valuable. It could be packaged in such a way that it took a lot of time and resources off our hands, so it was more efficient."
"The most important feature is that we are able to use Check Point CloudGuard Firewall for our cloud security. We can make the deployment automated. We do not require manual intervention."
"I like the ASDM for the firewall because it is visual. With the command line, it is harder to visualize what is going on. A picture is worth a thousand words."
"We use the solution for deep packet inspection, Internet Edge functionality, IDS, and IDP."
"We definitely feel more secure. We have more control over things going in and out of our network."
"The TAC is always very helpful. We pay for Tier 1 support, so we get whatever we need from them. They always give us a solution. If they can't give us an answer that day, they get back to us within at least 24 hours with a solution or fix. I have never had a problem with the TAC. I would rate them as 10 out of 10."
"Firepower has reduced our firewall operational costs by about 25 percent."
"A stable and solid solution for protection from external threats and for VPN connections."
"The feature that I found most valuable is the overall stability of the product."
"The most valuable feature is the anti-malware protection. It protects the endpoints on my network."
 

Cons

"Web security solutions can be improved."
"They've become quite expensive."
"It should provide better visibility over the network and more information in the form of reports for the end users. Its installation should also be easier."
"It should come integrated or have its own type of network monitor tool in a module. There should just be one package, and you are good to go."
"I think they need to improve more in order to be a competitor with the leaders of the field."
"While FortiGate is cheaper than most other solutions, we're seeing increased license renewal costs. Most of our clients are asking for more significant discounts because the price is going up."
"The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are."
"We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs."
"A threat categorization system can be added to give users the authority to define vulnerable attacks and classify areas that can threaten the workflow system."
"As an administrator, I can say that among all of the Check Point products I have been working with so far, the Virtual Systems solution is one of the most difficult."
"The solution needs to support more hypervisors."
"The connection to the on-premises management requires using the CLI. It's not just a click, and you cannot edit in the management to prepare everything. You need to do it online and in real time. After that, you must execute a script, and then you should be happy that it appears in the management."
"Regarding CloudGuard Network Security's integration with various resources like application gateways and application-based security groups, there's room for exploring dynamic access in those areas. A significant concern is the upgrade process. Unlike an in-place upgrade, upgrading the tool in Azure requires deploying a new resource, which can be hectic and less reliable. We have to spend something new to have the tool's latest version."
"The solution needs to improve the interruptions that happen during gateway upgrades."
"The challenge mainly revolves around the slower functionality of virtual IP switching in Azure Virtual Network compared to on-premise solutions. On-premise, switching between clusters is faster, taking only a few seconds, while in Azure, it can extend up to five minutes. The downtime is a concern for us."
"They can improve their security features to the next advanced level so that their efficiency in catching the malware can become 100%, and there is no scope for any data loss or leakage from the system due to any issue."
"An area of improvement for this solution is the console visualization."
"It is confusing to have two management interfaces, e.g., ASDM and Firepower Management Center."
"Implementations require the use of a console. It would help if the console was embedded."
"Managing various product integrations, such as Umbrella, is challenging."
"Cisco should improve its user interface design. There is a deep learning curve to the product if you are a newcomer."
"I would like more features in conjunction with other solutions, like Fortinet."
"The software was very buggy, to the point it had to be removed."
"You shouldn't have to use the ASDM to help manage the client."
 

Pricing and Cost Advice

"For the price, I'd rate it a ten because it's very cost-effective."
"I would rate the pricing a five out of ten"
"The price is really low. It's cheap in comparison to the cost of Cisco or CheckPoint, for example."
"Pricing for this product is comparatively lower than other products. It's an affordable solution, but when expanding the number of users, they'll ask you to replace the model, so that's an added cost."
"It's an expensive solution."
"You need to pay a license for this solution. Our licensing is now done in our subsidiary."
"The price is fair for what we get with FortiGate."
"The price of Fortinet FortiGate when compared to other solutions is high. However, my knowledge of the price is from third parties and I am not sure how accurate it is. I typically work in the technical area of my organization."
"The pricing is highly competitive and advantageous, offering great value."
"The tool's pricing is good. Customers want it to be cheap. I consider the pricing to be elastic. CloudGuard Network Security is perceived as cost-effective compared to using the built-in tools provided by the cloud."
"The price is fair for most of the customers. We don't find the price excessive. It's okay."
"I like the flexibility because I am pretty sure you can use the same license on Azure or AWS. I forgot the name of the license, but there is a specific type you can use that lets you interchange them, and that is pretty good. I like that."
"CloudGuard Network Security is not too cheap."
"It is fair. Its license covers all the features. There is a cost-benefit. The licensing for the cloud is better than on-premises because, with on-premises, you have to pay separately for different things."
"Licensing is available on a monthly or yearly basis."
"The product's licensing costs are yearly."
"It is expensive. There is a cost for everything. There is per year license cost and support cost. There is also a cost for any training, any application, and any resource. Things are very costly to do with Cisco. Other brands are cheaper. They are also more flexible in terms of training, subscription, and licensing. They give lots and lots of years free. They provide more than Cisco."
"Cisco is expensive, but you do get benefits for the price."
"Once you know what the product is, it is not that bad. Yes, it is expensive. When you try to get a license, it is like, "Well, I don't know which one of these I need. And, if I don't buy it now, then I will probably be back later. Now, I have to justify the money." Typically, you end up just buying everything that you don't use most of the time. It is one of those solutions where you get what you pay for. If you don't know what you need, just buy everything. We have additional licenses that we don't use."
"Everything with Cisco is expensive. My advice is that there are a lot better options out in the market now."
"The Cisco licensing agreement in Bangladesh is different than the one in India and in Dubai. It is not a problem, but if you want to subscribe to the yearly subscription, the original cost is really high. Also, if you go for an anti-virus, you pay for an additional yearly subscription."
"The licensing features are getting more complicated. These should be simplified."
"It's a brilliant firewall, and the fact that it comes with a perpetual license really does go far in terms of helping the organization in not having to deal with those costs on an annual basis. That is a pain point when it comes to services like the ones we have on Fortigate. That's where we really give Cisco firewalls the thumbs up."
"We are partners with Cisco. They are always one call away, which is good. They know how to keep their customers happy."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
831,158 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Comms Service Provider
6%
Manufacturing Company
6%
Computer Software Company
19%
Financial Services Firm
13%
Manufacturing Company
7%
Energy/Utilities Company
6%
Educational Organization
37%
Computer Software Company
14%
Government
5%
Manufacturing Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
What do you like most about Check Point CloudGuard Network Security?
The tool's most valuable feature is its management console.
What is your experience regarding pricing and costs for Check Point CloudGuard Network Security?
Pricing is high, over $25,000 USD annually. The package offered includes features we may not need, and more flexible ...
What needs improvement with Check Point CloudGuard Network Security?
The pricing is too high. We pay more than twenty-five thousand USD per year, which could be reduced. Moreover, Check ...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
CloudGuard IaaS, Check Point vSEC, CloudGuard IaaS, Check Point Virtual Systems, Check Point CloudGuard Network Security
Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
Physicians Choice Laboratory Services, Helvetica Insurance
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Find out what your peers are saying about Check Point CloudGuard Network Security vs. Cisco Secure Firewall and other solutions. Updated: January 2025.
831,158 professionals have used our research since 2012.