Try our new research platform with insights from 80,000+ expert users

Check Point CloudGuard Network Security vs Cisco Secure Firewall comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
318
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Check Point CloudGuard Netw...
Ranking in Firewalls
8th
Average Rating
8.6
Reviews Sentiment
7.5
Number of Reviews
152
Ranking in other categories
Managed Security Services Providers (MSSP) (1st), Software Defined WAN (SD-WAN) Solutions (3rd), Cloud and Data Center Security (6th), WAN Edge (3rd), Unified Threat Management (UTM) (6th)
Cisco Secure Firewall
Ranking in Firewalls
7th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
409
Ranking in other categories
Cisco Security Portfolio (4th)
 

Mindshare comparison

As of April 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.1%, up from 17.7% compared to the previous year. The mindshare of Check Point CloudGuard Network Security is 0.3%, up from 0.2% compared to the previous year. The mindshare of Cisco Secure Firewall is 5.8%, up from 5.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Martin Raška - PeerSpot reviewer
Unification of security features strengthens network protection
The overall network security is good. It's big-picture, all in one bundle. It's valuable to have everything in one place instead of spreading across different products. Unified security management positively affects a company's security operations. They have one unified view of the security. I can connect multiple gateways to the management and have it in one place. I can have reporting and views in a single pane of glass on the consolidated platform. It's easy to use. The management is the best on the market. It's very easy to work with, read, understand, and navigate. It helps increase our customer's security posture. We can see in some cases CloudGuard improves our customers' posture overall.
Maharajan S - PeerSpot reviewer
Enhances security with precise access control but has integration challenges
Overall, I would rate the product six out of ten. Because of the support and cost, I moved away from Cisco, but otherwise, it is a good product. Recommendation depends on the requirement. If lacking a proper team and being dependent on the OEM and partner, Cisco is not suitable. However, if the team is qualified with Cisco-certified people and the requirement is a big network, it can be considered. In today's hybrid work world, having an expanded gateway is more typical than having a single one. Thus, Cisco is unlikely to be recommended for a hybrid requirement unless in-house skills align. Otherwise, depending on partners and Cisco, it can be a risk. I rate the overall solution six out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The base firewall features are quite valuable to us."
"The simplicity of the configuration and the stability of the product are most valuable. The VPN concentrator is very useful."
"The solution is stable."
"Their interface is very easy to use, it is without bugs."
"Fortigate is very scalable to serve our customers' needs. We have scaled already from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers."
"The performance is good."
"Our security improved from being able to put in rules and close off unwanted traffic."
"It's great for capturing the traffic and troubleshooting it."
"A unique architecture makes this product stand out from other solutions."
"Check Point is one of the best in the market."
"The product offers an easy and nice way to manage the gateways, similar to on-prem hardware. It has packet filtering features. Our security operations are faster and less prone to errors. We selected CloudGuard Network Security due to its visibility."
"The query feature is going to be a game-changer for us as we move forward."
"The ease of administration with the cloud management extension and the cloud licensing model is valuable."
"The solution could improve to have a DLP feature."
"The most valuable feature of Check Point CloudGuard Network Security is the ease of use. It was not difficult to learn."
"The features of the solution which I have found most valuable are its flexibility and agility. It's a fully scalable solution, from our perspective. We can define scaling groups and, based on the load, it will create new instances. It's truly a product which is oriented toward the cloud mindset, cloud agility, and this is a great feature."
"The whole firewall functionality, including firewall policies and IPS policies, is valuable. It has all kinds of functionalities. It has IPS, VPN, and other features. They are doing quite a lot of stuff with their devices."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"The most valuable feature is the anti-malware protection. It protects the endpoints on my network."
"The transparency of the single UI to ensure security. A product has to be simple so that an administrator can use it."
"It is much better than most of the other firewalls that I have worked with."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"The primary benefits of using Cisco Secure solutions are time-saving, a robust API, and convenience for the security team."
"The initial setup was completely straightforward."
 

Cons

"Regarding challenges, customers initially faced issues like internet dropping, but after firmware upgrades, everything worked well."
"I think that the infrastructure for the VPN could be improved. The way that it is bundled also made it difficult to use and sell as it is too expensive."
"We would like to see an upgrade to the VPN feature, we are using the VPN from outside of our office and there is a limitation to 10 connections, more connections would be suitable."
"The web-cache feature which was previously on the FortiGate device, but was deleted with the recent upgrade should be returned. It was a very valuable feature for us."
"Performance and technical support are the main issues with this solution."
"The setup is pretty complex and not easy to implement."
"The UTM filtering needs improvement."
"The platform's compatibility with Wi-Fi equipment needs improvement."
"Every good security product requires a company with many research departments and staff."
"Check Point CloudGuard Network Security could improve by making it easier to configure."
"From the policy optimization point of view, they can do better. This is not just for CloudGuard. CloudGuard is one little piece managed by Check Point. They can also integrate a third-party policy management solution to improve that. For example, Tufin is focused on policy optimization and management."
"The user interface could be more intuitive, and the initial setup and configuration can be complex, requiring a technical team."
"They are coming out with more SD-WAN express route support from a firewall perspective. That would be great."
"The cost is relatively high compared to the cost of other products in the market."
"We utilize logging systems, and geolocation is crucial for us as some applications must only be accessible from our country. However, there have been occasional issues with this feature."
"We have had occasional issues with two gateways that used to break or are broken. We are not sure yet."
"We would like to see improvement in recovery. If there is an issue that forces us to do recovery, we have to restart or reboot. In addition, sometimes we have downtime during the maintenance windows. If Cisco could enhance this, so that upgrades would not necessarily require downtime, that would be helpful."
"Cisco should work on ASDM. One of the biggest drawbacks of Cisco ASA is ASDM GUI. Cisco should improve the ASDM GUI. The configuration through ASDM is really difficult as compared to CLI. Sometimes when you are doing the configuration in ASDM, it suddenly crashes. It also crashes while pushing a policy. Cisco should really work on this."
"In NGFW, Cisco should be aligned with the new technology and inspection intelligence because Cisco is far behind in this pipeline."
"The Sandbox and the Web Censoring in this solution need to be improved."
"Cisco still has a lot of work to do. You can convert an ASA over to a Firepower, but the competitors, like Palo Alto and Juniper, are coming in. And believe it or not, they are a little bit more intuitive. Cisco has a little bit more work to do. They're playing catch up."
"You shouldn't have to use the ASDM to help manage the client."
"Setting it up is not as intuitive as other more modern NGFWs."
"Other firewalls, upgrading is a very easy task; from the graphical user interface, you just need to import the firmware versions into it and install it. In this firewall, you need to have a third-party solution in both. It's a process. It's a procedure, a hard procedure, actually, so there is no straightforward procedure for upgrading."
 

Pricing and Cost Advice

"If the price of the license in Fortinet FortiGate was less expensive it would be better."
"When you look at these end security systems and firewalls, these firewalls even five years ago were $50,000 or perhaps $25,000 to implement in some types of customer sites. Now we're talking about tools that are $1,000. In this case, it might have been $500 or something like that."
"Before choosing a piece of equipment you have to take into account the cost-benefit offered by each one. Sometimes it is not worth paying a very cheap price to have a minimum level of security."
"It is cost-effective, and provides a good value for your money. The pricing, and license renewal, is very reasonable for us."
"Fortinet is reasonable in pricing and licensing. Overall, FortiGate is affordable. The licensing fee can be a little high, depending on the budget for your project."
"Price-wise, it's at a good price point for our market."
"Its pricing is fine. It is on a yearly basis. Other than the licensing fee, there is no extra fee."
"There is a subscription-based model to use Fortinet FortiGate. We pay annually for the solution along with the support. If you want to have all the updates, and security patches you will need to renew your support."
"On average, it is normally on the lower end, being less expensive than Palo Alto or Cisco."
"It is the most expensive part of the product. There is a lot of room for improvement. Security comes with a price, but it is still a big chunk just for the service."
"We have a pretty good partnership with Check Point. We have a global subscription and agreement. They give us a pretty good corporate discount."
"The tool's pricing is been higher than other solutions, but it seems like it's turning downwards."
"The tool's pricing is not cheap."
"CloudGuard Network Security's pricing is fine."
"The tool's pricing is reasonable."
"I do not know the exact price, but it is fairly priced. It is neither cheap nor costly."
"When we purchased the firewall, we had to take the security license for IPS, malware protection, and VPN. If we are using high availability, we have to take a license for that. We also have to pay for hardware support and technical support. Its licensing is on a yearly basis."
"It's more expensive than Fortinet and Juniper. The price is high compared to other vendors. In general, for the license, it's not that expensive."
"Cisco Secure Firewall is a moderately priced solution."
"The pricing was fairly reasonable. It was competitive and was slightly more than Check Point was. However, when we looked at the usability and the features that we would get out of Firepower, it was certainly reasonable. Licensing is complex, and I'd like it to be simplified."
"The pricing of Cisco's boxes is pretty good."
"When we bought it, it was really expensive. I'm not aware of the current pricing. We had problems with licensing. After our IPS subscription ended, we couldn't renew it because Cisco was moving to the next-generation firewall platform. So, they didn't provide us with the new license."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Comms Service Provider
7%
Manufacturing Company
6%
Computer Software Company
20%
Financial Services Firm
14%
Manufacturing Company
7%
Energy/Utilities Company
6%
Educational Organization
42%
Computer Software Company
13%
Manufacturing Company
4%
Government
4%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
What do you like most about Check Point CloudGuard Network Security?
The tool's most valuable feature is its management console.
What is your experience regarding pricing and costs for Check Point CloudGuard Network Security?
Pricing in Jamaica is a major issue, with users often citing it as a reason for not using Check Point.
What needs improvement with Check Point CloudGuard Network Security?
They could improve the documentation. The interface is fine for me since I have been using it for some time.
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
CloudGuard IaaS, Check Point vSEC, CloudGuard IaaS, Check Point Virtual Systems, Check Point CloudGuard Network Security
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
Physicians Choice Laboratory Services, Helvetica Insurance
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Find out what your peers are saying about Check Point CloudGuard Network Security vs. Cisco Secure Firewall and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.