Try our new research platform with insights from 80,000+ expert users

Cisco Catalyst SD-WAN vs Forcepoint Next Generation Firewall comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.4
Fortinet FortiGate offers cost-effective security and performance improvements, boosting user productivity and reducing operational costs.
Sentiment score
7.3
Cisco Catalyst SD-WAN reduces WAN costs, offering up to 80% savings, improved reliability, and 30% long-term cost reductions.
Sentiment score
7.0
Users report significant ROI with Forcepoint Next Generation Firewall due to cost reduction, improved security, enhanced performance, and easier management.
Clients are now comfortable and not wasting productive hours on IT support.
We have experienced a positive return on investment by utilizing Fortinet's products.
There's definitely an ROI. Having a centralized way of managing and applying policies across the entire organization always helps.
Cybersecurity ROI could be $1 or $100 million, depending on the risk of data behind it.
 

Customer Service

Sentiment score
7.0
Fortinet FortiGate's support varies; praised for responsiveness but criticized for delays, with location impacting experiences and documentation praised.
Sentiment score
7.4
Cisco Catalyst SD-WAN support is praised for expertise and responsiveness, though some desire faster escalation and more local expertise.
Sentiment score
5.5
Forcepoint Next Generation Firewall support is skilled but slow, with calls for local support and improved response times.
He explained that it required a command line configuration, as it couldn't be done through the graphical user interface.
I would rate their support for FortiGate a nine out of ten.
They offer very accurate solutions.
The principal third-level support is very good.
Cisco's ongoing reorganizations have affected the quality of technical support, which varies depending on the engineer handling cases.
Unlike Fortinet where you can escalate an issue and quickly get responses from the development team, Forcepoint's process seems slow and challenging.
Technical support is sometimes slow to respond, and it takes longer to resolve issues.
 

Scalability Issues

Sentiment score
7.3
Fortinet FortiGate is scalable and flexible, but may require hardware changes and face integration issues with other vendors.
Sentiment score
7.6
Cisco Catalyst SD-WAN is praised for scalable integration with existing Cisco products, efficiently supporting large enterprises despite licensing limits.
Sentiment score
7.4
Forcepoint Next Generation Firewall excels in scalability, though some users face challenges with large-scale and cloud deployments.
They scale up really well from smaller models like the FortiGate 40 and 50 to bigger sites with the FortiGate 100 for more throughput - up to enterprise datacenters.
The variation comes in terms of the interfaces and throughputs, but from a security perspective, you get the same benefit, irrespective of whether you have an entry-level unit or an enterprise.
You can choose a cheaper model if you only have 20-30 users, but you will need to spend more money for a FortiGate solution that covers 5,000.
Cisco SD-WAN is highly scalable and can be expanded to more than 10,000 sites.
The ease of configuration and features like zero-touch provisioning enhance the scalability of Cisco SD-WAN, especially in disaster recovery situations.
There are restrictions in the firewall manager and limitations when deploying for cloud environments.
 

Stability Issues

Sentiment score
7.9
Fortinet FortiGate is generally stable and reliable, though firmware updates and resource intensity may temporarily affect performance.
Sentiment score
7.6
Cisco Catalyst SD-WAN is stable, reliable, and robust, with minor bugs but improves with proper management and OS versions.
Sentiment score
7.9
Forcepoint Next Generation Firewall is stable and reliable, with praised detection and minor stability concerns in complex deployments.
Improper handling of these can lead to a memory surge, a well-known bug that can cause the entire system to freeze.
It is less stable than Palo Alto Networks and Check Point firewalls because there are lots of bugs in the latest firmware.
We have not had any problems with the operating systems or maintenance of subscriptions.
While some software-related issues and bugs were encountered, they did not cause the whole environment to crash.
 

Room For Improvement

Fortinet FortiGate needs enhancements in stability, interface, pricing, VPN performance, third-party integration, and technical support.
Cisco Catalyst SD-WAN users seek better cost efficiency, integration, support, and security features to compete in the market.
Forcepoint NGFW needs UI, policy management, and pricing enhancements, along with improved support, integration, and configuration flexibility.
If I have put 10 GBPS of throughput on a firewall and I enable all of these features available, such as IPS or UTM functionalities, the throughput comes down to 1 GBPS.
By providing an integrated solution, users would have access to all features and functionalities within a single window, eliminating the need to navigate through multiple windows.
Investing in a solution that can accommodate such growth would be more cost-effective than repeatedly purchasing new hardware.
Now, they change frequently, making it difficult to obtain long-term support.
Including more features like integrating with Splunk for monitoring vulnerabilities would help eliminate the need for other SOC solutions.
Fast response and efficient handling of issues, similar to how Fortinet responds, would be great.
I recommend that additional features be included in a single license to avoid the need for extra licensing costs.
 

Setup Cost

Fortinet FortiGate is cost-effective, offers flexible licensing, and includes most features with straightforward pricing despite some high renewal costs.
Cisco Catalyst SD-WAN is considered expensive yet feature-rich, with subscription-based pricing and calls for simpler, flexible licensing.
Forcepoint NGFW pricing varies, with costs perceived as high due to licensing models and additional feature charges.
Secure SD-WAN is free of charge.
The most expensive part is the renewal of the license subscription.
FortiGate is priced lower than Palo Alto.
Its pricing is justifiable due to the comprehensive solution it offers.
It is also relatively cost-effective for smaller businesses when using the Meraki version.
The pricing of Cisco Catalyst SD-WAN is rated between eight and nine out of ten, where ten is the most expensive.
The costs can be high since additional features require separate licenses.
In terms of pricing, I would place Forcepoint in the middle when compared to other firewalls like Fortinet and Palo Alto.
 

Valuable Features

Fortinet FortiGate offers robust security and management features, valued for ease of use, cost-effectiveness, and consistent performance.
Cisco Catalyst SD-WAN offers easy deployment, centralized control, high reliability, scalability, security, and integrates well with cloud services.
Forcepoint Next Generation Firewall offers comprehensive security features and integration for effective network and systems application management.
The firewall, IPS, and VPN functions are the most valuable features.
FortiGate provides solid protection against viruses, malware, and other threats.
Within the same dashboard, you get to see the security profiles, the type of traffic that's passing through, the top applications that are being consumed, etc.
It also provides robust security features, including port security, analysis, mirroring, and multiple other security solutions.
Integration capabilities provide comprehensive security.
Security is standard compliant, eliminating config drift that was prevalent before manual configurations.
With Forcepoint, this process is simplified compared to others like Fortinet.
The most valuable features of Forcepoint Next Generation Firewall are the advanced threat protection, including features like IPS and DDoS prevention, which help avoid internal DDoS attacks.
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Software Defined WAN (SD-WAN) Solutions
1st
Ranking in WAN Edge
1st
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
328
Ranking in other categories
Firewalls (2nd)
Cisco Catalyst SD-WAN
Ranking in Software Defined WAN (SD-WAN) Solutions
2nd
Ranking in WAN Edge
2nd
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
93
Ranking in other categories
Network Management Applications (6th)
Forcepoint Next Generation ...
Ranking in Software Defined WAN (SD-WAN) Solutions
11th
Ranking in WAN Edge
12th
Average Rating
7.6
Reviews Sentiment
6.7
Number of Reviews
44
Ranking in other categories
Firewalls (27th)
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Igor Van Den Ouden - PeerSpot reviewer
Enables secure and flexible branch connectivity with application-aware routing
The valuable features of Cisco SD-WAN include its security policies and zone-based firewall that are applied to every site, as well as application-aware routing. Security is standard compliant, eliminating config drift that was prevalent before manual configurations. Application-aware routing offers flexibility in using different lines for traffic, depending on the policy implemented.
OusaidAbaz - PeerSpot reviewer
Provides decent protection for the LAN but complicated interface
We had some licensing issues with its web filtering capabilities. That's why we migrated our web filtering to Cisco Umbrella. Moreover, the interface is complicated. It's difficult to locate all the necessary menus and functions. For example, one of the many issues is with SSH. Even now, we haven't successfully opened the port to connect using SSH mode when we want to change the configuration. It's like a black box—not very open to changes and customization. It's simply not easy to configure. There are other problems, too. For example regarding Forcepoint's Websense component. We had a lot of problems managing the web settings within Websense. That's why we migrated to Cisco Umbrella for cloud-based web filtering. It's not that Forcepoint is inherently bad. The issue is that it's not user-friendly. It is not easy to use. The developers need to redesign the interface (GUI) for better management. It is very difficult to manage. For example, simple actions require too many clicks compared to FortiGate or Palo Alto. That's the main problem.
report
Use our free recommendation engine to learn which Software Defined WAN (SD-WAN) Solutions solutions are best for your needs.
848,989 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
21%
Computer Software Company
14%
Comms Service Provider
7%
Manufacturing Company
6%
Educational Organization
43%
Computer Software Company
12%
Financial Services Firm
7%
Manufacturing Company
4%
Computer Software Company
18%
Financial Services Firm
10%
Manufacturing Company
10%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
What do you like most about Cisco SD-WAN?
When considering the most valuable features of Cisco SD-WAN, the decoupling of self-monitoring stands out significant...
What is your experience regarding pricing and costs for Cisco SD-WAN?
The pricing for Cisco SD-WAN is rated eight out of ten, with some variability depending on the reseller discounts and...
What needs improvement with Cisco SD-WAN?
The main area for improvement in Cisco SD-WAN is the lack of documentation, which often lags behind the software rele...
What is your experience regarding pricing and costs for Forcepoint Next Generation Firewall?
In terms of pricing, I would place Forcepoint in the middle when compared to other firewalls like Fortinet and Palo A...
What needs improvement with Forcepoint Next Generation Firewall?
There is a lot of technical stuff that could be improved. We've encountered scenarios that were really hard to set up...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Cisco SD-WAN
Forcepoint NGFW, Stonesoft Next Generation Firewall, McAfee Network Security Platform, Intel Security Network Security Platform
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
Doyle Research, Ashton Metzler & Associates
California Department of Corrections and Rehabilitation (CDCR)
Find out what your peers are saying about Cisco Catalyst SD-WAN vs. Forcepoint Next Generation Firewall and other solutions. Updated: April 2025.
848,989 professionals have used our research since 2012.